libuinet is a userspace library version of the FreeBSD TCP/IP stack that also includes extensions to the base stack functionality that make it particularly useful in network infrastructure equipment. This talk will cover its design goals, implementation, current and potential uses, and performance. libuinet was originally conceived as a way to bring highly scalable transparent proxy functionality to the free, portable TCP proxy WANProxy (http://wanproxy.org). To this end, libuinet extends the base FreeBSD TCP/IP stack feature set to include 'promiscuous sockets', which allow listens to capture connection attempts across VLANs (including nested), any IP address, and any port, admit/ignore those attempts based on an application-supplied filter, and retrieve the complete L2 and L3 details of admitted connections. Promiscuous socket functionality also allows active connections to fully specify their L2 and L3 identity. In this mode, libuinet has been shown to scale to 1 million active connections concurrent with 1 million listen sockets, with those million connections distributed in multiple ways across the VLAN and 4-tuple TCP addressing space. Implementation of another extension to the stack, 'passive sockets', is currently underway and targeted for completion by the end of 1Q2014. Passive sockets provide for reassembly of both data streams in a TCP connection, along with a missing-frame notification mechanism, based on a copy of the packet stream flowing between the connection endpoints (e.g., via a SPAN port).