From: brian Date: Fri, 31 Mar 2000 14:32:50 +0000 (+0000) Subject: Add the ``nat target'' command. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ff635f8ccc0ceebd0ec2d5e0142dd04784ebb91f;p=openbsd Add the ``nat target'' command. --- diff --git a/usr.sbin/ppp/ppp/command.c b/usr.sbin/ppp/ppp/command.c index 7a4dc049cc2..93dfb40f866 100644 --- a/usr.sbin/ppp/ppp/command.c +++ b/usr.sbin/ppp/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $OpenBSD: command.c,v 1.39 2000/03/19 10:33:32 brian Exp $ + * $OpenBSD: command.c,v 1.40 2000/03/31 14:32:50 brian Exp $ * */ #include @@ -172,8 +172,8 @@ static int IfaceDeleteCommand(struct cmdargs const *); static int IfaceClearCommand(struct cmdargs const *); static int SetProcTitle(struct cmdargs const *); #ifndef NONAT -static int AliasEnable(struct cmdargs const *); -static int AliasOption(struct cmdargs const *); +static int NatEnable(struct cmdargs const *); +static int NatOption(struct cmdargs const *); #endif static const char * @@ -582,36 +582,37 @@ ResolvCommand(struct cmdargs const *arg) } #ifndef NONAT -static struct cmdtab const AliasCommands[] = +static struct cmdtab const NatCommands[] = { {"addr", NULL, nat_RedirectAddr, LOCAL_AUTH, "static address translation", "nat addr [addr_local addr_alias]"}, - {"deny_incoming", NULL, AliasOption, LOCAL_AUTH, + {"deny_incoming", NULL, NatOption, LOCAL_AUTH, "stop incoming connections", "nat deny_incoming yes|no", (const void *) PKT_ALIAS_DENY_INCOMING}, - {"enable", NULL, AliasEnable, LOCAL_AUTH, + {"enable", NULL, NatEnable, LOCAL_AUTH, "enable NAT", "nat enable yes|no"}, - {"log", NULL, AliasOption, LOCAL_AUTH, + {"log", NULL, NatOption, LOCAL_AUTH, "log NAT link creation", "nat log yes|no", (const void *) PKT_ALIAS_LOG}, {"port", NULL, nat_RedirectPort, LOCAL_AUTH, "port redirection", "nat port proto localaddr:port[-port] aliasport[-aliasport]"}, - {"pptp", NULL, nat_Pptp, LOCAL_AUTH, - "Set the PPTP address", "nat pptp IP"}, + {"pptp", NULL, nat_Pptp, LOCAL_AUTH, "Set the PPTP address", "nat pptp IP"}, {"proxy", NULL, nat_ProxyRule, LOCAL_AUTH, "proxy control", "nat proxy server host[:port] ..."}, - {"same_ports", NULL, AliasOption, LOCAL_AUTH, + {"same_ports", NULL, NatOption, LOCAL_AUTH, "try to leave port numbers unchanged", "nat same_ports yes|no", (const void *) PKT_ALIAS_SAME_PORTS}, - {"unregistered_only", NULL, AliasOption, LOCAL_AUTH, + {"target", NULL, nat_SetTarget, LOCAL_AUTH, + "Default address for incoming connections", "nat target addr" }, + {"unregistered_only", NULL, NatOption, LOCAL_AUTH, "translate unregistered (private) IP address space only", "nat unregistered_only yes|no", (const void *) PKT_ALIAS_UNREGISTERED_ONLY}, - {"use_sockets", NULL, AliasOption, LOCAL_AUTH, + {"use_sockets", NULL, NatOption, LOCAL_AUTH, "allocate host sockets", "nat use_sockets yes|no", (const void *) PKT_ALIAS_USE_SOCKETS}, {"help", "?", HelpCommand, LOCAL_AUTH | LOCAL_NO_AUTH, - "Display this message", "nat help|? [command]", AliasCommands}, + "Display this message", "nat help|? [command]", NatCommands}, {NULL, NULL, NULL}, }; #endif @@ -688,7 +689,7 @@ static struct cmdtab const Commands[] = { "Load settings", "load [system ...]"}, #ifndef NONAT {"nat", "alias", RunListCommand, LOCAL_AUTH, - "NAT control", "nat option yes|no", AliasCommands}, + "NAT control", "nat option yes|no", NatCommands}, #endif {"open", NULL, OpenCommand, LOCAL_AUTH | LOCAL_CX_OPT, "Open an FSM", "open! [lcp|ccp|ipcp]", (void *)1}, @@ -2129,7 +2130,7 @@ DeleteCommand(struct cmdargs const *arg) #ifndef NONAT static int -AliasEnable(struct cmdargs const *arg) +NatEnable(struct cmdargs const *arg) { if (arg->argc == arg->argn+1) { if (strcasecmp(arg->argv[arg->argn], "yes") == 0) { @@ -2152,7 +2153,7 @@ AliasEnable(struct cmdargs const *arg) static int -AliasOption(struct cmdargs const *arg) +NatOption(struct cmdargs const *arg) { long param = (long)arg->cmd->args; diff --git a/usr.sbin/ppp/ppp/nat_cmd.c b/usr.sbin/ppp/ppp/nat_cmd.c index 702decfc9a0..f91ad38e633 100644 --- a/usr.sbin/ppp/ppp/nat_cmd.c +++ b/usr.sbin/ppp/ppp/nat_cmd.c @@ -2,7 +2,7 @@ * The code in this file was written by Eivind Eklund , * who places it in the public domain without restriction. * - * $OpenBSD: nat_cmd.c,v 1.8 2000/03/29 09:32:37 brian Exp $ + * $OpenBSD: nat_cmd.c,v 1.9 2000/03/31 14:32:51 brian Exp $ */ #include @@ -339,6 +339,30 @@ nat_Pptp(struct cmdargs const *arg) return 0; } +int +nat_SetTarget(struct cmdargs const *arg) +{ + struct in_addr addr; + + if (arg->argc == arg->argn) { + addr.s_addr = INADDR_ANY; + PacketAliasSetTarget(addr); + return 0; + } + + if (arg->argc != arg->argn + 1) + return -1; + + addr = GetIpAddr(arg->argv[arg->argn]); + if (addr.s_addr == INADDR_NONE) { + log_Printf(LogWARN, "%s: invalid address\n", arg->argv[arg->argn]); + return 1; + } + + PacketAliasSetTarget(addr); + return 0; +} + static struct mbuf * nat_LayerPush(struct bundle *bundle, struct link *l, struct mbuf *bp, int pri, u_short *proto) diff --git a/usr.sbin/ppp/ppp/nat_cmd.h b/usr.sbin/ppp/ppp/nat_cmd.h index 5ebaa6a6f79..fd2fef404a6 100644 --- a/usr.sbin/ppp/ppp/nat_cmd.h +++ b/usr.sbin/ppp/ppp/nat_cmd.h @@ -2,7 +2,7 @@ * The code in this file was written by Eivind Eklund , * who places it in the public domain without restriction. * - * $OpenBSD: nat_cmd.h,v 1.2 2000/02/27 01:38:27 brian Exp $ + * $OpenBSD: nat_cmd.h,v 1.3 2000/03/31 14:32:51 brian Exp $ */ struct cmdargs; @@ -11,5 +11,6 @@ extern int nat_RedirectPort(struct cmdargs const *); extern int nat_RedirectAddr(struct cmdargs const *); extern int nat_ProxyRule(struct cmdargs const *); extern int nat_Pptp(struct cmdargs const *); +extern int nat_SetTarget(struct cmdargs const *); extern struct layer natlayer; diff --git a/usr.sbin/ppp/ppp/ppp.8 b/usr.sbin/ppp/ppp/ppp.8 index 371764b1952..e9f98950e37 100644 --- a/usr.sbin/ppp/ppp/ppp.8 +++ b/usr.sbin/ppp/ppp/ppp.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ppp.8,v 1.81 2000/03/19 17:57:11 aaron Exp $ +.\" $OpenBSD: ppp.8,v 1.82 2000/03/31 14:32:51 brian Exp $ .Dd 20 September 1995 .nr XX \w'\fC00' .Dt PPP 8 @@ -3183,6 +3183,11 @@ attempt to avoid changing the port number on outgoing packets. This is useful if you want to support protocols such as RPC and LPD which require connections to come from a well known port. +.It nat target Op Ar address +Set the given target address or clear it if no address is given. The target +address is used by libalias to specify how to NAT incoming packets by default. +If a target address is not set, the alias address (that of the tun interface) +is used. .It nat use_sockets yes|no When enabled, this option tells the network address translation engine to create a socket so that it can guarantee a correct incoming ftp data or