#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
1df08e90 |
|
30-Aug-2022 |
Gleb Smirnoff <glebius@FreeBSD.org> |
natd: use PF_DIVERT/SOCK_RAW instead of PF_INET/SOCK_RAW/IPPROTO_DIVERT
|
#
517373f7 |
|
24-Nov-2021 |
Mark Johnston <markj@FreeBSD.org> |
natd: Remove uneeded in_cksum.h includes MFC after: 1 week Sponsored by: The FreeBSD Foundation
|
#
f405b033 |
|
15-Sep-2016 |
Marcelo Araujo <araujo@FreeBSD.org> |
Invert calloc(3) argument order. Reviewed by: ed. MFC after: 4 weeks. Differential Revision: https://reviews.freebsd.org/D7902
|
#
6481f66b |
|
28-Jun-2016 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Do not coredump if the packet is too long in the global (non-interface associated) instance. The result is that the packet is dropped without an indication that smaller MTU is advisable, which is not optimal, but better than a NULL pointer deref. Approved by: re (glebius)
|
#
463a577b |
|
20-Oct-2015 |
Eitan Adler <eadler@FreeBSD.org> |
Fix a ton of speelling errors arc lint is helpful Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com Differential Revision: https://reviews.freebsd.org/D3337
|
#
ef02f85c |
|
25-Sep-2015 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Fix two cases where "const" were washed off pointers with strchr(3)
|
#
db702c59 |
|
21-Oct-2012 |
Eitan Adler <eadler@FreeBSD.org> |
remove duplicate semicolons where possible. Approved by: cperciva MFC after: 1 week
|
#
39893d56 |
|
19-Oct-2012 |
Ed Schouten <ed@FreeBSD.org> |
Add missing const keywords.
|
#
1efe3c6b |
|
04-Nov-2011 |
Ed Schouten <ed@FreeBSD.org> |
Add missing static keywords for global variables to tools in sbin/. These tools declare global variables without using the static keyword, even though their use is limited to a single C-file, or without placing an extern declaration of them in the proper header file.
|
#
dde269c9 |
|
18-Apr-2011 |
Maxim Sobolev <sobomax@FreeBSD.org> |
Furthermore condition IP waiting behaviour also on -dynamic flag. This should preserve POLA in all other cases (foreground || non-dynamic). MFC after: 2 weeks
|
#
74def44d |
|
18-Apr-2011 |
Maxim Sobolev <sobomax@FreeBSD.org> |
Only wait for the IP to appear on the interface if natd is running in the background. Suggested by: Garrett Cooper <yanegomi@gmail.com> Use EAGAIN instead of magic value of -2 to report this condition from the SetAliasAddressFromIfName routine. MFC after: 2 weeks
|
#
0afb958b |
|
17-Apr-2011 |
Maxim Sobolev <sobomax@FreeBSD.org> |
If we can retrieve interface address sleep for one second and try again. This can happen during start-up, when natd starts before dhclient has a chance to receive IP address from the upstream provider. MFC after: 2 weeks
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
e2b36efd |
|
29-Jan-2010 |
Antoine Brodin <antoine@FreeBSD.org> |
MFC r201145 to stable/8: (S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument. Fix some wrong usages. Note: this does not affect generated binaries as this argument is not used. PR: 137213 Submitted by: Eygene Ryabinkin (initial version)
|
#
7154ce64 |
|
17-Jan-2010 |
Ed Schouten <ed@FreeBSD.org> |
Mute some (hidden) warnings about old-style function definitions. Submitted by: Marius NĂ¼nnerich <marius nuenneri ch>
|
#
13e403fd |
|
28-Dec-2009 |
Antoine Brodin <antoine@FreeBSD.org> |
(S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument. Fix some wrong usages. Note: this does not affect generated binaries as this argument is not used. PR: 137213 Submitted by: Eygene Ryabinkin (initial version) MFC after: 1 month
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
d53fe710 |
|
06-Sep-2008 |
Roman Kurakin <rik@FreeBSD.org> |
Check rule numbers against maximum value to avoid rules cleanup due to overflow. MFC after: 5 days.
|
#
72cbe4ad |
|
22-Jun-2008 |
Alexander Motin <mav@FreeBSD.org> |
Add exit_delay parameter to control daemon exit delay after signal. PR: bin/58696 Submitted by: sp@alkor.ru
|
#
b6365f95 |
|
22-Jun-2008 |
Alexander Motin <mav@FreeBSD.org> |
Use strdup() instead of static buffer allocation to avoid 128 bytes limit on -redirect_XXX arguments length. PR: bin/86647 Submitted by: Stephen Hurd <shurd@sasktel.net>
|
#
ec95e4c2 |
|
06-Jun-2008 |
Brian Somers <brian@FreeBSD.org> |
Don't abend if we get ENOMEM from sysctl(3). The data returned is sufficient MFC after: 2 weeks
|
#
be4f3cd0 |
|
26-Sep-2006 |
Paolo Pisati <piso@FreeBSD.org> |
Summer of Code 2005: improve libalias - part 1 of 2 With the first part of my previous Summer of Code work, we get: -made libalias modular: -support for 'particular' protocols (like ftp/irc/etcetc) is no more hardcoded inside libalias, but it's available through external modules loadable at runtime -modules are available both in kernel (/boot/kernel/alias_*.ko) and user land (/lib/libalias_*) -protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp, skinny and smedia -added logging support for kernel side -cleanup After a buildworld, do a 'mergemaster -i' to install the file libalias.conf in /etc or manually copy it. During startup (and after every HUP signal) user land applications running the new libalias will try to read a file in /etc called libalias.conf: that file contains the list of modules to load. User land applications affected by this commit are ppp and natd: if libalias.conf is present in /etc you won't notice any difference. The only kernel land bit affected by this commit is ng_nat: if you are using ng_nat, and it doesn't correctly handle ftp/irc/etcetc sessions anymore, remember to kldload the correspondent module (i.e. kldload alias_ftp). General information and details about the inner working are available in the libalias man page under the section 'MODULAR ARCHITECTURE (AND ipfw(4) SUPPORT)'. NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat support will be part of the next libalias-related commit. Approved by: glebius Reviewed by: glebius, ru
|
#
48ce8ca1 |
|
02-May-2005 |
Xin LI <delphij@FreeBSD.org> |
WARNS=6 and gcc4 cleanup: - Use const where necessary - Use __unused where applicable - Rename variables that is conflicit with global definations
|
#
7cde7ca2 |
|
08-Jan-2005 |
Tom Rhodes <trhodes@FreeBSD.org> |
Remove unused variable.
|
#
22c62477 |
|
03-Jul-2004 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Give natd multi-instance capabilities. This makes it possible to do load-sharing on two xDSL lines etc.
|
#
e53f7998 |
|
10-May-2004 |
Hiten Pandya <hmp@FreeBSD.org> |
Use strlcpy(3) instead of strcpy(3). PR: 46761 Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>
|
#
0b46c085 |
|
13-Apr-2004 |
Luigi Rizzo <luigi@FreeBSD.org> |
Replace ROUNDUP/ADVANCE with SA_SIZE
|
#
b07fbc17 |
|
23-Sep-2003 |
Joe Marcus Clarke <marcus@FreeBSD.org> |
Add Cisco Skinny Station protocol support to libalias, natd, and ppp. Skinny is the protocol used by Cisco IP phones to talk to Cisco Call Managers. With this code, one can use a Cisco IP phone behind a FreeBSD NAT gateway. Currently, having the Call Manager behind the NAT gateway is not supported. More information on enabling Skinny support in libalias, natd, and ppp can be found in those applications' manpages. PR: 55843 Reviewed by: ru Approved by: ru MFC after: 30 days
|
#
b79840a6 |
|
13-Aug-2003 |
Ruslan Ermilov <ru@FreeBSD.org> |
Added an option to specify an alternate PID file. PR: bin/37159 Submitted by: "Aleksandr A. Babaylov" <.@babolo.ru>
|
#
3d23e8b8 |
|
13-Jun-2003 |
Ruslan Ermilov <ru@FreeBSD.org> |
If the -proxy_only option is used, the -alias_address/-interface options are not required. Suggested by: Vaclav Petricek MFC after: 2 weeks
|
#
29e3edcc |
|
05-Feb-2003 |
Philippe Charnier <charnier@FreeBSD.org> |
Use a more standard error message. Add FBSDID. Reviewed by: ru
|
#
9d5abbdd |
|
01-Jan-2003 |
Jens Schweikhardt <schweikh@FreeBSD.org> |
Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup, especially in troff files.
|
#
3daff242 |
|
15-Jan-2002 |
Ruslan Ermilov <ru@FreeBSD.org> |
Back out part of the revision 1.2 changes -- sendto(2) can not return ENOBUFS for unreliable protocols like divert. This should fix an issue when natd(8) keeps spamming already full dummynet(4) queues with the same packet forever. Spotted by: chkno@dork.com Explained by: luigi Reviewed by: Ari Suutari <ari.suutari@syncrontech.com> MFC after: 2 weeks
|
#
c0956cf8 |
|
27-Nov-2001 |
Ruslan Ermilov <ru@FreeBSD.org> |
Make -log_ipfw_denied active by default with -verbose. Discussed with: phk
|
#
3843533e |
|
27-Nov-2001 |
Ruslan Ermilov <ru@FreeBSD.org> |
Fixed (local) style bugs in previous revision.
|
#
84ef95bd |
|
31-Oct-2001 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Do not uselessly whine in syslog about packets denied by ipfw rules. Set 'log_ipfw_denied' option if you want the old behaviour. PR: 30255 Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk> Reviewed by: phk MFC after: 4 weeks
|
#
d782daf0 |
|
20-Jun-2001 |
Josef Karthauser <joe@FreeBSD.org> |
Revert the previous commit on objection from the maintainer. I missed that natd has a -v option that will give similar functionality. Requested by: ru
|
#
dc2ea2d8 |
|
21-Jun-2001 |
Josef Karthauser <joe@FreeBSD.org> |
When reporting that a packet can't be written back, usually because of a restrictive firewall rule, also report detail on the packet that caused the failure. MFC after: 3 days
|
#
04d06bb6 |
|
10-Jul-2000 |
Kris Kennaway <kris@FreeBSD.org> |
Don't call warn() with no format string.
|
#
bc4ebb98 |
|
27-Jun-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Added new option (-punch_fw) which allows to `punch holes' in the ipfirewall(4) for incoming FTP/IRC DCC connections. Submitted by: Rene de Vries <rene@canyon.demon.nl> Rewritten by: ru
|
#
dc1a0225 |
|
19-Jun-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Remove ``pptpalias'' since this is now done transparently by libalias(3).
|
#
b0f55af6 |
|
16-Jun-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Remove unused parameter.
|
#
11c2b3bf |
|
18-May-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Add new option (-target_addr) to control how to deal with incoming packets not associated with any pre-existing link. Submitted by: brian
|
#
4330006d |
|
03-May-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
New option: -redirect_proto.
|
#
30395bb5 |
|
30-Apr-2000 |
Josef Karthauser <joe@FreeBSD.org> |
Fixes a potential buffer overflow with the command line arguments. Submitted by: Mike Heffner <spock@techfour.net> Submitted on: audit@freebsd.org
|
#
bd690510 |
|
27-Apr-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Load Sharing using IP Network Address Translation (RFC 2391, LSNAT).
|
#
d99cc1da |
|
25-Feb-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Remove the config file line length restriction. PR: 16900 Reviewed by: "Crist J. Clark" <cjclark@home.com>, jkh Approved by: jkh
|
#
6f3dbe5e |
|
24-Jan-2000 |
Ruslan Ermilov <ru@FreeBSD.org> |
Now that kernel is capable of notifying user processes about the interface MTU change (src/sys/net/if_sl.c,v 1.83), track interface MTU with -dynamic option as well. PR: 15494
|
#
4c04fa4c |
|
13-Oct-1999 |
Ruslan Ermilov <ru@FreeBSD.org> |
ioctl -> sysctl for interface address changes. PR: 14169 Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
#
f2da55a2 |
|
28-Sep-1999 |
Ruslan Ermilov <ru@FreeBSD.org> |
Do not defer setting of the aliasing address from interface name if not operating in dynamic mode. Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
#
2e7e7c71 |
|
07-Sep-1999 |
Ruslan Ermilov <ru@FreeBSD.org> |
Config file parser changes: - Trailing spaces and empty lines are ignored. - A `#' sign will mark the remaining of the line as a comment. Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
#
cd45c931 |
|
02-Sep-1999 |
Ruslan Ermilov <ru@FreeBSD.org> |
Allow signals to interrupt system calls. Remove redundant signal() call. PR: 6676 Submitted by: luoqi Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
#
7f3dea24 |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
eed2b804 |
|
04-Jun-1999 |
Archie Cobbs <archie@FreeBSD.org> |
When incrementing through a SIOCGIFCONF list, enforce a lower limit of sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len. Otherwise the increment will be wrong in certain cases. Obtained from: Whistle source tree For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
|
#
29d97436 |
|
13-May-1999 |
Brian Somers <brian@FreeBSD.org> |
Oops - missing parenthesis
|
#
9c501140 |
|
13-May-1999 |
Brian Somers <brian@FreeBSD.org> |
/sbin/natd portrange documentation and bugfix Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua> PR: 11690 3.2 candidate ?
|
#
ebe70c8f |
|
25-Apr-1999 |
Warner Losh <imp@FreeBSD.org> |
More egcs warning fixes: o main returns int not void o use braces to avoid potentially ambiguous else Note: The fix to natd is potentially functional in nature since I used the indentation as the right thing rather than the struct semantics. Someone more familiar with the code should double check me on this one. Reviewed by: obrien and chuckr
|
#
f3d64024 |
|
30-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Disable reads on our ICMP socket. We only use it for sending. PR: 9253
|
#
902cb50a |
|
24-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Add some const-cleanliness and avoid some warnings.
|
#
5d8ee958 |
|
24-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Allow port ranges when specifying -redirect_port. Submitted by: Wes Santee <wes@bogon.net> PR: 9696
|
#
b71e869d |
|
11-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Fix a diagnostic typo Submitted by: Martin Machacek <mm@i.cz>
|
#
59a7c613 |
|
07-Mar-1999 |
Brian Somers <brian@FreeBSD.org> |
Upgrade (almost) to natd 2.0b1 - Transparent proxy support. - PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead. - Drop support for early FreeBSD 2.2 versions - If separate input & output sockets are being used use them to find out packet direction instead of normal mechanism. This can be handy in complex environments with multiple interfaces. - PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added. - Logging enhancements from Martin Machacek <mm@i.cz> added. Obtained from: Ari Suutari <ari@suutari.iki.fi>
|
#
f627793d |
|
27-Feb-1999 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make this work with the new alias library since, evidently, we're not providing the backwards-compatability routines in libalias anymore (which I think may have been a mistake).
|
#
f13f9fad |
|
27-Dec-1997 |
Alexander Langer <alex@FreeBSD.org> |
Typo/$Id$ police.
|
#
67a886fb |
|
09-Dec-1997 |
Brian Somers <brian@FreeBSD.org> |
natd 1_10 => 1_11 Cosmetic style changes Use u_short for port values. Submitted by: Ari Suutari <ari@suutari.iki.fi>
|
#
27c20503 |
|
05-Dec-1997 |
Brian Somers <brian@FreeBSD.org> |
Reverse my previous change and use htons() on an int instead of htonl() ! This results in the int a,b,c,d changing to b,a,c,d, but as it's subsequently coerced to a u_short, the ultimate answer is correct. If this isn't fixed properly soon (by the author) I'll have a look at it again. Noted by: eivind & ari@suutari.iki.fi
|
#
5ae6fac1 |
|
13-Nov-1997 |
Brian Somers <brian@FreeBSD.org> |
Use htonl() rather than htons().
|
#
0fc81af1 |
|
02-Oct-1997 |
Philippe Charnier <charnier@FreeBSD.org> |
Use err(3). Change firewall to firewall_enable in man page according to /etc/rc.conf.
|
#
f9b06d5c |
|
06-Sep-1997 |
Brian Somers <brian@FreeBSD.org> |
Ingored incoming packets are now dropped when deny_incoming option is set to yes. Submitted by: Ari Suutari <ari@suutari.iki.fi>
|
#
fb994b07 |
|
10-Aug-1997 |
Brian Somers <brian@FreeBSD.org> |
- Buffer space problem found by Sergio Lenzi <lenzi@bsi.com.br> fixed. Natd now waits with select(2) for buffer space to become available if write fails. - Packet aliasing library upgraded to 2.2. Submitted by: Ari Suutari <suutari@iki.fi>
|
#
24084f9b |
|
21-Jun-1997 |
Brian Somers <brian@FreeBSD.org> |
Bring natd into main source tree now that the pppd/natd combination works ok. Submitted by: Ari Suutari <ari.suutari@ps.carel.fi>
|