[zorp] Zorp vs. FreeBSD 4.3 (x86)

Balazs Scheidler bazsi@balabit.hu
Thu, 10 May 2001 17:09:00 +0200

> > Someone has experience Zorp install under FreeBSD? I try to compile, but
> > the "MSG_PROXY" is not defined in my enviroment.
> > 
> > If you can help me (source patch, install instruction, etc.), please
> > drop me a mail.
> > 
> > (If not necessary, I wouldn't port the main source.)
> I'm trying to port Zorp over to FreeBSD, my burner is currently burning the
> install CD. Apart from the UDP and TCP transparency Zorp should be quite
> portable. TCP transparency is a matter of about 50 lines of code (this is
> about querying the kernel the real destination address), UDP is a different
> matter. That will require either kernel patches or implementing the whole
> mess with raw sockets (which I wouldn't like to do for several reasons). For
> now I'll try to disable the UDP part on platforms which don't have MSG_PROXY
> and other magic things.

I successfully compiled zorp on FreeBSD. I had to disable the following
Linux/i386 specific features:

* Connection tracking (new in 0.9)
* stack dump upon SIGSEGV
* Linux ipchains/netfilter
* POSIX capabilities

none of these is fatal for most functions. However while trying to test the
resulting binary, I wanted to add my first ipf rule in my life :) and failed
miserably. I tried to enable IPFilter using

ipf -E

but this resulted in the following error:

freebsd# ipf -E
open device: Device not configured
SIOCFRENB: Bad file descriptor

And although this seemed bad, I added a rule just for curiousity:

freebsd# ipf block from all

nothing happened (I was logged in through ssh, so I should have been blocked
myself). Don't tell me I must compile a FreeBSD kernel :)

Any help is welcome.

