summaryrefslogtreecommitdiff
path: root/lib/libalias
Commit message (Collapse)AuthorAgeFilesLines
* Fixed the bug in transparent TCP proxying with the "encode_ip_hdr"Ruslan Ermilov2001-12-181-1/+3
| | | | | | | | | option -- TcpAliasOut() did not catch the IP header length change. Submitted by: Stepachev Andrey <aka50@mail.ru> Notes: svn path=/head/; revision=88132
* When servicing an internal FTP server, punch ipfirewall(4) holesRuslan Ermilov2001-11-271-5/+2
| | | | | | | | | | | | for passive mode data connections (PASV/EPSV -> 227/229). Well, the actual punching happens a bit later, when the aliasing link becomes fully specified. Prodded by: Danny Carroll <dannycarroll@hotmail.com> MFC after: 1 week Notes: svn path=/head/; revision=86953
* cmott@scientech.com -> cm@linktel.netBrian Somers2001-11-039-10/+10
| | | | | | | Requested by: Charles Mott <cmott@scientech.com> Notes: svn path=/head/; revision=85964
* mdoc(7) police: Use the new .In macro for #include statements.Ruslan Ermilov2001-10-011-3/+3
| | | | Notes: svn path=/head/; revision=84306
* Add __FBSDID's to libaliasMatthew Dillon2001-09-3010-21/+32
| | | | Notes: svn path=/head/; revision=84195
* Fixed the bug that prevented communication with FTP servers behindRuslan Ermilov2001-09-211-3/+4
| | | | | | | | | | | | | | | | | | NAT in extended passive mode if the server's public IP address was different from the main NAT address. This caused a wrong aliasing link to be created that did not route the incoming packets back to the original IP address of the server. natd -v -n pub0 -redirect_address localFTP publicFTP Note that even if localFTP == publicFTP, one still needs to supply the -redirect_address directive. It is needed as a helper because extended passive mode's 229 reply does not contain the IP address. MFC after: 1 week Notes: svn path=/head/; revision=83771
* Added TFTP support.Ruslan Ermilov2001-08-211-0/+9
| | | | | | | | Submitted by: Joe Clarke <marcus@marcuscom.com> MFC after: 2 weeks Notes: svn path=/head/; revision=82069
* Close the "IRC DCC" security breach reported recently on Bugtraq.Ruslan Ermilov2001-08-211-0/+6
| | | | | | | Submitted by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org> Notes: svn path=/head/; revision=82050
* Make the copyright consistent.Brian Somers2001-08-204-12/+0
| | | | | | | Previously approved by: Charles Mott <cmott@scientech.com> Notes: svn path=/head/; revision=82001
* Handle snprintf() returning -1Brian Somers2001-08-201-3/+13
| | | | | | | MFC after: 2 weeks Notes: svn path=/head/; revision=81962
* mdoc(7) police:Ruslan Ermilov2001-08-071-4/+2
| | | | | | | | | | Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text. Not only this slows down the mdoc(7) processing significantly, but it also has an undesired (in this case) effect of disabling hyphenation within the entire enclosed block. Notes: svn path=/head/; revision=81251
* mdoc(7) police: removed HISTORY info from the .Os call.Ruslan Ermilov2001-07-101-1/+1
| | | | Notes: svn path=/head/; revision=79531
* Fixed the brain-o in rev. 1.10: the logic check was reversed.Ruslan Ermilov2001-06-271-1/+1
| | | | | | | Reported by: Bernd Fuerwitt <bf@fuerwitt.de> Notes: svn path=/head/; revision=78886
* Add BSD-style copyright headersBrian Somers2001-06-049-17/+253
| | | | | | | Approved by: Charles Mott <cmott@scientech.com> Notes: svn path=/head/; revision=77701
* Change to a standard BSD-style copyrightBrian Somers2001-06-041-13/+22
| | | | | | | Approved by: Atsushi Murai <amurai@spec.co.jp> Notes: svn path=/head/; revision=77696
* Add an integer field to keep protocol-specific flags with links.Ruslan Ermilov2001-05-303-15/+20
| | | | | | | | | | | | | For FTP control connection, keep the CRLF end-of-line termination status in there. Fixed the bug when the first FTP command in a session was ignored. PR: 24048 MFC after: 1 week Notes: svn path=/head/; revision=77485
* MAN[1-9] -> MAN.Ruslan Ermilov2001-03-271-1/+1
| | | | Notes: svn path=/head/; revision=74870
* Make header files conform to style(9).Brian Somers2001-03-256-326/+311
| | | | | | | | | Reviewed by (*): bde (*) alias_local.h only got a cursory glance. Notes: svn path=/head/; revision=74778
* Remove an extraneous declaration.Brian Somers2001-03-251-1/+0
| | | | Notes: svn path=/head/; revision=74768
* Remove (non-protected) variable names from function prototypes.Brian Somers2001-03-221-7/+5
| | | | Notes: svn path=/head/; revision=74651
* Add a few ``const''s to silence some -Wwrite-strings warningsBrian Somers2001-01-291-7/+9
| | | | Notes: svn path=/head/; revision=71796
* Ignore leading witespace in the string given to PacketAliasProxyRule().Brian Somers2001-01-291-0/+1
| | | | Notes: svn path=/head/; revision=71763
* mdoc(7) police: use the new feature of the An macro.Ruslan Ermilov2000-11-221-24/+14
| | | | Notes: svn path=/head/; revision=69025
* Added boolean argument to link searching functions, indicatingRuslan Ermilov2000-10-307-107/+42
| | | | | | | whether they should create a link if lookup has failed or not. Notes: svn path=/head/; revision=67980
* A significant rewrite of PPTP aliasing code.Ruslan Ermilov2000-10-304-151/+265
| | | | | | | | | | | | | | | | | PPTP links are no longer dropped by simple (and inappropriate in this case) "inactivity timeout" procedure, only when requested through the control connection. It is now possible to have multiple PPTP servers running behind NAT. Just redirect the incoming TCP traffic to port 1723, everything else is done transparently. Problems were reported and the fix was tested by: Michael Adler <Michael.Adler@compaq.com>, David Andersen <dga@lcs.mit.edu> Notes: svn path=/head/; revision=67966
* A failure to allocate memory for auxiliary TCP data is now fatal.Ruslan Ermilov2000-10-191-16/+15
| | | | | | | | This fixes a null pointer dereference problem that is unlikely to happen in normal circumstances. Notes: svn path=/head/; revision=67316
* A bit of indentation reformatting.Ruslan Ermilov2000-10-021-33/+21
| | | | Notes: svn path=/head/; revision=66545
* Fixed the calculations with UDP header length field.Ruslan Ermilov2000-09-211-2/+2
| | | | | | | | | | The field is in network byte order and contains the size of the header. Reviewed by: brian Notes: svn path=/head/; revision=66157
* Add -Wmissing-prototypes.Ruslan Ermilov2000-09-152-5/+8
| | | | Notes: svn path=/head/; revision=65892
* Match IPPROTO_ICMP with IP protocol field of the original IPRuslan Ermilov2000-09-011-2/+2
| | | | | | | | | | datagram embedded into ICMP error message, not with protocol field of ICMP message itself (which is always IPPROTO_ICMP). Pointed by: Erik Salander <erik@whistle.com> Notes: svn path=/head/; revision=65332
* Changed the way we handle outgoing ICMP error messages -- doRuslan Ermilov2000-09-011-12/+22
| | | | | | | | | | | not alias `ip_src' unless it comes from the host an original datagram that triggered this error message was destined for. PR: 20712 Reviewed by: brian, Charles Mott <cmott@scientech.com> Notes: svn path=/head/; revision=65317
* Grab ADJUST_CHECKSUM() macro from alias_local.h.Ruslan Ermilov2000-08-311-17/+0
| | | | Notes: svn path=/head/; revision=65281
* Create aliasing links for incoming ICMP echo/timestamp requests.Ruslan Ermilov2000-08-312-47/+24
| | | | | | | | This makes outgoing ICMP echo/timestamp replies to be de-aliased with the right source IP, not exactly the primary aliasing IP. Notes: svn path=/head/; revision=65280
* strtok -> strsep (no strtok allowed in libraries)Andrey A. Chernov2000-08-291-3/+6
| | | | | | | add unsigned char cast to ctype macro Notes: svn path=/head/; revision=65221
* Fixed PunchFW code segmentation violation bug.Ruslan Ermilov2000-08-141-5/+4
| | | | | | | Reported by: Christian Schade <chris@cube.sax.de> Notes: svn path=/head/; revision=64644
* Use queue(3) LIST_* macros for doubly-linked lists.Ruslan Ermilov2000-08-141-65/+18
| | | | Notes: svn path=/head/; revision=64643
* - Do not modify Peer's Call ID in outgoing Incoming-Call-ConnectedRuslan Ermilov2000-08-091-18/+25
| | | | | | | | | | | PPTP control messages. - Cosmetics: replace `GRE link' with `PPTP link'. Reviewed by: Erik Salander <erik@whistle.com> Notes: svn path=/head/; revision=64452
* Adjust TCP checksum rather than compute it afresh.Ruslan Ermilov2000-08-071-4/+8
| | | | | | | Submitted by: Erik Salander <erik@whistle.com> Notes: svn path=/head/; revision=64334
* Whitespace only:Sheldon Hearn2000-07-311-4/+4
| | | | | | | | Fix an overlong line and trailing whitespace that crept in, in the previous commit. Notes: svn path=/head/; revision=64061
* Add address translation support for RTSP/RTP used by RealPlayer andArchie Cobbs2000-07-268-3/+819
| | | | | | | | | | | Quicktime streaming media applications. Add a BUGS section to the man page. Submitted by: Erik Salander <erik@whistle.com> Notes: svn path=/head/; revision=63899
* Fixed PunchFWHole():Ruslan Ermilov2000-06-271-2/+3
| | | | | | | | - ipfw always rejected rule with `neither in nor out' diagnostics. - number of src/dst ports was not set properly. Notes: svn path=/head/; revision=62159
* - Removed PacketAliasPptp() API function.Ruslan Ermilov2000-06-204-38/+1
| | | | | | | - SHLIB_MAJOR++. Notes: svn path=/head/; revision=61865
* Added true support for PPTP aliasing. Some nice features include:Ruslan Ermilov2000-06-207-11/+422
| | | | | | | | | | | | | | | | | | | | | | | - Multiple PPTP clients behind NAT to the same or different servers. - Single PPTP server behind NAT -- you just need to redirect TCP port 1723 to a local machine. Multiple servers behind NAT is possible but would require a simple API change. - No API changes! For more information on how this works see comments at the start of the alias_pptp.c. PacketAliasPptp() is no longer necessary and will be removed soon. Submitted by: Erik Salander <erik@whistle.com> Reviewed by: ru Rewritten by: ru Reviewed by: Erik Salander <erik@whistle.com> Notes: svn path=/head/; revision=61861
* - Improved passive mode FTP support by aliasing 229 replies.Ruslan Ermilov2000-06-161-312/+337
| | | | | | | | - Stricter checking of PORT/EPRT/227/229 messages format. - Moved all security checks into one place. Notes: svn path=/head/; revision=61735
* - Added support for passive mode FTP by aliasing 227 replies.Ruslan Ermilov2000-06-143-15/+228
| | | | | | | | | | | | | | | | | | It does mean that it is now possible to run passive-mode FTP server behind NAT. - SECURITY: FTP aliasing engine now ensures that: o the segment preceding a PORT/227 segment terminates with a \r\n; o the IP address in the PORT/227 matches the source IP address of the packet; o the port number in the PORT command or 277 reply is greater than or equal to 1024. Submitted by: Erik Salander <erik@whistle.com> Reviewed by: ru Notes: svn path=/head/; revision=61677
* Revert the default behaviour for incoming connections soBrian Somers2000-05-112-3/+3
| | | | | | | | | | | that they (once again) go to the target machine rather than the alias address. PR: 18354 Submitted by: ru Notes: svn path=/head/; revision=60363
* Replace PacketAliasRedirectPptp() (which had nothing specificRuslan Ermilov2000-04-285-111/+88
| | | | | | | | | | to PPTP) with more generic PacketAliasRedirectProto(). Major number is not bumped because it is believed that noone has started using PacketAliasRedirectPptp() yet. Notes: svn path=/head/; revision=59726
* Spell PacketAliasRedirectAddr() correctly.Ruslan Ermilov2000-04-271-1/+1
| | | | Notes: svn path=/head/; revision=59704
* Load Sharing using IP Network Address Translation (RFC 2391, LSNAT).Ruslan Ermilov2000-04-273-27/+150
| | | | | | | | | LSNAT links are first created by either PacketAliasRedirectPort() or PacketAliasRedirectAddress() and then set up by one or more calls to PacketAliasAddServer(). Notes: svn path=/head/; revision=59702
* Add support for multiple PPTP sessions:Ruslan Ermilov2000-04-185-88/+265
| | | | | | | | | | - new API function: PacketAliasRedirectPptp() - new mode bit: PKT_ALIAS_DENY_PPTP Please see manual page for details. Notes: svn path=/head/; revision=59356
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-01 15:30:58 +0000