FreeBSD Mail Archives

Date:      Wed, 22 Aug 2001 05:37:16 -0700 (PDT)
From:      Michael Nottebrock <nottebrock@crosswinds.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/29954: Tircproxy breaks in transparent proxy mode under 4.3R & higher (IP Filter 3.4.x).
Message-ID:  <200108221237.f7MCbGJ57983@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help


>Number:         29954
>Category:       ports
>Synopsis:       Tircproxy breaks in transparent proxy mode under 4.3R & higher (IP Filter 3.4.x).
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Aug 22 05:40:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Michael Nottebrock
>Release:        4.3-STABLE
>Organization:
>Environment:
FreeBSD lofi.dyndns.org 4.3-STABLE FreeBSD 4.3-STABLE #8: Wed Jul 11 15:50:34 CEST 2001     root@lofi.dyndns.org:/usr/obj/usr/src/sys/MY
KERNEL  i386
>Description:
Tircproxy, when used in transparent proxy mode, looks up the original destination of the redirected packets in /dev/ipnat. This lookup fails in FreeBSD 4.3R and later because IP Filter 3.4.x expects a different argument to the natlookup ioctrl call than IP Filter 3.3.x. If a connection is made, tircproxy prints out "ioctrl: Bad address" and refuses the connection.
>How-To-Repeat:
Set up a redirection rule in /etc/ipnat.rules like

'rdr dc0 0.0.0.0/0 port 6667 -> 127.0.0.1 port 7776'

and run '/usr/local/sbin/tircproxy -s 7666 -MRH -i <internal-ip>' Then try to connect to an IRC Server from a machine connecting to the proxy via the dc0 interface.
>Fix:
With this patch, the port checks the version of FreeBSD at build time and makes the appropriate calls if the machine is running 4.3R or higher.

begin 644 /usr/ports/irc/tircproxy/files/patch-ad
M*BHJ('1I<F-P<F]X>2YC+F]R:6<)5&AU($UA>2`@-"`R,CHU,SHS,"`R,#`P
M"BTM+2!T:7)C<')O>'DN8PE7960@075G(#(R(#$S.C0R.C0V(#(P,#$**BHJ
M*BHJ*BHJ*BHJ*BHJ"BHJ*B`Q,#8U+#$P-S0@*BHJ*@H@('L*("`)<W1R=6-T
M('-O8VMA9&1R7VEN"0D)=&]?861D<CL*("`):6YT"0D)"0ET;U]L96X["B`@
M(VEF($E01@HA(`ES=')U8W0@<V]C:V%D9')?:6X)"0ES;V-K971I;BP@<VQO
M8SL*(2`);F%T;&]O:W5P7W0@("`@(`D)"6YA=&QO;VL["B$@"6EN=`D)"0D)
M9F0["B`@(V5N9&EF"B`@("`@"B`@("`@"2\J($=I=F4@=&AI<R!T:&EN9R`Q
M,"!M:6YU=&5S('1O(&=E="!S=&%R=&5D("AP87)A;F]I82DN"BTM+2`Q,#8U
M+#$P.#0@+2TM+0H@('L*("`)<W1R=6-T('-O8VMA9&1R7VEN"0D)=&]?861D
M<CL*("`):6YT"0D)"0ET;U]L96X["BL@"B`@(VEF($E01@HA("`@("`@("`@
M<W1R=6-T('-O8VMA9&1R7VEN("`@("`@("`@("`@("`@("`@("`@('-O8VME
M=&EN+"!S;&]C.PHA("`@("`@("`@;F%T;&]O:W5P7W0@("`@("`@("`@("`@
M("`@("`@("`@("`@("`@(&YA=&QO;VL["B$@(`HA("-I9B!?7T9R965"4T1?
M7R`^/2`R"B$@(VEN8VQU9&4@/&]S<F5L9&%T92YH/@HA("`C:68@7U]&<F5E
M0E-$7W9E<G-I;VX@/CT@-#,P,#`P"B$@"B$@("`@("`@("!N871L;V]K=7!?
M="`@("`@("`@("`@("`@("`@("`@("`@("`@("`@*FYA=&QO;VMP(#T@)FYA
M=&QO;VL["B$@"B$@("-E;F1I9@HA("-E;F1I9@HA("`@("`@("`@:6YT("`@
M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@(&9D.PH@("-E;F1I
M9@H@("`@(`H@("`@(`DO*B!':79E('1H:7,@=&AI;F<@,3`@;6EN=71E<R!T
M;R!G970@<W1A<G1E9"`H<&%R86YO:6$I+@HJ*BHJ*BHJ*BHJ*BHJ*BH**BHJ
M(#$Q-3(L,3$U."`J*BHJ"B`@("`@("`@("`@("`@("`@(&YA=&QO;VLN;FQ?
M:6YP;W)T(#T@<VQO8RYS:6Y?<&]R=#L*("`*("`@("`@("`@("`@("`@("`@
M9F0@/2!O<&5N*$E03%].050L($]?4D1/3DQ9*3L*(2`@("`@("`@("`@("`@
M("`@:68@*&EO8W1L*&9D+"!324]#1TY!5$PL("9N871L;V]K*2`]/2`M,2D*
M("`)("`@("`)>PH@("`@("`@("`@("`@("`@("`)<&5R<F]R*")I;V-T;"(I
M.PH@("`@("`@("`@("`@("`@("`)97AI="@M,2D["BTM+2`Q,38R+#$Q-S4@
M+2TM+0H@("`@("`@("`@("`@("`@("!N871L;V]K+FYL7VEN<&]R="`]('-L
M;V,N<VEN7W!O<G0["B`@"B`@("`@("`@("`@("`@("`@(&9D(#T@;W!E;BA)
M4$Q?3D%4+"!/7U)$3TY,62D["B$@(VEF(%]?1G)E94)31%]?(#X](#(*(2`C
M:6YC;'5D92`\;W-R96QD871E+F@^"B$@("-I9B!?7T9R965"4T1?=F5R<VEO
M;B`^/2`T,S`P,#`*(2`@("`@("`@("`@("`@("`@(&EF("AI;V-T;"AF9"P@
M4TE/0T=.051,+"`F;F%T;&]O:W`I(#T]("TQ*0HA("`C96QS90HA("`@("`@
M("`@("`@("`@("`@:68@*&EO8W1L*&9D+"!324]#1TY!5$PL("9N871L;V]K
M*2`]/2`M,2D*(2`@(V5N9&EF"B$@(V5N9&EF("`@("`@("`@("`@("`@"B`@
M"2`@("`@"7L*("`@("`@("`@("`@("`@("`@"7!E<G)O<B@B:6]C=&PB*3L*
=("`@("`@("`@("`@("`@("`@"65X:70H+3$I.PIE
`
end
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108221237.f7MCbGJ57983>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation