head 1.1; branch 1.1.1; access; symbols netbsd-11-0-RC4:1.1.1.2 netbsd-11-0-RC3:1.1.1.2 netbsd-11-0-RC2:1.1.1.2 netbsd-11-0-RC1:1.1.1.2 perseant-exfatfs-base-20250801:1.1.1.2 netbsd-11:1.1.1.2.0.48 netbsd-11-base:1.1.1.2 netbsd-10-1-RELEASE:1.1.1.2 perseant-exfatfs-base-20240630:1.1.1.2 perseant-exfatfs:1.1.1.2.0.46 perseant-exfatfs-base:1.1.1.2 netbsd-8-3-RELEASE:1.1.1.2 netbsd-9-4-RELEASE:1.1.1.2 netbsd-10-0-RELEASE:1.1.1.2 netbsd-10-0-RC6:1.1.1.2 netbsd-10-0-RC5:1.1.1.2 netbsd-10-0-RC4:1.1.1.2 netbsd-10-0-RC3:1.1.1.2 netbsd-10-0-RC2:1.1.1.2 netbsd-10-0-RC1:1.1.1.2 netbsd-10:1.1.1.2.0.44 netbsd-10-base:1.1.1.2 netbsd-9-3-RELEASE:1.1.1.2 cjep_sun2x-base1:1.1.1.2 cjep_sun2x:1.1.1.2.0.42 cjep_sun2x-base:1.1.1.2 cjep_staticlib_x-base1:1.1.1.2 netbsd-9-2-RELEASE:1.1.1.2 cjep_staticlib_x:1.1.1.2.0.40 cjep_staticlib_x-base:1.1.1.2 netbsd-9-1-RELEASE:1.1.1.2 phil-wifi-20200421:1.1.1.2 phil-wifi-20200411:1.1.1.2 is-mlppp:1.1.1.2.0.38 is-mlppp-base:1.1.1.2 phil-wifi-20200406:1.1.1.2 netbsd-8-2-RELEASE:1.1.1.2 netbsd-9-0-RELEASE:1.1.1.2 netbsd-9-0-RC2:1.1.1.2 netbsd-9-0-RC1:1.1.1.2 phil-wifi-20191119:1.1.1.2 netbsd-9:1.1.1.2.0.36 netbsd-9-base:1.1.1.2 phil-wifi-20190609:1.1.1.2 netbsd-8-1-RELEASE:1.1.1.2 netbsd-8-1-RC1:1.1.1.2 pgoyette-compat-merge-20190127:1.1.1.2 pgoyette-compat-20190127:1.1.1.2 pgoyette-compat-20190118:1.1.1.2 pgoyette-compat-1226:1.1.1.2 pgoyette-compat-1126:1.1.1.2 pgoyette-compat-1020:1.1.1.2 pgoyette-compat-0930:1.1.1.2 pgoyette-compat-0906:1.1.1.2 netbsd-7-2-RELEASE:1.1.1.2 pgoyette-compat-0728:1.1.1.2 netbsd-8-0-RELEASE:1.1.1.2 phil-wifi:1.1.1.2.0.34 phil-wifi-base:1.1.1.2 pgoyette-compat-0625:1.1.1.2 netbsd-8-0-RC2:1.1.1.2 pgoyette-compat-0521:1.1.1.2 pgoyette-compat-0502:1.1.1.2 pgoyette-compat-0422:1.1.1.2 netbsd-8-0-RC1:1.1.1.2 pgoyette-compat-0415:1.1.1.2 pgoyette-compat-0407:1.1.1.2 pgoyette-compat-0330:1.1.1.2 pgoyette-compat-0322:1.1.1.2 pgoyette-compat-0315:1.1.1.2 netbsd-7-1-2-RELEASE:1.1.1.2 pgoyette-compat:1.1.1.2.0.32 pgoyette-compat-base:1.1.1.2 netbsd-7-1-1-RELEASE:1.1.1.2 matt-nb8-mediatek:1.1.1.2.0.30 matt-nb8-mediatek-base:1.1.1.2 perseant-stdc-iso10646:1.1.1.2.0.28 perseant-stdc-iso10646-base:1.1.1.2 netbsd-8:1.1.1.2.0.26 netbsd-8-base:1.1.1.2 prg-localcount2-base3:1.1.1.2 prg-localcount2-base2:1.1.1.2 prg-localcount2-base1:1.1.1.2 prg-localcount2:1.1.1.2.0.24 prg-localcount2-base:1.1.1.2 pgoyette-localcount-20170426:1.1.1.2 bouyer-socketcan-base1:1.1.1.2 pgoyette-localcount-20170320:1.1.1.2 netbsd-7-1:1.1.1.2.0.22 netbsd-7-1-RELEASE:1.1.1.2 netbsd-7-1-RC2:1.1.1.2 netbsd-7-nhusb-base-20170116:1.1.1.2 bouyer-socketcan:1.1.1.2.0.20 bouyer-socketcan-base:1.1.1.2 pgoyette-localcount-20170107:1.1.1.2 netbsd-7-1-RC1:1.1.1.2 pgoyette-localcount-20161104:1.1.1.2 netbsd-7-0-2-RELEASE:1.1.1.2 localcount-20160914:1.1.1.2 netbsd-7-nhusb:1.1.1.2.0.18 netbsd-7-nhusb-base:1.1.1.2 pgoyette-localcount-20160806:1.1.1.2 pgoyette-localcount-20160726:1.1.1.2 pgoyette-localcount:1.1.1.2.0.16 pgoyette-localcount-base:1.1.1.2 netbsd-7-0-1-RELEASE:1.1.1.2 netbsd-7-0:1.1.1.2.0.14 netbsd-7-0-RELEASE:1.1.1.2 netbsd-7-0-RC3:1.1.1.2 netbsd-7-0-RC2:1.1.1.2 netbsd-7-0-RC1:1.1.1.2 netbsd-7:1.1.1.2.0.12 netbsd-7-base:1.1.1.2 yamt-pagecache-base9:1.1.1.2 yamt-pagecache-tag8:1.1.1.1.2.3 tls-earlyentropy:1.1.1.2.0.10 tls-earlyentropy-base:1.1.1.2 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.1.1.2 riastradh-drm2-base3:1.1.1.2 riastradh-drm2-base2:1.1.1.2 riastradh-drm2-base1:1.1.1.2 riastradh-drm2:1.1.1.2.0.4 riastradh-drm2-base:1.1.1.2 khorben-n900:1.1.1.2.0.8 agc-symver:1.1.1.2.0.6 agc-symver-base:1.1.1.2 yamt-pagecache-base8:1.1.1.2 yamt-pagecache-base7:1.1.1.2 yamt-pagecache-base6:1.1.1.2 tls-maxphys:1.1.1.2.0.2 tls-maxphys-base:1.1.1.2 v5-1-2:1.1.1.2 yamt-pagecache-base5:1.1.1.1 yamt-pagecache:1.1.1.1.0.2 yamt-pagecache-base4:1.1.1.1 v5-1-1:1.1.1.1 DARRENR:1.1.1; locks; strict; comment @# @; 1.1 date 2012.03.23.21.20.02; author christos; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2012.03.23.21.20.02; author christos; state Exp; branches 1.1.1.1.2.1; next 1.1.1.2; 1.1.1.2 date 2012.07.22.13.44.27; author darrenr; state Exp; branches; next ; 1.1.1.1.2.1 date 2012.03.23.21.20.02; author yamt; state dead; branches; next 1.1.1.1.2.2; 1.1.1.1.2.2 date 2012.04.17.00.03.13; author yamt; state Exp; branches; next 1.1.1.1.2.3; 1.1.1.1.2.3 date 2012.10.30.18.55.01; author yamt; state Exp; branches; next ; desc @@ 1.1 log @Initial revision @ text @*** ftp-gw.c.orig Sun Jun 22 16:27:42 1997 --- ftp-gw.c Sun Jun 22 17:02:16 1997 *************** *** 11,31 **** --- 11,41 ---- */ static char RcsId[] = "Header"; + /* + * Patches for IP Filter NAT extensions written by Darren Reed, 7/7/96 + * darrenr@@cyber.com.au + */ + static char vIpFilter[] = "v3.1.11"; #include #include #include + #include + #include #include #include #include extern int errno; + #ifdef sun extern char *sys_errlist[]; + #endif #include #include #include #include #include #include + #include extern char *rindex(); extern char *index(); *************** *** 36,41 **** --- 46,54 ---- #include "firewall.h" + #include "ip_compat.h" + #include "ip_fil.h" + #include "ip_nat.h" #ifndef BSIZ #define BSIZ 2048 *************** *** 83,88 **** --- 96,103 ---- static int cmd_noop(); static int cmd_abor(); static int cmd_passthru(); + static int nat_destination(); + static int connectdest(); static void saveline(); static void flushsaved(); static void trap_sigurg(); *************** *** 317,323 **** if(authallflg) if(say(0,"220-Proxy first requires authentication")) exit(1); ! sprintf(xuf,"220 %s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); if(say(0,xuf)) exit(1); } --- 332,341 ---- if(authallflg) if(say(0,"220-Proxy first requires authentication")) exit(1); ! sprintf(xuf,"220-%s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); ! if(say(0,xuf)) ! exit(1); ! sprintf(xuf,"220-%s TIS ftp-gw with IP Filter %s NAT extensions",huf,vIpFilter); if(say(0,xuf)) exit(1); } *************** *** 338,343 **** --- 356,363 ---- exit(1); } + nat_destination(0); + /* main loop */ while(1) { FD_ZERO(&rdy); *************** *** 608,619 **** static char narg[] = "501 Missing or extra username"; static char noad[] = "501 Use user@@site to connect via proxy"; char buf[1024]; - char mbuf[512]; char *p; char *dest; char *user; int x; - int msg_int; short port = FTPPORT; /* kludgy but effective. if authorizing everything call auth instead */ --- 628,637 ---- *************** *** 643,648 **** --- 661,687 ---- return(sayn(0,noad,sizeof(noad))); } + if((rfd == -1) && (x = connectdest(dest,port))) + return x; + sprintf(buf,"USER %s",user); + if(say(rfd,buf)) + return(1); + x = getresp(rfd,buf,sizeof(buf),1); + if(sendsaved(0,x)) + return(1); + return(say(0,buf)); + } + + static int + connectdest(dest,port) + char *dest; + short port; + { + char buf[1024]; + char mbuf[512]; + int msg_int; + int x; + if(*dest == '\0') dest = "localhost"; *************** *** 685,693 **** char ebuf[512]; strcpy(ebuf,buf); ! sprintf(buf,"521 %s: %s",dest,ebuf); return(say(0,buf)); } sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); saveline(buf); --- 724,733 ---- char ebuf[512]; strcpy(ebuf,buf); ! sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf); return(say(0,buf)); } + sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); saveline(buf); *************** *** 698,711 **** return(say(0,buf)); } saveline(buf); ! ! sprintf(buf,"USER %s",user); ! if(say(rfd,buf)) ! return(1); ! x = getresp(rfd,buf,sizeof(buf),1); ! if(sendsaved(0,x)) ! return(1); ! return(say(0,buf)); } --- 738,745 ---- return(say(0,buf)); } saveline(buf); ! sendsaved(0,-1); ! return 0; } *************** *** 1591,1593 **** --- 1625,1671 ---- dup(nread); } #endif + + + static int + nat_destination(fd) + int fd; + { + struct sockaddr_in laddr, faddr; + struct natlookup natlookup; + char *dest; + int slen, natfd; + + bzero((char *)&laddr, sizeof(laddr)); + bzero((char *)&faddr, sizeof(faddr)); + slen = sizeof(laddr); + if(getsockname(fd,(struct sockaddr *)&laddr,&slen) < 0) { + perror("getsockname"); + exit(1); + } + slen = sizeof(faddr); + if(getpeername(fd,(struct sockaddr *)&faddr,&slen) < 0) { + perror("getsockname"); + exit(1); + } + + natlookup.nl_inport = laddr.sin_port; + natlookup.nl_outport = faddr.sin_port; + natlookup.nl_inip = laddr.sin_addr; + natlookup.nl_outip = faddr.sin_addr; + natlookup.nl_flags = IPN_TCP; + if((natfd = open(IPL_NAT, O_RDONLY)) < 0) { + perror("open"); + exit(1); + } + if(ioctl(natfd, SIOCGNATL, &natlookup) == -1) { + syslog(LOG_ERR, "SIOCGNATL failed: %m\n"); + close(natfd); + if(say(0,"220 Ready")) + exit(1); + return 0; + } + close(natfd); + return connectdest(inet_ntoa(natlookup.nl_realip), + ntohs(natlookup.nl_realport)); + } @ 1.1.1.1 log @import 5.1.1 @ text @@ 1.1.1.2 log @Import IPFilter 5.1.2 @ text @d7 1 a7 1 static char RcsId[] = "$Header$"; @ 1.1.1.1.2.1 log @file ftp-gw.diff was added on branch yamt-pagecache on 2012-04-17 00:03:13 +0000 @ text @d1 232 @ 1.1.1.1.2.2 log @sync with head @ text @a0 232 *** ftp-gw.c.orig Sun Jun 22 16:27:42 1997 --- ftp-gw.c Sun Jun 22 17:02:16 1997 *************** *** 11,31 **** --- 11,41 ---- */ static char RcsId[] = "Header"; + /* + * Patches for IP Filter NAT extensions written by Darren Reed, 7/7/96 + * darrenr@@cyber.com.au + */ + static char vIpFilter[] = "v3.1.11"; #include #include #include + #include + #include #include #include #include extern int errno; + #ifdef sun extern char *sys_errlist[]; + #endif #include #include #include #include #include #include + #include extern char *rindex(); extern char *index(); *************** *** 36,41 **** --- 46,54 ---- #include "firewall.h" + #include "ip_compat.h" + #include "ip_fil.h" + #include "ip_nat.h" #ifndef BSIZ #define BSIZ 2048 *************** *** 83,88 **** --- 96,103 ---- static int cmd_noop(); static int cmd_abor(); static int cmd_passthru(); + static int nat_destination(); + static int connectdest(); static void saveline(); static void flushsaved(); static void trap_sigurg(); *************** *** 317,323 **** if(authallflg) if(say(0,"220-Proxy first requires authentication")) exit(1); ! sprintf(xuf,"220 %s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); if(say(0,xuf)) exit(1); } --- 332,341 ---- if(authallflg) if(say(0,"220-Proxy first requires authentication")) exit(1); ! sprintf(xuf,"220-%s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); ! if(say(0,xuf)) ! exit(1); ! sprintf(xuf,"220-%s TIS ftp-gw with IP Filter %s NAT extensions",huf,vIpFilter); if(say(0,xuf)) exit(1); } *************** *** 338,343 **** --- 356,363 ---- exit(1); } + nat_destination(0); + /* main loop */ while(1) { FD_ZERO(&rdy); *************** *** 608,619 **** static char narg[] = "501 Missing or extra username"; static char noad[] = "501 Use user@@site to connect via proxy"; char buf[1024]; - char mbuf[512]; char *p; char *dest; char *user; int x; - int msg_int; short port = FTPPORT; /* kludgy but effective. if authorizing everything call auth instead */ --- 628,637 ---- *************** *** 643,648 **** --- 661,687 ---- return(sayn(0,noad,sizeof(noad))); } + if((rfd == -1) && (x = connectdest(dest,port))) + return x; + sprintf(buf,"USER %s",user); + if(say(rfd,buf)) + return(1); + x = getresp(rfd,buf,sizeof(buf),1); + if(sendsaved(0,x)) + return(1); + return(say(0,buf)); + } + + static int + connectdest(dest,port) + char *dest; + short port; + { + char buf[1024]; + char mbuf[512]; + int msg_int; + int x; + if(*dest == '\0') dest = "localhost"; *************** *** 685,693 **** char ebuf[512]; strcpy(ebuf,buf); ! sprintf(buf,"521 %s: %s",dest,ebuf); return(say(0,buf)); } sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); saveline(buf); --- 724,733 ---- char ebuf[512]; strcpy(ebuf,buf); ! sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf); return(say(0,buf)); } + sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); saveline(buf); *************** *** 698,711 **** return(say(0,buf)); } saveline(buf); ! ! sprintf(buf,"USER %s",user); ! if(say(rfd,buf)) ! return(1); ! x = getresp(rfd,buf,sizeof(buf),1); ! if(sendsaved(0,x)) ! return(1); ! return(say(0,buf)); } --- 738,745 ---- return(say(0,buf)); } saveline(buf); ! sendsaved(0,-1); ! return 0; } *************** *** 1591,1593 **** --- 1625,1671 ---- dup(nread); } #endif + + + static int + nat_destination(fd) + int fd; + { + struct sockaddr_in laddr, faddr; + struct natlookup natlookup; + char *dest; + int slen, natfd; + + bzero((char *)&laddr, sizeof(laddr)); + bzero((char *)&faddr, sizeof(faddr)); + slen = sizeof(laddr); + if(getsockname(fd,(struct sockaddr *)&laddr,&slen) < 0) { + perror("getsockname"); + exit(1); + } + slen = sizeof(faddr); + if(getpeername(fd,(struct sockaddr *)&faddr,&slen) < 0) { + perror("getsockname"); + exit(1); + } + + natlookup.nl_inport = laddr.sin_port; + natlookup.nl_outport = faddr.sin_port; + natlookup.nl_inip = laddr.sin_addr; + natlookup.nl_outip = faddr.sin_addr; + natlookup.nl_flags = IPN_TCP; + if((natfd = open(IPL_NAT, O_RDONLY)) < 0) { + perror("open"); + exit(1); + } + if(ioctl(natfd, SIOCGNATL, &natlookup) == -1) { + syslog(LOG_ERR, "SIOCGNATL failed: %m\n"); + close(natfd); + if(say(0,"220 Ready")) + exit(1); + return 0; + } + close(natfd); + return connectdest(inet_ntoa(natlookup.nl_realip), + ntohs(natlookup.nl_realport)); + } @ 1.1.1.1.2.3 log @sync with head @ text @d7 1 a7 1 static char RcsId[] = "$Header$"; @