summaryrefslogtreecommitdiffstats
path: root/usr.sbin/ppp
diff options
context:
space:
mode:
authorbrian <brian@FreeBSD.org>1999-06-10 00:17:27 +0000
committerbrian <brian@FreeBSD.org>1999-06-10 00:17:27 +0000
commit49e3fb36770b709c3b12a34f6981ff0fe97daa95 (patch)
treecead15c928dab944dd0badf7f8c6508a3407f649 /usr.sbin/ppp
parent56fab642ae6e4d2b954ef2d3ec1b8397f9ecbea7 (diff)
downloadFreeBSD-src-49e3fb36770b709c3b12a34f6981ff0fe97daa95.zip
FreeBSD-src-49e3fb36770b709c3b12a34f6981ff0fe97daa95.tar.gz
Allow a remote IP and port range specification in the
``alias port'' command.
Diffstat (limited to 'usr.sbin/ppp')
-rw-r--r--usr.sbin/ppp/alias_cmd.c100
-rw-r--r--usr.sbin/ppp/nat_cmd.c100
-rw-r--r--usr.sbin/ppp/ppp.837
-rw-r--r--usr.sbin/ppp/ppp.8.m437
4 files changed, 178 insertions, 96 deletions
diff --git a/usr.sbin/ppp/alias_cmd.c b/usr.sbin/ppp/alias_cmd.c
index f823ff4..4fe2145 100644
--- a/usr.sbin/ppp/alias_cmd.c
+++ b/usr.sbin/ppp/alias_cmd.c
@@ -2,7 +2,7 @@
* The code in this file was written by Eivind Eklund <perhaps@yes.no>,
* who places it in the public domain without restriction.
*
- * $Id: alias_cmd.c,v 1.25 1999/05/12 09:48:39 brian Exp $
+ * $Id: alias_cmd.c,v 1.26 1999/06/02 15:58:51 brian Exp $
*/
#include <sys/param.h>
@@ -57,6 +57,17 @@ static int StrToPortRange(const char *, u_short *, u_short *, const char *);
static int StrToAddrAndPort(const char *, struct in_addr *, u_short *,
u_short *, const char *);
+static void
+lowhigh(u_short *a, u_short *b)
+{
+ if (a > b) {
+ u_short c;
+
+ c = *b;
+ *b = *a;
+ *a = c;
+ }
+}
int
alias_RedirectPort(struct cmdargs const *arg)
@@ -64,18 +75,17 @@ alias_RedirectPort(struct cmdargs const *arg)
if (!arg->bundle->AliasEnabled) {
prompt_Printf(arg->prompt, "Alias not enabled\n");
return 1;
- } else if (arg->argc == arg->argn + 3) {
+ } else if (arg->argc == arg->argn + 3 || arg->argc == arg->argn + 4) {
char proto_constant;
const char *proto;
- u_short hlocalport;
- u_short llocalport;
- u_short haliasport;
- u_short laliasport;
- u_short port;
- int error;
- struct in_addr local_addr;
- struct in_addr null_addr;
+ struct in_addr localaddr;
+ u_short hlocalport, llocalport;
+ struct in_addr aliasaddr;
+ u_short haliasport, laliasport;
+ struct in_addr remoteaddr;
+ u_short hremoteport, lremoteport;
struct alias_link *link;
+ int error;
proto = arg->argv[arg->argn];
if (strcmp(proto, "tcp") == 0) {
@@ -88,52 +98,71 @@ alias_RedirectPort(struct cmdargs const *arg)
return -1;
}
- error = StrToAddrAndPort(arg->argv[arg->argn+1], &local_addr, &llocalport,
+ error = StrToAddrAndPort(arg->argv[arg->argn+1], &localaddr, &llocalport,
&hlocalport, proto);
if (error) {
prompt_Printf(arg->prompt, "alias port: error reading localaddr:port\n");
return -1;
}
+
error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport,
proto);
if (error) {
prompt_Printf(arg->prompt, "alias port: error reading alias port\n");
return -1;
}
- null_addr.s_addr = INADDR_ANY;
-
- if (llocalport > hlocalport) {
- port = llocalport;
- llocalport = hlocalport;
- hlocalport = port;
+ aliasaddr.s_addr = INADDR_ANY;
+
+ if (arg->argc == arg->argn + 4) {
+ error = StrToAddrAndPort(arg->argv[arg->argn+3], &remoteaddr,
+ &lremoteport, &hremoteport, proto);
+ if (error) {
+ prompt_Printf(arg->prompt, "alias port: error reading "
+ "remoteaddr:port\n");
+ return -1;
+ }
+ } else {
+ remoteaddr.s_addr = INADDR_ANY;
+ lremoteport = hremoteport = 0;
}
- if (laliasport > haliasport) {
- port = laliasport;
- laliasport = haliasport;
- haliasport = port;
- }
+ lowhigh(&llocalport, &hlocalport);
+ lowhigh(&laliasport, &haliasport);
+ lowhigh(&lremoteport, &hremoteport);
if (haliasport - laliasport != hlocalport - llocalport) {
- prompt_Printf(arg->prompt, "alias port: Port ranges must be equal\n");
+ prompt_Printf(arg->prompt, "alias port: local & alias port ranges "
+ "are not equal\n");
return -1;
}
- for (port = laliasport; port <= haliasport; port++) {
- link = PacketAliasRedirectPort(local_addr,
- htons(llocalport + (port - laliasport)),
- null_addr, 0, null_addr, htons(port),
+ if (hremoteport && hremoteport - lremoteport != hlocalport - llocalport) {
+ prompt_Printf(arg->prompt, "alias port: local & remote port ranges "
+ "are not equal\n");
+ return -1;
+ }
+
+ while (laliasport <= haliasport) {
+ link = PacketAliasRedirectPort(localaddr, htons(llocalport),
+ remoteaddr, htons(lremoteport),
+ aliasaddr, htons(laliasport),
proto_constant);
if (link == NULL) {
- prompt_Printf(arg->prompt, "alias port: %d: error %d\n", port, error);
+ prompt_Printf(arg->prompt, "alias port: %d: error %d\n", laliasport,
+ error);
return 1;
}
+ llocalport++;
+ laliasport++;
+ if (hremoteport)
+ lremoteport++;
}
- } else
- return -1;
- return 0;
+ return 0;
+ }
+
+ return -1;
}
@@ -145,23 +174,22 @@ alias_RedirectAddr(struct cmdargs const *arg)
return 1;
} else if (arg->argc == arg->argn+2) {
int error;
- struct in_addr local_addr;
- struct in_addr alias_addr;
+ struct in_addr localaddr, aliasaddr;
struct alias_link *link;
- error = StrToAddr(arg->argv[arg->argn], &local_addr);
+ error = StrToAddr(arg->argv[arg->argn], &localaddr);
if (error) {
prompt_Printf(arg->prompt, "address redirect: invalid local address\n");
return 1;
}
- error = StrToAddr(arg->argv[arg->argn+1], &alias_addr);
+ error = StrToAddr(arg->argv[arg->argn+1], &aliasaddr);
if (error) {
prompt_Printf(arg->prompt, "address redirect: invalid alias address\n");
prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name,
arg->cmd->syntax);
return 1;
}
- link = PacketAliasRedirectAddr(local_addr, alias_addr);
+ link = PacketAliasRedirectAddr(localaddr, aliasaddr);
if (link == NULL) {
prompt_Printf(arg->prompt, "address redirect: packet aliasing"
" engine error\n");
diff --git a/usr.sbin/ppp/nat_cmd.c b/usr.sbin/ppp/nat_cmd.c
index f823ff4..4fe2145 100644
--- a/usr.sbin/ppp/nat_cmd.c
+++ b/usr.sbin/ppp/nat_cmd.c
@@ -2,7 +2,7 @@
* The code in this file was written by Eivind Eklund <perhaps@yes.no>,
* who places it in the public domain without restriction.
*
- * $Id: alias_cmd.c,v 1.25 1999/05/12 09:48:39 brian Exp $
+ * $Id: alias_cmd.c,v 1.26 1999/06/02 15:58:51 brian Exp $
*/
#include <sys/param.h>
@@ -57,6 +57,17 @@ static int StrToPortRange(const char *, u_short *, u_short *, const char *);
static int StrToAddrAndPort(const char *, struct in_addr *, u_short *,
u_short *, const char *);
+static void
+lowhigh(u_short *a, u_short *b)
+{
+ if (a > b) {
+ u_short c;
+
+ c = *b;
+ *b = *a;
+ *a = c;
+ }
+}
int
alias_RedirectPort(struct cmdargs const *arg)
@@ -64,18 +75,17 @@ alias_RedirectPort(struct cmdargs const *arg)
if (!arg->bundle->AliasEnabled) {
prompt_Printf(arg->prompt, "Alias not enabled\n");
return 1;
- } else if (arg->argc == arg->argn + 3) {
+ } else if (arg->argc == arg->argn + 3 || arg->argc == arg->argn + 4) {
char proto_constant;
const char *proto;
- u_short hlocalport;
- u_short llocalport;
- u_short haliasport;
- u_short laliasport;
- u_short port;
- int error;
- struct in_addr local_addr;
- struct in_addr null_addr;
+ struct in_addr localaddr;
+ u_short hlocalport, llocalport;
+ struct in_addr aliasaddr;
+ u_short haliasport, laliasport;
+ struct in_addr remoteaddr;
+ u_short hremoteport, lremoteport;
struct alias_link *link;
+ int error;
proto = arg->argv[arg->argn];
if (strcmp(proto, "tcp") == 0) {
@@ -88,52 +98,71 @@ alias_RedirectPort(struct cmdargs const *arg)
return -1;
}
- error = StrToAddrAndPort(arg->argv[arg->argn+1], &local_addr, &llocalport,
+ error = StrToAddrAndPort(arg->argv[arg->argn+1], &localaddr, &llocalport,
&hlocalport, proto);
if (error) {
prompt_Printf(arg->prompt, "alias port: error reading localaddr:port\n");
return -1;
}
+
error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport,
proto);
if (error) {
prompt_Printf(arg->prompt, "alias port: error reading alias port\n");
return -1;
}
- null_addr.s_addr = INADDR_ANY;
-
- if (llocalport > hlocalport) {
- port = llocalport;
- llocalport = hlocalport;
- hlocalport = port;
+ aliasaddr.s_addr = INADDR_ANY;
+
+ if (arg->argc == arg->argn + 4) {
+ error = StrToAddrAndPort(arg->argv[arg->argn+3], &remoteaddr,
+ &lremoteport, &hremoteport, proto);
+ if (error) {
+ prompt_Printf(arg->prompt, "alias port: error reading "
+ "remoteaddr:port\n");
+ return -1;
+ }
+ } else {
+ remoteaddr.s_addr = INADDR_ANY;
+ lremoteport = hremoteport = 0;
}
- if (laliasport > haliasport) {
- port = laliasport;
- laliasport = haliasport;
- haliasport = port;
- }
+ lowhigh(&llocalport, &hlocalport);
+ lowhigh(&laliasport, &haliasport);
+ lowhigh(&lremoteport, &hremoteport);
if (haliasport - laliasport != hlocalport - llocalport) {
- prompt_Printf(arg->prompt, "alias port: Port ranges must be equal\n");
+ prompt_Printf(arg->prompt, "alias port: local & alias port ranges "
+ "are not equal\n");
return -1;
}
- for (port = laliasport; port <= haliasport; port++) {
- link = PacketAliasRedirectPort(local_addr,
- htons(llocalport + (port - laliasport)),
- null_addr, 0, null_addr, htons(port),
+ if (hremoteport && hremoteport - lremoteport != hlocalport - llocalport) {
+ prompt_Printf(arg->prompt, "alias port: local & remote port ranges "
+ "are not equal\n");
+ return -1;
+ }
+
+ while (laliasport <= haliasport) {
+ link = PacketAliasRedirectPort(localaddr, htons(llocalport),
+ remoteaddr, htons(lremoteport),
+ aliasaddr, htons(laliasport),
proto_constant);
if (link == NULL) {
- prompt_Printf(arg->prompt, "alias port: %d: error %d\n", port, error);
+ prompt_Printf(arg->prompt, "alias port: %d: error %d\n", laliasport,
+ error);
return 1;
}
+ llocalport++;
+ laliasport++;
+ if (hremoteport)
+ lremoteport++;
}
- } else
- return -1;
- return 0;
+ return 0;
+ }
+
+ return -1;
}
@@ -145,23 +174,22 @@ alias_RedirectAddr(struct cmdargs const *arg)
return 1;
} else if (arg->argc == arg->argn+2) {
int error;
- struct in_addr local_addr;
- struct in_addr alias_addr;
+ struct in_addr localaddr, aliasaddr;
struct alias_link *link;
- error = StrToAddr(arg->argv[arg->argn], &local_addr);
+ error = StrToAddr(arg->argv[arg->argn], &localaddr);
if (error) {
prompt_Printf(arg->prompt, "address redirect: invalid local address\n");
return 1;
}
- error = StrToAddr(arg->argv[arg->argn+1], &alias_addr);
+ error = StrToAddr(arg->argv[arg->argn+1], &aliasaddr);
if (error) {
prompt_Printf(arg->prompt, "address redirect: invalid alias address\n");
prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name,
arg->cmd->syntax);
return 1;
}
- link = PacketAliasRedirectAddr(local_addr, alias_addr);
+ link = PacketAliasRedirectAddr(localaddr, aliasaddr);
if (link == NULL) {
prompt_Printf(arg->prompt, "address redirect: packet aliasing"
" engine error\n");
diff --git a/usr.sbin/ppp/ppp.8 b/usr.sbin/ppp/ppp.8
index 5d86255..40aa8a6 100644
--- a/usr.sbin/ppp/ppp.8
+++ b/usr.sbin/ppp/ppp.8
@@ -1,4 +1,4 @@
-.\" $Id: ppp.8,v 1.172 1999/06/08 11:57:59 brian Exp $
+.\" $Id: ppp.8,v 1.173 1999/06/09 16:54:04 brian Exp $
.Dd 20 September 1995
.nr XX \w'\fC00'
.Os FreeBSD
@@ -2824,23 +2824,27 @@ This option causes various aliasing statistics and information to
be logged to the file
.Pa /var/log/alias.log .
.It alias port Ar proto Ar targetIP Ns Xo
-.No : Ns Ar port Ns
+.No : Ns Ar targetPort Ns
.Oo
-.No - Ns Ar port
-.Oc Ar aliasport Ns
+.No - Ns Ar targetPort
+.Oc Ar aliasPort Ns
.Oo
-.No - Ns Ar aliasport Ns
-.Oc
+.No - Ns Ar aliasPort
+.Oc Oo Ar remoteIP : Ns
+.Ar remotePort Ns
+.Oo
+.No - Ns Ar remotePort
+.Oc Oc
.Xc
This command causes incoming
.Ar proto
-connections to port
-.Ar aliasport
-to be redirected to port
-.Ar port
+connections to
+.Ar aliasPort
+to be redirected to
+.Ar targetPort
on
.Ar targetIP .
-.Ar Proto
+.Ar proto
is either
.Dq tcp
or
@@ -2849,9 +2853,18 @@ or
A range of port numbers may be specified as shown above. The ranges
must be of the same size.
.Pp
+If
+.Ar remoteIP
+is specified, only data comming from that IP number is redirected.
+.Ar remotePort
+must either be
+.Dq 0
+.Pq indicating any source port
+or a range of ports the same size as the other ranges.
+.Pp
This option is useful if you wish to run things like Internet phone on
machines behind your gateway, but is limited in that connections to only
-one interior machine per port are possible.
+one interior machine per souce machine and target port are possible.
.It alias pptp Op Ar addr
This tells
.Nm
diff --git a/usr.sbin/ppp/ppp.8.m4 b/usr.sbin/ppp/ppp.8.m4
index 5d86255..40aa8a6 100644
--- a/usr.sbin/ppp/ppp.8.m4
+++ b/usr.sbin/ppp/ppp.8.m4
@@ -1,4 +1,4 @@
-.\" $Id: ppp.8,v 1.172 1999/06/08 11:57:59 brian Exp $
+.\" $Id: ppp.8,v 1.173 1999/06/09 16:54:04 brian Exp $
.Dd 20 September 1995
.nr XX \w'\fC00'
.Os FreeBSD
@@ -2824,23 +2824,27 @@ This option causes various aliasing statistics and information to
be logged to the file
.Pa /var/log/alias.log .
.It alias port Ar proto Ar targetIP Ns Xo
-.No : Ns Ar port Ns
+.No : Ns Ar targetPort Ns
.Oo
-.No - Ns Ar port
-.Oc Ar aliasport Ns
+.No - Ns Ar targetPort
+.Oc Ar aliasPort Ns
.Oo
-.No - Ns Ar aliasport Ns
-.Oc
+.No - Ns Ar aliasPort
+.Oc Oo Ar remoteIP : Ns
+.Ar remotePort Ns
+.Oo
+.No - Ns Ar remotePort
+.Oc Oc
.Xc
This command causes incoming
.Ar proto
-connections to port
-.Ar aliasport
-to be redirected to port
-.Ar port
+connections to
+.Ar aliasPort
+to be redirected to
+.Ar targetPort
on
.Ar targetIP .
-.Ar Proto
+.Ar proto
is either
.Dq tcp
or
@@ -2849,9 +2853,18 @@ or
A range of port numbers may be specified as shown above. The ranges
must be of the same size.
.Pp
+If
+.Ar remoteIP
+is specified, only data comming from that IP number is redirected.
+.Ar remotePort
+must either be
+.Dq 0
+.Pq indicating any source port
+or a range of ports the same size as the other ranges.
+.Pp
This option is useful if you wish to run things like Internet phone on
machines behind your gateway, but is limited in that connections to only
-one interior machine per port are possible.
+one interior machine per souce machine and target port are possible.
.It alias pptp Op Ar addr
This tells
.Nm
OpenPOWER on IntegriCloud