From owner-freebsd-bugs Thu May 13 9:32: 2 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 05C1C14F0C for ; Thu, 13 May 1999 09:30:00 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id JAA33466; Thu, 13 May 1999 09:30:00 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from relay.ucb.crimea.ua (relay.ucb.crimea.ua [212.110.138.1]) by hub.freebsd.org (Postfix) with ESMTP id B29FD15207 for ; Thu, 13 May 1999 09:26:01 -0700 (PDT) (envelope-from ru@ucb.crimea.ua) Received: (from ru@localhost) by relay.ucb.crimea.ua (8.9.2/8.9.2/UCB) id TAA43127; Thu, 13 May 1999 19:25:45 +0300 (EEST) (envelope-from ru) Message-Id: <199905131625.TAA43127@relay.ucb.crimea.ua> Date: Thu, 13 May 1999 19:25:45 +0300 (EEST) From: Ruslan Ermilov Reply-To: ru@ucb.crimea.ua To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/11690: [32-CANDIDATE] /sbin/natd portrange documentation and bugfix Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 11690 >Category: bin >Synopsis: [32-CANDIDATE] /sbin/natd portrange documentation and bugfix >Confidential: no >Severity: non-critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu May 13 09:30:00 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Ruslan Ermilov >Release: FreeBSD 3.1-STABLE i386 >Organization: United Commercial Bank >Environment: Both HEAD and RELENG_3 >Description: 1. Logic error in checking the condition 2. portrange feature is not documented in manpage >How-To-Repeat: Look at code. >Fix: Index: natd.8 =================================================================== RCS file: /usr/FreeBSD-CVS/src/sbin/natd/natd.8,v retrieving revision 1.16.2.2 diff -u -r1.16.2.2 natd.8 --- natd.8 1999/05/04 12:12:01 1.16.2.2 +++ natd.8 1999/05/13 16:22:37 @@ -114,19 +114,31 @@ According to rfc 1918, unregistered source addresses are 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16. -.It Fl redirect_port Ar proto targetIP:targetPORT [aliasIP:]aliasPORT [remoteIP[:remotePORT]] -Redirect incoming connections arriving to given port to another host and port. +.It Fl redirect_port Ar proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]] +Redirect incoming connections arriving to given port(s) to another host +and port(s). Proto is either tcp or udp, targetIP is the desired target IP -number, targetPORT is the desired target PORT number, aliasPORT -is the requested PORT number and aliasIP is the aliasing address. +number, targetPORT is the desired target PORT number or range, aliasPORT +is the requested PORT number or range, and aliasIP is the aliasing address. RemoteIP and remotePORT can be used to specify the connection more accurately if necessary. +The targetPORT range and aliasPORT range need not be the same numerically, +but must have the same size. +If remotePORT is not specified, it is assumed to be all ports. +If remotePORT is specified, it must match the size of targetPORT, or be 0 +(all ports). For example, the argument .Ar tcp inside1:telnet 6666 means that tcp packets destined for port 6666 on this machine will be sent to the telnet port on the inside1 machine. + +.Ar tcp inside2:2300-2399 3300-3399 + +will redirect incoming connections on ports 3300-3399 to host +inside2, ports 2300-2399. +The mapping is 1:1 meaning port 3300 maps to 2300, 3301 maps to 2301, etc. .It Fl redirect_address Ar localIP publicIP Redirect traffic for public IP address to a machine on the local Index: natd.c =================================================================== RCS file: /usr/FreeBSD-CVS/src/sbin/natd/natd.c,v retrieving revision 1.11.2.3 diff -u -r1.11.2.3 natd.c --- natd.c 1999/03/30 10:18:00 1.11.2.3 +++ natd.c 1999/05/13 16:16:46 @@ -1380,7 +1380,7 @@ numLocalPorts = GETNUMPORTS(portRange); /* - * Extract public port and optinally address. + * Extract public port and optionally address. */ ptr = strtok (NULL, " \t"); if (!ptr) @@ -1431,7 +1431,7 @@ errx (1, "redirect_port: port ranges must be equal in size"); /* Remote port range is allowed to be '0' which means all ports. */ - if (numRemotePorts != numLocalPorts && numRemotePorts != 1 && remotePort != 0) + if (numRemotePorts != numLocalPorts && !(numRemotePorts == 1 && remotePort == 0)) errx (1, "redirect_port: remote port must be 0 or equal to local port range in size"); for (i = 0 ; i < numPublicPorts ; ++i) { >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message