summaryrefslogtreecommitdiffstats
path: root/sbin/natd/natd.c
Commit message (Collapse)AuthorAgeFilesLines
* If the -proxy_only option is used, the -alias_address/-interfaceru2003-06-131-2/+4
| | | | | | | options are not required. Suggested by: Vaclav Petricek MFC after: 2 weeks
* Use a more standard error message. Add FBSDID.charnier2003-02-051-4/+5
| | | | Reviewed by: ru
* Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,schweikh2003-01-011-1/+1
| | | | especially in troff files.
* Back out part of the revision 1.2 changes -- sendto(2) canru2002-01-151-73/+28
| | | | | | | | | | | | not return ENOBUFS for unreliable protocols like divert. This should fix an issue when natd(8) keeps spamming already full dummynet(4) queues with the same packet forever. Spotted by: chkno@dork.com Explained by: luigi Reviewed by: Ari Suutari <ari.suutari@syncrontech.com> MFC after: 2 weeks
* Make -log_ipfw_denied active by default with -verbose.ru2001-11-271-1/+6
| | | | Discussed with: phk
* Fixed (local) style bugs in previous revision.ru2001-11-271-5/+7
|
* Do not uselessly whine in syslog about packets denied by ipfw rules.phk2001-10-311-3/+16
| | | | | | | | | Set 'log_ipfw_denied' option if you want the old behaviour. PR: 30255 Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk> Reviewed by: phk MFC after: 4 weeks
* Revert the previous commit on objection from the maintainer. Ijoe2001-06-211-3/+2
| | | | | | missed that natd has a -v option that will give similar functionality. Requested by: ru
* When reporting that a packet can't be written back, usually becausejoe2001-06-211-2/+3
| | | | | | | of a restrictive firewall rule, also report detail on the packet that caused the failure. MFC after: 3 days
* Don't call warn() with no format string.kris2000-07-101-1/+1
|
* Added new option (-punch_fw) which allows to `punch holes'ru2000-06-271-2/+27
| | | | | | | in the ipfirewall(4) for incoming FTP/IRC DCC connections. Submitted by: Rene de Vries <rene@canyon.demon.nl> Rewritten by: ru
* Remove ``pptpalias'' since this is now done transparently by libalias(3).ru2000-06-201-33/+0
|
* Remove unused parameter.ru2000-06-161-6/+6
|
* Add new option (-target_addr) to control how to deal with incoming packetsru2000-05-181-0/+13
| | | | | | not associated with any pre-existing link. Submitted by: brian
* New option: -redirect_proto.ru2000-05-031-0/+70
|
* Fixes a potential buffer overflow with the command line arguments.joe2000-04-301-7/+11
| | | | | Submitted by: Mike Heffner <spock@techfour.net> Submitted on: audit@freebsd.org
* Load Sharing using IP Network Address Translation (RFC 2391, LSNAT).ru2000-04-271-16/+66
|
* Remove the config file line length restriction.ru2000-02-251-13/+10
| | | | | | PR: 16900 Reviewed by: "Crist J. Clark" <cjclark@home.com>, jkh Approved by: jkh
* Now that kernel is capable of notifying user processes aboutru2000-01-251-8/+6
| | | | | | | the interface MTU change (src/sys/net/if_sl.c,v 1.83), track interface MTU with -dynamic option as well. PR: 15494
* ioctl -> sysctl for interface address changes.ru1999-10-131-74/+83
| | | | | PR: 14169 Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* Do not defer setting of the aliasing address fromru1999-09-281-19/+15
| | | | | | interface name if not operating in dynamic mode. Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* Config file parser changes:ru1999-09-071-8/+10
| | | | | | | - Trailing spaces and empty lines are ignored. - A `#' sign will mark the remaining of the line as a comment. Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* Allow signals to interrupt system calls.ru1999-09-021-1/+3
| | | | | | | | Remove redundant signal() call. PR: 6676 Submitted by: luoqi Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* When incrementing through a SIOCGIFCONF list, enforce a lower limit ofarchie1999-06-051-1/+3
| | | | | | | | | sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len. Otherwise the increment will be wrong in certain cases. Obtained from: Whistle source tree For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
* Oops - missing parenthesisbrian1999-05-131-2/+2
|
* /sbin/natd portrange documentation and bugfixbrian1999-05-131-3/+3
| | | | | | | Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua> PR: 11690 3.2 candidate ?
* More egcs warning fixes:imp1999-04-251-5/+5
| | | | | | | | | | | o main returns int not void o use braces to avoid potentially ambiguous else Note: The fix to natd is potentially functional in nature since I used the indentation as the right thing rather than the struct semantics. Someone more familiar with the code should double check me on this one. Reviewed by: obrien and chuckr
* Disable reads on our ICMP socket. We only use it for sending.brian1999-03-301-1/+8
| | | | PR: 9253
* Add some const-cleanliness and avoid some warnings.brian1999-03-241-43/+43
|
* Allow port ranges when specifying -redirect_port.brian1999-03-241-32/+127
| | | | | Submitted by: Wes Santee <wes@bogon.net> PR: 9696
* Fix a diagnostic typobrian1999-03-111-4/+4
| | | | Submitted by: Martin Machacek <mm@i.cz>
* Upgrade (almost) to natd 2.0b1brian1999-03-071-83/+184
| | | | | | | | | | | | | | - Transparent proxy support. - PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead. - Drop support for early FreeBSD 2.2 versions - If separate input & output sockets are being used use them to find out packet direction instead of normal mechanism. This can be handy in complex environments with multiple interfaces. - PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added. - Logging enhancements from Martin Machacek <mm@i.cz> added. Obtained from: Ari Suutari <ari@suutari.iki.fi>
* Make this work with the new alias library since, evidently, we'rejkh1999-02-271-4/+6
| | | | | not providing the backwards-compatability routines in libalias anymore (which I think may have been a mistake).
* Typo/$Id$ police.alex1997-12-271-1/+2
|
* natd 1_10 => 1_11brian1997-12-101-61/+65
| | | | | | Cosmetic style changes Use u_short for port values. Submitted by: Ari Suutari <ari@suutari.iki.fi>
* Reverse my previous change and use htons() on an intbrian1997-12-061-1/+1
| | | | | | | | | | | | | instead of htonl() ! This results in the int a,b,c,d changing to b,a,c,d, but as it's subsequently coerced to a u_short, the ultimate answer is correct. If this isn't fixed properly soon (by the author) I'll have a look at it again. Noted by: eivind & ari@suutari.iki.fi
* Use htonl() rather than htons().brian1997-11-131-1/+1
|
* Use err(3). Change firewall to firewall_enable in man page according tocharnier1997-10-021-141/+64
| | | | /etc/rc.conf.
* Ingored incoming packets are now dropped whenbrian1997-09-061-2/+14
| | | | | deny_incoming option is set to yes. Submitted by: Ari Suutari <ari@suutari.iki.fi>
* - Buffer space problem found by Sergio Lenzi <lenzi@bsi.com.br>brian1997-08-101-90/+128
| | | | | | | | fixed. Natd now waits with select(2) for buffer space to become available if write fails. - Packet aliasing library upgraded to 2.2. Submitted by: Ari Suutari <suutari@iki.fi>
* Bring natd into main source tree now that thebrian1997-06-221-0/+1396
pppd/natd combination works ok. Submitted by: Ari Suutari <ari.suutari@ps.carel.fi>
OpenPOWER on IntegriCloud