Re: nc in inetd - under which account?

2017-06-08 Thread Stuart Henderson
On 2017-06-07, Marko Cupać wrote: > Now as for relayd, I never used it. If someone gave me working example > and an explanation why it is better than my current solution, I'd be > glad to switch, and pass the word around :) When your proxy is nc run from inetd, you have to

Re: nc in inetd - under which account?

2017-06-07 Thread Ax0n
First result on Google for "relayd example" seems to be pretty thorough. https://calomel.org/relayd.html On Wed, Jun 7, 2017 at 7:51 AM, Marko Cupać wrote: > On Tue, 6 Jun 2017 12:05:10 -0500 > Ax0n wrote: > > > Also, this seems like something that,

Re: nc in inetd - under which account?

2017-06-07 Thread Marko Cupać
On Tue, 6 Jun 2017 12:05:10 -0500 Ax0n wrote: > Also, this seems like something that, depending on where the > destination servers are, could be handled easily with PF by itself, > or with the help of relayd, with a lot less hassle. Perhaps I didn't explain what I use this for.

Re: nc in inetd - under which account?

2017-06-06 Thread Stuart Henderson
On 2017-06-06, Marko Cupać wrote: > Hi, > > For a few years I have been running nc from inetd together with pf > redirect rules to reach LAN servers via their public IP adresses from > LAN: > > # cat /etc/inetd.conf > 127.0.0.1:20080 stream tcp nowait proxy /usr/bin/nc nc -w

Re: nc in inetd - under which account?

2017-06-06 Thread Ax0n
Also, this seems like something that, depending on where the destination servers are, could be handled easily with PF by itself, or with the help of relayd, with a lot less hassle. On Tue, Jun 6, 2017 at 11:23 AM, Maximilian Pichler wrote: > On Tue, Jun 6, 2017 at

Re: nc in inetd - under which account?

2017-06-06 Thread Maximilian Pichler
On Tue, Jun 6, 2017 at 11:06 AM, Marko Cupać wrote: > On Tue, 06 Jun 2017 08:18:15 -0600 > "Theo de Raadt" wrote: >> Never reuse a user intended for another purpose. >> >> Take a glance at the ptrace manual page. > I have read ptrace manual. But I

Re: nc in inetd - under which account?

2017-06-06 Thread Marko Cupać
On Tue, 06 Jun 2017 08:18:15 -0600 "Theo de Raadt" wrote: > > For a few years I have been running nc from inetd together with pf > > redirect rules to reach LAN servers via their public IP adresses > > from LAN: > > > > # cat /etc/inetd.conf > > 127.0.0.1:20080 stream tcp

Re: nc in inetd - under which account?

2017-06-06 Thread Theo de Raadt
> For a few years I have been running nc from inetd together with pf > redirect rules to reach LAN servers via their public IP adresses from > LAN: > > # cat /etc/inetd.conf > 127.0.0.1:20080 stream tcp nowait proxy /usr/bin/nc nc -w 20 PR.IV.AT.E 80 > 127.0.0.1:20443 stream tcp nowait proxy