diff options
author | darrenr <darrenr@FreeBSD.org> | 2005-04-25 18:20:15 +0000 |
---|---|---|
committer | darrenr <darrenr@FreeBSD.org> | 2005-04-25 18:20:15 +0000 |
commit | d643bc9db0177adb3aff13bcffd595bcd5417bf2 (patch) | |
tree | 8e099ceb5542b50acce35f82fca9a4168815c6ae /contrib/ipfilter/FWTK | |
parent | f9c93115b7330831536223046595f7f3e5215be5 (diff) | |
download | FreeBSD-src-d643bc9db0177adb3aff13bcffd595bcd5417bf2.zip FreeBSD-src-d643bc9db0177adb3aff13bcffd595bcd5417bf2.tar.gz |
* Someone imported a lot of files with the wrong CVS tag, so lots of files need
that fixed in them....
* Keep unnecessary files out of the non-vendor part of this CVS repository.
Diffstat (limited to 'contrib/ipfilter/FWTK')
-rw-r--r-- | contrib/ipfilter/FWTK/fwtk-2.1-transparency.txt | 707 | ||||
-rw-r--r-- | contrib/ipfilter/FWTK/tproxy.diff | 82 |
2 files changed, 0 insertions, 789 deletions
diff --git a/contrib/ipfilter/FWTK/fwtk-2.1-transparency.txt b/contrib/ipfilter/FWTK/fwtk-2.1-transparency.txt deleted file mode 100644 index 2e71938..0000000 --- a/contrib/ipfilter/FWTK/fwtk-2.1-transparency.txt +++ /dev/null @@ -1,707 +0,0 @@ -diff -c -r ./ftp-gw/ftp-gw.c ../../fwtk-2.1-violated/fwtk/ftp-gw/ftp-gw.c -*** ./ftp-gw/ftp-gw.c Thu Feb 5 19:05:43 1998 ---- ../../fwtk-2.1-violated/fwtk/ftp-gw/ftp-gw.c Thu May 21 17:36:09 1998 -*************** -*** 44,49 **** ---- 44,51 ---- - - extern char *optarg; - -+ char *getdsthost(); -+ - #include "firewall.h" - - -*************** -*** 88,93 **** ---- 90,97 ---- - static int cmdcnt = 0; - static int timeout = PROXY_TIMEOUT; - -+ static int do_transparent = 0; -+ - - static int cmd_user(); - static int cmd_authorize(); -*************** -*** 101,106 **** ---- 105,111 ---- - static int cmd_passthru(); - static void saveline(); - static void flushsaved(); -+ static int connectdest(); - - #define OP_CONN 001 /* only valid if connected */ - #define OP_WCON 002 /* writethrough if connected */ -*************** -*** 173,178 **** ---- 178,184 ---- - char xuf[1024]; - char huf[512]; - char *passuser = (char *)0; /* passed user as av */ -+ char *psychic, *hotline; - - #ifndef LOG_DAEMON - openlog("ftp-gw",LOG_PID); -*************** -*** 317,322 **** ---- 323,332 ---- - } else - timeout = PROXY_TIMEOUT; - -+ psychic = getdsthost(0, NULL); -+ if (psychic) -+ do_transparent++; -+ - /* display a welcome file or message */ - if(passuser == (char *)0) { - if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { -*************** -*** 324,329 **** ---- 334,345 ---- - syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); - exit(1); - } -+ if (do_transparent) { -+ if (sayfile2(0, cf->argv[0], 220)) { -+ syslog(LLEV,"fwtksyserr: cannot display welcome %.512s: %m",cf->argv[0]); -+ exit(1); -+ } -+ } else - if(sayfile(0,cf->argv[0],220)) { - syslog(LLEV,"fwtksyserr: cannot display welcome %.512s: %m",cf->argv[0]); - exit(1); -*************** -*** 336,341 **** ---- 352,360 ---- - if(say(0,"220-Proxy first requires authentication")) - exit(1); - -+ if (do_transparent) -+ sprintf(xuf, "220-%s FTP proxy (Version %s) ready.",huf, FWTK_VERSION_MINOR); -+ else - sprintf(xuf, "220 %s FTP proxy (Version %s) ready.",huf, FWTK_VERSION_MINOR); - if(say(0,xuf)) - exit(1); -*************** -*** 357,362 **** ---- 376,384 ---- - exit(1); - } - -+ if (do_transparent) -+ connectdest(psychic, 21); -+ - /* main loop */ - while(1) { - FD_ZERO(&rdy); -*************** -*** 653,658 **** ---- 675,696 ---- - return(sayn(0,noad,sizeof(noad)-1)); - } - -+ if (do_transparent) { -+ if((rfd == (-1)) && (x = connectdest(dest,port))) -+ return x; -+ -+ sprintf(buf,"USER %s",user); -+ -+ if (say(rfd, buf)) -+ return(1); -+ -+ x = getresp(rfd, buf, sizeof(buf), 1); -+ if (sendsaved(0, x)) -+ return(1); -+ -+ return(say(0, buf)); -+ } -+ - if(*dest == '\0') - dest = "localhost"; - -*************** -*** 694,705 **** - char ebuf[512]; - - strcpy(ebuf,buf); -! sprintf(buf,"521 %s: %s",dest,ebuf); - rfd = -1; - return(say(0,buf)); - } -! sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); -! saveline(buf); - - /* we are now connected and need to try the autologin thing */ - x = getresp(rfd,buf,sizeof(buf),1); ---- 732,748 ---- - char ebuf[512]; - - strcpy(ebuf,buf); -! if (do_transparent) -! sprintf(buf, "521 %s,%d: %s", dest, ntohs(port), ebuf); -! else -! sprintf(buf,"521 %s: %s",dest,ebuf); - rfd = -1; - return(say(0,buf)); - } -! if (!do_transparent) { -! sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); -! saveline(buf); -! } - - /* we are now connected and need to try the autologin thing */ - x = getresp(rfd,buf,sizeof(buf),1); -*************** -*** 1889,1891 **** ---- 1932,2050 ---- - dup(nread); - } - #endif -+ -+ static int connectdest(dest, port) -+ char *dest; -+ short port; -+ { -+ char buf[1024], mbuf[512]; -+ int msg_int, x; -+ -+ if(*dest == '\0') -+ dest = "localhost"; -+ -+ if(validests != (char **)0) { -+ char **xp; -+ int x; -+ -+ for(xp = validests; *xp != (char *)0; xp++) { -+ if(**xp == '!' && hostmatch(*xp + 1,dest)) { -+ return(baddest(0,dest)); -+ } else { -+ if(hostmatch(*xp,dest)) -+ break; -+ } -+ } -+ if(*xp == (char *)0) -+ return(baddest(0,dest)); -+ } -+ -+ /* Extended permissions processing goes in here for destination */ -+ if(extendperm) { -+ msg_int = auth_perm(confp, authuser, "ftp-gw", dest,(char *)0); -+ if(msg_int == 1) { -+ sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest); -+ syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser); -+ say(0,mbuf); -+ return(1); -+ } else { -+ if(msg_int == -1) { -+ sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest); -+ say(0,mbuf); -+ return(1); -+ } -+ } -+ } -+ -+ syslog(LLEV,"permit host=%s/%s connect to %s",rladdr,riaddr,dest); -+ -+ if((rfd = conn_server(dest,port,0,buf)) < 0) { -+ char ebuf[512]; -+ -+ strcpy(ebuf,buf); -+ if (do_transparent) -+ sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf); -+ else -+ sprintf(buf,"521 %s: %s",dest,ebuf); -+ rfd = -1; -+ return(say(0,buf)); -+ } -+ if (!do_transparent) { -+ sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); -+ saveline(buf); -+ } -+ -+ /* we are now connected and need to try the autologin thing */ -+ x = getresp(rfd,buf,sizeof(buf),1); -+ if(x / 100 != COMPLETE) { -+ sendsaved(0,-1); -+ return(say(0,buf)); -+ } -+ saveline(buf); -+ -+ sendsaved(0,-1); -+ return 0; -+ } -+ -+ /* quick hack */ -+ sayfile2(fd,fn,code) -+ int fd; -+ char *fn; -+ int code; -+ { -+ FILE *f; -+ char buf[BUFSIZ]; -+ char yuf[BUFSIZ]; -+ char *c; -+ int x; -+ int saidsomething = 0; -+ -+ if((f = fopen(fn,"r")) == (FILE *)0) -+ return(1); -+ while(fgets(buf,sizeof(buf),f) != (char *)0) { -+ if((c = index(buf,'\n')) != (char *)0) -+ *c = '\0'; -+ x = fgetc(f); -+ if(feof(f)) -+ sprintf(yuf,"%3.3d-%s",code,buf); -+ else { -+ sprintf(yuf,"%3.3d-%s",code,buf); -+ ungetc(x,f); -+ } -+ if(say(fd,yuf)) { -+ fclose(f); -+ return(1); -+ } -+ saidsomething++; -+ } -+ fclose(f); -+ if (!saidsomething) { -+ syslog(LLEV,"fwtkcfgerr: sayfile for %d is empty",code); -+ sprintf(yuf, "%3.3d The file to display is empty",code); -+ if(say(fd,yuf)) { -+ fclose(f); -+ return(1); -+ } -+ } -+ return(0); -+ } -diff -c -r ./http-gw/http-gw.c ../../fwtk-2.1-violated/fwtk/http-gw/http-gw.c -*** ./http-gw/http-gw.c Fri Feb 6 18:32:25 1998 ---- ../../fwtk-2.1-violated/fwtk/http-gw/http-gw.c Thu May 21 17:00:47 1998 -*************** -*** 27,32 **** ---- 27,35 ---- - static char http_buffer[8192]; - static char reason[8192]; - static int checkBrowserType = 1; -+ static int do_transparent = 0; -+ -+ char * getdsthost(); - - static void do_logging() - { char *proto = "GOPHER"; -*************** -*** 473,478 **** ---- 476,490 ---- - /*(NOT A SPECIAL FORM)*/ - - if((rem_type & TYPE_LOCAL)== 0){ -+ char * psychic = getdsthost(sockfd, &def_port); -+ if (psychic) { -+ if (strlen(psychic) <= MAXHOSTNAMELEN) { -+ do_transparent ++; -+ strncpy(def_httpd, psychic, strlen(psychic)); -+ strncpy(def_server, psychic, strlen(psychic)); -+ } -+ } -+ - /* See if it can be forwarded */ - - if( can_forward(buf)){ -*************** -*** 1564,1570 **** - parse_vec[0], - parse_vec[1], - ourname, ourport); -! }else{ - sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u", - parse_vec[0], parse_vec[2], - parse_vec[3], chk_type_ch, ---- 1576,1589 ---- - parse_vec[0], - parse_vec[1], - ourname, ourport); -! } -! else -! if (do_transparent) { -! sprintf(new_reply, "%s\t%s\t%s\t%s", -! parse_vec[0], parse_vec[1], -! parse_vec[2],parse_vec[3]); -! } -! else { - sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u", - parse_vec[0], parse_vec[2], - parse_vec[3], chk_type_ch, -diff -c -r ./lib/hnam.c ../../fwtk-2.1-violated/fwtk/lib/hnam.c -*** ./lib/hnam.c Tue Dec 10 13:08:48 1996 ---- ../../fwtk-2.1-violated/fwtk/lib/hnam.c Thu May 21 17:10:00 1998 -*************** -*** 23,28 **** ---- 23,33 ---- - - #include "firewall.h" - -+ #ifdef __FreeBSD__ /* or OpenBSD, NetBSD, BSDI, etc. Fix this for your system. */ -+ #include <net/if.h> -+ #include "ip_nat.h" -+ #endif /* __FreeBSD__ */ -+ - - char * - maphostname(name) -*************** -*** 49,52 **** ---- 54,132 ---- - } - bcopy(hp->h_addr,&sin.sin_addr,hp->h_length); - return(inet_ntoa(sin.sin_addr)); -+ } -+ -+ char *getdsthost(fd, ptr) -+ int fd; -+ int *ptr; -+ { -+ struct sockaddr_in sin; -+ struct hostent * hp; -+ int sl = sizeof(struct sockaddr_in), err = 0, local_h = 0, i = 0; -+ char buf[255], hostbuf[255]; -+ #ifdef __FreeBSD__ -+ struct sockaddr_in rsin; -+ struct natlookup natlookup; -+ #endif -+ -+ #ifdef linux -+ if (!(err = getsockname(0, &sin, &sl))) { -+ if(ptr) -+ * ptr = ntohs(sin.sin_port); -+ -+ sprintf(buf, "%s", inet_ntoa(sin.sin_addr)); -+ gethostname(hostbuf, 254); -+ hp = gethostbyname(hostbuf); -+ while (hp->h_addr_list[i]) { -+ bzero(&sin, &sl); -+ memcpy(&sin.sin_addr, hp->h_addr_list[i++], -+ sizeof(hp->h_addr_list[i++])); -+ -+ if (!strcmp(buf, inet_ntoa(sin.sin_addr))) -+ local_h++; -+ } -+ -+ if(local_h) -+ return(NULL); -+ else -+ return(buf); -+ } -+ #endif -+ -+ #ifdef __FreeBSD__ -+ /* The basis for this block of code is Darren Reed's -+ * patches to the TIS ftwk's ftp-gw. -+ */ -+ bzero((char*)&sin, sizeof(sin)); -+ bzero((char*)&rsin, sizeof(rsin)); -+ -+ if (getsockname(fd, (struct sockaddr*)&sin, &sl) < 0) -+ return NULL; -+ -+ sl = sizeof(rsin); -+ -+ if(getpeername(fd, (struct sockaddr*)&rsin, &sl) < 0) -+ return NULL; -+ -+ natlookup.nl_inport=sin.sin_port; -+ natlookup.nl_outport=rsin.sin_port; -+ natlookup.nl_inip=sin.sin_addr; -+ natlookup.nl_outip=rsin.sin_addr; -+ -+ if ((natfd = open("/dev/ipl",O_RDONLY)) < 0) -+ return NULL; -+ -+ if (ioctl(natfd, SIOCGNATL,&natlookup) == (-1)) -+ return NULL; -+ -+ close(natfd); -+ -+ if (ptr) -+ *ptr = ntohs(natlookup.nl_inport); -+ -+ sprintf(buf, "%s", inet_ntoa(natlookup.nl_inip)); -+ #endif -+ -+ /* No transparent proxy support */ -+ return(NULL); - } -diff -c -r ./plug-gw/plug-gw.c ../../fwtk-2.1-violated/fwtk/plug-gw/plug-gw.c -*** ./plug-gw/plug-gw.c Thu Feb 5 19:07:35 1998 ---- ../../fwtk-2.1-violated/fwtk/plug-gw/plug-gw.c Thu May 21 17:29:01 1998 -*************** -*** 43,48 **** ---- 43,50 ---- - static char **validdests = (char **)0; - static int net_write(); - -+ static int do_transparent = 0; -+ - main(ac,av) - int ac; - char *av[]; -*************** -*** 198,206 **** ---- 200,220 ---- - char *ptr; - int state = 0; - int ssl_plug = 0; -+ char * getdsthost(); -+ int pport = 0; - - struct timeval timo; - -+ /* Transparent plug-gw is probably a bad idea, but then, plug-gw is a bad -+ * idea .. -+ */ -+ dhost = getdsthost(0, &pport); -+ if (dhost) { -+ do_transparent++; -+ portid = pport; -+ } -+ -+ - if(c->flags & PERM_DENY) { - if (p == -1) - syslog(LLEV,"deny host=%.512s/%.20s port=any",rhost,raddr); -*************** -*** 220,226 **** - syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln); - exit (1); - } -! dhost = av[x]; - continue; - } - ---- 234,241 ---- - syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln); - exit (1); - } -! if (!dhost) -! dhost = av[x]; - continue; - } - -diff -c -r ./rlogin-gw/rlogin-gw.c ../../fwtk-2.1-violated/fwtk/rlogin-gw/rlogin-gw.c -*** ./rlogin-gw/rlogin-gw.c Thu Feb 5 19:08:38 1998 ---- ../../fwtk-2.1-violated/fwtk/rlogin-gw/rlogin-gw.c Thu May 21 17:20:25 1998 -*************** -*** 103,108 **** ---- 103,111 ---- - static int trusted = 0; - static int doX = 0; - static char *prompt; -+ static int do_transparent = 0; -+ -+ char * getdsthost(); - - main(ac,av) - int ac; -*************** -*** 123,128 **** ---- 126,132 ---- - static char *tokav[56]; - int tokac; - struct timeval timo; -+ char * psychic; - - #ifndef LOG_NDELAY - openlog("rlogin-gw",LOG_PID); -*************** -*** 188,194 **** - xforwarder = cf->argv[0]; - } - -! - - if((cf = cfg_get("directory",confp)) != (Cfg *)0) { - if(cf->argc != 1) { ---- 192,203 ---- - xforwarder = cf->argv[0]; - } - -! psychic = getdsthost(0, NULL); -! if (psychic) { -! do_transparent++; -! strncpy(dest, psychic, 511); -! dest[511] = '\0'; -! } - - if((cf = cfg_get("directory",confp)) != (Cfg *)0) { - if(cf->argc != 1) { -*************** -*** 266,271 **** ---- 275,281 ---- - if((p = index(rusername,'@')) != (char *)0) { - char *namp; - -+ dest[0] = '\0'; - *p++ = '\0'; - if(*p == '\0') - p = "localhost"; -*************** -*** 297,302 **** ---- 307,326 ---- - - if(dest[0] != '\0') { - /* Setup connection directly to remote machine */ -+ if ((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { -+ if (cf->argc != 1) { -+ syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); -+ exit(1); -+ } -+ -+ if (sayfile(0, cf->argv[0])) { -+ syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]); -+ exit(1); -+ } -+ } -+ -+ /* Hey fwtk developer people -- this connect_dest thing is *nasty!* */ -+ - sprintf(buf,"connect %.1000s",dest); - tokac = enargv(buf, tokav, 56, tokbuf, sizeof(tokbuf)); - if (cmd_connect(tokac, tokav, buf) != 2) -*************** -*** 535,548 **** - char ebuf[512]; - - syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,namp); -! if(strlen(namp) > 20) -! namp[20] = '\0'; -! if(rusername[0] != '\0') -! sprintf(ebuf,"Trying %s@%s...",rusername,namp); -! else -! sprintf(ebuf,"Trying %s...",namp); -! if(say(0,ebuf)) -! return(1); - } else - syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,av[1]); - if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) { ---- 559,574 ---- - char ebuf[512]; - - syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,namp); -! if (!do_transparent) { -! if(strlen(namp) > 20) -! namp[20] = '\0'; -! if(rusername[0] != '\0') -! sprintf(ebuf,"Trying %s@%s...",rusername,namp); -! else -! sprintf(ebuf,"Trying %s...",namp); -! if(say(0,ebuf)) -! return(1); -! } - } else - syslog(LLEV,"permit host=%.512s/%.20s connect to %.512s",rhost,raddr,av[1]); - if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) { -diff -c -r ./tn-gw/tn-gw.c ../../fwtk-2.1-violated/fwtk/tn-gw/tn-gw.c -*** ./tn-gw/tn-gw.c Thu Feb 5 19:11:36 1998 ---- ../../fwtk-2.1-violated/fwtk/tn-gw/tn-gw.c Thu May 21 17:25:06 1998 -*************** -*** 91,96 **** ---- 91,100 ---- - static int cmd_xforward(); - static int cmd_timeout(); - -+ char * getdsthost(); -+ -+ static int do_transparent = 0; -+ - static int tn3270 = 1; /* don't do tn3270 stuff */ - static int doX; - -*************** -*** 144,149 **** ---- 148,155 ---- - char tokbuf[BSIZ]; - char *tokav[56]; - int tokac; -+ int port; -+ char * psychic; - - #ifndef LOG_DAEMON - openlog("tn-gw",LOG_PID); -*************** -*** 325,330 **** ---- 331,362 ---- - } - } - -+ psychic = getdsthost(0, &port); -+ if (psychic) { -+ if ((strlen(psychic) + 10) < 510) { -+ do_transparent++; -+ if (port) -+ sprintf(dest, "%s:%d", psychic, port); -+ else -+ sprintf(dest, "%s", psychic); -+ -+ if (!welcomedone) -+ if ((cf = cfg_get("welcome-msg", confp)) != (Cfg *)0) { -+ if (cf->argc != 1) { -+ syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); -+ exit(1); -+ } -+ -+ if (sayfile(0, cf->argv[0])) { -+ syslog(LLEV,"fwtksyserr: cannot display welcome %s:%m",cf->argv[0]); -+ exit(1); -+ } -+ -+ welcomedone = 1; -+ } -+ } -+ } -+ - while (argc > 1) { - argc--; - argv++; -*************** -*** 947,955 **** - char ebuf[512]; - - syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,namp); -! sprintf(ebuf,"Trying %.100s port %d...",namp,port); -! if(say(0,ebuf)) -! return(1); - } else - syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]); - ---- 979,989 ---- - char ebuf[512]; - - syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,namp); -! if (!do_transparent) { -! sprintf(ebuf,"Trying %.100s port %d...",namp,port); -! if(say(0,ebuf)) -! return(1); -! } - } else - syslog(LLEV,"permit host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]); - -*************** -*** 991,998 **** - - syslog(LLEV,"connected host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]); - strncpy(dest,av[1], 511); -! sprintf(buf, "Connected to %.512s.", dest); -! say(0, buf); - return(2); - } - ---- 1025,1034 ---- - - syslog(LLEV,"connected host=%.512s/%.20s destination=%.512s",rladdr,riaddr,av[1]); - strncpy(dest,av[1], 511); -! if (!do_transparent) { -! sprintf(buf, "Connected to %.512s.", dest); -! say(0, buf); -! } - return(2); - } - diff --git a/contrib/ipfilter/FWTK/tproxy.diff b/contrib/ipfilter/FWTK/tproxy.diff deleted file mode 100644 index 234404b..0000000 --- a/contrib/ipfilter/FWTK/tproxy.diff +++ /dev/null @@ -1,82 +0,0 @@ -*** tproxy.c.orig Fri Dec 20 10:53:24 1996 ---- tproxy.c Sun Jan 3 11:33:55 1999 -*************** -*** 135,140 **** ---- 135,144 ---- - #include <netinet/in.h> - #include <sys/signal.h> - #include <syslog.h> -+ #include <unistd.h> -+ #include <fcntl.h> -+ #include <sys/ioctl.h> -+ #include <net/if.h> - #include "tproxy.h" - - #ifdef AIX -*************** -*** 147,152 **** ---- 151,159 ---- - #define bzero(buf,size) memset(buf, '\0', size); - #endif /* SYSV */ - -+ #include "ip_compat.h" -+ #include "ip_fil.h" -+ #include "ip_nat.h" - - - /* socket to audio server */ -*************** -*** 324,329 **** ---- 331,369 ---- - char localbuf[2048]; - void timeout(); - extern int errno; -+ /* -+ * IP-Filter block -+ */ -+ struct sockaddr_in laddr, faddr; -+ struct natlookup natlookup; -+ int slen, natfd; -+ -+ bzero((char *)&laddr, sizeof(laddr)); -+ bzero((char *)&faddr, sizeof(faddr)); -+ slen = sizeof(laddr); -+ if (getsockname(0, (struct sockaddr *)&laddr, &slen) < 0) -+ return -1; -+ slen = sizeof(faddr); -+ if (getpeername(0, (struct sockaddr *)&faddr, &slen) < 0) -+ return -1; -+ natlookup.nl_inport = laddr.sin_port; -+ natlookup.nl_outport = faddr.sin_port; -+ natlookup.nl_inip = laddr.sin_addr; -+ natlookup.nl_outip = faddr.sin_addr; -+ natlookup.nl_flags = IPN_TCP; -+ if ((natfd = open(IPL_NAT, O_RDONLY)) < 0) -+ return -1; -+ if (ioctl(natfd, SIOCGNATL, &natlookup) == -1) { -+ syslog(LOG_ERR, "SIOCGNATL failed: %m\n"); -+ close(natfd); -+ return -1; -+ } -+ close(natfd); -+ strcpy(hostname, inet_ntoa(natlookup.nl_realip)); -+ serverport = ntohs(natlookup.nl_realport); -+ /* -+ * End of IP-Filter block -+ */ - - /* setup a timeout in case dialog doesn't finish */ - signal(SIGALRM, timeout); -*************** -*** 337,344 **** ---- 377,386 ---- - * and modify the call to (and subroutine) serverconnect() as - * appropriate. - */ -+ #if 0 - strcpy(hostname, "randomhostname"); - serverport = 7070; -+ #endif - /* Can we connect to the server */ - if ( (serverfd = serverconnect(hostname, serverport)) < 0 ) { - /* errno may still be set from previous call */ |