21 lines
793 B
Plaintext
21 lines
793 B
Plaintext
|
|
there was a patch for fwtk with ip_filter 3.1.5 from James B. Croall
|
|
(thanx for his work) which I put onto fwtk 2.0beta.
|
|
|
|
Now, if you decide to do transparent proxying with ip-filter you
|
|
have to put -DUSE_IP_FILTER to COPTS in Makefile.config.
|
|
With Solaris 2.x you have to correctly replace the path to your
|
|
ip_filter sources. (lib/hnam.c needs ip_nat.h)
|
|
|
|
I also patched plug-gw to be configured to accept not only one
|
|
destination with the parameter "-all-destinations" in netperm-table.
|
|
Perhaps this is a security hole...
|
|
|
|
The patched fwtk worked fine for me with linux (kernel 2.0.28 and ipfadm 2.1)
|
|
and Solaris 2.5 (ip_filter 3.1.5).
|
|
|
|
If you try to enhance the transparent proxy features for other
|
|
architectures, see lib/hnam.c (getdsthost).
|
|
|
|
Michael Kutzner, Michael.Kutzner@paderlinx.de
|