> For ftp, there's ftp-proxy, and the reverse proxy patch adds > support for servers behind the firewall:
Hmm must have missed that. > For irc, there's net/tircproxy in the ports tree (which > includes a patch for NAT lookups with pf). Ok, are these written in a similar manner? Would it be interesting to write a generic proxy that included support for each protocol? I mean, instead of running a proxy for X, Y and Z, you could run 1 proxy and enable/disable support for each application with the rdr rules. > If you write userland proxies for other problematic > protocols, they are > welcome. Look at pf(4) and the existing proxies for examples of how to > use pf's ioctl interface. There won't be any application level proxies > in the kernel, and this has indeed been discussed a couple of > times, and > google finds the archives :) I did indeed see the discussion about keeping this stuff in userland, sensible idea. ----------------------------------------------------------------- ATTENTION: The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it. Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the ING mail domain. Always scan attachments before opening them. -----------------------------------------------------------------
