Slirp

Usage

Shell accounts normally only allow the use of command line or text-based software, but by logging into a shell account and running Slirp on the remote server, a user can transform their shell account into a SLIP/PPP connection, allowing them to run any TCP/IP-based application—including standard GUI software such as the formerly popular Netscape Navigator—on their computer. This was especially useful in the 1990s because simple shell accounts were less expensive and/or more widely available than full SLIP/PPP accounts.

In the mid-1990s, numerous universities provided dial-up shell accounts (to their faculty, staff, and students). These command line-only connections became more versatile with SLIP/PPP, enabling the use of arbitrary TCP/IP-based applications. Many guides to using university dial-up connections with Slirp were published online (e.g. [1], [2], [3], [4]). Use of TCP/IP emulations software like Slirp, and its commercial competitor TIA was banned by some shell account providers, who believed its users violated their terms of service or consumed too much bandwidth.

Slirp is also useful for connecting PDAs and other mobile devices to the Internet: by connecting such a device to a computer running Slirp, via a serial cable or USB, the mobile device can connect to the Internet.

Limitations

Unlike a true SLIP/PPP connection, provided by a dedicated server, a Slirp connection does not strictly obey the principle of end-to-end connectivity envisioned by the Internet Protocol suite. The remote end of the connection, running on the shell account, cannot allocate a new IP address and route traffic to it. Thus the local computer cannot accept arbitrary incoming connections, although Slirp can use port forwarding to accept incoming traffic for specific ports.

This limitation is similar to that of network address translation. It does provide enhanced security as a side effect, effectively acting as a firewall between the local computer and the Internet.

Current status

Slirp is free software licensed under a BSD-like, modified 4-clause BSD license by its original author. After the original author stopped maintaining it, Kelly Price took over as maintainer. However, there have been no releases since 2006. Debian maintainers have taken over some maintenance tasks, such as modifying Slirp to work correctly on 64-bit computers.

Influence on other projects

Despite being largely obsolete, Slirp made a great influence on the networking stacks used in virtual machines and other virtualized environments. The established practice of connecting the virtual machines to the host's network stack was to use the various packet injection mechanisms. Raw sockets, being one of such mechanisms, were originally used for that purpose, and, due to many problems and limitations, were later replaced with the TAP device.

Packet injection is a privileged operation that may introduce a security threat, something that the introduction of TAP device solved only partially. Slirp-derived NAT implementation brought a solution to this long-standing problem. It was discovered that Slirp has the full NAPT implementation as a stand-alone user-space code, whereas other NAT engines are usually embedded into a network protocol stack and/or do not cooperate with the host OS when doing PAT (use their own port ranges and require packet injection). QEMU project have adopted the appropriate code portions of the Slirp package and got the permission from its original authors to re-license it under 3-clause BSD license. Such license change allowed many other FOSS projects to adopt the QEMU-provided Slirp portions, which was (and still is) not possible with the original Slirp codebase because of the license compatibility problems. Some of the notable adopters are VDE and Libvirt projects. Even though the Slirp-derived code was heavily criticized, to the date there is no competing implementation available.