diff options
Diffstat (limited to 'contrib/ipfilter/FWTK/fwtk_transparent.diff')
| -rw-r--r-- | contrib/ipfilter/FWTK/fwtk_transparent.diff | 1025 |
1 files changed, 0 insertions, 1025 deletions
diff --git a/contrib/ipfilter/FWTK/fwtk_transparent.diff b/contrib/ipfilter/FWTK/fwtk_transparent.diff deleted file mode 100644 index a6c21fa..0000000 --- a/contrib/ipfilter/FWTK/fwtk_transparent.diff +++ /dev/null @@ -1,1025 +0,0 @@ -diff -cr ../TIS.orig/fwtk/Makefile.config.linux fwtk/Makefile.config.linux -*** ../TIS.orig/fwtk/Makefile.config.linux Sat Sep 7 05:58:21 1996 ---- fwtk/Makefile.config.linux Sun Feb 2 05:48:01 1997 -*************** -*** 13,19 **** - - - # Your C compiler (eg, "cc" or "gcc") -! CC= cc - - - # program to use for installation -- this may or may not preserve ---- 13,19 ---- - - - # Your C compiler (eg, "cc" or "gcc") -! CC= gcc - - - # program to use for installation -- this may or may not preserve -*************** -*** 24,37 **** - - # Defines for your operating system - # -! DEFINES=-DLINUX - #DEFINES=-DSYSV -DSOLARIS - - # Options for your compiler (eg, "-g" for debugging, "-O" for - # optimizing, or "-g -O" for both under GCC) - #COPT= -g -traditional $(DEFINES) -! COPT= -g $(DEFINES) -! #COPT= -O $(DEFINES) - - # Version of "make" you want to use - #MAKE= gnumake ---- 24,37 ---- - - # Defines for your operating system - # -! DEFINES=-DLINUX -DUSE_IP_FILTER - #DEFINES=-DSYSV -DSOLARIS - - # Options for your compiler (eg, "-g" for debugging, "-O" for - # optimizing, or "-g -O" for both under GCC) - #COPT= -g -traditional $(DEFINES) -! #COPT= -g $(DEFINES) -! COPT= -O $(DEFINES) - - # Version of "make" you want to use - #MAKE= gnumake -*************** -*** 44,50 **** - - - # Destination directory for installation of binaries -! DEST= /usr/local/etc - - - # Destination directory for installation of man pages ---- 44,50 ---- - - - # Destination directory for installation of binaries -! DEST= /usr/local/sbin - - - # Destination directory for installation of man pages -*************** -*** 72,78 **** - # or -Bstatic for static binaries under SunOS 4.1.x) - #LDFL= -Bstatic - #LDFL= -! LDFL= -g - - - # Location of the fwtk sources [For #include by any external tools needing it] ---- 72,79 ---- - # or -Bstatic for static binaries under SunOS 4.1.x) - #LDFL= -Bstatic - #LDFL= -! #LDFL= -g -! LDFL= -O - - - # Location of the fwtk sources [For #include by any external tools needing it] -*************** -*** 81,87 **** - - - # Location of X libraries for X-gw -! XLIBDIR=/usr/X11/lib - #XLIBDIR=/usr/local/X11R5/lib - - # X Libraries ---- 82,88 ---- - - - # Location of X libraries for X-gw -! XLIBDIR=/usr/X11R6/lib - #XLIBDIR=/usr/local/X11R5/lib - - # X Libraries -*************** -*** 96,102 **** - #XLIBS = -L$(XLIBDIR) -lXaw -lXmu -lXt -lXext -lX11 - - # Location of X include files -! XINCLUDE=/usr/X11/include - #XINCLUDE=/usr/local/X11R5/include - - # Objects to include in libfwall for SYSV ---- 97,103 ---- - #XLIBS = -L$(XLIBDIR) -lXaw -lXmu -lXt -lXext -lX11 - - # Location of X include files -! XINCLUDE=/usr/X11R6/include - #XINCLUDE=/usr/local/X11R5/include - - # Objects to include in libfwall for SYSV -diff -cr ../TIS.orig/fwtk/Makefile.config.solaris fwtk/Makefile.config.solaris -*** ../TIS.orig/fwtk/Makefile.config.solaris Sat Sep 7 06:14:13 1996 ---- fwtk/Makefile.config.solaris Sun Feb 2 06:09:19 1997 -*************** -*** 11,30 **** - # - # RcsId: "$Header: /devel/CVS/IP-Filter/FWTK/fwtk_transparent.diff,v 2.2 2001/02/28 09:36:06 darrenr Exp $" - - - # Your C compiler (eg, "cc" or "gcc") -! CC= cc - - - # program to use for installation -- this may or may not preserve - # old versions (or whatever). assumes that it takes parameters: - # copy source dest -! CP= cp - - - # Defines for your operating system - # -! DEFINES=-DSYSV -DSOLARIS - - #DEFINES=-DSYSV -DSOLARIS -Dgethostbyname=res_gethostbyname \ - -Dgethostbyaddr=res_gethostbyaddr -Dgetnetbyname=res_getnetbyname \ ---- 11,34 ---- - # - # RcsId: "$Header: /devel/CVS/IP-Filter/FWTK/fwtk_transparent.diff,v 2.2 2001/02/28 09:36:06 darrenr Exp $" - -+ # -+ # Path to sources of ip_filter (ip_nat.h required in lib/hnam.c) -+ # -+ IPFPATH=/src/unpacked/firewall/ip_fil3.1.5 - - # Your C compiler (eg, "cc" or "gcc") -! CC= gcc - - - # program to use for installation -- this may or may not preserve - # old versions (or whatever). assumes that it takes parameters: - # copy source dest -! CP= /usr/ucb/install -c -s - - - # Defines for your operating system - # -! DEFINES=-DSYSV -DSOLARIS -DUSE_IP_FILTER -I$(IPFPATH) - - #DEFINES=-DSYSV -DSOLARIS -Dgethostbyname=res_gethostbyname \ - -Dgethostbyaddr=res_gethostbyaddr -Dgetnetbyname=res_getnetbyname \ -*************** -*** 45,52 **** - - - # Your ranlib utility (use "touch" if you don't have ranlib) -! RANLIB= ranlib -! #RANLIB= touch - - - # Destination directory for installation of binaries ---- 49,56 ---- - - - # Your ranlib utility (use "touch" if you don't have ranlib) -! # RANLIB= ranlib -! RANLIB= touch - - - # Destination directory for installation of binaries -diff -cr ../TIS.orig/fwtk/firewall.h fwtk/firewall.h -*** ../TIS.orig/fwtk/firewall.h Sun Sep 8 05:55:26 1996 ---- fwtk/firewall.h Sun Feb 2 05:23:33 1997 -*************** -*** 47,53 **** - system. - */ - #ifndef PERMFILE -! #define PERMFILE "/usr/local/etc/netperm-table" - #endif - - /* ---- 47,53 ---- - system. - */ - #ifndef PERMFILE -! #define PERMFILE "/etc/fwtk/netperm-table" - #endif - - /* -*************** -*** 67,73 **** - - /* Choose a system logging facility for the firewall toolkit. */ - #ifndef LFAC -! #define LFAC LOG_DAEMON - #endif - - ---- 67,73 ---- - - /* Choose a system logging facility for the firewall toolkit. */ - #ifndef LFAC -! #define LFAC LOG_LOCAL5 - #endif - - -*************** -*** 215,220 **** - #define PERM_ALLOW 01 - #define PERM_DENY 02 - -! - #define _INCL_FWALL_H - #endif ---- 215,222 ---- - #define PERM_ALLOW 01 - #define PERM_DENY 02 - -! #ifdef USE_IP_FILTER -! extern char *getdsthost(int, int*); -! #endif - #define _INCL_FWALL_H - #endif -diff -cr ../TIS.orig/fwtk/ftp-gw/ftp-gw.c fwtk/ftp-gw/ftp-gw.c -*** ../TIS.orig/fwtk/ftp-gw/ftp-gw.c Fri Sep 6 18:55:05 1996 ---- fwtk/ftp-gw/ftp-gw.c Sat Feb 1 06:49:13 1997 -*************** -*** 50,55 **** ---- 50,59 ---- - #ifndef FTPPORT - #define FTPPORT 21 - #endif -+ #ifdef USE_IP_FILTER -+ static int do_transparent=0; -+ static int connectdest(); -+ #endif - - static Cfg *confp; - static char **validests = (char **)0; -*************** -*** 170,175 **** ---- 174,182 ---- - char xuf[1024]; - char huf[128]; - char *passuser = (char *)0; /* passed user as av */ -+ #ifdef USE_IP_FILTER -+ char *psychic, *hotline; -+ #endif - - #ifndef LOG_DAEMON - openlog("ftp-gw",LOG_PID); -*************** -*** 313,320 **** - } - } else - timeout = 60*60; - -- - /* display a welcome file or message */ - if(passuser == (char *)0) { - if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { ---- 320,330 ---- - } - } else - timeout = 60*60; -+ #ifdef USE_IP_FILTER -+ psychic=getdsthost(0,NULL); -+ if(psychic) { do_transparent++; } -+ #endif - - /* display a welcome file or message */ - if(passuser == (char *)0) { - if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { -*************** -*** 322,327 **** ---- 332,345 ---- - syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); - exit(1); - } -+ #ifdef USE_IP_FILTER -+ if(do_transparent) { -+ if(sayfile2(0,cf->argv[0],220)) { -+ syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]); -+ exit(1); -+ } -+ } else -+ #endif /* USE_IP_FILTER */ - if(sayfile(0,cf->argv[0],220)) { - syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]); - exit(1); -*************** -*** 332,338 **** - if(authallflg) - if(say(0,"220-Proxy first requires authentication")) - exit(1); -! sprintf(xuf,"220 %s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); - if(say(0,xuf)) - exit(1); - } ---- 350,361 ---- - if(authallflg) - if(say(0,"220-Proxy first requires authentication")) - exit(1); -! #ifdef USE_IP_FILTER -! if(do_transparent) -! sprintf(xuf,"220-%s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); -! else -! #endif -! sprintf(xuf,"220 %s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); - if(say(0,xuf)) - exit(1); - } -*************** -*** 352,358 **** - if(cmd_user(2,fakav,"user internal")) - exit(1); - } -! - /* main loop */ - while(1) { - FD_ZERO(&rdy); ---- 375,386 ---- - if(cmd_user(2,fakav,"user internal")) - exit(1); - } -! #ifdef USE_IP_FILTER -! if(do_transparent) { -! connectdest(psychic,21); -! } -! #endif -! - /* main loop */ - while(1) { - FD_ZERO(&rdy); -*************** -*** 676,681 **** ---- 704,719 ---- - return(sayn(0,noad,sizeof(noad)-1)); - } - -+ #ifdef USE_IP_FILTER -+ if(do_transparent) { -+ if((rfd==(-1)) && (x=connectdest(dest,port))) return x; -+ sprintf(buf,"USER %s",user); -+ if(say(rfd,buf)) return(1); -+ x=getresp(rfd,buf,sizeof(buf),1); -+ if(sendsaved(0,x)) return(1); -+ return(say(0,buf)); -+ } -+ #endif - if(*dest == '\0') - dest = "localhost"; - -*************** -*** 717,723 **** - char ebuf[512]; - - strcpy(ebuf,buf); -! sprintf(buf,"521 %s: %s",dest,ebuf); - rfd = -1; - return(say(0,buf)); - } ---- 755,766 ---- - char ebuf[512]; - - strcpy(ebuf,buf); -! #ifdef USE_IP_FILTER -! if(do_transparent) { -! sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf); -! } else -! #endif -! sprintf(buf,"521 %s: %s",dest,ebuf); - rfd = -1; - return(say(0,buf)); - } -*************** -*** 1874,1876 **** ---- 1917,2036 ---- - dup(nread); - } - #endif -+ -+ #ifdef USE_IP_FILTER -+ static int connectdest(dest, port) -+ char *dest; -+ short port; -+ { -+ char buf[1024], mbuf[512]; -+ int msg_int, x; -+ -+ if(*dest == '\0') -+ dest = "localhost"; -+ -+ if(validests != (char **)0) { -+ char **xp; -+ int x; -+ -+ for(xp = validests; *xp != (char *)0; xp++) { -+ if(**xp == '!' && hostmatch(*xp + 1,dest)) { -+ return(baddest(0,dest)); -+ } else { -+ if(hostmatch(*xp,dest)) -+ break; -+ } -+ } -+ if(*xp == (char *)0) -+ return(baddest(0,dest)); -+ } -+ -+ /* Extended permissions processing goes in here for destination */ -+ if(extendperm) { -+ msg_int = auth_perm(confp, authuser, "ftp-gw", dest,(char *)0); -+ if(msg_int == 1) { -+ sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest); -+ syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser); -+ say(0,mbuf); -+ return(1); -+ } else { -+ if(msg_int == -1) { -+ sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest); -+ say(0,mbuf); -+ return(1); -+ } -+ } -+ } -+ -+ syslog(LLEV,"permit host=%s/%s connect to %s",rladdr,riaddr,dest); -+ -+ if((rfd = conn_server(dest,port,0,buf)) < 0) { -+ char ebuf[512]; -+ -+ strcpy(ebuf,buf); -+ sprintf(buf,"521 %s: %s",dest,ebuf); -+ rfd = -1; -+ return(say(0,buf)); -+ } -+ if(!do_transparent) { -+ sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); -+ saveline(buf); -+ } -+ -+ /* we are now connected and need to try the autologin thing */ -+ x = getresp(rfd,buf,sizeof(buf),1); -+ if(x / 100 != COMPLETE) { -+ sendsaved(0,-1); -+ return(say(0,buf)); -+ } -+ saveline(buf); -+ -+ sendsaved(0,-1); -+ return 0; -+ } -+ -+ -+ /* ok, so i'm in a hurry. english paper due RSN. */ -+ sayfile2(fd,fn,code) -+ int fd; -+ char *fn; -+ int code; -+ { -+ FILE *f; -+ char buf[BUFSIZ]; -+ char yuf[BUFSIZ]; -+ char *c; -+ int x; -+ int saidsomething = 0; -+ -+ if((f = fopen(fn,"r")) == (FILE *)0) -+ return(1); -+ while(fgets(buf,sizeof(buf),f) != (char *)0) { -+ if((c = index(buf,'\n')) != (char *)0) -+ *c = '\0'; -+ x = fgetc(f); -+ if(feof(f)) -+ sprintf(yuf,"%3.3d-%s",code,buf); -+ else { -+ sprintf(yuf,"%3.3d-%s",code,buf); -+ ungetc(x,f); -+ } -+ if(say(fd,yuf)) { -+ fclose(f); -+ return(1); -+ } -+ saidsomething++; -+ } -+ fclose(f); -+ if (!saidsomething) { -+ syslog(LLEV,"fwtkcfgerr: sayfile for %d is empty",code); -+ sprintf(yuf, "%3.3d The file to display is empty",code); -+ if(say(fd,yuf)) { -+ fclose(f); -+ return(1); -+ } -+ } -+ return(0); -+ } -+ -+ #endif /* USE_IP_FILTER */ -diff -cr ../TIS.orig/fwtk/http-gw/http-gw.c fwtk/http-gw/http-gw.c -*** ../TIS.orig/fwtk/http-gw/http-gw.c Mon Sep 9 20:40:53 1996 ---- fwtk/http-gw/http-gw.c Sun Feb 2 06:41:18 1997 -*************** -*** 27,32 **** ---- 27,35 ---- - static char http_buffer[8192]; - static char reason[8192]; - static int checkBrowserType = 1; -+ #ifdef USE_IP_FILTER -+ static int do_transparent=0; -+ #endif - - static void do_logging() - { char *proto = "GOPHER"; -*************** -*** 422,427 **** ---- 425,441 ---- - /*(NOT A SPECIAL FORM)*/ - - if((rem_type & TYPE_LOCAL)== 0){ -+ #ifdef USE_IP_FILTER -+ char *psychic=getdsthost(sockfd,&def_port); -+ if(psychic) { -+ if(strlen(psychic)<=MAXHOSTNAMELEN) { -+ do_transparent++; -+ strncpy(def_httpd,psychic,strlen(psychic)); -+ strncpy(def_server,psychic,strlen(psychic)); -+ } -+ } -+ -+ #endif /* USE_IP_FILTER */ - /* See if it can be forwarded */ - - if( can_forward(buf)){ -*************** -*** 1513,1518 **** ---- 1527,1537 ---- - parse_vec[0], - parse_vec[1], - ourname, ourport); -+ } -+ #ifdef USE_IP_FILTER -+ else if(do_transparent) { -+ sprintf(new_reply,"%s\t%s\t%s\t%s",parse_vec[0],parse_vec[1],parse_vec[2],parse_vec[3]); -+ #endif /* USE_IP_FILTER */ - }else{ - sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u", - parse_vec[0], parse_vec[2], -diff -cr ../TIS.orig/fwtk/lib/hnam.c fwtk/lib/hnam.c -*** ../TIS.orig/fwtk/lib/hnam.c Sat Nov 5 00:30:19 1994 ---- fwtk/lib/hnam.c Sat Feb 1 08:17:46 1997 -*************** -*** 20,25 **** ---- 20,37 ---- - - extern char *inet_ntoa(); - -+ #if defined(USE_IP_FILTER) -+ #include <net/if.h> -+ #ifndef LINUX -+ #include "ip_nat.h" -+ #endif -+ #if defined(SOLARIS) -+ #include <sys/stat.h> -+ #include <fcntl.h> -+ #include <unistd.h> -+ #include <sys/ioccom.h> -+ #endif -+ #endif /* IP_FILTER */ - - #include "firewall.h" - -*************** -*** 45,47 **** ---- 57,158 ---- - bcopy(hp->h_addr,&sin.sin_addr,hp->h_length); - return(inet_ntoa(sin.sin_addr)); - } -+ -+ -+ -+ #ifdef USE_IP_FILTER -+ char *getdsthost(fd, ptr) -+ int fd; -+ int *ptr; -+ { -+ struct sockaddr_in sin; -+ struct hostent *hp; -+ int sl=sizeof(struct sockaddr_in), err=0, local_h=0, i=0; -+ static char buf[255], hostbuf[255]; -+ #if defined(__FreeBSD__) || defined(SOLARIS) -+ struct sockaddr_in rsin; -+ struct natlookup natlookup; -+ int natfd; -+ #endif -+ -+ #ifdef linux -+ /* This should also work for UDP. Unfortunately, it doesn't. -+ Maybe when the Linux UDP proxy code gets a little cleaner. -+ */ -+ if(!(err=getsockname(0,&sin,&sl))) { -+ if(ptr) *ptr=ntohs(sin.sin_port); -+ sprintf(buf,"%s",inet_ntoa(sin.sin_addr)); -+ gethostname(hostbuf,254); -+ hp=gethostbyname(hostbuf); -+ while(hp->h_addr_list[i]) { -+ bzero(&sin,&sl); -+ memcpy(&sin.sin_addr,hp->h_addr_list[i++],sizeof(hp->h_addr_list[i++])); -+ if(!strcmp(buf,inet_ntoa(sin.sin_addr))) local_h++; -+ } -+ if(local_h) { /* syslog(LLEV,"DEBUG: hnam.c: non-transparent."); */ return(NULL); } -+ else { return(buf); } -+ } -+ #endif -+ -+ #if defined(__FreeBSD__) -+ /* The basis for this block of code is Darren Reed's -+ patches to the TIS ftwk's ftp-gw. -+ */ -+ bzero((char*)&sin,sizeof(sin)); -+ bzero((char*)&rsin,sizeof(rsin)); -+ if(getsockname(fd,(struct sockaddr*)&sin,&sl)<0) { -+ return NULL; -+ } -+ sl=sizeof(rsin); -+ if(getpeername(fd,(struct sockaddr*)&rsin,&sl)<0) { -+ return NULL; -+ } -+ natlookup.nl_inport=sin.sin_port; -+ natlookup.nl_outport=rsin.sin_port; -+ natlookup.nl_inip=sin.sin_addr; -+ natlookup.nl_outip=rsin.sin_addr; -+ if((natfd=open("/dev/ipnat",O_RDONLY))<0) { -+ return(NULL); -+ } -+ if(ioctl(natfd,SIOCGNATL,&natlookup)==(-1)) { -+ return(NULL); -+ } -+ close(natfd); -+ if(ptr) *ptr=ntohs(natlookup.nl_realport); -+ sprintf(buf,"%s",inet_ntoa(natlookup.nl_realip)); -+ #endif -+ -+ #if defined(SOLARIS) /* for Solaris */ -+ /* The basis for this block of code is Darren Reed's -+ * patches to the TIS ftwk's ftp-gw. -+ * modified for Solaris from Michael Kutzner, Michael.Kutzner@paderlinx.de -+ */ -+ memset((char*)&sin, 0, sizeof(sin)); -+ memset((char*)&rsin, 0, sizeof(rsin)); -+ -+ if(getsockname(fd,(struct sockaddr*)&sin,&sl)<0) { -+ return NULL; -+ } -+ sl=sizeof(rsin); -+ if(getpeername(fd,(struct sockaddr*)&rsin,&sl)<0) { -+ return NULL; -+ } -+ natlookup.nl_inport=sin.sin_port; -+ natlookup.nl_outport=rsin.sin_port; -+ natlookup.nl_inip=sin.sin_addr; -+ natlookup.nl_outip=rsin.sin_addr; -+ if( (natfd=open(IPL_NAT,O_RDONLY)) < 0) { -+ return(NULL); -+ } -+ if(ioctl(natfd, SIOCGNATL, &natlookup) == -1) { -+ return(NULL); -+ } -+ close(natfd); -+ if(ptr) *ptr=ntohs(natlookup.nl_realport); -+ sprintf(buf,"%s",inet_ntoa(natlookup.nl_realip)); -+ #endif -+ -+ /* No transparent proxy support */ -+ return(NULL); -+ } -+ #endif /* USE_IP_FILTER */ -diff -cr ../TIS.orig/fwtk/plug-gw/plug-gw.c fwtk/plug-gw/plug-gw.c -*** ../TIS.orig/fwtk/plug-gw/plug-gw.c Thu Sep 5 21:36:33 1996 ---- fwtk/plug-gw/plug-gw.c Sun Feb 2 04:50:40 1997 -*************** -*** 38,44 **** - static int timeout = PROXY_TIMEOUT; - static char **validdests = (char **)0; - static Cfg *confp; -! - main(ac,av) - int ac; - char *av[]; ---- 38,46 ---- - static int timeout = PROXY_TIMEOUT; - static char **validdests = (char **)0; - static Cfg *confp; -! #ifdef USE_IP_FILTER -! static int do_transparent=0; -! #endif - main(ac,av) - int ac; - char *av[]; -*************** -*** 189,201 **** - static char buf[1024 * 4]; - void (*op)(); - char *dhost = NULL; - char hostport[1024 * 4]; - char *ptr; - int state = 0; - int ssl_plug = 0; -! - struct timeval timo; - - if(c->flags & PERM_DENY) { - if (p == -1) - syslog(LLEV,"deny host=%s/%s port=any",rhost,raddr); ---- 191,215 ---- - static char buf[1024 * 4]; - void (*op)(); - char *dhost = NULL; -+ char *transhost = NULL; - char hostport[1024 * 4]; - char *ptr; - int state = 0; - int ssl_plug = 0; -! #ifdef USE_IP_FILTER -! int pport; -! #endif - struct timeval timo; - -+ #ifdef USE_IP_FILTER -+ /* Transparent plug-gw is probably a bad idea, but hey .. */ -+ transhost=getdsthost(0,&pport); -+ if(transhost) { -+ do_transparent++; -+ portid=pport; -+ } -+ #endif -+ - if(c->flags & PERM_DENY) { - if (p == -1) - syslog(LLEV,"deny host=%s/%s port=any",rhost,raddr); -*************** -*** 223,229 **** - privport = 1; - continue; - } -! - if (!strcmp(av[x], "-port")) { - if (++x >= ac) { - syslog(LLEV,"fwtkcfgerr: -port takes an argument, line %d",c->ln); ---- 237,248 ---- - privport = 1; - continue; - } -! #ifdef USE_IP_FILTER -! if (!strcmp(av[x],"-all-destinations")) { -! dhost = transhost; -! continue; -! } -! #endif - if (!strcmp(av[x], "-port")) { - if (++x >= ac) { - syslog(LLEV,"fwtkcfgerr: -port takes an argument, line %d",c->ln); -diff -cr ../TIS.orig/fwtk/rlogin-gw/rlogin-gw.c fwtk/rlogin-gw/rlogin-gw.c -*** ../TIS.orig/fwtk/rlogin-gw/rlogin-gw.c Fri Sep 6 18:56:33 1996 ---- fwtk/rlogin-gw/rlogin-gw.c Sun Feb 2 06:26:04 1997 -*************** -*** 40,46 **** - - extern char *maphostname(); - -! - static int cmd_quit(); - static int cmd_help(); - static int cmd_connect(); ---- 40,48 ---- - - extern char *maphostname(); - -! #ifdef USE_IP_FILTER -! static int do_transparent=0; -! #endif - static int cmd_quit(); - static int cmd_help(); - static int cmd_connect(); -*************** -*** 120,125 **** ---- 122,130 ---- - static char *tokav[56]; - int tokac; - struct timeval timo; -+ #ifdef USE_IP_FILTER -+ char *psychic; -+ #endif - - #ifndef LOG_NDELAY - openlog("rlogin-gw",LOG_PID); -*************** -*** 186,192 **** - } - - -! - if((cf = cfg_get("directory",confp)) != (Cfg *)0) { - if(cf->argc != 1) { - syslog(LLEV,"fwtkcfgerr: chroot must have one parameter, line %d",cf->ln); ---- 191,204 ---- - } - - -! #ifdef USE_IP_FILTER -! psychic=getdsthost(0,NULL); -! if(psychic) { -! do_transparent++; -! strncpy(dest,psychic,511); -! dest[511]='\0'; -! } -! #endif /* USE_IP_FILTER */ - if((cf = cfg_get("directory",confp)) != (Cfg *)0) { - if(cf->argc != 1) { - syslog(LLEV,"fwtkcfgerr: chroot must have one parameter, line %d",cf->ln); -*************** -*** 260,269 **** - } - - /* if present a host name, chop and save username and hostname */ -- dest[0] = '\0'; - if((p = index(rusername,'@')) != (char *)0) { - char *namp; - - *p++ = '\0'; - if(*p == '\0') - p = "localhost"; ---- 272,281 ---- - } - - /* if present a host name, chop and save username and hostname */ - if((p = index(rusername,'@')) != (char *)0) { - char *namp; - -+ dest[0] = '\0'; - *p++ = '\0'; - if(*p == '\0') - p = "localhost"; -*************** -*** 532,539 **** ---- 544,557 ---- - sprintf(ebuf,"Trying %s@%s...",rusername,namp); - else - sprintf(ebuf,"Trying %s...",namp); -+ #ifdef USE_IP_FILTER -+ if(!do_transparent) { -+ #endif - if(say(0,ebuf)) - return(1); -+ #ifdef USE_IP_FILTER -+ } -+ #endif - } else - syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,av[1]); - if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) { -diff -cr ../TIS.orig/fwtk/tn-gw/tn-gw.c fwtk/tn-gw/tn-gw.c -*** ../TIS.orig/fwtk/tn-gw/tn-gw.c Fri Sep 6 18:55:48 1996 ---- fwtk/tn-gw/tn-gw.c Sun Feb 2 06:06:33 1997 -*************** -*** 97,102 **** ---- 97,106 ---- - static int timeout = PROXY_TIMEOUT; - static char timed_out_msg[] = "\r\nConnection closed due to inactivity"; - -+ #ifdef USE_IP_FILTER -+ static int do_transparent=0; -+ #endif -+ - typedef struct { - char *name; - char *hmsg; -*************** -*** 140,145 **** ---- 144,153 ---- - char tokbuf[BSIZ]; - char *tokav[56]; - int tokac; -+ #ifdef USE_IP_FILTER -+ int port; -+ char *psychic; -+ #endif - - #ifndef LOG_DAEMON - openlog("tn-gw",LOG_PID); -*************** -*** 307,313 **** - exit(1); - } - } -! - while (argc > 1) { - argc--; - argv++; ---- 315,349 ---- - exit(1); - } - } -! #ifdef USE_IP_FILTER -! psychic=getdsthost(0,&port); -! if(psychic) { -! if((strlen(psychic) + 10) < 510) { -! do_transparent++; -! if(port) -! sprintf(dest,"%s:%d",psychic,port); -! else -! sprintf(dest,"%s",psychic); -! -! -! if(!welcomedone) -! if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { -! if(cf->argc != 1) { -! syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); -! exit(1); -! } -! if(sayfile(0,cf->argv[0])) { -! syslog(LLEV,"fwtksyserr: cannot display welcome %s:%m",cf->argv[0]); -! exit(1); -! } -! welcomedone = 1; -! } -! -! -! } -! } -! -! #endif /* USE_IP_FILTER */ - while (argc > 1) { - argc--; - argv++; -*************** -*** 870,877 **** - - syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,namp); - sprintf(ebuf,"Trying %s port %d...",namp,port); -! if(say(0,ebuf)) -! return(1); - } else - syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,av[1]); - ---- 906,920 ---- - - syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,namp); - sprintf(ebuf,"Trying %s port %d...",namp,port); -! #ifdef USE_IP_FILTER -! if(!do_transparent) { -! sprintf(ebuf,"Trying %s port %d...",namp,port); -! #endif -! if(say(0,ebuf)) -! return(1); -! #ifdef USE_IP_FILTER -! } -! #endif - } else - syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,av[1]); - -*************** -*** 903,910 **** - - syslog(LLEV,"connected host=%s/%s destination=%s",rladdr,riaddr,av[1]); - strncpy(dest,av[1], 511); -! sprintf(buf, "Connected to %s.", dest); - say(0, buf); - return(2); - } - ---- 946,959 ---- - - syslog(LLEV,"connected host=%s/%s destination=%s",rladdr,riaddr,av[1]); - strncpy(dest,av[1], 511); -! #ifdef USE_IP_FILTER -! if(!do_transparent) { -! sprintf(buf, "Connected to %s.", dest); -! say(0, buf); -! } -! #else - say(0, buf); -+ #endif - return(2); - } - -diff -cr ../TIS.orig/fwtk/x-gw/socket.c fwtk/x-gw/socket.c -*** ../TIS.orig/fwtk/x-gw/socket.c Sat Sep 7 05:16:35 1996 ---- fwtk/x-gw/socket.c Sun Feb 2 05:26:44 1997 -*************** -*** 212,218 **** - case AF_UNIX: un_name = (struct sockaddr_un *)addr; - len = sizeof(un_name->sun_family) + - sizeof(un_name->sun_path) -! #ifdef SCM_RIGHTS /* 4.3BSD Reno and later */ - + sizeof(un_name->sun_len) + 1 - #endif - ; ---- 212,218 ---- - case AF_UNIX: un_name = (struct sockaddr_un *)addr; - len = sizeof(un_name->sun_family) + - sizeof(un_name->sun_path) -! #if defined(SCM_RIGHTS) && !defined(LINUX)/* 4.3BSD Reno and later */ - + sizeof(un_name->sun_len) + 1 - #endif - ; -Only in fwtk/x-gw: socket.c.bak |
