On 2022-09-24, Pierre Dupond <76nemo76@gmx.ch> wrote:
>> You could possibly do it on per-server basis, eg connections to
>> 192.0.2.3 are redirected to 2001:db8::dead:beef and connections to
>> 192.0.2.4 are redirected to 2001:db8::c0:ffee.
>> I don't know if pf itself can do it, but you could probably use socat or
>> even relayd to work as a proxy in userspace to achieve that.
> This is exactly that I want to do. For few specific IPv4 address (non routable)
> I want to redirect the IPv4 address to an IPv6 address. 'relayd' seems to be usable
> for that case. I will try this solution since, after a short look in the man
> page, it seems possible to relay from an IPv4 address to an IPv6 address.
There should be no need for relayd for this, try something like
pass in to 192.0.2.3 af-to inet6 from (egress) to 2001:db8::dead:beef
> Unfortunately, some IP providers (generally the access provided is free like with the WIFI in the airports) filter
> even the port 443 if it is not strictly used with the https protocol. Probably using deep packet inspection
> method.
They usually just check for TLS not specifically HTTPS (which would
require active mitm rather than passive inspection of the connection/SNI).
So you can often get around this by wrapping the connection in TLS,
which you can do with relayd (or stunnel or socat).
--
Please keep replies on the mailing list.
No comments:
Post a Comment