Commit Graph

106 Commits

Author SHA1 Message Date
Ruslan Ermilov
4330006d9e New option: -redirect_proto. 2000-05-03 15:06:45 +00:00
Josef Karthauser
30395bb5f1 Fixes a potential buffer overflow with the command line arguments.
Submitted by:   Mike Heffner <spock@techfour.net>
Submitted on:   audit@freebsd.org
2000-04-30 20:53:54 +00:00
Ruslan Ermilov
bd69051080 Load Sharing using IP Network Address Translation (RFC 2391, LSNAT). 2000-04-27 17:55:17 +00:00
Brian Somers
7ffac027b3 Correct Charles Mott's email address
Requested by: cmott@scientech.com
2000-04-02 20:23:34 +00:00
Sheldon Hearn
ef8f7ac935 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 11:27:47 +00:00
Brian Somers
a786a19657 Suggest ppp -nat, not ppp -alias 2000-02-26 13:13:16 +00:00
Ruslan Ermilov
d99cc1da8a Remove the config file line length restriction.
PR:		16900
Reviewed by:	"Crist J. Clark" <cjclark@home.com>, jkh
Approved by:	jkh
2000-02-25 11:34:38 +00:00
Ruslan Ermilov
6f3dbe5e1a Now that kernel is capable of notifying user processes about
the interface MTU change (src/sys/net/if_sl.c,v 1.83), track
interface MTU with -dynamic option as well.

PR:		15494
2000-01-25 12:24:06 +00:00
Mike Pritchard
2522bece25 Minor grammar fix. 1999-10-30 19:33:41 +00:00
Ruslan Ermilov
4c04fa4c1a ioctl -> sysctl for interface address changes.
PR:		14169
Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
1999-10-13 09:00:16 +00:00
Ruslan Ermilov
04bf7dcfeb Fixed the description of how packets re-enter IP firewall filter.
Suggested by:	Ari Suutari <ari@suutari.iki.fi>
1999-10-06 09:26:39 +00:00
Ruslan Ermilov
f2da55a243 Do not defer setting of the aliasing address from
interface name if not operating in dynamic mode.

Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
1999-09-28 08:01:46 +00:00
Ruslan Ermilov
578d29dd12 `permanent_link' is obsolete; update examples. 1999-09-13 18:18:33 +00:00
Ruslan Ermilov
73d10c7f63 Add Ari Suutari as a maintainer.
Approved by:	Ari Suutari <ari@suutari.iki.fi>
1999-09-13 18:16:38 +00:00
Ruslan Ermilov
2e7e7c71ef Config file parser changes:
- Trailing spaces and empty lines are ignored.
- A `#' sign will mark the remaining of the line as a comment.

Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
1999-09-07 15:34:12 +00:00
Ruslan Ermilov
cd45c931f6 Allow signals to interrupt system calls.
Remove redundant signal() call.

PR:		6676
Submitted by:	luoqi
Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
1999-09-02 15:17:25 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Chris Costello
a7d1f49705 Bad cross-reference of getservbyname(2) changed to getservbyname(3)
Reviewed by:	ru
1999-08-18 01:20:07 +00:00
Ruslan Ermilov
9ccbcc3ef1 Become a maintainer.
Approved by:	brian
1999-07-28 08:50:42 +00:00
Ruslan Ermilov
7591275ecb Back out previous commit. 1999-07-28 08:38:26 +00:00
Brian Somers
6664883843 Mention that data going from one internal address to another will
not be processed by natd.
Requested by: Ludwig Pummer <ludwigp@bigfoot.com>
1999-06-21 07:58:25 +00:00
Archie Cobbs
eed2b804bf When incrementing through a SIOCGIFCONF list, enforce a lower limit of
sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len.
Otherwise the increment will be wrong in certain cases.

Obtained from:  Whistle source tree
For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests
                SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
1999-06-05 05:55:07 +00:00
Brian Somers
29d97436c5 Oops - missing parenthesis 1999-05-13 17:09:44 +00:00
Brian Somers
9c501140f7 /sbin/natd portrange documentation and bugfix
Submitted by:	Ruslan Ermilov <ru@ucb.crimea.ua>
PR:		11690

3.2 candidate ?
1999-05-13 16:58:31 +00:00
Warner Losh
ebe70c8f68 More egcs warning fixes:
o main returns int not void
	o use braces to avoid potentially ambiguous else

Note: The fix to natd is potentially functional in nature since I used
the indentation as the right thing rather than the struct semantics.
Someone more familiar with the code should double check me on this one.

Reviewed by: obrien and chuckr
1999-04-25 22:33:30 +00:00
SADA Kenji
8ee64ab680 Typo of `same_ports' directive.
Submitted by:	Masaki Nohtomi <noutomi@jbm-net.or.jp>
1999-04-24 01:42:44 +00:00
Eivind Eklund
26b4eff640 Add a comment that natd is made for use with NICs, not PPP links - I'm
tired of the five people each day that ask me how to set up natd for
use with PPP.
1999-04-08 23:15:31 +00:00
Brian Somers
f3d640240b Disable reads on our ICMP socket. We only use it for sending.
PR:	9253
1999-03-30 10:11:21 +00:00
Brian Somers
7bafbf7bf4 Add `const's that I forgot to commit. Not bad - I broke
the -stable and -current builds in the space of 1 day !

Pointed out by: jdp
1999-03-26 07:13:12 +00:00
Brian Somers
902cb50a76 Add some const-cleanliness and avoid some warnings. 1999-03-24 20:30:48 +00:00
Brian Somers
5d8ee958b3 Allow port ranges when specifying -redirect_port.
Submitted by:	Wes Santee <wes@bogon.net>
PR:		9696
1999-03-24 20:30:20 +00:00
Brian Somers
b71e869d29 Fix a diagnostic typo
Submitted by:  Martin Machacek <mm@i.cz>
1999-03-11 09:24:52 +00:00
Brian Somers
59a7c61374 Upgrade (almost) to natd 2.0b1
- Transparent proxy support.
  - PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead.
  - Drop support for early FreeBSD 2.2 versions
  - If separate input & output sockets are being used
    use them to find out packet direction instead of
    normal mechanism. This can be handy in complex environments
    with multiple interfaces.
  - PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added.
  - Logging enhancements from Martin Machacek <mm@i.cz> added.

Obtained from: Ari Suutari <ari@suutari.iki.fi>
1999-03-07 18:23:56 +00:00
Jordan K. Hubbard
f627793d19 Make this work with the new alias library since, evidently, we're
not providing the backwards-compatability routines in libalias anymore
(which I think may have been a mistake).
1999-02-27 22:37:38 +00:00
Joseph Koshy
06d073b9a9 Fix inconsistent port numbering in man page.
PR: 7250
Submitted-by: Norihiro Kumagai <kuma@jp.freebsd.org>
1998-07-15 03:32:45 +00:00
Joseph Koshy
cdcd36c48e Add $Id$.
PR: 7249
1998-07-14 08:18:51 +00:00
Brian Somers
357f172839 Make things clearer.
Submitted (some time ago) by: Ted Mittelstaedt <tedm@portsoft.com>
1998-07-04 12:07:03 +00:00
Brian Somers
622366b81d Suggest port 8668 rather than 6668 for natd.
6668 is IRC.
1998-07-04 01:53:54 +00:00
Brian Somers
635225ca84 Fix incorrect flag spec
PR:		6339 (part of)
Submitted by:	Chris Dillon <cdillon@wolves.k12.mo.us>
1998-04-18 10:05:38 +00:00
Philippe Charnier
f12a14713b .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 08:31:20 +00:00
Brian Somers
f7d1db72cf Make it clear that aliasing is done on the public interface, not
the private one.
1998-01-29 00:40:41 +00:00
Alexander Langer
a228025e10 Added copyright (taken from natd.c).
Approved by:	Ari Suutari <ari@suutari.iki.fi>
1997-12-30 00:38:56 +00:00
Alexander Langer
f13f9fada7 Typo/$Id$ police. 1997-12-27 19:31:11 +00:00
Brian Somers
67a886fb97 natd 1_10 => 1_11
Cosmetic style changes
  Use u_short for port values.
Submitted by:	Ari Suutari <ari@suutari.iki.fi>
1997-12-10 02:14:57 +00:00
Brian Somers
27c20503c6 Reverse my previous change and use htons() on an int
instead of htonl() !

This results in the int a,b,c,d changing to b,a,c,d,
but as it's subsequently coerced to a u_short, the
ultimate answer is correct.

If this isn't fixed properly soon (by the author) I'll
have a look at it again.

Noted by:	eivind & ari@suutari.iki.fi
1997-12-06 12:00:32 +00:00
Brian Somers
5ae6fac1d7 Use htonl() rather than htons(). 1997-11-13 11:43:02 +00:00
Brian Somers
10cffc50d2 Add -redirect_port and -redirect_address to the
synopsis.
1997-10-18 16:31:28 +00:00
Philippe Charnier
0fc81af12d Use err(3). Change firewall to firewall_enable in man page according to
/etc/rc.conf.
1997-10-02 11:43:33 +00:00
Wolfram Schneider
bf5cbf3551 Sort cross refereces in section SEE ALSO. 1997-09-29 19:11:55 +00:00
Philippe Charnier
be9950897a Typo. 1997-09-18 06:54:03 +00:00
Brian Somers
f9b06d5cbe Ingored incoming packets are now dropped when
deny_incoming option is set to yes.
Submitted by:	Ari Suutari <ari@suutari.iki.fi>
1997-09-06 11:14:03 +00:00
Eivind Eklund
d6b01f404d Fix my e-mail address. Old work addres is no good. 1997-08-31 16:38:33 +00:00
Brian Somers
fb994b078f - Buffer space problem found by Sergio Lenzi <lenzi@bsi.com.br>
fixed. Natd now waits with select(2) for buffer space
  to become available if write fails.
- Packet aliasing library upgraded to 2.2.

Submitted by:	Ari Suutari <suutari@iki.fi>
1997-08-10 21:55:52 +00:00
Brian Somers
46b2c55966 Suggest using /etc/services entry rather than a
number in the "ipfw add divert" example.
1997-06-24 10:49:44 +00:00
Jordan K. Hubbard
c1b792b226 sysconfig -> rc.conf 1997-06-22 14:40:27 +00:00
Brian Somers
24084f9bfc Bring natd into main source tree now that the
pppd/natd combination works ok.

Submitted by:	Ari Suutari <ari.suutari@ps.carel.fi>
1997-06-22 04:19:08 +00:00