phk
704b01603a
Give natd multi-instance capabilities.
...
This makes it possible to do load-sharing on two xDSL lines etc.
2004-07-04 12:53:54 +00:00
hmp
b8388ce606
Use strlcpy(3) instead of strcpy(3).
...
PR: 46761
Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>
2004-05-10 22:33:12 +00:00
luigi
ce58934c26
Replace ROUNDUP/ADVANCE with SA_SIZE
2004-04-13 11:24:43 +00:00
johan
31854a224a
style.Makefile(5):
...
Use WARNS?= instead of WARNS=.
2004-02-23 20:25:27 +00:00
marcus
e19a1e64d2
Add Cisco Skinny Station protocol support to libalias, natd, and ppp.
...
Skinny is the protocol used by Cisco IP phones to talk to Cisco Call
Managers. With this code, one can use a Cisco IP phone behind a FreeBSD
NAT gateway.
Currently, having the Call Manager behind the NAT gateway is not supported.
More information on enabling Skinny support in libalias, natd, and ppp
can be found in those applications' manpages.
PR: 55843
Reviewed by: ru
Approved by: ru
MFC after: 30 days
2003-09-23 07:41:55 +00:00
ru
44bb8d5b2a
- Clarify the port range syntax in -redirect_port.
...
PR: docs/46286
- "IP number" -> "IP address", for consistency.
2003-08-13 15:13:33 +00:00
ru
4618cdf9bb
Added an option to specify an alternate PID file.
...
PR: bin/37159
Submitted by: "Aleksandr A. Babaylov" <.@babolo.ru>
2003-08-13 13:16:19 +00:00
ru
50a7b0b9b4
If the -proxy_only option is used, the -alias_address/-interface
...
options are not required.
Suggested by: Vaclav Petricek
MFC after: 2 weeks
2003-06-13 22:15:42 +00:00
ru
bd0614a3d1
Don't pretend natd(8) doesn't work with ppp(8) interfaces.
...
While there's probably a better way to achieve the same,
nothing precludes us from using natd(8) on tun(4) links.
Noticed by: bde
2003-02-28 15:41:45 +00:00
charnier
c142aa48bd
Use a more standard error message. Add FBSDID.
...
Reviewed by: ru
2003-02-05 20:08:39 +00:00
ru
b0520b835c
Fixed Charles' e-mail here too.
2003-01-23 08:35:21 +00:00
schweikh
d3367c5f5d
Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
...
especially in troff files.
2003-01-01 18:49:04 +00:00
ru
dfc3706596
can not -> cannot.
2002-08-13 14:10:36 +00:00
ru
07e77e0463
mdoc(7) police: canonize FreeBSD in e-mail address.
2002-08-13 12:07:40 +00:00
charnier
a2accd01f0
The .Nm utility
2002-07-06 19:34:18 +00:00
archie
b4544af31a
Update my email address.
2002-07-03 20:50:32 +00:00
ru
27cb1b2c9f
I don't know what the MAINTAINER means in src/ part of FreeBSD.
...
I'll still be overseeing the changes that go into natd(8) and
will maintain it the way I see it, non-preventing for the rest
of developers.
I will re-ask for the MAINTAINER bit if the ${MAINTAINER} gets
defined.
2002-04-12 19:11:09 +00:00
ru
40e62ac22c
Back out part of the revision 1.2 changes -- sendto(2) can
...
not return ENOBUFS for unreliable protocols like divert.
This should fix an issue when natd(8) keeps spamming already
full dummynet(4) queues with the same packet forever.
Spotted by: chkno@dork.com
Explained by: luigi
Reviewed by: Ari Suutari <ari.suutari@syncrontech.com>
MFC after: 2 weeks
2002-01-15 17:07:56 +00:00
ru
7f320fa871
s/sysctl -w/sysctl/
2001-12-11 08:29:10 +00:00
obrien
9baf2f1b03
Default to WARNS=2.
...
Binary builds that cannot handle this must explicitly set WARNS=0.
Reviewed by: mike
2001-12-04 02:19:58 +00:00
ru
e129a9f15e
Make -log_ipfw_denied active by default with -verbose.
...
Discussed with: phk
2001-11-27 11:06:02 +00:00
ru
3c293c52fd
Fixed (local) style bugs in previous revision.
2001-11-27 11:00:16 +00:00
phk
10fe9ee3d2
Do not uselessly whine in syslog about packets denied by ipfw rules.
...
Set 'log_ipfw_denied' option if you want the old behaviour.
PR: 30255
Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk>
Reviewed by: phk
MFC after: 4 weeks
2001-10-31 16:08:49 +00:00
ru
4345758876
mdoc(7) police:
...
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
ru
7cef49ff86
mdoc(7) police: removed HISTORY info from the .Os call.
2001-07-10 11:04:34 +00:00
joe
1f2cf25ced
Revert the previous commit on objection from the maintainer. I
...
missed that natd has a -v option that will give similar functionality.
Requested by: ru
2001-06-21 12:32:36 +00:00
joe
687340bf5d
When reporting that a packet can't be written back, usually because
...
of a restrictive firewall rule, also report detail on the packet
that caused the failure.
MFC after: 3 days
2001-06-21 10:28:40 +00:00
ru
2d1b95a96f
mdoc(7) police: normalize .Nd.
2001-04-18 15:54:10 +00:00
ru
86642a4ab4
- Backout botched attempt to introduce MANSECT feature.
...
- MAN[1-9] -> MAN.
2001-03-26 14:33:27 +00:00
ru
56b5d7535b
Set the default manual section for sbin/ to 8.
2001-03-20 18:13:31 +00:00
ru
8a6f8b5fe4
mdoc(7) police: split punctuation characters + misc fixes.
2001-02-01 16:38:02 +00:00
ru
ea31070695
mdoc(7) police: use the new features of the Nm macro.
2000-11-20 16:52:27 +00:00
ru
9c5e4a8b3f
Describe -deny_incoming better, highlight some keywords,
...
add myself to the AUTHORS section.
2000-11-16 12:20:54 +00:00
ben
bd94b89a9a
more removal of trailing periods from SEE ALSO.
2000-11-15 16:44:24 +00:00
ru
edc0cc6c36
Suggest looking at rc.conf(5) on how to start natd(8) during boot.
...
Submitted by: dcs
2000-07-17 10:06:54 +00:00
kris
007293175c
Don't call warn() with no format string.
2000-07-10 08:14:18 +00:00
ru
38b5153ff9
"Ease understanding" of how -punch_fw works.
...
Reviewed by: sheldonh
2000-06-29 09:52:14 +00:00
ru
15462ff9cb
Added new option (-punch_fw) which allows to `punch holes'
...
in the ipfirewall(4) for incoming FTP/IRC DCC connections.
Submitted by: Rene de Vries <rene@canyon.demon.nl>
Rewritten by: ru
2000-06-27 15:26:24 +00:00
ru
2bcb688f1c
- mdoc(7) style cleanup
...
- new version of security note from alex.
2000-06-27 11:39:36 +00:00
alex
779ca545b4
Back out both previous commits.
...
The first one got screwed up by me because of rev 1.33, which was
incorrectly merged into my patches by myself, and so Ruslan (maintainer)
asked me to back them out.
Ruslan was ok with the second one, but since it needs rework, it'll be
readded later, when it doesn't conflict with the backout of the first one.
Pointy hat: alex
Beer on next meeting: ru
2000-06-26 17:18:34 +00:00
alex
3ff7ddfcc8
Add note about security concerns w/o a firewall but other machines
...
on your LAN to the "RUNNING NATD" introduction.
In a different way requested by:
PR: 18802
Submitted by: Zachary K Drew <drew0054@tc.umn.edu>
2000-06-26 14:52:39 +00:00
alex
9c7df143c8
mdoc style cleanup.
...
Reviewed by: sheldonh
2000-06-26 14:44:31 +00:00
ru
8f3a6df6e3
Remove ``pptpalias'' since this is now done transparently by libalias(3).
2000-06-20 12:52:27 +00:00
ru
646e21aa2b
Remove unused parameter.
2000-06-16 09:41:57 +00:00
sheldonh
6d881bfeba
Fix a small grammar nit, with the maintainer's implicit approval.
2000-05-22 08:41:57 +00:00
ru
9033edf3a8
Add new option (-target_addr) to control how to deal with incoming packets
...
not associated with any pre-existing link.
Submitted by: brian
2000-05-18 10:31:10 +00:00
ru
1e594f519a
New option: -redirect_proto.
2000-05-03 15:06:45 +00:00
joe
98328065bf
Fixes a potential buffer overflow with the command line arguments.
...
Submitted by: Mike Heffner <spock@techfour.net>
Submitted on: audit@freebsd.org
2000-04-30 20:53:54 +00:00
ru
b3e08f68b8
Load Sharing using IP Network Address Translation (RFC 2391, LSNAT).
2000-04-27 17:55:17 +00:00
brian
b4b080a3ff
Correct Charles Mott's email address
...
Requested by: cmott@scientech.com
2000-04-02 20:23:34 +00:00