• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..--

IndexD23-Mar-2012137 43

READMED23-Mar-2012712 1913

README.ipfilterD23-Mar-2012793 2114

ftp-gw.diffD22-Jul-20124.9 KiB233214

fwtk_transparent.diffD22-Jul-201226.4 KiB1,026917

fwtkpD23-Mar-201225.2 KiB813739

README

1
2There are two patch files in this directory, each allowing for the Firewall
3Toolkit to be used in a transparent proxy configuration.
4
5ftp-gw.diff         - A patch written by myself for use only with IP Filter and
6                      ftp-gw from the Firewall Toolkit.  You need to copy ip_nat.h,
7                      ip_fil.h and ip_compat.h to the ftp-gw directory to compile
8                      once this patch has been applied.
9
10fwtkp               - A set of patches written by James B. Croall (jcroall@foo.org)
11                      for use with both IP Filter and ipfwadm (for Linux) and more
12                      of the various FWTK gateway plugins, including:
13                      ftp-gw http-gw plug-gw rlogin-gw tn-gw
14
15Both patches when applied to the Firewall toolkit require the same
16configuration for IP Filter.
17
18Darren
19

README.ipfilter

1
2there was a patch for fwtk with ip_filter 3.1.5 from James B. Croall
3(thanx for his work) which I put onto fwtk 2.0beta.
4
5Now, if you decide to do transparent proxying with ip-filter you
6have to put -DUSE_IP_FILTER to COPTS in Makefile.config.
7With Solaris 2.x you have to correctly replace the path to your
8ip_filter sources. (lib/hnam.c needs ip_nat.h)
9
10I also patched plug-gw to be configured to accept not only one
11destination with the parameter "-all-destinations" in netperm-table.
12Perhaps this is a security hole...
13
14The patched fwtk worked fine for me with linux (kernel 2.0.28 and ipfadm 2.1)
15and Solaris 2.5 (ip_filter 3.1.5).
16
17If you try to enhance the transparent proxy features for other
18architectures, see lib/hnam.c (getdsthost).
19
20Michael Kutzner, Michael.Kutzner@paderlinx.de
21