| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
PR: bin/58696
Submitted by: sp@alkor.ru
|
|
|
|
|
|
|
| |
on -redirect_XXX arguments length.
PR: bin/86647
Submitted by: Stephen Hurd <shurd@sasktel.net>
|
|
|
|
|
|
| |
is sufficient
MFC after: 2 weeks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the first part of my previous Summer of Code work, we get:
-made libalias modular:
-support for 'particular' protocols (like ftp/irc/etcetc) is no more
hardcoded inside libalias, but it's available through external
modules loadable at runtime
-modules are available both in kernel (/boot/kernel/alias_*.ko) and
user land (/lib/libalias_*)
-protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
skinny and smedia
-added logging support for kernel side
-cleanup
After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.
During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.
User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.
The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).
General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.
NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.
Approved by: glebius
Reviewed by: glebius, ru
|
|
|
|
|
|
| |
- Use const where necessary
- Use __unused where applicable
- Rename variables that is conflicit with global definations
|
| |
|
|
|
|
| |
This makes it possible to do load-sharing on two xDSL lines etc.
|
|
|
|
|
|
| |
PR: 46761
Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Skinny is the protocol used by Cisco IP phones to talk to Cisco Call
Managers. With this code, one can use a Cisco IP phone behind a FreeBSD
NAT gateway.
Currently, having the Call Manager behind the NAT gateway is not supported.
More information on enabling Skinny support in libalias, natd, and ppp
can be found in those applications' manpages.
PR: 55843
Reviewed by: ru
Approved by: ru
MFC after: 30 days
|
|
|
|
|
| |
PR: bin/37159
Submitted by: "Aleksandr A. Babaylov" <.@babolo.ru>
|
|
|
|
|
|
|
| |
options are not required.
Suggested by: Vaclav Petricek
MFC after: 2 weeks
|
|
|
|
| |
Reviewed by: ru
|
|
|
|
| |
especially in troff files.
|
|
|
|
|
|
|
|
|
|
|
|
| |
not return ENOBUFS for unreliable protocols like divert.
This should fix an issue when natd(8) keeps spamming already
full dummynet(4) queues with the same packet forever.
Spotted by: chkno@dork.com
Explained by: luigi
Reviewed by: Ari Suutari <ari.suutari@syncrontech.com>
MFC after: 2 weeks
|
|
|
|
| |
Discussed with: phk
|
| |
|
|
|
|
|
|
|
|
|
| |
Set 'log_ipfw_denied' option if you want the old behaviour.
PR: 30255
Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk>
Reviewed by: phk
MFC after: 4 weeks
|
|
|
|
|
|
| |
missed that natd has a -v option that will give similar functionality.
Requested by: ru
|
|
|
|
|
|
|
| |
of a restrictive firewall rule, also report detail on the packet
that caused the failure.
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
| |
in the ipfirewall(4) for incoming FTP/IRC DCC connections.
Submitted by: Rene de Vries <rene@canyon.demon.nl>
Rewritten by: ru
|
| |
|
| |
|
|
|
|
|
|
| |
not associated with any pre-existing link.
Submitted by: brian
|
| |
|
|
|
|
|
| |
Submitted by: Mike Heffner <spock@techfour.net>
Submitted on: audit@freebsd.org
|
| |
|
|
|
|
|
|
| |
PR: 16900
Reviewed by: "Crist J. Clark" <cjclark@home.com>, jkh
Approved by: jkh
|
|
|
|
|
|
|
| |
the interface MTU change (src/sys/net/if_sl.c,v 1.83), track
interface MTU with -dynamic option as well.
PR: 15494
|
|
|
|
|
| |
PR: 14169
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
| |
interface name if not operating in dynamic mode.
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
| |
- Trailing spaces and empty lines are ignored.
- A `#' sign will mark the remaining of the line as a comment.
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
|
| |
Remove redundant signal() call.
PR: 6676
Submitted by: luoqi
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
| |
sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len.
Otherwise the increment will be wrong in certain cases.
Obtained from: Whistle source tree
For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests
SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
|
| |
|
|
|
|
|
|
|
| |
Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua>
PR: 11690
3.2 candidate ?
|
|
|
|
|
|
|
|
|
|
|
| |
o main returns int not void
o use braces to avoid potentially ambiguous else
Note: The fix to natd is potentially functional in nature since I used
the indentation as the right thing rather than the struct semantics.
Someone more familiar with the code should double check me on this one.
Reviewed by: obrien and chuckr
|
|
|
|
| |
PR: 9253
|
| |
|
|
|
|
|
| |
Submitted by: Wes Santee <wes@bogon.net>
PR: 9696
|
|
|
|
| |
Submitted by: Martin Machacek <mm@i.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Transparent proxy support.
- PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead.
- Drop support for early FreeBSD 2.2 versions
- If separate input & output sockets are being used
use them to find out packet direction instead of
normal mechanism. This can be handy in complex environments
with multiple interfaces.
- PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added.
- Logging enhancements from Martin Machacek <mm@i.cz> added.
Obtained from: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
| |
not providing the backwards-compatability routines in libalias anymore
(which I think may have been a mistake).
|
| |
|
|
|
|
|
|
| |
Cosmetic style changes
Use u_short for port values.
Submitted by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
instead of htonl() !
This results in the int a,b,c,d changing to b,a,c,d,
but as it's subsequently coerced to a u_short, the
ultimate answer is correct.
If this isn't fixed properly soon (by the author) I'll
have a look at it again.
Noted by: eivind & ari@suutari.iki.fi
|
| |
|
|
|
|
| |
/etc/rc.conf.
|