ipf.c revision 1.1.2.1
1 1.1.2.1 peter /* $NetBSD: ipf.c,v 1.1.2.1 2008/05/25 17:51:13 peter Exp $ */ 2 1.1.2.1 peter 3 1.1.2.1 peter /* 4 1.1.2.1 peter * Copyright (c) 2004, 2008 The NetBSD Foundation, Inc. 5 1.1.2.1 peter * All rights reserved. 6 1.1.2.1 peter * 7 1.1.2.1 peter * Redistribution and use in source and binary forms, with or without 8 1.1.2.1 peter * modification, are permitted provided that the following conditions 9 1.1.2.1 peter * are met: 10 1.1.2.1 peter * 1. Redistributions of source code must retain the above copyright 11 1.1.2.1 peter * notice, this list of conditions and the following disclaimer. 12 1.1.2.1 peter * 2. Redistributions in binary form must reproduce the above copyright 13 1.1.2.1 peter * notice, this list of conditions and the following disclaimer in the 14 1.1.2.1 peter * documentation and/or other materials provided with the distribution. 15 1.1.2.1 peter * 16 1.1.2.1 peter * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 1.1.2.1 peter * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 1.1.2.1 peter * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 1.1.2.1 peter * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 1.1.2.1 peter * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 1.1.2.1 peter * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 1.1.2.1 peter * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 1.1.2.1 peter * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 1.1.2.1 peter * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 1.1.2.1 peter * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 1.1.2.1 peter * POSSIBILITY OF SUCH DAMAGE. 27 1.1.2.1 peter */ 28 1.1.2.1 peter 29 1.1.2.1 peter #include <sys/param.h> 30 1.1.2.1 peter #include <sys/types.h> 31 1.1.2.1 peter #include <sys/socket.h> 32 1.1.2.1 peter #include <sys/ioctl.h> 33 1.1.2.1 peter #include <sys/file.h> 34 1.1.2.1 peter 35 1.1.2.1 peter #include <net/if.h> 36 1.1.2.1 peter 37 1.1.2.1 peter #include <netinet/in.h> 38 1.1.2.1 peter #include <netinet/in_systm.h> 39 1.1.2.1 peter #include <netinet/ip_compat.h> 40 1.1.2.1 peter #include <netinet/ipl.h> 41 1.1.2.1 peter #include <netinet/ip_fil.h> 42 1.1.2.1 peter #include <netinet/ip_nat.h> 43 1.1.2.1 peter 44 1.1.2.1 peter #include <arpa/inet.h> 45 1.1.2.1 peter 46 1.1.2.1 peter #include <err.h> 47 1.1.2.1 peter #include <errno.h> 48 1.1.2.1 peter #include <stdio.h> 49 1.1.2.1 peter #include <stdlib.h> 50 1.1.2.1 peter #include <string.h> 51 1.1.2.1 peter #include <unistd.h> 52 1.1.2.1 peter 53 1.1.2.1 peter #include "ipf.h" 54 1.1.2.1 peter 55 1.1.2.1 peter /* From netinet/in.h, but only _KERNEL_ gets them. */ 56 1.1.2.1 peter #define satosin(sa) ((struct sockaddr_in *)(sa)) 57 1.1.2.1 peter #define satosin6(sa) ((struct sockaddr_in6 *)(sa)) 58 1.1.2.1 peter 59 1.1.2.1 peter static int natfd; 60 1.1.2.1 peter const char *netif; 61 1.1.2.1 peter 62 1.1.2.1 peter struct ftp_proxy_nat { 63 1.1.2.1 peter struct ipnat ipn; 64 1.1.2.1 peter LIST_ENTRY(ftp_proxy_nat) link; 65 1.1.2.1 peter }; 66 1.1.2.1 peter 67 1.1.2.1 peter struct ftp_proxy_entry { 68 1.1.2.1 peter u_int32_t id; 69 1.1.2.1 peter char proxy_tag[IPFTAG_LEN]; 70 1.1.2.1 peter int status; 71 1.1.2.1 peter LIST_HEAD(, ftp_proxy_nat) nat_entries; 72 1.1.2.1 peter LIST_ENTRY(ftp_proxy_entry) link; 73 1.1.2.1 peter }; 74 1.1.2.1 peter 75 1.1.2.1 peter LIST_HEAD(, ftp_proxy_entry) ftp_proxy_entries = 76 1.1.2.1 peter LIST_HEAD_INITIALIZER(ftp_proxy_entries); 77 1.1.2.1 peter 78 1.1.2.1 peter static struct ftp_proxy_entry * 79 1.1.2.1 peter ftp_proxy_entry_create(u_int32_t id) 80 1.1.2.1 peter { 81 1.1.2.1 peter struct ftp_proxy_entry *fpe; 82 1.1.2.1 peter int rv; 83 1.1.2.1 peter 84 1.1.2.1 peter fpe = malloc(sizeof(*fpe)); 85 1.1.2.1 peter if (fpe == NULL) 86 1.1.2.1 peter return (NULL); 87 1.1.2.1 peter 88 1.1.2.1 peter fpe->id = id; 89 1.1.2.1 peter fpe->status = 0; 90 1.1.2.1 peter 91 1.1.2.1 peter rv = snprintf(fpe->proxy_tag, sizeof(fpe->proxy_tag), "ftp_%d", id); 92 1.1.2.1 peter if (rv == -1 || rv >= sizeof(fpe->proxy_tag)) { 93 1.1.2.1 peter free(fpe); 94 1.1.2.1 peter errno = EINVAL; 95 1.1.2.1 peter return (NULL); 96 1.1.2.1 peter } 97 1.1.2.1 peter LIST_INIT(&fpe->nat_entries); 98 1.1.2.1 peter LIST_INSERT_HEAD(&ftp_proxy_entries, fpe, link); 99 1.1.2.1 peter 100 1.1.2.1 peter return (fpe); 101 1.1.2.1 peter } 102 1.1.2.1 peter 103 1.1.2.1 peter static void 104 1.1.2.1 peter ftp_proxy_entry_remove(struct ftp_proxy_entry *fpe) 105 1.1.2.1 peter { 106 1.1.2.1 peter struct ftp_proxy_nat *fpn; 107 1.1.2.1 peter 108 1.1.2.1 peter while ((fpn = LIST_FIRST(&fpe->nat_entries)) != NULL) { 109 1.1.2.1 peter LIST_REMOVE(fpn, link); 110 1.1.2.1 peter free(fpn); 111 1.1.2.1 peter } 112 1.1.2.1 peter 113 1.1.2.1 peter LIST_REMOVE(fpe, link); 114 1.1.2.1 peter free(fpe); 115 1.1.2.1 peter } 116 1.1.2.1 peter 117 1.1.2.1 peter static struct ftp_proxy_entry * 118 1.1.2.1 peter ftp_proxy_entry_find(u_int32_t id) 119 1.1.2.1 peter { 120 1.1.2.1 peter struct ftp_proxy_entry *fpe; 121 1.1.2.1 peter 122 1.1.2.1 peter LIST_FOREACH(fpe, &ftp_proxy_entries, link) { 123 1.1.2.1 peter if (fpe->id == id) { 124 1.1.2.1 peter return fpe; 125 1.1.2.1 peter } 126 1.1.2.1 peter } 127 1.1.2.1 peter return NULL; 128 1.1.2.1 peter } 129 1.1.2.1 peter 130 1.1.2.1 peter static int 131 1.1.2.1 peter ftp_proxy_entry_add_nat(struct ftp_proxy_entry *fpe, ipnat_t ipn) 132 1.1.2.1 peter { 133 1.1.2.1 peter struct ftp_proxy_nat *fpn; 134 1.1.2.1 peter 135 1.1.2.1 peter fpn = malloc(sizeof(*fpn)); 136 1.1.2.1 peter if (fpn == NULL) 137 1.1.2.1 peter return (-1); 138 1.1.2.1 peter 139 1.1.2.1 peter memcpy(&fpn->ipn, &ipn, sizeof(fpn->ipn)); 140 1.1.2.1 peter LIST_INSERT_HEAD(&fpe->nat_entries, fpn, link); 141 1.1.2.1 peter 142 1.1.2.1 peter return (0); 143 1.1.2.1 peter } 144 1.1.2.1 peter 145 1.1.2.1 peter static int 146 1.1.2.1 peter ipfilter_add_nat(ipnat_t ipn) 147 1.1.2.1 peter { 148 1.1.2.1 peter ipfobj_t obj; 149 1.1.2.1 peter 150 1.1.2.1 peter memset(&obj, 0, sizeof(obj)); 151 1.1.2.1 peter obj.ipfo_rev = IPFILTER_VERSION; 152 1.1.2.1 peter obj.ipfo_size = sizeof(ipn); 153 1.1.2.1 peter obj.ipfo_type = IPFOBJ_IPNAT; 154 1.1.2.1 peter obj.ipfo_ptr = &ipn; 155 1.1.2.1 peter 156 1.1.2.1 peter return ioctl(natfd, SIOCADNAT, &obj); 157 1.1.2.1 peter } 158 1.1.2.1 peter 159 1.1.2.1 peter static int 160 1.1.2.1 peter ipfilter_remove_nat(ipnat_t ipn) 161 1.1.2.1 peter { 162 1.1.2.1 peter ipfobj_t obj; 163 1.1.2.1 peter 164 1.1.2.1 peter memset(&obj, 0, sizeof(obj)); 165 1.1.2.1 peter obj.ipfo_rev = IPFILTER_VERSION; 166 1.1.2.1 peter obj.ipfo_size = sizeof(ipn); 167 1.1.2.1 peter obj.ipfo_type = IPFOBJ_IPNAT; 168 1.1.2.1 peter obj.ipfo_ptr = &ipn; 169 1.1.2.1 peter 170 1.1.2.1 peter return ioctl(natfd, SIOCRMNAT, &obj); 171 1.1.2.1 peter } 172 1.1.2.1 peter 173 1.1.2.1 peter int 174 1.1.2.1 peter ipf_add_filter(u_int32_t id, u_int8_t dir, struct sockaddr *src, 175 1.1.2.1 peter struct sockaddr *dst, u_int16_t d_port) 176 1.1.2.1 peter { 177 1.1.2.1 peter 178 1.1.2.1 peter if (!src || !dst || !d_port) { 179 1.1.2.1 peter errno = EINVAL; 180 1.1.2.1 peter return (-1); 181 1.1.2.1 peter } 182 1.1.2.1 peter 183 1.1.2.1 peter /* TODO */ 184 1.1.2.1 peter 185 1.1.2.1 peter return (0); 186 1.1.2.1 peter } 187 1.1.2.1 peter 188 1.1.2.1 peter int 189 1.1.2.1 peter ipf_add_nat(u_int32_t id, struct sockaddr *src, struct sockaddr *dst, 190 1.1.2.1 peter u_int16_t d_port, struct sockaddr *snat, u_int16_t nat_range_low, 191 1.1.2.1 peter u_int16_t nat_range_high) 192 1.1.2.1 peter { 193 1.1.2.1 peter 194 1.1.2.1 peter /* TODO */ 195 1.1.2.1 peter 196 1.1.2.1 peter return (0); 197 1.1.2.1 peter } 198 1.1.2.1 peter 199 1.1.2.1 peter int 200 1.1.2.1 peter ipf_add_rdr(u_int32_t id, struct sockaddr *src, struct sockaddr *dst, 201 1.1.2.1 peter u_int16_t d_port, struct sockaddr *rdr, u_int16_t rdr_port) 202 1.1.2.1 peter { 203 1.1.2.1 peter struct ftp_proxy_entry *fpe = ftp_proxy_entry_find(id); 204 1.1.2.1 peter ipnat_t ipn; 205 1.1.2.1 peter 206 1.1.2.1 peter if (fpe == NULL) { 207 1.1.2.1 peter errno = ENOENT; 208 1.1.2.1 peter return (-1); 209 1.1.2.1 peter } 210 1.1.2.1 peter 211 1.1.2.1 peter if (!src || !dst || !d_port || !rdr || !rdr_port || 212 1.1.2.1 peter (src->sa_family != rdr->sa_family)) { 213 1.1.2.1 peter errno = EINVAL; 214 1.1.2.1 peter return (-1); 215 1.1.2.1 peter } 216 1.1.2.1 peter 217 1.1.2.1 peter memset(&ipn, 0, sizeof(ipn)); 218 1.1.2.1 peter ipn.in_redir = NAT_REDIRECT; 219 1.1.2.1 peter ipn.in_v = 4; 220 1.1.2.1 peter ipn.in_outip = satosin(dst)->sin_addr.s_addr; 221 1.1.2.1 peter ipn.in_outmsk = 0xffffffff; 222 1.1.2.1 peter strlcpy(ipn.in_ifnames[0], netif, sizeof(ipn.in_ifnames[0])); 223 1.1.2.1 peter strlcpy(ipn.in_ifnames[1], netif, sizeof(ipn.in_ifnames[1])); 224 1.1.2.1 peter ipn.in_pmin = htons(d_port); 225 1.1.2.1 peter ipn.in_pmax = htons(d_port); 226 1.1.2.1 peter ipn.in_inip = satosin(rdr)->sin_addr.s_addr; 227 1.1.2.1 peter ipn.in_inmsk = 0xffffffff; 228 1.1.2.1 peter ipn.in_pnext = htons(rdr_port); 229 1.1.2.1 peter ipn.in_flags = IPN_FIXEDDPORT | IPN_TCP; 230 1.1.2.1 peter strlcpy(ipn.in_tag.ipt_tag, fpe->proxy_tag, sizeof(ipn.in_tag.ipt_tag)); 231 1.1.2.1 peter 232 1.1.2.1 peter if (ipfilter_add_nat(ipn) == -1) 233 1.1.2.1 peter return (-1); 234 1.1.2.1 peter 235 1.1.2.1 peter if (ftp_proxy_entry_add_nat(fpe, ipn) == -1) 236 1.1.2.1 peter return (-1); 237 1.1.2.1 peter 238 1.1.2.1 peter fpe->status = 1; 239 1.1.2.1 peter 240 1.1.2.1 peter return (0); 241 1.1.2.1 peter } 242 1.1.2.1 peter 243 1.1.2.1 peter #if 0 244 1.1.2.1 peter int 245 1.1.2.1 peter ipf_add_rdr(u_int32_t id, struct sockaddr *src, struct sockaddr *dst, 246 1.1.2.1 peter u_int16_t d_port, struct sockaddr *rdr, u_int16_t rdr_port) 247 1.1.2.1 peter { 248 1.1.2.1 peter u_32_t sum1, sum2, sumd; 249 1.1.2.1 peter int onoff, error; 250 1.1.2.1 peter nat_save_t ns; 251 1.1.2.1 peter ipfobj_t obj; 252 1.1.2.1 peter nat_t *nat; 253 1.1.2.1 peter 254 1.1.2.1 peter if (!src || !dst || !d_port || !rdr || !rdr_port || 255 1.1.2.1 peter (src->sa_family != rdr->sa_family)) { 256 1.1.2.1 peter errno = EINVAL; 257 1.1.2.1 peter return (-1); 258 1.1.2.1 peter } 259 1.1.2.1 peter 260 1.1.2.1 peter memset(&ns, 0, sizeof(ns)); 261 1.1.2.1 peter 262 1.1.2.1 peter nat = &ns.ipn_nat; 263 1.1.2.1 peter nat->nat_p = IPPROTO_TCP; 264 1.1.2.1 peter nat->nat_dir = NAT_OUTBOUND; 265 1.1.2.1 peter nat->nat_redir = NAT_REDIRECT; 266 1.1.2.1 peter strlcpy(nat->nat_ifnames[0], netif, sizeof(nat->nat_ifnames[0])); 267 1.1.2.1 peter strlcpy(nat->nat_ifnames[1], netif, sizeof(nat->nat_ifnames[1])); 268 1.1.2.1 peter 269 1.1.2.1 peter nat->nat_inip = satosin(rdr)->sin_addr; 270 1.1.2.1 peter nat->nat_outip = satosin(dst)->sin_addr; 271 1.1.2.1 peter nat->nat_oip = satosin(src)->sin_addr; 272 1.1.2.1 peter 273 1.1.2.1 peter sum1 = LONG_SUM(ntohl(nat->nat_inip.s_addr)) + rdr_port; 274 1.1.2.1 peter sum2 = LONG_SUM(ntohl(nat->nat_outip.s_addr)) + d_port; 275 1.1.2.1 peter CALC_SUMD(sum1, sum2, sumd); 276 1.1.2.1 peter nat->nat_sumd[0] = (sumd & 0xffff) + (sumd >> 16); 277 1.1.2.1 peter nat->nat_sumd[1] = nat->nat_sumd[0]; 278 1.1.2.1 peter 279 1.1.2.1 peter sum1 = LONG_SUM(ntohl(nat->nat_inip.s_addr)); 280 1.1.2.1 peter sum2 = LONG_SUM(ntohl(nat->nat_outip.s_addr)); 281 1.1.2.1 peter CALC_SUMD(sum1, sum2, sumd); 282 1.1.2.1 peter nat->nat_ipsumd = (sumd & 0xffff) + (sumd >> 16); 283 1.1.2.1 peter 284 1.1.2.1 peter nat->nat_inport = htons(rdr_port); 285 1.1.2.1 peter nat->nat_outport = htons(d_port); 286 1.1.2.1 peter nat->nat_oport = satosin(src)->sin_port; 287 1.1.2.1 peter 288 1.1.2.1 peter nat->nat_flags = IPN_TCPUDP; 289 1.1.2.1 peter 290 1.1.2.1 peter memset(&obj, 0, sizeof(obj)); 291 1.1.2.1 peter obj.ipfo_rev = IPFILTER_VERSION; 292 1.1.2.1 peter obj.ipfo_size = sizeof(ns); 293 1.1.2.1 peter obj.ipfo_ptr = &ns; 294 1.1.2.1 peter obj.ipfo_type = IPFOBJ_NATSAVE; 295 1.1.2.1 peter 296 1.1.2.1 peter error = 0; 297 1.1.2.1 peter onoff = 1; 298 1.1.2.1 peter if (ioctl(natfd, SIOCSTLCK, &onoff) == -1) 299 1.1.2.1 peter return (-1); 300 1.1.2.1 peter if (ioctl(natfd, SIOCSTPUT, &obj) == -1) 301 1.1.2.1 peter error = -1; 302 1.1.2.1 peter onoff = 0; 303 1.1.2.1 peter if (ioctl(natfd, SIOCSTLCK, &onoff) == -1) 304 1.1.2.1 peter error = -1; 305 1.1.2.1 peter 306 1.1.2.1 peter return (error); 307 1.1.2.1 peter } 308 1.1.2.1 peter #endif 309 1.1.2.1 peter 310 1.1.2.1 peter int 311 1.1.2.1 peter ipf_do_commit(void) 312 1.1.2.1 peter { 313 1.1.2.1 peter struct ftp_proxy_entry *fpe, *n; 314 1.1.2.1 peter struct ftp_proxy_nat *fpn; 315 1.1.2.1 peter 316 1.1.2.1 peter for (fpe = LIST_FIRST(&ftp_proxy_entries); fpe != NULL; fpe = n) { 317 1.1.2.1 peter n = LIST_NEXT(fpe, link); 318 1.1.2.1 peter 319 1.1.2.1 peter /* 320 1.1.2.1 peter * If status is nul, then the session is going to be ended. 321 1.1.2.1 peter * Remove all nat mappings that were added. 322 1.1.2.1 peter */ 323 1.1.2.1 peter if (fpe->status == 0) { 324 1.1.2.1 peter while ((fpn = LIST_FIRST(&fpe->nat_entries)) != NULL) { 325 1.1.2.1 peter if (ipfilter_remove_nat(fpn->ipn) == -1) 326 1.1.2.1 peter return (-1); 327 1.1.2.1 peter 328 1.1.2.1 peter LIST_REMOVE(fpn, link); 329 1.1.2.1 peter free(fpn); 330 1.1.2.1 peter } 331 1.1.2.1 peter 332 1.1.2.1 peter ftp_proxy_entry_remove(fpe); 333 1.1.2.1 peter } 334 1.1.2.1 peter } 335 1.1.2.1 peter 336 1.1.2.1 peter return (0); 337 1.1.2.1 peter } 338 1.1.2.1 peter 339 1.1.2.1 peter int 340 1.1.2.1 peter ipf_do_rollback(void) 341 1.1.2.1 peter { 342 1.1.2.1 peter 343 1.1.2.1 peter /* TODO ??? */ 344 1.1.2.1 peter 345 1.1.2.1 peter return (0); 346 1.1.2.1 peter } 347 1.1.2.1 peter 348 1.1.2.1 peter void 349 1.1.2.1 peter ipf_init_filter(char *opt_qname, char *opt_tagname, int opt_verbose) 350 1.1.2.1 peter { 351 1.1.2.1 peter natfd = open(IPNAT_NAME, O_RDWR); 352 1.1.2.1 peter if (natfd == -1) 353 1.1.2.1 peter err(EXIT_FAILURE, "cannot open " IPNAT_NAME); 354 1.1.2.1 peter } 355 1.1.2.1 peter 356 1.1.2.1 peter int 357 1.1.2.1 peter ipf_prepare_commit(u_int32_t id) 358 1.1.2.1 peter { 359 1.1.2.1 peter struct ftp_proxy_entry *fpe; 360 1.1.2.1 peter 361 1.1.2.1 peter fpe = ftp_proxy_entry_find(id); 362 1.1.2.1 peter if (fpe == NULL) { 363 1.1.2.1 peter fpe = ftp_proxy_entry_create(id); 364 1.1.2.1 peter if (fpe == NULL) 365 1.1.2.1 peter return (-1); 366 1.1.2.1 peter } 367 1.1.2.1 peter fpe->status = 0; 368 1.1.2.1 peter 369 1.1.2.1 peter return (0); 370 1.1.2.1 peter } 371 1.1.2.1 peter 372 1.1.2.1 peter int 373 1.1.2.1 peter ipf_server_lookup(struct sockaddr *client, struct sockaddr *proxy, 374 1.1.2.1 peter struct sockaddr *server) 375 1.1.2.1 peter { 376 1.1.2.1 peter natlookup_t natlook; 377 1.1.2.1 peter ipfobj_t obj; 378 1.1.2.1 peter 379 1.1.2.1 peter /* IPv4-only for now. */ 380 1.1.2.1 peter if (client->sa_family != AF_INET) { 381 1.1.2.1 peter errno = EPROTONOSUPPORT; 382 1.1.2.1 peter return (-1); 383 1.1.2.1 peter } 384 1.1.2.1 peter 385 1.1.2.1 peter /* 386 1.1.2.1 peter * Build up the ipf object description structure. 387 1.1.2.1 peter */ 388 1.1.2.1 peter memset((void *)&obj, 0, sizeof(obj)); 389 1.1.2.1 peter obj.ipfo_rev = IPFILTER_VERSION; 390 1.1.2.1 peter obj.ipfo_size = sizeof(natlook); 391 1.1.2.1 peter obj.ipfo_ptr = &natlook; 392 1.1.2.1 peter obj.ipfo_type = IPFOBJ_NATLOOKUP; 393 1.1.2.1 peter /* 394 1.1.2.1 peter * Build up the ipf natlook structure. 395 1.1.2.1 peter */ 396 1.1.2.1 peter memset((void *)&natlook, 0, sizeof(natlook)); 397 1.1.2.1 peter natlook.nl_flags = IPN_TCPUDP; 398 1.1.2.1 peter natlook.nl_outip = satosin(client)->sin_addr; 399 1.1.2.1 peter natlook.nl_inip = satosin(proxy)->sin_addr; 400 1.1.2.1 peter natlook.nl_outport = satosin(client)->sin_port; 401 1.1.2.1 peter natlook.nl_inport = satosin(proxy)->sin_port; 402 1.1.2.1 peter 403 1.1.2.1 peter if (ioctl(natfd, SIOCGNATL, &obj) == -1) 404 1.1.2.1 peter return (-1); 405 1.1.2.1 peter 406 1.1.2.1 peter /* 407 1.1.2.1 peter * Return the real destination address and port number in the sockaddr 408 1.1.2.1 peter * passed in. 409 1.1.2.1 peter */ 410 1.1.2.1 peter memset((void *)server, 0, sizeof(struct sockaddr_in)); 411 1.1.2.1 peter satosin(server)->sin_len = sizeof(struct sockaddr_in); 412 1.1.2.1 peter satosin(server)->sin_family = AF_INET; 413 1.1.2.1 peter satosin(server)->sin_addr = natlook.nl_realip; 414 1.1.2.1 peter satosin(server)->sin_port = natlook.nl_realport; 415 1.1.2.1 peter 416 1.1.2.1 peter return (0); 417 1.1.2.1 peter } 418
Indexes created Wed Oct 22 00:09:40 GMT 2025