diff options
Diffstat (limited to 'crypto/kerberosIV/appl/kip')
| -rw-r--r-- | crypto/kerberosIV/appl/kip/Makefile.in | 96 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/kip/common.c | 178 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/kip/kip.c | 179 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/kip/kip.h | 106 | ||||
| -rw-r--r-- | crypto/kerberosIV/appl/kip/kipd.c | 128 |
5 files changed, 687 insertions, 0 deletions
diff --git a/crypto/kerberosIV/appl/kip/Makefile.in b/crypto/kerberosIV/appl/kip/Makefile.in new file mode 100644 index 0000000..690a661 --- /dev/null +++ b/crypto/kerberosIV/appl/kip/Makefile.in @@ -0,0 +1,96 @@ +# $Id: Makefile.in,v 1.12 1997/03/23 13:04:03 assar Exp $ + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ +LD_FLAGS = @LD_FLAGS@ +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +LIBS = @LIBS@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libexecdir = @libexecdir@ +libdir = @libdir@ +bindir = @bindir@ +transform=@program_transform_name@ +EXECSUFFIX=@EXECSUFFIX@ + +PROG_BIN = kip$(EXECSUFFIX) +PROG_LIBEXEC = kipd$(EXECSUFFIX) +PROGS = $(PROG_BIN) $(PROG_LIBEXEC) + +SOURCES_KIP = kip.c +SOURCES_KIPD = kipd.c +SOURCES_COMMON = common.c + +OBJECTS_KIP = kip.o common.o +OBJECTS_KIPD = kipd.o common.o + +OBJECTS = $(OBJECTS_KIP) $(OBJECTS_KIPD) +SOURCES = $(SOURCES_KIP) $(SOURCES_KIPD) $(SOURCES_COMMON) + +all: $(PROGS) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(bindir) $(libexecdir) + for x in $(PROG_BIN); do \ + $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x | sed '$(transform)'`; \ + done + for x in $(PROG_LIBEXEC); do \ + $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \ + done + +uninstall: + for x in $(PROG_BIN); do \ + rm -f $(bindir)/`echo $$x | sed '$(transform)'`; \ + done + for x in $(PROG_LIBEXEC); do \ + rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \ + done + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f *.a *.o $(PROGS) + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes +LIBROKEN=-L../../lib/roken -lroken + +kip$(EXECSUFFIX): $(OBJECTS_KIP) + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KIP) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) + +kipd$(EXECSUFFIX): $(OBJECTS_KIPD) + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KIPD) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) + +$(OBJECTS): ../../include/config.h diff --git a/crypto/kerberosIV/appl/kip/common.c b/crypto/kerberosIV/appl/kip/common.c new file mode 100644 index 0000000..b21d03d --- /dev/null +++ b/crypto/kerberosIV/appl/kip/common.c @@ -0,0 +1,178 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kip.h" + +RCSID("$Id: common.c,v 1.12 1997/05/02 14:28:06 assar Exp $"); + +/* + * Copy packets from `tundev' to `netdev' or vice versa. + * Mode is used when reading from `tundev' + */ + +int +copy_packets (int tundev, int netdev, int mtu, des_cblock *iv, + des_key_schedule schedule) +{ + des_cblock iv1, iv2; + int num1 = 0, num2 = 0; + u_char *buf; + + buf = malloc (mtu + 2); + if (buf == NULL) { + warnx("malloc(%d) failed", mtu); + return 1; + } + + memcpy (&iv1, iv, sizeof(iv1)); + memcpy (&iv2, iv, sizeof(iv2)); + for (;;) { + fd_set fdset; + int ret, len; + + FD_ZERO(&fdset); + FD_SET(tundev, &fdset); + FD_SET(netdev, &fdset); + + ret = select (max(tundev, netdev)+1, &fdset, NULL, NULL, NULL); + if (ret < 0 && errno != EINTR) { + warn ("select"); + return 1; + } + if (FD_ISSET(tundev, &fdset)) { + ret = read (tundev, buf + 2, mtu); + if (ret == 0) + return 0; + if (ret < 0) { + if (errno == EINTR) + continue; + else { + warn("read"); + return ret; + } + } + buf[0] = ret >> 8; + buf[1] = ret & 0xFF; + ret += 2; + des_cfb64_encrypt (buf, buf, ret, schedule, + &iv1, &num1, DES_ENCRYPT); + ret = krb_net_write (netdev, buf, ret); + if (ret < 0) { + warn("write"); + return ret; + } + } + if (FD_ISSET(netdev, &fdset)) { + ret = read (netdev, buf, 2); + if (ret == 0) + return 0; + if (ret < 0) { + if (errno == EINTR) + continue; + else { + warn("read"); + return ret; + } + } + des_cfb64_encrypt (buf, buf, 2, schedule, + &iv2, &num2, DES_DECRYPT); + len = (buf[0] << 8 ) | buf[1]; + ret = krb_net_read (netdev, buf + 2, len); + if (ret == 0) + return 0; + if (ret < 0) { + if (errno == EINTR) + continue; + else { + warn("read"); + return ret; + } + } + des_cfb64_encrypt (buf + 2, buf + 2, len, schedule, + &iv2, &num2, DES_DECRYPT); + ret = krb_net_write (tundev, buf + 2, len); + if (ret < 0) { + warn("write"); + return ret; + } + } + } +} + +/* + * Signal handler that justs waits for the children when they die. + */ + +RETSIGTYPE +childhandler (int sig) +{ + pid_t pid; + int status; + + do { + pid = waitpid (-1, &status, WNOHANG|WUNTRACED); + } while(pid > 0); + signal (SIGCHLD, childhandler); + SIGRETURN(0); +} + +/* + * Find a free tunnel device and open it. + */ + +int +tunnel_open (void) +{ + int fd; + int i; + char name[64]; + + for (i = 0; i < 256; ++i) { + snprintf (name, sizeof(name), "%s%s%d", _PATH_DEV, TUNDEV, i); + fd = open (name, O_RDWR, 0); + if (fd >= 0) + break; + if (errno == ENOENT || errno == ENODEV) { + warn("open %s", name); + return fd; + } + } + if (fd < 0) + warn("open %s" ,name); + return fd; +} diff --git a/crypto/kerberosIV/appl/kip/kip.c b/crypto/kerberosIV/appl/kip/kip.c new file mode 100644 index 0000000..e324a28 --- /dev/null +++ b/crypto/kerberosIV/appl/kip/kip.c @@ -0,0 +1,179 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kip.h" + +RCSID("$Id: kip.c,v 1.15 1997/05/11 10:54:51 assar Exp $"); + +static void +usage() +{ + fprintf (stderr, "Usage: %s host\n", + __progname); + exit (1); +} + +/* + * Establish authenticated connection + */ + +static int +connect_host (char *host, des_cblock *key, des_key_schedule schedule) +{ + CREDENTIALS cred; + KTEXT_ST text; + MSG_DAT msg; + int status; + struct sockaddr_in thisaddr, thataddr; + int addrlen; + struct hostent *hostent; + int s; + u_char b; + char **p; + + hostent = gethostbyname (host); + if (hostent == NULL) { + warnx ("gethostbyname '%s': %s", host, +#ifdef HAVE_H_ERRNO + hstrerror(h_errno) +#else + "unknown error" +#endif + ); + return -1; + } + + memset (&thataddr, 0, sizeof(thataddr)); + thataddr.sin_family = AF_INET; + thataddr.sin_port = k_getportbyname ("kip", "tcp", htons(KIPPORT)); + + for(p = hostent->h_addr_list; *p; ++p) { + int one = 1; + + memcpy (&thataddr.sin_addr, *p, sizeof(thataddr.sin_addr)); + + s = socket (AF_INET, SOCK_STREAM, 0); + if (s < 0) { + warn ("socket"); + return -1; + } + +#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) + setsockopt (s, IPPROTO_TCP, TCP_NODELAY, (void *)&one, sizeof(one)); +#endif + + if (connect (s, (struct sockaddr *)&thataddr, sizeof(thataddr)) < 0) { + warn ("connect(%s)", host); + close (s); + continue; + } else { + break; + } + } + if (*p == NULL) + return -1; + + addrlen = sizeof(thisaddr); + if (getsockname (s, (struct sockaddr *)&thisaddr, &addrlen) < 0 || + addrlen != sizeof(thisaddr)) { + warn ("getsockname(%s)", host); + return -1; + } + status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd", + host, krb_realmofhost (host), + getpid(), &msg, &cred, schedule, + &thisaddr, &thataddr, KIP_VERSION); + if (status != KSUCCESS) { + warnx("%s: %s", host, + krb_get_err_text(status)); + return -1; + } + if (read (s, &b, sizeof(b)) != sizeof(b)) { + warn ("read"); + return -1; + } + if (b) { + char buf[BUFSIZ]; + + read (s, buf, sizeof(buf)); + buf[BUFSIZ - 1] = '\0'; + + warnx ("%s: %s", host, buf); + return -1; + } + + memcpy(key, &cred.session, sizeof(des_cblock)); + return s; +} + +/* + * Connect to the given host. + */ + +static int +doit (char *host) +{ + des_key_schedule schedule; + des_cblock iv; + int other, this; + struct ifreq ifreq; + int sock; + + other = connect_host (host, &iv, schedule); + if (other < 0) + return 1; + this = tunnel_open (); + if (this < 0) + return 1; + return copy_packets (this, other, TUNMTU, &iv, schedule); +} + +/* + * kip - forward IP packets over a kerberos-encrypted channel. + * + */ + +int +main(int argc, char **argv) +{ + set_progname (argv[0]); + + if (argc != 2) + usage (); + return doit (argv[1]); +} diff --git a/crypto/kerberosIV/appl/kip/kip.h b/crypto/kerberosIV/appl/kip/kip.h new file mode 100644 index 0000000..94e30a5 --- /dev/null +++ b/crypto/kerberosIV/appl/kip/kip.h @@ -0,0 +1,106 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kip.h,v 1.16 1997/05/20 18:40:31 bg Exp $ */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif /* HAVE_CONFIG_H */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <errno.h> +#include <pwd.h> +#include <signal.h> +#include <paths.h> +#include <fcntl.h> +#ifdef HAVE_SYSLOG_H +#include <syslog.h> +#endif +#include <sys/types.h> +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif +#ifdef HAVE_SYS_RESOURCE_H +#include <sys/resource.h> +#endif +#ifdef HAVE_SYS_SELECT_H +#include <sys/select.h> +#endif +#include <sys/wait.h> +#include <sys/stat.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <netdb.h> +#include <sys/sockio.h> +#include <net/if.h> +#ifdef HAVE_NET_IF_VAR_H +#include <net/if_var.h> +#endif +#include <net/if_tun.h> +#include <err.h> + +#ifdef SOCKS +#include <socks.h> +#endif + +#include <krb.h> + +#include <roken.h> + +#define TUNDEV "tun" + +#define KIPPORT 2112 + +#define KIP_VERSION "KIPSRV.0" + +int +copy_packets (int tundev, int netdev, int mtu, des_cblock *iv, + des_key_schedule schedule); + +RETSIGTYPE childhandler (int); + +int +tunnel_open (void); diff --git a/crypto/kerberosIV/appl/kip/kipd.c b/crypto/kerberosIV/appl/kip/kipd.c new file mode 100644 index 0000000..6d9d334 --- /dev/null +++ b/crypto/kerberosIV/appl/kip/kipd.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kip.h" + +RCSID("$Id: kipd.c,v 1.13 1997/05/18 20:38:01 assar Exp $"); + +static int +fatal (int fd, char *s) +{ + u_char err = 1; + + write (fd, &err, sizeof(err)); + write (fd, s, strlen(s)+1); + syslog(LOG_ERR, s); + return err; +} + +static int +recv_conn (int sock, des_cblock *key, des_key_schedule schedule, + struct sockaddr_in *retaddr) +{ + int status; + KTEXT_ST ticket; + AUTH_DAT auth; + char instance[INST_SZ + 1]; + struct sockaddr_in thisaddr, thataddr; + int addrlen; + char version[KRB_SENDAUTH_VLEN + 1]; + u_char ok = 0; + struct passwd *passwd; + + addrlen = sizeof(thisaddr); + if (getsockname (sock, (struct sockaddr *)&thisaddr, &addrlen) < 0 || + addrlen != sizeof(thisaddr)) { + return 1; + } + addrlen = sizeof(thataddr); + if (getpeername (sock, (struct sockaddr *)&thataddr, &addrlen) < 0 || + addrlen != sizeof(thataddr)) { + return 1; + } + + k_getsockinst (sock, instance, sizeof(instance)); + status = krb_recvauth (KOPT_DO_MUTUAL, sock, &ticket, "rcmd", instance, + &thataddr, &thisaddr, &auth, "", schedule, + version); + if (status != KSUCCESS || + strncmp(version, KIP_VERSION, KRB_SENDAUTH_VLEN) != 0) { + return 1; + } + passwd = k_getpwnam ("root"); + if (passwd == NULL) + return fatal (sock, "Cannot find root"); + if (kuserok(&auth, "root") != 0) + return fatal (sock, "Permission denied"); + if (write (sock, &ok, sizeof(ok)) != sizeof(ok)) + return 1; + + memcpy(key, &auth.session, sizeof(des_cblock)); + *retaddr = thataddr; + return 0; +} + +static int +doit(int sock) +{ + struct sockaddr_in thataddr; + des_key_schedule schedule; + des_cblock key; + int this; + + if (recv_conn (sock, &key, schedule, &thataddr)) + return 1; + this = tunnel_open (); + if (this < 0) + fatal (sock, "Cannot open " _PATH_DEV TUNDEV); + return copy_packets (this, sock, TUNMTU, &key, schedule); +} + +/* + * kipd - receive forwarded IP + */ + +int +main (int argc, char **argv) +{ + set_progname (argv[0]); + + openlog(__progname, LOG_PID|LOG_CONS, LOG_DAEMON); + signal (SIGCHLD, childhandler); + return doit(0); +} |
