divert-reply / bindany


Userland proxies can intercept connections
accept a redirected connection and open another, outbound one.
"relay" or "proxy" between two sockets

By default, the outgoing connection is openened from the proxy with the proxy source IP address.
This can mess up the target server log files.
HTTP proxies use a workaround by adding an "X-Forwarded-For" header with the original client source IP.

Sometimes it's desirable to keep the client's address.
The combination of SO_BINDANY and divert-reply allows to operate in "transparent" mode.