d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
73,604 Commits 72 Branches 135 Tags 3.2 GiB
959b83b921
Commit Graph

51 Commits

Author SHA1 Message Date
Ruslan Ermilov
e21a315ec5 s/sysctl -w/sysctl/ 2001-12-11 08:29:10 +00:00
Ruslan Ermilov
c0956cf876 Make -log_ipfw_denied active by default with -verbose. 
Discussed with:	phk
 2001-11-27 11:06:02 +00:00
Ruslan Ermilov
3843533e18 Fixed (local) style bugs in previous revision. 2001-11-27 11:00:16 +00:00
Poul-Henning Kamp
84ef95bd6e Do not uselessly whine in syslog about packets denied by ipfw rules. 
Set 'log_ipfw_denied' option if you want the old behaviour.

PR:	30255
Submitted by:	Flemming "F3" Jacobsen <fj@batmule.dk>
Reviewed by:	phk
MFC after:	4 weeks
 2001-10-31 16:08:49 +00:00
Ruslan Ermilov
c4d9468ea0 mdoc(7) police: 
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
 2001-08-07 15:48:51 +00:00
Ruslan Ermilov
9fe48c6e8d mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 11:04:34 +00:00
Ruslan Ermilov
eb0838029f mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
Ruslan Ermilov
d0353b836e mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
Ruslan Ermilov
7c7fb079b9 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 16:52:27 +00:00
Ruslan Ermilov
d2a46bc99d Describe -deny_incoming better, highlight some keywords, 
add myself to the AUTHORS section.
 2000-11-16 12:20:54 +00:00
Ben Smithurst
32e5e4cfc3 more removal of trailing periods from SEE ALSO. 2000-11-15 16:44:24 +00:00
Ruslan Ermilov
ecd1fe62de Suggest looking at rc.conf(5) on how to start natd(8) during boot. 
Submitted by:	dcs
 2000-07-17 10:06:54 +00:00
Ruslan Ermilov
f685a909b5 "Ease understanding" of how -punch_fw works. 
Reviewed by:	sheldonh
 2000-06-29 09:52:14 +00:00
Ruslan Ermilov
bc4ebb98dc Added new option (-punch_fw) which allows to `punch holes' 
in the ipfirewall(4) for incoming FTP/IRC DCC connections.

Submitted by:	Rene de Vries <rene@canyon.demon.nl>
Rewritten by:	ru
 2000-06-27 15:26:24 +00:00
Ruslan Ermilov
5a424c8cc0 - mdoc(7) style cleanup 
- new version of security note from alex.
 2000-06-27 11:39:36 +00:00
Alexander Langer
7731ee5af9 Back out both previous commits. 
The first one got screwed up by me because of rev 1.33, which was
incorrectly merged into my patches by myself, and so Ruslan (maintainer)
asked me to back them out.

Ruslan was ok with the second one, but since it needs rework, it'll be
readded later, when it doesn't conflict with the backout of the first one.

Pointy hat:		alex
Beer on next meeting:	ru
 2000-06-26 17:18:34 +00:00
Alexander Langer
54c593c69c Add note about security concerns w/o a firewall but other machines 
on your LAN to the "RUNNING NATD" introduction.

In a different way requested by:
PR:		18802
Submitted by:	Zachary K Drew <drew0054@tc.umn.edu>
 2000-06-26 14:52:39 +00:00
Alexander Langer
27d19e4e41 mdoc style cleanup. 
Reviewed by:	sheldonh
 2000-06-26 14:44:31 +00:00
Ruslan Ermilov
dc1a022582 Remove ``pptpalias'' since this is now done transparently by libalias(3). 2000-06-20 12:52:27 +00:00
Sheldon Hearn
3de0a719e7 Fix a small grammar nit, with the maintainer's implicit approval. 2000-05-22 08:41:57 +00:00
Ruslan Ermilov
11c2b3bf00 Add new option (-target_addr) to control how to deal with incoming packets 
not associated with any pre-existing link.

Submitted by:	brian
 2000-05-18 10:31:10 +00:00
Ruslan Ermilov
4330006d9e New option: -redirect_proto. 2000-05-03 15:06:45 +00:00
Ruslan Ermilov
bd69051080 Load Sharing using IP Network Address Translation (RFC 2391, LSNAT). 2000-04-27 17:55:17 +00:00
Brian Somers
7ffac027b3 Correct Charles Mott's email address 
Requested by: cmott@scientech.com
 2000-04-02 20:23:34 +00:00
Sheldon Hearn
ef8f7ac935 Remove single-space hard sentence breaks. These degrade the quality 
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
 2000-03-01 11:27:47 +00:00
Brian Somers
a786a19657 Suggest ppp -nat, not ppp -alias 2000-02-26 13:13:16 +00:00
Mike Pritchard
2522bece25 Minor grammar fix. 1999-10-30 19:33:41 +00:00
Ruslan Ermilov
04bf7dcfeb Fixed the description of how packets re-enter IP firewall filter. 
Suggested by:	Ari Suutari <ari@suutari.iki.fi>
 1999-10-06 09:26:39 +00:00
Ruslan Ermilov
2e7e7c71ef Config file parser changes: 
- Trailing spaces and empty lines are ignored.
- A `#' sign will mark the remaining of the line as a comment.

Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
 1999-09-07 15:34:12 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Chris Costello
a7d1f49705 Bad cross-reference of getservbyname(2) changed to getservbyname(3) 
Reviewed by:	ru
 1999-08-18 01:20:07 +00:00
Ruslan Ermilov
7591275ecb Back out previous commit. 1999-07-28 08:38:26 +00:00
Brian Somers
6664883843 Mention that data going from one internal address to another will 
not be processed by natd.
Requested by: Ludwig Pummer <ludwigp@bigfoot.com>
 1999-06-21 07:58:25 +00:00
Brian Somers
9c501140f7 /sbin/natd portrange documentation and bugfix 
Submitted by:	Ruslan Ermilov <ru@ucb.crimea.ua>
PR:		11690

3.2 candidate ?
 1999-05-13 16:58:31 +00:00
Eivind Eklund
26b4eff640 Add a comment that natd is made for use with NICs, not PPP links - I'm 
tired of the five people each day that ask me how to set up natd for
use with PPP.
 1999-04-08 23:15:31 +00:00
Brian Somers
59a7c61374 Upgrade (almost) to natd 2.0b1 
- Transparent proxy support.
  - PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead.
  - Drop support for early FreeBSD 2.2 versions
  - If separate input & output sockets are being used
    use them to find out packet direction instead of
    normal mechanism. This can be handy in complex environments
    with multiple interfaces.
  - PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added.
  - Logging enhancements from Martin Machacek <mm@i.cz> added.

Obtained from: Ari Suutari <ari@suutari.iki.fi>
 1999-03-07 18:23:56 +00:00
Joseph Koshy
06d073b9a9 Fix inconsistent port numbering in man page. 
PR: 7250
Submitted-by: Norihiro Kumagai <kuma@jp.freebsd.org>
 1998-07-15 03:32:45 +00:00
Joseph Koshy
cdcd36c48e Add $Id$. 
PR: 7249
 1998-07-14 08:18:51 +00:00
Brian Somers
622366b81d Suggest port 8668 rather than 6668 for natd. 
6668 is IRC.
 1998-07-04 01:53:54 +00:00
Brian Somers
635225ca84 Fix incorrect flag spec 
PR:		6339 (part of)
Submitted by:	Chris Dillon <cdillon@wolves.k12.mo.us>
 1998-04-18 10:05:38 +00:00
Philippe Charnier
f12a14713b .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 08:31:20 +00:00
Brian Somers
f7d1db72cf Make it clear that aliasing is done on the public interface, not 
the private one.
 1998-01-29 00:40:41 +00:00
Brian Somers
10cffc50d2 Add -redirect_port and -redirect_address to the 
synopsis.
 1997-10-18 16:31:28 +00:00
Philippe Charnier
0fc81af12d Use err(3). Change firewall to firewall_enable in man page according to 
/etc/rc.conf.
 1997-10-02 11:43:33 +00:00
Wolfram Schneider
bf5cbf3551 Sort cross refereces in section SEE ALSO. 1997-09-29 19:11:55 +00:00
Philippe Charnier
be9950897a Typo. 1997-09-18 06:54:03 +00:00
Eivind Eklund
d6b01f404d Fix my e-mail address. Old work addres is no good. 1997-08-31 16:38:33 +00:00
Brian Somers
fb994b078f - Buffer space problem found by Sergio Lenzi <lenzi@bsi.com.br> 
fixed. Natd now waits with select(2) for buffer space
  to become available if write fails.
- Packet aliasing library upgraded to 2.2.

Submitted by:	Ari Suutari <suutari@iki.fi>
 1997-08-10 21:55:52 +00:00
Brian Somers
46b2c55966 Suggest using /etc/services entry rather than a 
number in the "ipfw add divert" example.
 1997-06-24 10:49:44 +00:00
Jordan K. Hubbard
c1b792b226 sysconfig -> rc.conf 1997-06-22 14:40:27 +00:00