summaryrefslogtreecommitdiffstats
path: root/sbin/natd/natd.c
Commit message (Collapse)AuthorAgeFilesLines
* Add Cisco Skinny Station protocol support to libalias, natd, and ppp.marcus2003-09-231-0/+25
| | | | | | | | | | | | | | | Skinny is the protocol used by Cisco IP phones to talk to Cisco Call Managers. With this code, one can use a Cisco IP phone behind a FreeBSD NAT gateway. Currently, having the Call Manager behind the NAT gateway is not supported. More information on enabling Skinny support in libalias, natd, and ppp can be found in those applications' manpages. PR: 55843 Reviewed by: ru Approved by: ru MFC after: 30 days
* Added an option to specify an alternate PID file.ru2003-08-131-3/+18
| | | | | PR: bin/37159 Submitted by: "Aleksandr A. Babaylov" <.@babolo.ru>
* If the -proxy_only option is used, the -alias_address/-interfaceru2003-06-131-2/+4
| | | | | | | options are not required. Suggested by: Vaclav Petricek MFC after: 2 weeks
* Use a more standard error message. Add FBSDID.charnier2003-02-051-4/+5
| | | | Reviewed by: ru
* Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,schweikh2003-01-011-1/+1
| | | | especially in troff files.
* Back out part of the revision 1.2 changes -- sendto(2) canru2002-01-151-73/+28
| | | | | | | | | | | | not return ENOBUFS for unreliable protocols like divert. This should fix an issue when natd(8) keeps spamming already full dummynet(4) queues with the same packet forever. Spotted by: chkno@dork.com Explained by: luigi Reviewed by: Ari Suutari <ari.suutari@syncrontech.com> MFC after: 2 weeks
* Make -log_ipfw_denied active by default with -verbose.ru2001-11-271-1/+6
| | | | Discussed with: phk
* Fixed (local) style bugs in previous revision.ru2001-11-271-5/+7
|
* Do not uselessly whine in syslog about packets denied by ipfw rules.phk2001-10-311-3/+16
| | | | | | | | | Set 'log_ipfw_denied' option if you want the old behaviour. PR: 30255 Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk> Reviewed by: phk MFC after: 4 weeks
* Revert the previous commit on objection from the maintainer. Ijoe2001-06-211-3/+2
| | | | | | missed that natd has a -v option that will give similar functionality. Requested by: ru
* When reporting that a packet can't be written back, usually becausejoe2001-06-211-2/+3
| | | | | | | of a restrictive firewall rule, also report detail on the packet that caused the failure. MFC after: 3 days
* Don't call warn() with no format string.kris2000-07-101-1/+1
|
* Added new option (-punch_fw) which allows to `punch holes'ru2000-06-271-2/+27
| | | | | | | in the ipfirewall(4) for incoming FTP/IRC DCC connections. Submitted by: Rene de Vries <rene@canyon.demon.nl> Rewritten by: ru
* Remove ``pptpalias'' since this is now done transparently by libalias(3).ru2000-06-201-33/+0
|
* Remove unused parameter.ru2000-06-161-6/+6
|
* Add new option (-target_addr) to control how to deal with incoming packetsru2000-05-181-0/+13
| | | | | | not associated with any pre-existing link. Submitted by: brian
* New option: -redirect_proto.ru2000-05-031-0/+70
|
* Fixes a potential buffer overflow with the command line arguments.joe2000-04-301-7/+11
| | | | | Submitted by: Mike Heffner <spock@techfour.net> Submitted on: audit@freebsd.org
* Load Sharing using IP Network Address Translation (RFC 2391, LSNAT).ru2000-04-271-16/+66
|
* Remove the config file line length restriction.ru2000-02-251-13/+10
| | | | | | PR: 16900 Reviewed by: "Crist J. Clark" <cjclark@home.com>, jkh Approved by: jkh
* Now that kernel is capable of notifying user processes aboutru2000-01-251-8/+6
| | | | | | | the interface MTU change (src/sys/net/if_sl.c,v 1.83), track interface MTU with -dynamic option as well. PR: 15494
* ioctl -> sysctl for interface address changes.ru1999-10-131-74/+83
| | | | | PR: 14169 Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* Do not defer setting of the aliasing address fromru1999-09-281-19/+15
| | | | | | interface name if not operating in dynamic mode. Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* Config file parser changes:ru1999-09-071-8/+10
| | | | | | | - Trailing spaces and empty lines are ignored. - A `#' sign will mark the remaining of the line as a comment. Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* Allow signals to interrupt system calls.ru1999-09-021-1/+3
| | | | | | | | Remove redundant signal() call. PR: 6676 Submitted by: luoqi Reviewed by: Ari Suutari <ari@suutari.iki.fi>
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* When incrementing through a SIOCGIFCONF list, enforce a lower limit ofarchie1999-06-051-1/+3
| | | | | | | | | sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len. Otherwise the increment will be wrong in certain cases. Obtained from: Whistle source tree For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
* Oops - missing parenthesisbrian1999-05-131-2/+2
|
* /sbin/natd portrange documentation and bugfixbrian1999-05-131-3/+3
| | | | | | | Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua> PR: 11690 3.2 candidate ?
* More egcs warning fixes:imp1999-04-251-5/+5
| | | | | | | | | | | o main returns int not void o use braces to avoid potentially ambiguous else Note: The fix to natd is potentially functional in nature since I used the indentation as the right thing rather than the struct semantics. Someone more familiar with the code should double check me on this one. Reviewed by: obrien and chuckr
* Disable reads on our ICMP socket. We only use it for sending.brian1999-03-301-1/+8
| | | | PR: 9253
* Add some const-cleanliness and avoid some warnings.brian1999-03-241-43/+43
|
* Allow port ranges when specifying -redirect_port.brian1999-03-241-32/+127
| | | | | Submitted by: Wes Santee <wes@bogon.net> PR: 9696
* Fix a diagnostic typobrian1999-03-111-4/+4
| | | | Submitted by: Martin Machacek <mm@i.cz>
* Upgrade (almost) to natd 2.0b1brian1999-03-071-83/+184
| | | | | | | | | | | | | | - Transparent proxy support. - PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead. - Drop support for early FreeBSD 2.2 versions - If separate input & output sockets are being used use them to find out packet direction instead of normal mechanism. This can be handy in complex environments with multiple interfaces. - PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added. - Logging enhancements from Martin Machacek <mm@i.cz> added. Obtained from: Ari Suutari <ari@suutari.iki.fi>
* Make this work with the new alias library since, evidently, we'rejkh1999-02-271-4/+6
| | | | | not providing the backwards-compatability routines in libalias anymore (which I think may have been a mistake).
* Typo/$Id$ police.alex1997-12-271-1/+2
|
* natd 1_10 => 1_11brian1997-12-101-61/+65
| | | | | | Cosmetic style changes Use u_short for port values. Submitted by: Ari Suutari <ari@suutari.iki.fi>
* Reverse my previous change and use htons() on an intbrian1997-12-061-1/+1
| | | | | | | | | | | | | instead of htonl() ! This results in the int a,b,c,d changing to b,a,c,d, but as it's subsequently coerced to a u_short, the ultimate answer is correct. If this isn't fixed properly soon (by the author) I'll have a look at it again. Noted by: eivind & ari@suutari.iki.fi
* Use htonl() rather than htons().brian1997-11-131-1/+1
|
* Use err(3). Change firewall to firewall_enable in man page according tocharnier1997-10-021-141/+64
| | | | /etc/rc.conf.
* Ingored incoming packets are now dropped whenbrian1997-09-061-2/+14
| | | | | deny_incoming option is set to yes. Submitted by: Ari Suutari <ari@suutari.iki.fi>
* - Buffer space problem found by Sergio Lenzi <lenzi@bsi.com.br>brian1997-08-101-90/+128
| | | | | | | | fixed. Natd now waits with select(2) for buffer space to become available if write fails. - Packet aliasing library upgraded to 2.2. Submitted by: Ari Suutari <suutari@iki.fi>
* Bring natd into main source tree now that thebrian1997-06-221-0/+1396
pppd/natd combination works ok. Submitted by: Ari Suutari <ari.suutari@ps.carel.fi>
OpenPOWER on IntegriCloud