diff options
author | Brian Somers <brian@FreeBSD.org> | 1999-03-25 23:36:25 +0000 |
---|---|---|
committer | Brian Somers <brian@FreeBSD.org> | 1999-03-25 23:36:25 +0000 |
commit | fe3094cdd7132e84bd5e5b2ad5109daed7cc74ff (patch) | |
tree | 097e8fdade97a33209faa983c1060682c591144c | |
parent | 92c49d78da2be95b13dd887049d495629956f183 (diff) | |
download | src-fe3094cdd7132e84bd5e5b2ad5109daed7cc74ff.tar.gz src-fe3094cdd7132e84bd5e5b2ad5109daed7cc74ff.zip |
Allow port ranges in ``alias port''.
Notes
Notes:
svn path=/head/; revision=45042
-rw-r--r-- | usr.sbin/ppp/alias_cmd.c | 125 | ||||
-rw-r--r-- | usr.sbin/ppp/command.c | 8 | ||||
-rw-r--r-- | usr.sbin/ppp/nat_cmd.c | 125 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp.8 | 47 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp.8.m4 | 47 |
5 files changed, 222 insertions, 130 deletions
diff --git a/usr.sbin/ppp/alias_cmd.c b/usr.sbin/ppp/alias_cmd.c index 979b0b575a43..430ab472b67c 100644 --- a/usr.sbin/ppp/alias_cmd.c +++ b/usr.sbin/ppp/alias_cmd.c @@ -2,7 +2,7 @@ * The code in this file was written by Eivind Eklund <perhaps@yes.no>, * who places it in the public domain without restriction. * - * $Id: alias_cmd.c,v 1.20 1999/03/07 15:02:37 brian Exp $ + * $Id: alias_cmd.c,v 1.21 1999/03/07 18:13:44 brian Exp $ */ #include <sys/param.h> @@ -51,8 +51,9 @@ static int StrToAddr(const char *, struct in_addr *); -static int StrToPort(const char *, u_short *, const char *); -static int StrToAddrAndPort(const char *, struct in_addr *, u_short *, const char *); +static int StrToPortRange(const char *, u_short *, u_short *, const char *); +static int StrToAddrAndPort(const char *, struct in_addr *, u_short *, + u_short *, const char *); int @@ -61,11 +62,14 @@ alias_RedirectPort(struct cmdargs const *arg) if (!arg->bundle->AliasEnabled) { prompt_Printf(arg->prompt, "Alias not enabled\n"); return 1; - } else if (arg->argc == arg->argn+3) { + } else if (arg->argc == arg->argn + 3) { char proto_constant; const char *proto; - u_short local_port; - u_short alias_port; + u_short hlocalport; + u_short llocalport; + u_short haliasport; + u_short laliasport; + u_short port; int error; struct in_addr local_addr; struct in_addr null_addr; @@ -79,37 +83,51 @@ alias_RedirectPort(struct cmdargs const *arg) } else { prompt_Printf(arg->prompt, "port redirect: protocol must be" " tcp or udp\n"); - prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name, - arg->cmd->syntax); - return 1; + return -1; } - error = StrToAddrAndPort(arg->argv[arg->argn+1], &local_addr, &local_port, - proto); + error = StrToAddrAndPort(arg->argv[arg->argn+1], &local_addr, &llocalport, + &hlocalport, proto); if (error) { - prompt_Printf(arg->prompt, "port redirect: error reading" - " local addr:port\n"); - prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name, - arg->cmd->syntax); - return 1; + prompt_Printf(arg->prompt, "alias port: error reading localaddr:port\n"); + return -1; } - error = StrToPort(arg->argv[arg->argn+2], &alias_port, proto); + error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport, + proto); if (error) { - prompt_Printf(arg->prompt, "port redirect: error reading alias port\n"); - prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name, - arg->cmd->syntax); - return 1; + prompt_Printf(arg->prompt, "alias port: error reading alias port\n"); + return -1; } null_addr.s_addr = INADDR_ANY; - link = PacketAliasRedirectPort(local_addr, local_port, - null_addr, 0, - null_addr, alias_port, - proto_constant); + if (llocalport > hlocalport) { + port = llocalport; + llocalport = hlocalport; + hlocalport = port; + } + + if (laliasport > haliasport) { + port = laliasport; + laliasport = haliasport; + haliasport = port; + } - if (link == NULL) - prompt_Printf(arg->prompt, "port redirect: error returned by packed" - " aliasing engine (code=%d)\n", error); + if (haliasport - laliasport != hlocalport - llocalport) { + prompt_Printf(arg->prompt, "alias port: Port ranges must be equal\n"); + return -1; + } + + for (port = laliasport; port <= haliasport; port++) { + link = PacketAliasRedirectPort(local_addr, + htons(llocalport + (port - laliasport)), + null_addr, 0, null_addr, htons(port), + proto_constant); + + if (link == NULL) { + prompt_Printf(arg->prompt, "alias port: %d: error %d\n", port, error); + return 1; + } + } } else return -1; @@ -176,28 +194,51 @@ StrToAddr(const char *str, struct in_addr *addr) static int StrToPort(const char *str, u_short *port, const char *proto) { - int iport; struct servent *sp; char *end; - iport = strtol(str, &end, 10); - if (end != str) { - *port = htons(iport); - return 0; - } - sp = getservbyname(str, proto); - if (!sp) { - log_Printf(LogWARN, "StrToAddr: Unknown port or service %s/%s.\n", - str, proto); - return -1; + *port = strtol(str, &end, 10); + if (*end != '\0') { + sp = getservbyname(str, proto); + if (sp == NULL) { + log_Printf(LogWARN, "StrToAddr: Unknown port or service %s/%s.\n", + str, proto); + return -1; + } + *port = ntohs(sp->s_port); } - *port = sp->s_port; + return 0; } +static int +StrToPortRange(const char *str, u_short *low, u_short *high, const char *proto) +{ + char *minus; + int res; + + minus = strchr(str, '-'); + if (minus) + *minus = '\0'; /* Cheat the const-ness ! */ + + res = StrToPort(str, low, proto); + + if (minus) + *minus = '-'; /* Cheat the const-ness ! */ + + if (res == 0) { + if (minus) + res = StrToPort(minus + 1, high, proto); + else + *high = *low; + } + + return res; +} static int -StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *port, const char *proto) +StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *low, + u_short *high, const char *proto) { char *colon; int res; @@ -214,7 +255,7 @@ StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *port, const cha if (res != 0) return -1; - return StrToPort(colon+1, port, proto); + return StrToPortRange(colon + 1, low, high, proto); } int diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index 75888fb50412..830e95cf60ad 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: command.c,v 1.188 1999/03/07 18:13:44 brian Exp $ + * $Id: command.c,v 1.189 1999/03/19 00:05:32 brian Exp $ * */ #include <sys/param.h> @@ -141,7 +141,7 @@ #define NEG_DNS 52 const char Version[] = "2.11"; -const char VersionDate[] = "$Date: 1999/03/07 18:13:44 $"; +const char VersionDate[] = "$Date: 1999/03/19 00:05:32 $"; static int ShowCommand(struct cmdargs const *); static int TerminalCommand(struct cmdargs const *); @@ -552,8 +552,8 @@ static struct cmdtab const AliasCommands[] = {"log", NULL, AliasOption, LOCAL_AUTH, "log aliasing link creation", "alias log [yes|no]", (const void *) PKT_ALIAS_LOG}, - {"port", NULL, alias_RedirectPort, LOCAL_AUTH, - "port redirection", "alias port [proto addr_local:port_local port_alias]"}, + {"port", NULL, alias_RedirectPort, LOCAL_AUTH, "port redirection", + "alias port proto localaddr:port[-port] aliasport[-aliasport]"}, {"pptp", NULL, alias_Pptp, LOCAL_AUTH, "Set the PPTP address", "alias pptp IP"}, {"proxy", NULL, alias_ProxyRule, LOCAL_AUTH, diff --git a/usr.sbin/ppp/nat_cmd.c b/usr.sbin/ppp/nat_cmd.c index 979b0b575a43..430ab472b67c 100644 --- a/usr.sbin/ppp/nat_cmd.c +++ b/usr.sbin/ppp/nat_cmd.c @@ -2,7 +2,7 @@ * The code in this file was written by Eivind Eklund <perhaps@yes.no>, * who places it in the public domain without restriction. * - * $Id: alias_cmd.c,v 1.20 1999/03/07 15:02:37 brian Exp $ + * $Id: alias_cmd.c,v 1.21 1999/03/07 18:13:44 brian Exp $ */ #include <sys/param.h> @@ -51,8 +51,9 @@ static int StrToAddr(const char *, struct in_addr *); -static int StrToPort(const char *, u_short *, const char *); -static int StrToAddrAndPort(const char *, struct in_addr *, u_short *, const char *); +static int StrToPortRange(const char *, u_short *, u_short *, const char *); +static int StrToAddrAndPort(const char *, struct in_addr *, u_short *, + u_short *, const char *); int @@ -61,11 +62,14 @@ alias_RedirectPort(struct cmdargs const *arg) if (!arg->bundle->AliasEnabled) { prompt_Printf(arg->prompt, "Alias not enabled\n"); return 1; - } else if (arg->argc == arg->argn+3) { + } else if (arg->argc == arg->argn + 3) { char proto_constant; const char *proto; - u_short local_port; - u_short alias_port; + u_short hlocalport; + u_short llocalport; + u_short haliasport; + u_short laliasport; + u_short port; int error; struct in_addr local_addr; struct in_addr null_addr; @@ -79,37 +83,51 @@ alias_RedirectPort(struct cmdargs const *arg) } else { prompt_Printf(arg->prompt, "port redirect: protocol must be" " tcp or udp\n"); - prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name, - arg->cmd->syntax); - return 1; + return -1; } - error = StrToAddrAndPort(arg->argv[arg->argn+1], &local_addr, &local_port, - proto); + error = StrToAddrAndPort(arg->argv[arg->argn+1], &local_addr, &llocalport, + &hlocalport, proto); if (error) { - prompt_Printf(arg->prompt, "port redirect: error reading" - " local addr:port\n"); - prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name, - arg->cmd->syntax); - return 1; + prompt_Printf(arg->prompt, "alias port: error reading localaddr:port\n"); + return -1; } - error = StrToPort(arg->argv[arg->argn+2], &alias_port, proto); + error = StrToPortRange(arg->argv[arg->argn+2], &laliasport, &haliasport, + proto); if (error) { - prompt_Printf(arg->prompt, "port redirect: error reading alias port\n"); - prompt_Printf(arg->prompt, "Usage: alias %s %s\n", arg->cmd->name, - arg->cmd->syntax); - return 1; + prompt_Printf(arg->prompt, "alias port: error reading alias port\n"); + return -1; } null_addr.s_addr = INADDR_ANY; - link = PacketAliasRedirectPort(local_addr, local_port, - null_addr, 0, - null_addr, alias_port, - proto_constant); + if (llocalport > hlocalport) { + port = llocalport; + llocalport = hlocalport; + hlocalport = port; + } + + if (laliasport > haliasport) { + port = laliasport; + laliasport = haliasport; + haliasport = port; + } - if (link == NULL) - prompt_Printf(arg->prompt, "port redirect: error returned by packed" - " aliasing engine (code=%d)\n", error); + if (haliasport - laliasport != hlocalport - llocalport) { + prompt_Printf(arg->prompt, "alias port: Port ranges must be equal\n"); + return -1; + } + + for (port = laliasport; port <= haliasport; port++) { + link = PacketAliasRedirectPort(local_addr, + htons(llocalport + (port - laliasport)), + null_addr, 0, null_addr, htons(port), + proto_constant); + + if (link == NULL) { + prompt_Printf(arg->prompt, "alias port: %d: error %d\n", port, error); + return 1; + } + } } else return -1; @@ -176,28 +194,51 @@ StrToAddr(const char *str, struct in_addr *addr) static int StrToPort(const char *str, u_short *port, const char *proto) { - int iport; struct servent *sp; char *end; - iport = strtol(str, &end, 10); - if (end != str) { - *port = htons(iport); - return 0; - } - sp = getservbyname(str, proto); - if (!sp) { - log_Printf(LogWARN, "StrToAddr: Unknown port or service %s/%s.\n", - str, proto); - return -1; + *port = strtol(str, &end, 10); + if (*end != '\0') { + sp = getservbyname(str, proto); + if (sp == NULL) { + log_Printf(LogWARN, "StrToAddr: Unknown port or service %s/%s.\n", + str, proto); + return -1; + } + *port = ntohs(sp->s_port); } - *port = sp->s_port; + return 0; } +static int +StrToPortRange(const char *str, u_short *low, u_short *high, const char *proto) +{ + char *minus; + int res; + + minus = strchr(str, '-'); + if (minus) + *minus = '\0'; /* Cheat the const-ness ! */ + + res = StrToPort(str, low, proto); + + if (minus) + *minus = '-'; /* Cheat the const-ness ! */ + + if (res == 0) { + if (minus) + res = StrToPort(minus + 1, high, proto); + else + *high = *low; + } + + return res; +} static int -StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *port, const char *proto) +StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *low, + u_short *high, const char *proto) { char *colon; int res; @@ -214,7 +255,7 @@ StrToAddrAndPort(const char *str, struct in_addr *addr, u_short *port, const cha if (res != 0) return -1; - return StrToPort(colon+1, port, proto); + return StrToPortRange(colon + 1, low, high, proto); } int diff --git a/usr.sbin/ppp/ppp.8 b/usr.sbin/ppp/ppp.8 index 421090be8816..ad28a0046e0c 100644 --- a/usr.sbin/ppp/ppp.8 +++ b/usr.sbin/ppp/ppp.8 @@ -1,4 +1,4 @@ -.\" $Id: ppp.8,v 1.162 1999/03/19 01:42:45 brian Exp $ +.\" $Id: ppp.8,v 1.163 1999/03/19 09:00:08 brian Exp $ .Dd 20 September 1995 .nr XX \w'\fC00' .Os FreeBSD @@ -2723,31 +2723,36 @@ This command gives a summary of available alias commands. This option causes various aliasing statistics and information to be logged to the file .Pa /var/log/alias.log . -.It alias port Xo -.Op Ar proto -.Ar targetIP Ns No \&: Ns Ar targetPORT -.Op Ar aliasIP Ns No \&: Ns -.Ar aliasPORT +.It alias port Ar proto Ar targetIP Ns Xo +.No : Ns Ar port Ns +.Oo +.No - Ns Ar port +.Oc Ar aliasport Ns +.Oo +.No - Ns Ar aliasport Ns +.Oc .Xc -This command allows us to redirect connections arriving at -.Ar aliasPORT -for machine -.Ar aliasIP -to -.Ar targetPORT +This command causes incoming +.Ar proto +connections to port +.Ar aliasport +to be redirected to port +.Ar port on .Ar targetIP . -.Ar AliasIP -defaults to the current interface address. .Ar Proto -may be either -.Sq tcp +is either +.Dq tcp or -.Sq udp , -and only connections of the given protocol -are matched. This option is useful if you wish to run things like -Internet phone on the machines behind your gateway. -.It "alias pptp" Op Ar addr +.Dq udp . +.Pp +A range of port numbers may be specified as shown above. The ranges +must be of the same size. +.Pp +This option is useful if you wish to run things like Internet phone on +machines behind your gateway, but is limited in that connections to only +one interior machine per port are possible. +.It alias pptp Op Ar addr This tells .Nm to alias any diff --git a/usr.sbin/ppp/ppp.8.m4 b/usr.sbin/ppp/ppp.8.m4 index 421090be8816..ad28a0046e0c 100644 --- a/usr.sbin/ppp/ppp.8.m4 +++ b/usr.sbin/ppp/ppp.8.m4 @@ -1,4 +1,4 @@ -.\" $Id: ppp.8,v 1.162 1999/03/19 01:42:45 brian Exp $ +.\" $Id: ppp.8,v 1.163 1999/03/19 09:00:08 brian Exp $ .Dd 20 September 1995 .nr XX \w'\fC00' .Os FreeBSD @@ -2723,31 +2723,36 @@ This command gives a summary of available alias commands. This option causes various aliasing statistics and information to be logged to the file .Pa /var/log/alias.log . -.It alias port Xo -.Op Ar proto -.Ar targetIP Ns No \&: Ns Ar targetPORT -.Op Ar aliasIP Ns No \&: Ns -.Ar aliasPORT +.It alias port Ar proto Ar targetIP Ns Xo +.No : Ns Ar port Ns +.Oo +.No - Ns Ar port +.Oc Ar aliasport Ns +.Oo +.No - Ns Ar aliasport Ns +.Oc .Xc -This command allows us to redirect connections arriving at -.Ar aliasPORT -for machine -.Ar aliasIP -to -.Ar targetPORT +This command causes incoming +.Ar proto +connections to port +.Ar aliasport +to be redirected to port +.Ar port on .Ar targetIP . -.Ar AliasIP -defaults to the current interface address. .Ar Proto -may be either -.Sq tcp +is either +.Dq tcp or -.Sq udp , -and only connections of the given protocol -are matched. This option is useful if you wish to run things like -Internet phone on the machines behind your gateway. -.It "alias pptp" Op Ar addr +.Dq udp . +.Pp +A range of port numbers may be specified as shown above. The ranges +must be of the same size. +.Pp +This option is useful if you wish to run things like Internet phone on +machines behind your gateway, but is limited in that connections to only +one interior machine per port are possible. +.It alias pptp Op Ar addr This tells .Nm to alias any |