d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
167,310 Commits 4 Branches 49 Tags 2 GiB
d63aabd58e
Commit Graph

69 Commits

Author SHA1 Message Date
ru
68665ff505 Replace PacketAliasRedirectPptp() (which had nothing specific 
to PPTP) with more generic PacketAliasRedirectProto().

Major number is not bumped because it is believed that noone
has started using PacketAliasRedirectPptp() yet.
 2000-04-28 13:44:49 +00:00
ru
d297953a9f Add support for multiple PPTP sessions: 
- new API function: PacketAliasRedirectPptp()
- new mode bit: PKT_ALIAS_DENY_PPTP

Please see manual page for details.
 2000-04-18 10:18:21 +00:00
ru
73d40971f4 - Remove unused includes. 
- Minor spelling fixes.
- Make IcmpAliasOut2() really work.

Before this change:

# natd -v -n PUB_IFACE -p 12345 -redirect_address 192.168.1.1 P.P.P.P
natd[87923]: Aliasing to A.A.A.A, mtu 1500 bytes
In  [UDP]  [UDP] X.X.X.X:49562 -> P.P.P.P:50000 aliased to
           [UDP] X.X.X.X:49562 -> 192.168.1.1:50000
Out [ICMP] [ICMP] 192.168.1.1 -> X.X.X.X 3(3) aliased to
           [ICMP] A.A.A.A -> X.X.X.X 3(3)

# tcpdump -n -t -i PUB_IFACE host X.X.X.X and "(udp or icmp)"
tcpdump: listening on PUB_IFACE
X.X.X.X.49562 > P.P.P.P.50000: udp 3
A.A.A.A > X.X.X.X: icmp: A.A.A.A udp port 50000 unreachable

After this change:

# natd -v -n PUB_IFACE -p 12345 -redirect_address 192.168.1.1 P.P.P.P
natd[89360]: Aliasing to A.A.A.A, mtu 1500 bytes
In  [UDP]  [UDP] X.X.X.X:49563 -> P.P.P.P:50000 aliased to
           [UDP] X.X.X.X:49563 -> 192.168.1.1:50000
Out [ICMP] [ICMP] 192.168.1.1 -> X.X.X.X 3(3) aliased to
           [ICMP] P.P.P.P -> X.X.X.X 3(3)

# tcpdump -n -t -i PUB_IFACE host X.X.X.X and "(udp or icmp)"
tcpdump: listening on PUB_IFACE
X.X.X.X.49563 > P.P.P.P.50000: udp 3
P.P.P.P > X.X.X.X: icmp: P.P.P.P udp port 50000 unreachable
 2000-04-05 14:27:34 +00:00
ru
25ec57cdd2 - Optimization to the previous (rev 1.15) commit. 
Requested by:	eivind
Discussed with:	eivind
Reviewed by:	brian, eivind
 1999-09-10 15:27:34 +00:00
ru
55c2ca09dd Handle TCP reset sequence properly. 
In the words of originator:
:If an incoming connection is initiated through natd and deny_incoming is
:not set, then a new alias_link structure is created to handle the link.
:If there is nothing listening for the incoming connection, then the kernel
:responds with a RST for the connection. However, this is not processed
:correctly in libalias/alias.c:TcpMonitor{In,Out} and
:libalias/alias_db.c:SetState{In,Out} as it thinks a connection
:has been established and therefore applies a timeout of 86400 seconds
:to the link.
:
:If many of these half-connections are initiated (during, for example, a
:port scan of the host), then many thousands of unnecessary links are
:created and the resident size of natd balloons to 20MB or more.

PR:		13639
Reviewed by:	brian
 1999-09-09 13:42:51 +00:00
billf
0a8146a286 Add $FreeBSD$ and spell Eklund properly. 
Approved by:	brian (well, he approved adding $Id$)
 1999-08-29 23:17:04 +00:00
brian
d27b3a1884 Aallow ppp to work with Nortel Networks Extranet Switch 
product and Windows NT tunneling.

Submitted by: Chain Lee <chain@nortelnetworks.com>
 1999-08-22 23:32:01 +00:00
brian
c630b95121 Don't get caught in an infinite recursion when PKT_ALIAS_REVERSE 
is set.
Document PKT_ALIAS_REVERSE.

Pointed out by:	Jonathan Hanna <jh@cr1003333-a.crdva1.bc.home.com>
PR:		12304
 1999-06-22 11:20:03 +00:00
billf
da0438ea6a Remove duplicate line. 
Reviewed by:	eivind
 1999-03-23 23:01:15 +00:00
brian
087590fb63 Version 3.0: January 1, 1999 
- Transparent proxying support added.
    - PPTP redirecting support added based on patches
      contributed by Dru Nelson <dnelson@redwoodsoft.com>.

Submitted by: Charles Mott <cmott@srv.net>
 1999-02-27 02:16:01 +00:00
dillon
14901c04b7 Reviewed by: freebsd-current 
Add bounds checking to netbios NS packet resolving code.  This should
    prevent natd from crashing on badly formed netbios packets (as might be
    heard when the machine is sitting on a cable modem or certain DSL
    networks), and also closes potential security holes that might have
    exploited the lack of bounds checking in the previous version of the
    code.
 1998-12-14 02:25:32 +00:00
brian
5ed7f2c4ee Add CUSEEME support. This has *not* been tested, nor 
could I find anyone to test it, so please report any
problems to me.
 1998-06-24 06:58:00 +00:00
brian
4ff4152e09 Quieten gcc 2.8.1 1998-06-10 00:26:19 +00:00
amurai
60356ac1dd Primary verison of NetBIOS over TCP/IP. Now you can connect Windows 
DOMAIN as DOMAIN user through NAT function. See also RFC1002 for
futher detail of SMB structure.

Submitted by:	Atsushi Murai <amurai@spec.co.jp>
 1998-05-24 03:03:10 +00:00
brian
182404b274 o Support a compile-time -DNO_FW_PUNCH for portability 
(and those of us that don't want the functionality).
o Don't assume sizeof(long) == 4.
Ok'd by: Charles Mott <cmott@srv.net>
 1998-04-19 21:42:07 +00:00
eivind
781f5bff10 Teach libalias to work with IPFW firewalls (controlled by a flag). 
Obtained from: Yes development tree (+ 10 lines of patches from
	Charles Mott, original libalias author)
 1998-01-09 21:13:35 +00:00
brian
afdfe1afbe Upgrade to 2.4 (Fix -PKT_ALIAS_UNREGISTERED_ONLY) 
Submitted by:	Charles Mott <cmott@srv.net>

Add __libalias_version so that ppp can derive the
correct library name for dlopen()
 1997-09-06 11:11:43 +00:00
brian
e7c02535af Update to version 2.2. Only the PacketAlias*() 
functions should now be used.  The old 2.1 stuff is
there for backwards compatability.
Submitted by:	Charles Mott <cmott@snake.srv.net>
 1997-08-03 18:20:03 +00:00
brian
06bdbfe539 Create the alias library. This is currently only used by 
ppp (or will be shortly).  Natd can now be updated to use
this library rather than carrying its own version of the code.

Submitted by:	Charles Mott <cmott@srv.net>
 1997-05-23 04:41:31 +00:00