faith.4 (76175) | faith.4 (78064) |
---|---|
1.\" $KAME: faith.4,v 1.9 2001/04/27 17:26:35 itojun Exp $ 2.\" |
|
1.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 11 unchanged lines hidden (view full) --- 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" | 3.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. --- 11 unchanged lines hidden (view full) --- 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" |
28.\" $Id: faith.4,v 1.1.1.1 1999/08/08 23:30:37 itojun Exp $ 29.\" $FreeBSD: head/share/man/man4/faith.4 76175 2001-05-01 09:15:30Z schweikh $ | 30.\" $FreeBSD: head/share/man/man4/faith.4 78064 2001-06-11 12:39:29Z ume $ |
30.\" 31.Dd April 10, 1999 32.Dt FAITH 4 33.Os 34.Sh NAME 35.Nm faith | 31.\" 32.Dd April 10, 1999 33.Dt FAITH 4 34.Os 35.Sh NAME 36.Nm faith |
36.Nd 37.Tn IPv6-to-IPv4 TCP 38relay capturing interface | 37.Nd IPv6-to-IPv4 TCP relay capturing interface |
39.Sh SYNOPSIS | 38.Sh SYNOPSIS |
40.Cd "device faith 1" | 39.Cd "device faith" Op Ar count |
41.Sh DESCRIPTION 42The 43.Nm | 40.Sh DESCRIPTION 41The 42.Nm |
44interface captures IPv6 TCP traffic 45for implementing userland IPv6-to-IPv4 TCP relays | 43interface captures IPv6 TCP traffic, 44for implementing userland IPv6-to-IPv4 TCP relay |
46like 47.Xr faithd 8 . 48.Pp | 45like 46.Xr faithd 8 . 47.Pp |
49Special action will be taken when IPv6 TCP traffic is seen on a router 50and the routing table suggests to route it to the | 48Special action will be taken when IPv6 TCP traffic is seen on a router, 49and routing table suggests to route it to |
51.Nm 52interface. | 50.Nm 51interface. |
53In this case the packet will be accepted by the router, 54regardless of the list of IPv6 interface addresses assigned to the router. 55The packet will be captured by an IPv6 TCP socket if it has the | 52In this case, the packet will be accepted by the router, 53regardless of list of IPv6 interface addresses assigned to the router. 54The packet will be captured by an IPv6 TCP socket, if it has |
56.Dv IN6P_FAITH 57flag turned on and it has matching address/port pairs. | 55.Dv IN6P_FAITH 56flag turned on and it has matching address/port pairs. |
58As a result, | 57In result, |
59.Nm | 58.Nm |
60will let you divert IPv6 TCP traffic to some specific destination addresses. | 59will let you capture IPv6 TCP traffic to some specific destination addresses. |
61Userland programs, such as | 60Userland programs, such as |
62.Xr faithd 8 , | 61.Xr faithd 8 |
63can use this behavior to relay IPv6 TCP traffic to IPv4 TCP traffic. 64The program can accept some specific IPv6 TCP traffic, perform 65.Xr getsockname 2 66to get the IPv6 destination address specified by the client, 67and perform application-specific address mapping to relay IPv6 TCP to IPv4 TCP. 68.Pp 69The 70.Dv IN6P_FAITH | 62can use this behavior to relay IPv6 TCP traffic to IPv4 TCP traffic. 63The program can accept some specific IPv6 TCP traffic, perform 64.Xr getsockname 2 65to get the IPv6 destination address specified by the client, 66and perform application-specific address mapping to relay IPv6 TCP to IPv4 TCP. 67.Pp 68The 69.Dv IN6P_FAITH |
71flag on an IPv6 TCP socket can be set by using | 70flag on IPv6 TCP socket can be set by using |
72.Xr setsockopt 2 , | 71.Xr setsockopt 2 , |
73with 74.Fa level 75set to | 72with level equals to |
76.Dv IPPROTO_IPV6 | 73.Dv IPPROTO_IPV6 |
77and 78.Fa optname 79set to | 74and optname equals to |
80.Dv IPv6_FAITH . 81.Pp | 75.Dv IPv6_FAITH . 76.Pp |
82To handle error reports by ICMPv6 some of the ICMPv6 packets routed to the | 77To handle error reports by ICMPv6, some of ICMPv6 packets routed to |
83.Nm | 78.Nm |
84interface will need be delivered to IPv6 TCP as well. | 79interface will be delivered to IPv6 TCP, as well. |
85.Pp 86To understand how 87.Nm | 80.Pp 81To understand how 82.Nm |
88can be used take a look at the source code of | 83can be used, take a look at source code of |
89.Xr faithd 8 . 90.Pp | 84.Xr faithd 8 . 85.Pp |
91As the | 86As |
92.Nm | 87.Nm |
93interface implements potentially dangerous operations, 94great care must be taken when configuring the | 88interface implements potentially dangerous operation, 89great care must be taken when configuring |
95.Nm 96interface. | 90.Nm 91interface. |
97To avoid possible misuse the | 92To avoid possible misuse, |
98.Xr sysctl 8 99variable 100.Li net.inet6.ip6.keepfaith 101must be set to 102.Li 1 103prior to the use of the interface. 104When 105.Li net.inet6.ip6.keepfaith | 93.Xr sysctl 8 94variable 95.Li net.inet6.ip6.keepfaith 96must be set to 97.Li 1 98prior to the use of the interface. 99When 100.Li net.inet6.ip6.keepfaith |
106is set to | 101is |
107.Li 0 , | 102.Li 0 , |
108no packets will be captured by the | 103no packet will be captured by |
109.Nm 110interface. 111.Pp | 104.Nm 105interface. 106.Pp |
112The | |
113.Nm 114interface is intended to be used on routers, not on hosts. 115.\" 116.Sh SEE ALSO 117.Xr inet 4 , 118.Xr inet6 4 , 119.Xr faithd 8 | 107.Nm 108interface is intended to be used on routers, not on hosts. 109.\" 110.Sh SEE ALSO 111.Xr inet 4 , 112.Xr inet6 4 , 113.Xr faithd 8 |
120.\" .Rs 121.\" .%A Jun-ichiro itojun Hagino 122.\" .%A Kazu Yamamoto 123.\" .%T ``FAITH'' IPv6-to-IPv4 TCP relay translator 124.\" .%D July 1999 125.\" .Re 126.\" | 114.Rs 115.%A Jun-ichiro itojun Hagino 116.%A Kazu Yamamoto 117.%T "An IPv6-to-IPv4 transport relay translator" 118.%R internet draft 119.%N draft-ietf-ngtrans-tcpudp-relay-04.txt 120.%O work in progress material 121.Re |
127.Sh HISTORY | 122.Sh HISTORY |
128The FAITH IPv6-to-IPv4 TCP relay translator first appeared in | 123The FAITH IPv6-to-IPv4 TCP relay translator was first appeared in |
129WIDE hydrangea IPv6 stack. | 124WIDE hydrangea IPv6 stack. |