upstream/oracle/userland-gate: components/ftp-proxy/patches/001-solaris.patch@b6036d22c840 (annotated)

5565 f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	1	# This patch comes from Oracle. It fixes issues preventing ftp-proxy
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	2	# from building and running on Solaris. Especially, we:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	3	# - disabled features missing support on Solaris (queuing, rtable..)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	4	# where adding such support is not reasonable
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	5	# - used workarounds to deal with missing pieces on Solaris (missing
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	6	# structure members in sockaddr, PF not supporting divert-to,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	7	# using Solaris-specific random number generator)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	8	#
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	9	# These changes are not going to upstream, they are Solaris-specific.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	10
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	11	diff -Naur ORIGINAL/Makefile ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	12	--- ORIGINAL/Makefile 2006-11-26 03:31:13.000000000 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	13	+++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile 2016-02-10 04:21:21.337202150 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	14	@@ -1,13 +1,29 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	15	# $OpenBSD: Makefile,v 1.3 2006/11/26 11:31:13 deraadt Exp $
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	16
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	17	+CFLAGS+= -m64 -errwarn
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	18	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	19	PROG= ftp-proxy
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	20	SRCS= ftp-proxy.c filter.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	21	+OBJS=$(SRCS:.c=.o)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	22	MAN= ftp-proxy.8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	23
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	24	-CFLAGS+= -I${.CURDIR}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	25	-CFLAGS+= -Wall -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith \
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	26	- -Wno-uninitialized
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	27	-LDADD+= -levent
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	28	-DPADD+= ${LIBEVENT}
7791 95f8368a21ec 25436653 make Userland consumers to link against libuutil directly Vladimir Kotal <Vladimir.Kotal@oracle.com> parents: 5565 diff changeset	29	+LDADD+= -levent /lib/64/libuutil.so.1
5565 f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	30	+LDFLAGS+= -z nolazyload
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	31	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	32	+all: $(SRCS) $(PROG)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	33	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	34	+install: $(PROG)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	35	+ $(INSTALL) -d $(PREFIX)/sbin
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	36	+ $(INSTALL) -m 755 $(PROG) $(PREFIX)/sbin
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	37	+ $(INSTALL) -d $(MANDIR)/man8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	38	+ $(INSTALL) -m 644 $(MAN) $(MANDIR)/man8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	39	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	40	+$(PROG): $(OBJS)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	41	+ $(CC) $(CFLAGS) $(OBJS) -o $@ $(LDFLAGS) $(LDADD)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	42	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	43	+.c.o:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	44	+ $(CC) $(CFLAGS) -c -o $@ $<
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	45
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	46	-.include <bsd.prog.mk>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	47	+clean:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	48	+ rm -rf *.o
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	49	+ rm -rf $(PROG)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	50	diff -Naur ORIGINAL/filter.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	51	--- ORIGINAL/filter.c 2012-09-18 03:11:53.000000000 -0700
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	52	+++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/filter.c 2016-02-10 04:24:03.599069704 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	53	@@ -32,6 +32,10 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	54	#include <stdio.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	55	#include <string.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	56	#include <unistd.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	57	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	58	+/* we need _IOWR */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	59	+#include <sys/ioccom.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	60	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	61
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	62	#include "filter.h"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	63
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	64	diff -Naur ORIGINAL/ftp-proxy.8 ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	65	--- ORIGINAL/ftp-proxy.8 2012-06-25 04:49:19.000000000 -0700
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	66	+++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.8 2016-02-24 06:31:17.792565815 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	67	@@ -30,17 +30,16 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	68	.Op Fl m Ar maxsessions
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	69	.Op Fl P Ar port
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	70	.Op Fl p Ar port
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	71	-.Op Fl q Ar queue
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	72	.Op Fl R Ar address
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	73	.Op Fl T Ar tag
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	74	.Op Fl t Ar timeout
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	75	.Ek
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	76	.Sh DESCRIPTION
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	77	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	78	-is a proxy for the Internet File Transfer Protocol.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	79	-FTP control connections should be redirected into the proxy using the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	80	-.Xr pf 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	81	-.Ar divert-to
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	82	+is a proxy for the Internet File Transfer Protocol making connections
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	83	+over IPv4 NAT possible.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	84	+FTP control connections should be redirected into the proxy using the PF
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	85	+.Ar rdr-to
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	86	command, after which the proxy connects to the server on behalf of
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	87	the client.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	88	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	89	@@ -51,22 +50,20 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	90	Consequently, all connections from the server to the proxy have
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	91	their destination address rewritten, so they are redirected to the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	92	client.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	93	-The proxy uses the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	94	-.Xr pf 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	95	+The proxy uses the PF
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	96	.Ar anchor
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	97	facility for this.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	98	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	99	Assuming the FTP control connection is from $client to $server, the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	100	-proxy connected to the server using the $proxy source address, and
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	101	-$port is negotiated, then
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	102	+proxy is connected to the server using the $proxy source address, and
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	103	+$port is negotiated, the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	104	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	105	adds the following rules to the anchor.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	106	$server and $orig_server are the same unless
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	107	.Fl R
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	108	is used to force a different $server address for all connections.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	109	-(These example rules use inet, but the proxy also supports inet6.)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	110	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	111	-In case of active mode (PORT or EPRT):
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	112	+In case of active mode (PORT):
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	113	.Bd -literal -offset 2n
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	114	pass in from $server to $proxy port $proxy_port \e
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	115	rdr-to $client port $port
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	116	@@ -74,7 +71,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	117	nat-to $orig_server port $natport
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	118	.Ed
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	119	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	120	-In case of passive mode (PASV or EPSV):
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	121	+In case of passive mode (PASV):
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	122	.Bd -literal -offset 2n
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	123	pass in from $client to $orig_server port $proxy_port \e
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	124	rdr-to $server port $port
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	125	@@ -83,11 +80,6 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	126	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	127	The options are as follows:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	128	.Bl -tag -width Ds
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	129	-.It Fl 6
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	130	-IPv6 mode.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	131	-The proxy will expect and use IPv6 addresses for all communication.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	132	-Only the extended FTP modes EPSV and EPRT are allowed with IPv6.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	133	-The proxy is in IPv4 mode by default.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	134	.It Fl A
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	135	Only permit anonymous FTP connections.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	136	Either user "ftp" or user "anonymous" is allowed.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	137	@@ -96,14 +88,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	138	connection to a server.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	139	.It Fl b Ar address
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	140	Address where the proxy will listen for redirected control connections.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	141	-The default is 127.0.0.1, or ::1 in IPv6 mode.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	142	+The default is 127.0.0.1.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	143	.It Fl D Ar level
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	144	Debug level, ranging from 0 to 7.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	145	Higher is more verbose.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	146	The default is 5.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	147	-(These levels correspond to the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	148	-.Xr syslog 3
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	149	-levels.)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	150	.It Fl d
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	151	Do not daemonize.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	152	The process will stay in the foreground, logging to standard error.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	153	@@ -120,10 +109,6 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	154	.It Fl p Ar port
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	155	Port where the proxy will listen for redirected connections.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	156	The default is port 8021.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	157	-.It Fl q Ar queue
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	158	-Create rules with queue
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	159	-.Ar queue
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	160	-appended, so that data connections can be queued.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	161	.It Fl R Ar address
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	162	Fixed server address, also known as reverse mode.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	163	The proxy will always connect to the same server, regardless of
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	164	@@ -142,9 +127,8 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	165	keyword can be implemented following the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	166	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	167	anchor.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	168	-These rules can use special
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	169	-.Xr pf 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	170	-features like route-to, reply-to, label, rtable, overload, etc. that
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	171	+These rules can use special PF
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	172	+features like route-to, reply-to, label, overload, etc. that
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	173	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	174	does not implement itself.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	175	There must be a matching pass rule after the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	176	@@ -159,7 +143,9 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	177	.It Fl v
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	178	Set the 'log' flag on pf rules committed by
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	179	.Nm .
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	180	-Use twice to set the 'log all' flag.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	181	+Use twice to set the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	182	+.Sq log all
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	183	+flag.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	184	The pf rules do not log by default.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	185	.El
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	186	.Sh CONFIGURATION
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	187	@@ -171,27 +157,23 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	188	necessary.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	189	.Bd -literal -offset 2n
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	190	anchor "ftp-proxy/*"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	191	-pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	192	+pass in quick inet proto tcp to port ftp rdr-to 127.0.0.1 port 8021
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	193	pass out inet proto tcp from (self) to any port ftp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	194	.Ed
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	195	+.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	196	+To run
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	197	+.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	198	+in a non-global zone, the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	199	+.Bd -literal -offset indent
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	200	+svc:/network/socket-filter:pf_divert
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	201	+.Ed
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	202	+instance must be online in the global zone.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	203	.Sh SEE ALSO
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	204	-.Xr ftp 1 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	205	-.Xr pf 4 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	206	.Xr pf.conf 5
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	207	.Sh CAVEATS
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	208	-.Xr pf 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	209	-does not allow the ruleset to be modified if the system is running at a
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	210	-.Xr securelevel 7
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	211	-higher than 1.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	212	-At that level
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	213	-.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	214	-cannot add rules to the anchors and FTP data connections may get blocked.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	215	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	216	Negotiated data connection ports below 1024 are not allowed.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	217	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	218	The negotiated IP address for active modes is ignored for security
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	219	reasons.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	220	This makes third party file transfers impossible.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	221	-.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	222	-.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	223	-chroots to "/var/empty" and changes to user "proxy" to drop privileges.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	224	diff -Naur ORIGINAL/ftp-proxy.c ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	225	--- ORIGINAL/ftp-proxy.c 2013-03-15 06:31:27.000000000 -0700
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	226	+++ ftp-proxy-OPENBSD_5_5-OPENBSD_5_5.pre-smf/ftp-proxy.c 2016-02-10 04:12:16.600723376 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	227	@@ -38,9 +38,20 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	228	#include <stdio.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	229	#include <stdlib.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	230	#include <string.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	231	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	232	+#include <strings.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	233	+#include <sys/types.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	234	+#include <time.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	235	+#include <libuutil.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	236	+#include <sys/random.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	237	+#include <inttypes.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	238	+#include <priv.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	239	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	240	#include <syslog.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	241	#include <unistd.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	242	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	243	#include <vis.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	244	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	245
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	246	#include "filter.h"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	247
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	248	@@ -60,6 +71,32 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	249
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	250	#define sstosa(ss) ((struct sockaddr *)(ss))
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	251
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	252	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	253	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	254	+ * These constants are used as a range used by pick_proxy_port(). The ftp-proxy
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	255	+ * never binds these ports. They are used only within proxy_reply() and add_rdr()
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	256	+ * to be put into a FTP-protocol message and to construct the rule to be loaded
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	257	+ * into PF, respectively.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	258	+ *
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	259	+ * OpenBSD adheres to a convention where these port numbers are reserved for
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	260	+ * connections that want to bypass a firewall. Surely, it depends on how the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	261	+ * administrator configures the firewall, too. Let's stick to that convention
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	262	+ * here. The idea probably is "if the admin uses this convention, these ports
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	263	+ * are not filtered and thus we are not going to clash with current firewall
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	264	+ * rules".
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	265	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	266	+#define IPPORT_HIFIRSTAUTO 49152
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	267	+#define IPPORT_HILASTAUTO 65535
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	268	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	269	+#define getrtable() 0
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	270	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	271	+#ifndef LIST_END
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	272	+#define LIST_END(x) NULL
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	273	+#endif /* !LIST_END */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	274	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	275	+#define DIVERT_MODULE_NAME "pf_divertf"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	276	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	277	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	278	enum { CMD_NONE = 0, CMD_PORT, CMD_EPRT, CMD_PASV, CMD_EPSV };
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	279
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	280	struct session {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	281	@@ -115,12 +152,59 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	282
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	283	struct event listen_ev, pause_accept_ev;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	284	struct sockaddr_storage fixed_server_ss, fixed_proxy_ss;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	285	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	286	+static socklen_t fixed_server_ss_len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	287	+static socklen_t fixed_proxy_ss_len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	288	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	289	char fixed_server, fixed_server_port, fixed_proxy, listen_ip, *listen_port,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	290	qname, tagname;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	291	int anonymous_only, daemonize, id_count, ipv6_mode, loglevel, max_sessions,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	292	rfc_mode, session_count, timeout, verbose;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	293	extern char *__progname;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	294
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	295	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	296	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	297	+ * fake_arc4random_uniform()
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	298	+ * This is a fake implementation of arc4random_uniform(). The wrapper
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	299	+ * provides so called uniform calculation of pseudo random number with
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	300	+ * respect to upper bound.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	301	+ *
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	302	+ * Function calculates random numbers until it finds one outside
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	303	+ * <0, 2^32 % upper_bound) range. Once random number, `rand`, is selected,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	304	+ * function returns rand % upper_bound.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	305	+ *
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	306	+ * Arguments:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	307	+ * upper_bound - random number is picked up in range <0, upper_bound)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	308	+ *
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	309	+ * Returns:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	310	+ * random number, uniform with respect to upper bound.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	311	+ * Returns UINT32_MAX on error.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	312	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	313	+static u_int32_t
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	314	+fake_arc4random_uniform(u_int32_t upper_bound)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	315	+{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	316	+ u_int32_t rand, min;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	317	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	318	+ if (upper_bound < 2)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	319	+ return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	320	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	321	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	322	+ * 232 % x == (232 - x) % x
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	323	+ * (Trick comes from OpenBSD, arc4random_uniform.c)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	324	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	325	+ min = -upper_bound % upper_bound;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	326	+ for (;;) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	327	+ if (getrandom(&rand, sizeof (rand), GRND_NONBLOCK) !=
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	328	+ sizeof (rand))
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	329	+ return (UINT32_MAX);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	330	+ if (rand >= min)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	331	+ break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	332	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	333	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	334	+ return (rand % upper_bound);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	335	+}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	336	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	337	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	338	void
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	339	client_error(struct bufferevent bufev, short what, void arg)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	340	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	341	@@ -220,6 +304,12 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	342	return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	343	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	344	s->proxy_port = pick_proxy_port();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	345	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	346	+ if (s->proxy_port == UINT16_MAX) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	347	+ logmsg(LOG_CRIT, "pick_proxy_port() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	348	+ return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	349	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	350	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	351	proxy_reply(s->cmd, sstosa(&s->proxy_ss), s->proxy_port);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	352	logmsg(LOG_DEBUG, "#%d proxy: %s", s->id, linebuf);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	353	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	354	@@ -378,13 +468,30 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	355	struct sockaddr *proxy_to_server_sa;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	356	struct session *s;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	357	socklen_t len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	358	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	359	+ socklen_t client_sa_len, server_sa_len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	360	+ int one = 1; /* parameter for setsockopt */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	361	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	362	int client_fd, fc, on;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	363	-
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	364	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	365	+ * We experienced big problems when event_add() was called
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	366	+ * before accepting the incoming connection - for some reason,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	367	+ * a new event was fired immediately and ftp-proxy was hanged
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	368	+ * trying to accept another client that was not there yet.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	369	+ * Moving event_add() call a few lines below resolved this
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	370	+ * problem.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	371	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	372	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	373	event_add(&listen_ev, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	374	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	375
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	376	- if ((event & EV_TIMEOUT))
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	377	+ if ((event & EV_TIMEOUT)) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	378	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	379	+ event_add(&listen_ev, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	380	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	381	/* accept() is no longer paused. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	382	return;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	383	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	384
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	385	/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	386	* We _must_ accept the connection, otherwise libevent will keep
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	387	@@ -393,6 +500,9 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	388	client_sa = sstosa(&tmp_ss);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	389	len = sizeof(struct sockaddr_storage);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	390	if ((client_fd = accept(listen_fd, client_sa, &len)) < 0) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	391	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	392	+ event_add(&listen_ev, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	393	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	394	logmsg(LOG_CRIT, "accept() failed: %s", strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	395
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	396	/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	397	@@ -410,6 +520,16 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	398	return;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	399	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	400
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	401	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	402	+ event_add(&listen_ev, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	403	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	404	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	405	+ * Struct sockaddr does not contain sa_len field on Solaris,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	406	+ * we use client_sa_len instead.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	407	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	408	+ client_sa_len = len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	409	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	410	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	411	/* Refuse connection if the maximum is reached. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	412	if (session_count >= max_sessions) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	413	logmsg(LOG_ERR, "client limit (%d) reached, refusing "
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	414	@@ -426,8 +546,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	415	return;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	416	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	417	s->client_fd = client_fd;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	418	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	419	+ memcpy(sstosa(&s->client_ss), client_sa, client_sa_len);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	420	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	421	memcpy(sstosa(&s->client_ss), client_sa, client_sa->sa_len);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	422	-
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	423	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	424	/* Cast it once, and be done with it. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	425	client_sa = sstosa(&s->client_ss);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	426	server_sa = sstosa(&s->server_ss);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	427	@@ -447,6 +570,17 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	428	strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	429	goto fail;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	430	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	431	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	432	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	433	+ * Struct sockaddr does not contain sa_len field on Solaris,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	434	+ * we use server_sa_len instead.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	435	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	436	+ server_sa_len = len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	437	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	438	+/* SO_RTABLE not defined on Solaris */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	439	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	440	+ s->client_rd = 0;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	441	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	442	len = sizeof(s->client_rd);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	443	if (getsockopt(s->client_fd, SOL_SOCKET, SO_RTABLE, &s->client_rd,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	444	&len) && errno != ENOPROTOOPT) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	445	@@ -454,10 +588,18 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	446	strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	447	goto fail;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	448	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	449	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	450	if (fixed_server) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	451	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	452	+ memcpy(sstosa(&s->orig_server_ss), server_sa,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	453	+ server_sa_len);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	454	+ memcpy(server_sa, fixed_server_sa, fixed_server_ss_len);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	455	+ server_sa_len = fixed_server_ss_len; /* update the length */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	456	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	457	memcpy(sstosa(&s->orig_server_ss), server_sa,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	458	server_sa->sa_len);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	459	memcpy(server_sa, fixed_server_sa, fixed_server_sa->sa_len);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	460	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	461	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	462
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	463	/* XXX: check we are not connecting to ourself. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	464	@@ -471,8 +613,14 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	465	strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	466	goto fail;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	467	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	468	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	469	if (fixed_proxy && bind(s->server_fd, sstosa(&fixed_proxy_ss),
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	470	- fixed_proxy_ss.ss_len) != 0) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	471	+ fixed_proxy_ss_len) != 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	472	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	473	+ if (fixed_proxy && bind(s->server_fd, sstosa(&fixed_proxy_ss),
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	474	+ fixed_proxy_ss.ss_len) != 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	475	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	476	+ {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	477	logmsg(LOG_CRIT, "#%d cannot bind fixed proxy address: %s",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	478	s->id, strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	479	goto fail;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	480	@@ -485,8 +633,14 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	481	s->id, strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	482	goto fail;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	483	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	484	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	485	+ if (connect(s->server_fd, server_sa, server_sa_len) < 0 &&
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	486	+ errno != EINPROGRESS)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	487	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	488	if (connect(s->server_fd, server_sa, server_sa->sa_len) < 0 &&
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	489	- errno != EINPROGRESS) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	490	+ errno != EINPROGRESS)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	491	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	492	+ {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	493	logmsg(LOG_CRIT, "#%d proxy cannot connect to server %s: %s",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	494	s->id, sock_ntop(server_sa), strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	495	goto fail;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	496	@@ -592,6 +746,9 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	497	/* syslog does its own vissing. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	498	vsyslog(pri, message, ap);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	499	else {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	500	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	501	+ vsyslog(pri, message, ap);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	502	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	503	char buf[MAX_LOGLINE];
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	504	char visbuf[2 * MAX_LOGLINE];
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	505
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	506	@@ -599,6 +756,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	507	vsnprintf(buf, sizeof buf, message, ap);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	508	strnvis(visbuf, buf, sizeof visbuf, VIS_CSTYLE \| VIS_NL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	509	fprintf(stderr, "%s\n", visbuf);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	510	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	511	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	512
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	513	va_end(ap);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	514	@@ -636,9 +794,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	515
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	516	while ((ch = getopt(argc, argv, "6Aa:b:D:dm:P:p:q:R:rT:t:v")) != -1) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	517	switch (ch) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	518	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	519	case '6':
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	520	ipv6_mode = 1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	521	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	522	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	523	case 'A':
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	524	anonymous_only = 1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	525	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	526	@@ -668,11 +828,13 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	527	case 'p':
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	528	listen_port = optarg;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	529	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	530	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	531	case 'q':
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	532	if (strlen(optarg) >= PF_QNAME_SIZE)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	533	errx(1, "queuename too long");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	534	qname = optarg;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	535	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	536	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	537	case 'R':
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	538	fixed_server = optarg;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	539	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	540	@@ -718,9 +880,16 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	541	hints.ai_socktype = SOCK_STREAM;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	542	error = getaddrinfo(fixed_proxy, NULL, &hints, &res);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	543	if (error)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	544	- errx(1, "getaddrinfo fixed proxy address failed: %s",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	545	+ errx(1, "getaddrinfo fixed proxy address (%s) failed: %s", fixed_proxy,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	546	gai_strerror(error));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	547	memcpy(&fixed_proxy_ss, res->ai_addr, res->ai_addrlen);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	548	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	549	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	550	+ * struct sockaddr_storage does not have the member
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	551	+ * ss_len on Solaris, thus we use a global variable.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	552	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	553	+ fixed_proxy_ss_len = res->ai_addrlen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	554	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	555	logmsg(LOG_INFO, "using %s to connect to servers",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	556	sock_ntop(sstosa(&fixed_proxy_ss)));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	557	freeaddrinfo(res);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	558	@@ -736,6 +905,13 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	559	errx(1, "getaddrinfo fixed server address failed: %s",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	560	gai_strerror(error));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	561	memcpy(&fixed_server_ss, res->ai_addr, res->ai_addrlen);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	562	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	563	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	564	+ * struct sockaddr_storage does not have the member
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	565	+ * ss_len on Solaris, thus we use a global variable.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	566	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	567	+ fixed_server_ss_len = res->ai_addrlen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	568	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	569	logmsg(LOG_INFO, "using fixed server %s",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	570	sock_ntop(sstosa(&fixed_server_ss)));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	571	freeaddrinfo(res);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	572	@@ -752,6 +928,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	573	gai_strerror(error));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	574	if ((listenfd = socket(res->ai_family, SOCK_STREAM, IPPROTO_TCP)) == -1)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	575	errx(1, "socket failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	576	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	577	+ if (setsockopt(listenfd, SOL_FILTER, FIL_ATTACH, DIVERT_MODULE_NAME,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	578	+ (strlen(DIVERT_MODULE_NAME)+1)) != 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	579	+ err(1, "setsockopt failed - unable to attach filter");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	580	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	581	on = 1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	582	if (setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	583	sizeof on) != 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	584	@@ -782,7 +963,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	585	event_init();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	586
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	587	/* Setup signal handler. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	588	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	589	+ sigset(SIGPIPE, SIG_IGN);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	590	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	591	signal(SIGPIPE, SIG_IGN);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	592	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	593	signal_set(&ev_sighup, SIGHUP, handle_signal, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	594	signal_set(&ev_sigint, SIGINT, handle_signal, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	595	signal_set(&ev_sigterm, SIGTERM, handle_signal, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	596	@@ -857,12 +1042,25 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	597	return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	598	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	599
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	600	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	601	+ * On Solaris, fake_arc4random_uniform() can fail. We return UINT16_MAX
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	602	+ * on error.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	603	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	604	u_int16_t
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	605	pick_proxy_port(void)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	606	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	607	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	608	+ u_int32_t shift;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	609	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	610	+ shift = fake_arc4random_uniform(IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	611	+ if (shift == UINT32_MAX)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	612	+ return UINT16_MAX;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	613	+ return (IPPORT_HIFIRSTAUTO + shift);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	614	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	615	/* Random should be good enough for avoiding port collisions. */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	616	return (IPPORT_HIFIRSTAUTO +
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	617	arc4random_uniform(IPPORT_HILASTAUTO - IPPORT_HIFIRSTAUTO));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	618	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	619	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	620
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	621	void
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	622	@@ -985,6 +1183,12 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	623	return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	624	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	625	s->proxy_port = pick_proxy_port();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	626	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	627	+ if (s->proxy_port == UINT16_MAX) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	628	+ logmsg(LOG_CRIT, "pick_proxy_port() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	629	+ return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	630	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	631	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	632	logmsg(LOG_INFO, "#%d passive: client to server port %d"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	633	" via port %d", s->id, s->port, s->proxy_port);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	634
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	635	@@ -1126,6 +1330,6 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	636	fprintf(stderr, "usage: %s [-6Adrv] [-a address] [-b address]"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	637	" [-D level] [-m maxsessions]\n [-P port]"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	638	" [-p port] [-q queue] [-R address] [-T tag]\n"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	639	- " [-t timeout]\n", __progname);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	640	+ " [-t timeout]\n", __progname);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	641	exit(1);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	642	}

author	Rich Burridge <rich.burridge@oracle.com>
	Tue, 18 Apr 2017 09:10:22 -0700
changeset 7898	b6036d22c840
parent 7791	95f8368a21ec
permissions	-rw-r--r--