Matthew J Ghio says:
"Perry E. Metzger" <perry@imsi.com> writes:
Pardon but... why? Whats the reason for wanting to do this?
If a firewall has been set up to stop UDP, then it should stop UDP. If the firewall has not been set up to stop UDP, or has a mechanism like the experimental versions of "socks" currently being played with that relay UDP, then there is no reason to want to do the above. I don't really understand what the idea is here.
Presumably you would only let trusted people tunnel through your firewall.
Fine -- then packet filter on your firewall. Of course, you can't really trust the IP addresses anyway -- you need something IPSP-like if you actually want to trust outside hosts (swIPe does nicely as a stopgap). And even if one wanted to move packets through a firewall over TCP, why use SLIP encapsulation? It was designed for unreliable links -- on a reliable link, you can save lots of grief by just sending the packet -- total length of an IP datagram is included inside the datagram, thus rendering further encapsulation unnecessary. Perry