| |
| there was a patch for fwtk with ip_filter 3.1.5 from James B. Croall |
| (thanx for his work) which I put onto fwtk 2.0beta. |
| |
| Now, if you decide to do transparent proxying with ip-filter you |
| have to put -DUSE_IP_FILTER to COPTS in Makefile.config. |
| With Solaris 2.x you have to correctly replace the path to your |
| ip_filter sources. (lib/hnam.c needs ip_nat.h) |
| |
| I also patched plug-gw to be configured to accept not only one |
| destination with the parameter "-all-destinations" in netperm-table. |
| Perhaps this is a security hole... |
| |
| The patched fwtk worked fine for me with linux (kernel 2.0.28 and ipfadm 2.1) |
| and Solaris 2.5 (ip_filter 3.1.5). |
| |
| If you try to enhance the transparent proxy features for other |
| architectures, see lib/hnam.c (getdsthost). |
| |
| Michael Kutzner, Michael.Kutzner@paderlinx.de |