Date: Sat, 30 Oct 1999 17:13:09 +0200 (CEST) From: Rene de Vries <rene@canyon.demon.nl> To: FreeBSD hackers <freebsd-hackers@freebsd.org> Subject: Natd+PKT_ALIAS_PUNCH_FW missing something? Message-ID: <199910301513.RAA01051@canyon.demon.nl>
next in thread | raw e-mail | index | archive | help
Hello,
Am I missing something? I modified natd.c so an extra option was available to
turn on punch firewall (see diff below). When I activated this option it did
not seem to work (ftp-data is still blocked by my firewall). When I add a
general allow line for any traffic from 20 to 1023- it (of course) works. But
the whole idea was to get rid of this line...
Rene
-- BEGIN --
*** natd.c.orig Sat Oct 30 17:01:40 1999
--- natd.c Sat Oct 30 17:09:49 1999
***************
*** 852,857 ****
--- 852,858 ----
enum Option {
PacketAliasOption,
+ PunchFW,
Verbose,
InPort,
OutPort,
***************
*** 955,960 ****
--- 956,969 ----
"same_ports",
"m" },
+ { PunchFW,
+ PKT_ALIAS_PUNCH_FW,
+ String,
+ "basenumber:count",
+ "punch holes in the firewall for incomming ftp data connections",
+ "punch_fw",
+ NULL },
+
{ Verbose,
0,
YesNo,
***************
*** 1168,1173 ****
--- 1177,1189 ----
aliasValue = yesNoValue ? info->packetAliasOpt : 0;
PacketAliasSetMode (aliasValue, info->packetAliasOpt);
+ break;
+
+ case PunchFW:
+ if (sscanf(strValue, "%u:%u", &basefw, &count) != 2)
+ errx(1, "%s needs basefw:count", info->name);
+ PacketAliasSetFWBase(basefw, count);
+ PacketAliasSetMode(PKT_ALIAS_PUNCH_FW, PKT_ALIAS_PUNCH_FW);
break;
case Verbose:
-- END --
--
Rene de Vries http://www.tcja.nl/~rene; mailto:rene@tcja.nl
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910301513.RAA01051>