Re: OK, now that we agree

Mike Shaver (shaver@neon.ingenia.com)
Tue, 9 Apr 1996 11:48:00 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Darren Reed: "Re: OK, now that we agree"
Previous message: Darren Reed: "Re: OK, now that we agree"
In reply to: Alan Cox: "Re: OK, now that we agree"
Next in thread: Alan Cox: "Re: OK, now that we agree"
Reply: Alan Cox: "Re: OK, now that we agree"

Thus spake Alan Cox:
> > How much trouble would it be to allow some bizarre and illegal bind()
> > address (255.255.255.255 springs to mind) register a socket as being a
> > transparent proxy/user-space masquerade?
>
> setsockopt(my_socket, SOL_SOCKET, SO_MASQUERADE, &one,sizeof(one))

OK, then how does the kernel react to inbound SYNs, etc.? Does it
forge them back itself, or somehow get the process to?

I'd prefer having the process do it, because otherwise it's hard to
handle to semantics of CONNREFUSED correctly.

> Better make it root only too.

Heh.

Mike

-- 
#> Mike Shaver (shaver@ingenia.com) Ingenia Communications Corporation <#
#>        Technical specialist -- Head geek -- System exorcist         <#
#>                                                                     <#
#>   "Have you considered a life?  I hear they're quite affordable     <#
#>          these days." --- shields@tembel.org                        <#

Next message: Darren Reed: "Re: OK, now that we agree"
Previous message: Darren Reed: "Re: OK, now that we agree"
In reply to: Alan Cox: "Re: OK, now that we agree"
Next in thread: Alan Cox: "Re: OK, now that we agree"
Reply: Alan Cox: "Re: OK, now that we agree"