Steven Chamberlain <steven@pyro.eu.org> writes: > On 29/08/14 03:31, Christoph Egger wrote: >> Fails (returns -1) with "Protocol not supported" on kFreeBSD. Is that >> intentional? Easy to fix? Noone knows and I should dig in it? Still >> trying to figure out tcpcrypt > > It seems to be trying to add a ipfw DIVERT rule to intercept TCP > connections. Probably there is some equivalent way of doing this with PF? It does the ipfw magic by means of comandline first as far as I can tell and then plugs this in the ports. I have a working /sbin/ipfw for that fwiw. > Reminds me of how a transparent Squid proxy is configured - that too can > be done with ipfw or PF. Thanks for the pointer! I was already wondering how I can steal code to do that using pf, will look for squid proxy stuff now! Christoph
Attachment:
pgppFzRY7oIDX.pgp
Description: PGP signature