From 1e594f519a113ba624c1b2ef3271eecf437850e7 Mon Sep 17 00:00:00 2001 From: ru Date: Wed, 3 May 2000 15:06:45 +0000 Subject: New option: -redirect_proto. --- sbin/natd/natd.8 | 22 +++++++++++++++++- sbin/natd/natd.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+), 1 deletion(-) (limited to 'sbin/natd') diff --git a/sbin/natd/natd.8 b/sbin/natd/natd.8 index 1feabd1..b6cedee 100644 --- a/sbin/natd/natd.8 +++ b/sbin/natd/natd.8 @@ -35,6 +35,7 @@ Network Address Translation Daemon .Op Fl interface Ar interface .Op Fl config Ar configfile .Op Fl redirect_port Ar linkspec +.Op Fl redirect_proto Ar linkspec .Op Fl redirect_address Ar linkspec .Op Fl reverse .Op Fl proxy_only @@ -139,7 +140,26 @@ be sent to the telnet port on the inside1 machine. will redirect incoming connections on ports 3300-3399 to host inside2, ports 2300-2399. The mapping is 1:1 meaning port 3300 maps to 2300, 3301 maps to 2301, etc. - +.It Fl redirect_proto Ar proto localIP Xo +.Op Ar publicIP Op Ar remoteIP +.Xc +Redirect incoming IP packets of protocol +.Ar proto +.Pq see Xr protocols 5 +destined for +.Ar publicIP +address to a +.Ar localIP +address and vice versa. +.Pp +If +.Ar publicIP +is not specified, then the default aliasing address is used. +If +.Ar remoteIP +is specified, then only packets coming from/to +.Ar remoteIP +will match the rule. .It Fl redirect_address Ar localIP publicIP Redirect traffic for public IP address to a machine on the local network. diff --git a/sbin/natd/natd.c b/sbin/natd/natd.c index c03a7ae..6bb3584 100644 --- a/sbin/natd/natd.c +++ b/sbin/natd/natd.c @@ -89,6 +89,7 @@ static void RefreshAddr (int); static void ParseOption (const char* option, const char* parms, int cmdLine); static void ReadConfigFile (const char* fileName); static void SetupPortRedirect (const char* parms); +static void SetupProtoRedirect(const char* parms); static void SetupAddressRedirect (const char* parms); static void SetupPptpAlias (const char* parms); static void StrToAddr (const char* str, struct in_addr* addr); @@ -861,6 +862,7 @@ enum Option { AliasAddress, InterfaceName, RedirectPort, + RedirectProto, RedirectAddress, ConfigFile, DynamicMode, @@ -1031,6 +1033,14 @@ static struct OptionInfo optionTable[] = { "redirect_port", NULL }, + { RedirectProto, + 0, + String, + "proto local_addr [public_addr] [remote_addr]", + "redirect packets of a given proto", + "redirect_proto", + NULL }, + { RedirectAddress, 0, String, @@ -1200,6 +1210,10 @@ static void ParseOption (const char* option, const char* parms, int cmdLine) SetupPortRedirect (strValue); break; + case RedirectProto: + SetupProtoRedirect(strValue); + break; + case RedirectAddress: SetupAddressRedirect (strValue); break; @@ -1488,6 +1502,62 @@ void SetupPortRedirect (const char* parms) } } +void +SetupProtoRedirect(const char* parms) +{ + char buf[128]; + char* ptr; + struct in_addr localAddr; + struct in_addr publicAddr; + struct in_addr remoteAddr; + int proto; + char* protoName; + struct protoent *protoent; + + strcpy (buf, parms); +/* + * Extract protocol. + */ + protoName = strtok(buf, " \t"); + if (!protoName) + errx(1, "redirect_proto: missing protocol"); + + protoent = getprotobyname(protoName); + if (protoent == NULL) + errx(1, "redirect_proto: unknown protocol %s", protoName); + else + proto = protoent->p_proto; +/* + * Extract local address. + */ + ptr = strtok(NULL, " \t"); + if (!ptr) + errx(1, "redirect_proto: missing local address"); + else + StrToAddr(ptr, &localAddr); +/* + * Extract optional public address. + */ + ptr = strtok(NULL, " \t"); + if (ptr) + StrToAddr(ptr, &publicAddr); + else + publicAddr.s_addr = INADDR_ANY; +/* + * Extract optional remote address. + */ + ptr = strtok(NULL, " \t"); + if (ptr) + StrToAddr(ptr, &remoteAddr); + else + remoteAddr.s_addr = INADDR_ANY; +/* + * Create aliasing link. + */ + (void)PacketAliasRedirectProto(localAddr, remoteAddr, publicAddr, + proto); +} + void SetupAddressRedirect (const char* parms) { char buf[128]; -- cgit v1.1