d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
155,549 Commits 4 Branches 49 Tags 2 GiB
62687638df
Commit Graph

68 Commits

Author SHA1 Message Date
mav
2ee7f37628 Add exit_delay parameter to control daemon exit delay after signal. 
PR:		bin/58696
Submitted by:	sp@alkor.ru
 2008-06-22 22:14:02 +00:00
ru
cd3c6606b0 Improve rev. 1.63. Document -instance and -globalport options. 
Add a MULTIPLE INSTANCES section which provides an example of
setting up natd in multi-instance mode (based on the notes.natd
file from phk@).

Submitted by:	"Andrey V. Elsukov" <bu7cher@yandex.ru>
Reviewed by:	ru
 2008-02-04 15:27:09 +00:00
trhodes
c7b288f98d Note that the punch_fw option does not work in securelevel 3 and Xref init.8. 
Bump .Dd.

PR:		41807
 2008-01-21 23:09:18 +00:00
maxim
1eb231d8e9 o Markup and grammar fixes. 2007-12-14 14:34:26 +00:00
ceri
ebbb79756a Bump .Dd for r1.63; fix small nit from the same. 2007-12-10 12:03:23 +00:00
phk
4b233f446d Add a bit more detailed description about a configuration 
file format and about using NAT "instances".

Submitted by: "Andrey V. Elsukov" <bu7cher@yandex.ru>
 2007-12-10 07:50:07 +00:00
ru
d26afd541d Eliminate macro calls inside literal displays. 2005-01-15 12:28:01 +00:00
marcus
e19a1e64d2 Add Cisco Skinny Station protocol support to libalias, natd, and ppp. 
Skinny is the protocol used by Cisco IP phones to talk to Cisco Call
Managers.  With this code, one can use a Cisco IP phone behind a FreeBSD
NAT gateway.

Currently, having the Call Manager behind the NAT gateway is not supported.
More information on enabling Skinny support in libalias, natd, and ppp
can be found in those applications' manpages.

PR:		55843
Reviewed by:	ru
Approved by:	ru
MFC after:	30 days
 2003-09-23 07:41:55 +00:00
ru
44bb8d5b2a - Clarify the port range syntax in -redirect_port. 
PR:	docs/46286

- "IP number" -> "IP address", for consistency.
 2003-08-13 15:13:33 +00:00
ru
4618cdf9bb Added an option to specify an alternate PID file. 
PR:		bin/37159
Submitted by:	"Aleksandr A. Babaylov" <.@babolo.ru>
 2003-08-13 13:16:19 +00:00
ru
50a7b0b9b4 If the -proxy_only option is used, the -alias_address/-interface 
options are not required.

Suggested by:	Vaclav Petricek
MFC after:	2 weeks
 2003-06-13 22:15:42 +00:00
ru
bd0614a3d1 Don't pretend natd(8) doesn't work with ppp(8) interfaces. 
While there's probably a better way to achieve the same,
nothing precludes us from using natd(8) on tun(4) links.

Noticed by:	bde
 2003-02-28 15:41:45 +00:00
ru
b0520b835c Fixed Charles' e-mail here too. 2003-01-23 08:35:21 +00:00
ru
dfc3706596 can not -> cannot. 2002-08-13 14:10:36 +00:00
ru
07e77e0463 mdoc(7) police: canonize FreeBSD in e-mail address. 2002-08-13 12:07:40 +00:00
charnier
a2accd01f0 The .Nm utility 2002-07-06 19:34:18 +00:00
archie
b4544af31a Update my email address. 2002-07-03 20:50:32 +00:00
ru
7f320fa871 s/sysctl -w/sysctl/ 2001-12-11 08:29:10 +00:00
ru
e129a9f15e Make -log_ipfw_denied active by default with -verbose. 
Discussed with:	phk
 2001-11-27 11:06:02 +00:00
ru
3c293c52fd Fixed (local) style bugs in previous revision. 2001-11-27 11:00:16 +00:00
phk
10fe9ee3d2 Do not uselessly whine in syslog about packets denied by ipfw rules. 
Set 'log_ipfw_denied' option if you want the old behaviour.

PR:	30255
Submitted by:	Flemming "F3" Jacobsen <fj@batmule.dk>
Reviewed by:	phk
MFC after:	4 weeks
 2001-10-31 16:08:49 +00:00
ru
4345758876 mdoc(7) police: 
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
 2001-08-07 15:48:51 +00:00
ru
7cef49ff86 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 11:04:34 +00:00
ru
2d1b95a96f mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
ru
8a6f8b5fe4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
ru
ea31070695 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 16:52:27 +00:00
ru
9c5e4a8b3f Describe -deny_incoming better, highlight some keywords, 
add myself to the AUTHORS section.
 2000-11-16 12:20:54 +00:00
ben
bd94b89a9a more removal of trailing periods from SEE ALSO. 2000-11-15 16:44:24 +00:00
ru
edc0cc6c36 Suggest looking at rc.conf(5) on how to start natd(8) during boot. 
Submitted by:	dcs
 2000-07-17 10:06:54 +00:00
ru
38b5153ff9 "Ease understanding" of how -punch_fw works. 
Reviewed by:	sheldonh
 2000-06-29 09:52:14 +00:00
ru
15462ff9cb Added new option (-punch_fw) which allows to `punch holes' 
in the ipfirewall(4) for incoming FTP/IRC DCC connections.

Submitted by:	Rene de Vries <rene@canyon.demon.nl>
Rewritten by:	ru
 2000-06-27 15:26:24 +00:00
ru
2bcb688f1c - mdoc(7) style cleanup 
- new version of security note from alex.
 2000-06-27 11:39:36 +00:00
alex
779ca545b4 Back out both previous commits. 
The first one got screwed up by me because of rev 1.33, which was
incorrectly merged into my patches by myself, and so Ruslan (maintainer)
asked me to back them out.

Ruslan was ok with the second one, but since it needs rework, it'll be
readded later, when it doesn't conflict with the backout of the first one.

Pointy hat:		alex
Beer on next meeting:	ru
 2000-06-26 17:18:34 +00:00
alex
3ff7ddfcc8 Add note about security concerns w/o a firewall but other machines 
on your LAN to the "RUNNING NATD" introduction.

In a different way requested by:
PR:		18802
Submitted by:	Zachary K Drew <drew0054@tc.umn.edu>
 2000-06-26 14:52:39 +00:00
alex
9c7df143c8 mdoc style cleanup. 
Reviewed by:	sheldonh
 2000-06-26 14:44:31 +00:00
ru
8f3a6df6e3 Remove ``pptpalias'' since this is now done transparently by libalias(3). 2000-06-20 12:52:27 +00:00
sheldonh
6d881bfeba Fix a small grammar nit, with the maintainer's implicit approval. 2000-05-22 08:41:57 +00:00
ru
9033edf3a8 Add new option (-target_addr) to control how to deal with incoming packets 
not associated with any pre-existing link.

Submitted by:	brian
 2000-05-18 10:31:10 +00:00
ru
1e594f519a New option: -redirect_proto. 2000-05-03 15:06:45 +00:00
ru
b3e08f68b8 Load Sharing using IP Network Address Translation (RFC 2391, LSNAT). 2000-04-27 17:55:17 +00:00
brian
b4b080a3ff Correct Charles Mott's email address 
Requested by: cmott@scientech.com
 2000-04-02 20:23:34 +00:00
sheldonh
ff1f324516 Remove single-space hard sentence breaks. These degrade the quality 
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
 2000-03-01 11:27:47 +00:00
brian
be10bd6804 Suggest ppp -nat, not ppp -alias 2000-02-26 13:13:16 +00:00
mpp
741c8d6784 Minor grammar fix. 1999-10-30 19:33:41 +00:00
ru
3fe86c67fe Fixed the description of how packets re-enter IP firewall filter. 
Suggested by:	Ari Suutari <ari@suutari.iki.fi>
 1999-10-06 09:26:39 +00:00
ru
7357a87ddf Config file parser changes: 
- Trailing spaces and empty lines are ignored.
- A `#' sign will mark the remaining of the line as a comment.

Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
 1999-09-07 15:34:12 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
chris
ab6c4be83c Bad cross-reference of getservbyname(2) changed to getservbyname(3) 
Reviewed by:	ru
 1999-08-18 01:20:07 +00:00
ru
d4af6c2191 Back out previous commit. 1999-07-28 08:38:26 +00:00
brian
2cacc38393 Mention that data going from one internal address to another will 
not be processed by natd.
Requested by: Ludwig Pummer <ludwigp@bigfoot.com>
 1999-06-21 07:58:25 +00:00