Add the ``nat target'' command.

2000-03-31 14:26:23 +00:00 · 2000-03-31 14:26:23 +00:00 · 542750c808
commit 542750c808
parent 942ce5d318
6 changed files with 52 additions and 16 deletions
--- a/usr.sbin/ppp/command.c
+++ b/usr.sbin/ppp/command.c
@ -172,8 +172,8 @@ static int IfaceDeleteCommand(struct cmdargs const *);
 static int IfaceClearCommand(struct cmdargs const *);
 static int SetProcTitle(struct cmdargs const *);
 #ifndef NONAT
-static int AliasEnable(struct cmdargs const *);
-static int AliasOption(struct cmdargs const *);
+static int NatEnable(struct cmdargs const *);
+static int NatOption(struct cmdargs const *);
 #endif

 static const char *
@ -582,36 +582,37 @@ ResolvCommand(struct cmdargs const *arg)
 }

 #ifndef NONAT
-static struct cmdtab const AliasCommands[] =
+static struct cmdtab const NatCommands[] =
 {
  {"addr", NULL, nat_RedirectAddr, LOCAL_AUTH,
   "static address translation", "nat addr [addr_local addr_alias]"},
-  {"deny_incoming", NULL, AliasOption, LOCAL_AUTH,
+  {"deny_incoming", NULL, NatOption, LOCAL_AUTH,
   "stop incoming connections", "nat deny_incoming yes|no",
   (const void *) PKT_ALIAS_DENY_INCOMING},
-  {"enable", NULL, AliasEnable, LOCAL_AUTH,
+  {"enable", NULL, NatEnable, LOCAL_AUTH,
   "enable NAT", "nat enable yes|no"},
-  {"log", NULL, AliasOption, LOCAL_AUTH,
+  {"log", NULL, NatOption, LOCAL_AUTH,
   "log NAT link creation", "nat log yes|no",
   (const void *) PKT_ALIAS_LOG},
  {"port", NULL, nat_RedirectPort, LOCAL_AUTH, "port redirection",
   "nat port proto localaddr:port[-port] aliasport[-aliasport]"},
-  {"pptp", NULL, nat_Pptp, LOCAL_AUTH,
-   "Set the PPTP address", "nat pptp IP"},
+  {"pptp", NULL, nat_Pptp, LOCAL_AUTH, "Set the PPTP address", "nat pptp IP"},
  {"proxy", NULL, nat_ProxyRule, LOCAL_AUTH,
   "proxy control", "nat proxy server host[:port] ..."},
-  {"same_ports", NULL, AliasOption, LOCAL_AUTH,
+  {"same_ports", NULL, NatOption, LOCAL_AUTH,
   "try to leave port numbers unchanged", "nat same_ports yes|no",
   (const void *) PKT_ALIAS_SAME_PORTS},
-  {"unregistered_only", NULL, AliasOption, LOCAL_AUTH,
+  {"target", NULL, nat_SetTarget, LOCAL_AUTH,
+   "Default address for incoming connections", "nat target addr" },
+  {"unregistered_only", NULL, NatOption, LOCAL_AUTH,
   "translate unregistered (private) IP address space only",
   "nat unregistered_only yes|no",
   (const void *) PKT_ALIAS_UNREGISTERED_ONLY},
-  {"use_sockets", NULL, AliasOption, LOCAL_AUTH,
+  {"use_sockets", NULL, NatOption, LOCAL_AUTH,
   "allocate host sockets", "nat use_sockets yes|no",
   (const void *) PKT_ALIAS_USE_SOCKETS},
  {"help", "?", HelpCommand, LOCAL_AUTH | LOCAL_NO_AUTH,
-   "Display this message", "nat help|? [command]", AliasCommands},
+   "Display this message", "nat help|? [command]", NatCommands},
  {NULL, NULL, NULL},
 };
 #endif
@ -688,7 +689,7 @@ static struct cmdtab const Commands[] = {
  "Load settings", "load [system ...]"},
 #ifndef NONAT
  {"nat", "alias", RunListCommand, LOCAL_AUTH,
-  "NAT control", "nat option yes|no", AliasCommands},
+  "NAT control", "nat option yes|no", NatCommands},
 #endif
  {"open", NULL, OpenCommand, LOCAL_AUTH | LOCAL_CX_OPT,
  "Open an FSM", "open! [lcp|ccp|ipcp]", (void *)1},
@ -2129,7 +2130,7 @@ DeleteCommand(struct cmdargs const *arg)

 #ifndef NONAT
 static int
-AliasEnable(struct cmdargs const *arg)
+NatEnable(struct cmdargs const *arg)
 {
  if (arg->argc == arg->argn+1) {
    if (strcasecmp(arg->argv[arg->argn], "yes") == 0) {
@ -2152,7 +2153,7 @@ AliasEnable(struct cmdargs const *arg)


 static int
-AliasOption(struct cmdargs const *arg)
+NatOption(struct cmdargs const *arg)
 {
  long param = (long)arg->cmd->args;

--- a/usr.sbin/ppp/filter.c
+++ b/usr.sbin/ppp/filter.c
@ -113,7 +113,7 @@ ParseAddr(struct ipcp *ipcp, const char *data,
    strncpy(s, data, len);
    s[len] = '\0';
    *paddr = GetIpAddr(s);
-    if (paddr->s_addr == INADDR_NONE) {
+    if (paddr->s_addr == INADDR_ANY || paddr->s_addr == INADDR_NONE) {
      log_Printf(LogWARN, "ParseAddr: %s: Bad address\n", s);
      return 0;
    }
--- a/usr.sbin/ppp/nat_cmd.c
+++ b/usr.sbin/ppp/nat_cmd.c
@ -339,6 +339,30 @@ nat_Pptp(struct cmdargs const *arg)
  return 0;
 }

+int
+nat_SetTarget(struct cmdargs const *arg)
+{
+  struct in_addr addr;
+
+  if (arg->argc == arg->argn) {
+    addr.s_addr = INADDR_ANY;
+    PacketAliasSetTarget(addr);
+    return 0;
+  }
+
+  if (arg->argc != arg->argn + 1)
+    return -1;
+
+  addr = GetIpAddr(arg->argv[arg->argn]);
+  if (addr.s_addr == INADDR_NONE) {
+    log_Printf(LogWARN, "%s: invalid address\n", arg->argv[arg->argn]);
+    return 1;
+  }
+
+  PacketAliasSetTarget(addr);
+  return 0;
+}
+
 static struct mbuf *
 nat_LayerPush(struct bundle *bundle, struct link *l, struct mbuf *bp,
                int pri, u_short *proto)
--- a/usr.sbin/ppp/nat_cmd.h
+++ b/usr.sbin/ppp/nat_cmd.h
@ -11,5 +11,6 @@ extern int nat_RedirectPort(struct cmdargs const *);
 extern int nat_RedirectAddr(struct cmdargs const *);
 extern int nat_ProxyRule(struct cmdargs const *);
 extern int nat_Pptp(struct cmdargs const *);
+extern int nat_SetTarget(struct cmdargs const *);

 extern struct layer natlayer;
--- a/usr.sbin/ppp/ppp.8
+++ b/usr.sbin/ppp/ppp.8
@ -2992,6 +2992,11 @@ When enabled, this command will tell the network address translation engine to
 attempt to avoid changing the port number on outgoing packets.  This is useful
 if you want to support protocols such as RPC and LPD which require
 connections to come from a well known port.
+.It nat target Op Ar address
+Set the given target address or clear it if no address is given.  The target
+address is used by libalias to specify how to NAT incoming packets by default.
+If a target address is not set, the alias address (that of the tun interface)
+is used.
 .It nat use_sockets yes|no
 When enabled, this option tells the network address translation engine to
 create a socket so that it can guarantee a correct incoming ftp data or
--- a/usr.sbin/ppp/ppp.8.m4
+++ b/usr.sbin/ppp/ppp.8.m4
@ -2992,6 +2992,11 @@ When enabled, this command will tell the network address translation engine to
 attempt to avoid changing the port number on outgoing packets.  This is useful
 if you want to support protocols such as RPC and LPD which require
 connections to come from a well known port.
+.It nat target Op Ar address
+Set the given target address or clear it if no address is given.  The target
+address is used by libalias to specify how to NAT incoming packets by default.
+If a target address is not set, the alias address (that of the tun interface)
+is used.
 .It nat use_sockets yes|no
 When enabled, this option tells the network address translation engine to
 create a socket so that it can guarantee a correct incoming ftp data or