summaryrefslogtreecommitdiffstats
path: root/sys/netinet/libalias/alias_ftp.c
Commit message (Collapse)AuthorAgeFilesLines
* Export AddLink() function from libalias. It can be used when customae2011-06-221-21/+103
| | | | | | | | | | | alias address needs to be specified. Add inbound handler to the alias_ftp module. It helps handle active FTP transfer mode for the case with external clients and FTP server behind NAT. Fix passive FTP transfer case for server behind NAT using redirect with external IP address different from NAT ip address. PR: kern/157957 Submitted by: Alexander V. Chernikov
* -don't pass down, to module's fingerprint function, unused data likepiso2009-04-081-1/+1
| | | | | | a pointer to the ip header. -style -spacing
* Silent userland warnings about missing prototypes.piso2009-01-151-0/+1
| | | | Submitted by: Roman Divacky <rdivacky@freebsd.org>
* Add support for PORT/EPRT FTP commands in lowercase.mav2008-06-211-96/+21
| | | | | | | Use strncasecmp() instead of huge local implementation to reduce code size. Check space presence after command/code. PR: kern/73034
* MFP4:piso2008-03-061-2/+4
| | | | | | restrict the utilization of direct pointers to the content of ip packet. These modifications are functionally nop()s thus can be merged with no side effects.
* Include string.h for non-kernel builds to get proper strcpy, strlenkan2007-04-041-0/+1
| | | | prototypes.
* Summer of Code 2005: improve libalias - part 1 of 2piso2006-09-261-4/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the first part of my previous Summer of Code work, we get: -made libalias modular: -support for 'particular' protocols (like ftp/irc/etcetc) is no more hardcoded inside libalias, but it's available through external modules loadable at runtime -modules are available both in kernel (/boot/kernel/alias_*.ko) and user land (/lib/libalias_*) -protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp, skinny and smedia -added logging support for kernel side -cleanup After a buildworld, do a 'mergemaster -i' to install the file libalias.conf in /etc or manually copy it. During startup (and after every HUP signal) user land applications running the new libalias will try to read a file in /etc called libalias.conf: that file contains the list of modules to load. User land applications affected by this commit are ppp and natd: if libalias.conf is present in /etc you won't notice any difference. The only kernel land bit affected by this commit is ng_nat: if you are using ng_nat, and it doesn't correctly handle ftp/irc/etcetc sessions anymore, remember to kldload the correspondent module (i.e. kldload alias_ftp). General information and details about the inner working are available in the libalias man page under the section 'MODULAR ARCHITECTURE (AND ipfw(4) SUPPORT)'. NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat support will be part of the next libalias-related commit. Approved by: glebius Reviewed by: glebius, ru
* Disable checksum processing in LibAlias, when it works as aglebius2005-06-271-0/+4
| | | | | | | | | | | | | | | kernel module. LibAlias is not aware about checksum offloading, so the caller should provide checksum calculation. (The only current consumer is ng_nat(4)). When TCP packet internals has been changed and it requires checksum recalculation, a cookie is set in th_x2 field of TCP packet, to inform caller that it needs to recalculate checksum. This ugly hack would be removed when LibAlias is made more kernel friendly. Incremental checksum updates are left as is, since they don't conflict with offloading. Approved by: re (scottl)
* s/DEBUG/LIBALIAS_DEBUG/, since DEBUG is defined in LINT andglebius2005-05-061-1/+1
| | | | not supported for kernel build.
* Always include alias.h before alias_local.hglebius2005-05-051-1/+1
|
* Play with includes so that libalias can be compiled both as userlandglebius2005-05-051-1/+13
| | | | library and kernel module.
* Introduce inline {ip,udp,tcp}_next() functions which take a pointer to andes2004-07-061-2/+2
| | | | | | | {ip,udp,tcp} header and return a void * pointing to the payload (i.e. the first byte past the end of the header and any required padding). Use them consistently throughout libalias to a) reduce code duplication, b) improve code legibility, c) get rid of a bunch of alignment warnings.
* Make libalias WARNS?=6-clean. This mostly involves renaming variablesdes2004-07-051-14/+14
| | | | | | | | | named link, foo_link or link_foo to lnk, foo_lnk or lnk_foo, fixing signed / unsigned comparisons, and shoving unused function arguments under the carpet. I was hoping WARNS?=6 might reveal more serious problems, and perhaps the source of the -O2 breakage, but found no smoking gun.
* Parenthesize return values.des2004-07-051-42/+42
|
* Mechanical whitespace cleanup.des2004-07-051-8/+8
|
* Run through indent(1) so I can read the code without getting a headache.des2004-03-161-404/+498
| | | | | The result isn't quite knf, but it's knfer than the original, and far more consistent.
* Mostly mechanical rework of libalias:phk2004-01-171-30/+28
| | | | | | | | | | | | Makes it possible to have multiple packet aliasing instances in a single process by moving all static and global variables into an instance structure called "struct libalias". Redefine a new API based on s/PacketAlias/LibAlias/g Add new "instance" argument to all functions in the new API. Implement old API in terms of the new API.
* When servicing an internal FTP server, punch ipfirewall(4) holesru2001-11-271-5/+2
| | | | | | | | | for passive mode data connections (PASV/EPSV -> 227/229). Well, the actual punching happens a bit later, when the aliasing link becomes fully specified. Prodded by: Danny Carroll <dannycarroll@hotmail.com> MFC after: 1 week
* cmott@scientech.com -> cm@linktel.netbrian2001-11-031-1/+1
| | | | Requested by: Charles Mott <cmott@scientech.com>
* Add __FBSDID's to libaliasdillon2001-09-301-2/+3
|
* Fixed the bug that prevented communication with FTP servers behindru2001-09-211-3/+4
| | | | | | | | | | | | | | | NAT in extended passive mode if the server's public IP address was different from the main NAT address. This caused a wrong aliasing link to be created that did not route the incoming packets back to the original IP address of the server. natd -v -n pub0 -redirect_address localFTP publicFTP Note that even if localFTP == publicFTP, one still needs to supply the -redirect_address directive. It is needed as a helper because extended passive mode's 229 reply does not contain the IP address. MFC after: 1 week
* Make the copyright consistent.brian2001-08-201-3/+0
| | | | Previously approved by: Charles Mott <cmott@scientech.com>
* Fixed the brain-o in rev. 1.10: the logic check was reversed.ru2001-06-271-1/+1
| | | | Reported by: Bernd Fuerwitt <bf@fuerwitt.de>
* Add BSD-style copyright headersbrian2001-06-041-2/+28
| | | | Approved by: Charles Mott <cmott@scientech.com>
* Add an integer field to keep protocol-specific flags with links.ru2001-05-301-4/+11
| | | | | | | | | | For FTP control connection, keep the CRLF end-of-line termination status in there. Fixed the bug when the first FTP command in a session was ignored. PR: 24048 MFC after: 1 week
* Added boolean argument to link searching functions, indicatingru2000-10-301-1/+1
| | | | whether they should create a link if lookup has failed or not.
* - Improved passive mode FTP support by aliasing 229 replies.ru2000-06-161-312/+337
| | | | | - Stricter checking of PORT/EPRT/227/229 messages format. - Moved all security checks into one place.
* - Added support for passive mode FTP by aliasing 227 replies.ru2000-06-141-15/+207
| | | | | | | | | | | | | | | It does mean that it is now possible to run passive-mode FTP server behind NAT. - SECURITY: FTP aliasing engine now ensures that: o the segment preceding a PORT/227 segment terminates with a \r\n; o the IP address in the PORT/227 matches the source IP address of the packet; o the port number in the PORT command or 277 reply is greater than or equal to 1024. Submitted by: Erik Salander <erik@whistle.com> Reviewed by: ru
* - Add support for FTP EPRT (RFC 2428) command.ru2000-04-061-63/+169
| | | | | | | | | - Minor optimizations. - Minor spelling fixes. PR: 14305 Submitted by: ume Rewritten by: ru
* Add $FreeBSD$ and spell Eklund properly.billf1999-08-291-0/+2
| | | | Approved by: brian (well, he approved adding $Id$)
* Remove all diagnostics to stdout/stderr with #ifdef DEBUGbrian1999-03-091-0/+2
| | | | Statify functions in alias_nbt.c
* Don't call PunchFWHole() ifdef NO_FW_PUNCHbrian1998-06-061-0/+2
| | | | Pointed out by: "Steve Sims" <SimsS@IBM.Net>
* Teach libalias to work with IPFW firewalls (controlled by a flag).eivind1998-01-091-1/+6
| | | | | Obtained from: Yes development tree (+ 10 lines of patches from Charles Mott, original libalias author)
* Create the alias library. This is currently only used bybrian1997-05-231-0/+220
ppp (or will be shortly). Natd can now be updated to use this library rather than carrying its own version of the code. Submitted by: Charles Mott <cmott@srv.net>
OpenPOWER on IntegriCloud