d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ingored incoming packets are now dropped when

Browse Source 
deny_incoming option is set to yes.
Submitted by:	Ari Suutari <ari@suutari.iki.fi>
This commit is contained in:
Brian Somers 1997-09-06 11:14:03 +00:00
parent 59354a4e8d
commit f9b06d5cbe
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=29163
4 changed files with 40 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sbin/natd/HISTORY
View File

@ -111,3 +111,9 @@
fixed. Natd now waits with select(2) for buffer space
to become available if write fails.
- Packet aliasing library upgraded to 2.2.
* Version 1.10
- Ignored incoming packets are now dropped when
deny_incoming option is set to yes.
- Packet aliasing library upgraded to 2.4.

16
sbin/natd/natd.c
View File

@ -94,6 +94,7 @@ static char packetBuf[IP_MAXPACKET];
static int packetLen;
static struct sockaddr_in packetAddr;
static int packetSock;
static int dropIgnoredIncoming;
int main (int argc, char** argv)
{
@ -161,6 +162,11 @@ int main (int argc, char** argv)
if (inPort == 0 && outPort == 0 && inOutPort == 0)
ParseOption ("port", DEFAULT_SERVICE, 0);
/*
* Check if ignored packets should be dropped.
*/
dropIgnoredIncoming = PacketAliasSetMode (0, 0);
dropIgnoredIncoming &= PKT_ALIAS_DENY_INCOMING;
/*
* Create divert sockets. Use only one socket if -p was specified
* on command line. Otherwise, create separate sockets for
@ -254,7 +260,6 @@ int main (int argc, char** argv)
*/
if (aliasAddr.s_addr != INADDR_NONE)
PacketAliasSetAddress (aliasAddr);
/*
* We need largest descriptor number for select.
*/
@ -411,6 +416,7 @@ static void DoAliasing (int fd)
{
int bytes;
int origBytes;
int status;
int addrSize;
struct ip* ip;
@ -486,7 +492,13 @@ static void DoAliasing (int fd)
/*
* Do aliasing.
*/
PacketAliasIn (packetBuf, IP_MAXPACKET);
status = PacketAliasIn (packetBuf, IP_MAXPACKET);
if (status == PKT_ALIAS_IGNORED &&
dropIgnoredIncoming) {
printf (" dropped.\n");
return;
}
}
/*
* Length might have changed during aliasing.

6
usr.sbin/natd/HISTORY
View File

@ -111,3 +111,9 @@
fixed. Natd now waits with select(2) for buffer space
to become available if write fails.
- Packet aliasing library upgraded to 2.2.
* Version 1.10
- Ignored incoming packets are now dropped when
deny_incoming option is set to yes.
- Packet aliasing library upgraded to 2.4.

16
usr.sbin/natd/natd.c
View File

@ -94,6 +94,7 @@ static char packetBuf[IP_MAXPACKET];
static int packetLen;
static struct sockaddr_in packetAddr;
static int packetSock;
static int dropIgnoredIncoming;
int main (int argc, char** argv)
{
@ -161,6 +162,11 @@ int main (int argc, char** argv)
if (inPort == 0 && outPort == 0 && inOutPort == 0)
ParseOption ("port", DEFAULT_SERVICE, 0);
/*
* Check if ignored packets should be dropped.
*/
dropIgnoredIncoming = PacketAliasSetMode (0, 0);
dropIgnoredIncoming &= PKT_ALIAS_DENY_INCOMING;
/*
* Create divert sockets. Use only one socket if -p was specified
* on command line. Otherwise, create separate sockets for
@ -254,7 +260,6 @@ int main (int argc, char** argv)
*/
if (aliasAddr.s_addr != INADDR_NONE)
PacketAliasSetAddress (aliasAddr);
/*
* We need largest descriptor number for select.
*/
@ -411,6 +416,7 @@ static void DoAliasing (int fd)
{
int bytes;
int origBytes;
int status;
int addrSize;
struct ip* ip;
@ -486,7 +492,13 @@ static void DoAliasing (int fd)
/*
* Do aliasing.
*/
PacketAliasIn (packetBuf, IP_MAXPACKET);
status = PacketAliasIn (packetBuf, IP_MAXPACKET);
if (status == PKT_ALIAS_IGNORED &&
dropIgnoredIncoming) {
printf (" dropped.\n");
return;
}
}
/*
* Length might have changed during aliasing.