1diff -c -r ./ftp-gw/ftp-gw.c ../../NEW/fwtk/ftp-gw/ftp-gw.c 2*** ./ftp-gw/ftp-gw.c Fri Sep 6 12:55:05 1996 3--- ../../NEW/fwtk/ftp-gw/ftp-gw.c Wed Oct 9 02:51:35 1996 4*************** 5*** 40,47 **** 6 7 extern char *optarg; 8 9! #include "firewall.h" 10 11 12 #ifndef BSIZ 13 #define BSIZ 2048 14--- 40,48 ---- 15 16 extern char *optarg; 17 18! char *getdsthost(); 19 20+ #include "firewall.h" 21 22 #ifndef BSIZ 23 #define BSIZ 2048 24*************** 25*** 84,89 **** 26--- 85,92 ---- 27 static int cmdcnt = 0; 28 static int timeout = PROXY_TIMEOUT; 29 30+ static int do_transparent=0; 31+ 32 33 static int cmd_user(); 34 static int cmd_authorize(); 35*************** 36*** 98,103 **** 37--- 101,107 ---- 38 static void saveline(); 39 static void flushsaved(); 40 static void trap_sigurg(); 41+ static int connectdest(); 42 43 #define OP_CONN 001 /* only valid if connected */ 44 #define OP_WCON 002 /* writethrough if connected */ 45*************** 46*** 170,175 **** 47--- 174,180 ---- 48 char xuf[1024]; 49 char huf[128]; 50 char *passuser = (char *)0; /* passed user as av */ 51+ char *psychic, *hotline; 52 53 #ifndef LOG_DAEMON 54 openlog("ftp-gw",LOG_PID); 55*************** 56*** 314,319 **** 57--- 319,326 ---- 58 } else 59 timeout = 60*60; 60 61+ psychic=getdsthost(0,NULL); 62+ if(psychic) { do_transparent++; } 63 64 /* display a welcome file or message */ 65 if(passuser == (char *)0) { 66*************** 67*** 322,327 **** 68--- 329,340 ---- 69 syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); 70 exit(1); 71 } 72+ if(do_transparent) { 73+ if(sayfile2(0,cf->argv[0],220)) { 74+ syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]); 75+ exit(1); 76+ } 77+ } else 78 if(sayfile(0,cf->argv[0],220)) { 79 syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]); 80 exit(1); 81*************** 82*** 332,338 **** 83 if(authallflg) 84 if(say(0,"220-Proxy first requires authentication")) 85 exit(1); 86! sprintf(xuf,"220 %s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); 87 if(say(0,xuf)) 88 exit(1); 89 } 90--- 345,357 ---- 91 if(authallflg) 92 if(say(0,"220-Proxy first requires authentication")) 93 exit(1); 94! /* foo */ 95! if(do_transparent) 96! sprintf(xuf,"220-%s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); 97! else 98! sprintf(xuf,"220 %s FTP Proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR); 99! /* foo */ 100! 101 if(say(0,xuf)) 102 exit(1); 103 } 104*************** 105*** 353,358 **** 106--- 372,381 ---- 107 exit(1); 108 } 109 110+ if(do_transparent) { 111+ connectdest(psychic,21); 112+ } 113+ 114 /* main loop */ 115 while(1) { 116 FD_ZERO(&rdy); 117*************** 118*** 676,681 **** 119--- 699,713 ---- 120 return(sayn(0,noad,sizeof(noad)-1)); 121 } 122 123+ if(do_transparent) { 124+ if((rfd==(-1)) && (x=connectdest(dest,port))) return x; 125+ sprintf(buf,"USER %s",user); 126+ if(say(rfd,buf)) return(1); 127+ x=getresp(rfd,buf,sizeof(buf),1); 128+ if(sendsaved(0,x)) return(1); 129+ return(say(0,buf)); 130+ } 131+ 132 if(*dest == '\0') 133 dest = "localhost"; 134 135*************** 136*** 701,708 **** 137 if(msg_int == 1) { 138 sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest); 139 syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser); 140! say(0,mbuf); 141! return(1); 142 } else { 143 if(msg_int == -1) { 144 sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest); 145--- 733,740 ---- 146 if(msg_int == 1) { 147 sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest); 148 syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser); 149! say(0,mbuf); 150! return(1); 151 } else { 152 if(msg_int == -1) { 153 sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest); 154*************** 155*** 717,723 **** 156 char ebuf[512]; 157 158 strcpy(ebuf,buf); 159! sprintf(buf,"521 %s: %s",dest,ebuf); 160 rfd = -1; 161 return(say(0,buf)); 162 } 163--- 749,759 ---- 164 char ebuf[512]; 165 166 strcpy(ebuf,buf); 167! if(do_transparent) { 168! sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf); 169! } else { 170! sprintf(buf,"521 %s: %s",dest,ebuf); 171! } 172 rfd = -1; 173 return(say(0,buf)); 174 } 175*************** 176*** 732,737 **** 177--- 768,778 ---- 178 } 179 saveline(buf); 180 181+ /* if(do_transparent) { 182+ sendsaved(0,-1); 183+ return(0); 184+ } /* EEEk. I can't remember what this does. */ 185+ 186 sprintf(buf,"USER %s",user); 187 if(say(rfd,buf)) 188 return(1); 189*************** 190*** 744,749 **** 191--- 785,860 ---- 192 return 0; 193 } 194 195+ static int connectdest(dest, port) 196+ char *dest; 197+ short port; 198+ { 199+ char buf[1024], mbuf[512]; 200+ int msg_int, x; 201+ 202+ if(*dest == '\0') 203+ dest = "localhost"; 204+ 205+ if(validests != (char **)0) { 206+ char **xp; 207+ int x; 208+ 209+ for(xp = validests; *xp != (char *)0; xp++) { 210+ if(**xp == '!' && hostmatch(*xp + 1,dest)) { 211+ return(baddest(0,dest)); 212+ } else { 213+ if(hostmatch(*xp,dest)) 214+ break; 215+ } 216+ } 217+ if(*xp == (char *)0) 218+ return(baddest(0,dest)); 219+ } 220+ 221+ /* Extended permissions processing goes in here for destination */ 222+ if(extendperm) { 223+ msg_int = auth_perm(confp, authuser, "ftp-gw", dest,(char *)0); 224+ if(msg_int == 1) { 225+ sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest); 226+ syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser); 227+ say(0,mbuf); 228+ return(1); 229+ } else { 230+ if(msg_int == -1) { 231+ sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest); 232+ say(0,mbuf); 233+ return(1); 234+ } 235+ } 236+ } 237+ 238+ syslog(LLEV,"permit host=%s/%s connect to %s",rladdr,riaddr,dest); 239+ 240+ if((rfd = conn_server(dest,port,0,buf)) < 0) { 241+ char ebuf[512]; 242+ 243+ strcpy(ebuf,buf); 244+ sprintf(buf,"521 %s: %s",dest,ebuf); 245+ rfd = -1; 246+ return(say(0,buf)); 247+ } 248+ if(!do_transparent) { 249+ sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest); 250+ saveline(buf); 251+ } 252+ 253+ /* we are now connected and need to try the autologin thing */ 254+ x = getresp(rfd,buf,sizeof(buf),1); 255+ if(x / 100 != COMPLETE) { 256+ sendsaved(0,-1); 257+ return(say(0,buf)); 258+ } 259+ saveline(buf); 260+ 261+ sendsaved(0,-1); 262+ return 0; 263+ } 264+ 265 266 267 static int 268*************** 269*** 1053,1058 **** 270--- 1164,1171 ---- 271 static char nprn[] = "500 cannot get peername"; 272 char buf[512]; 273 274+ /* syslog(LLEV,"DEBUG: port cmd"); */ 275+ 276 if(ac < 2) 277 return(sayn(0,narg,sizeof(narg)-1)); 278 279*************** 280*** 1119,1124 **** 281--- 1232,1238 ---- 282 #define UC(c) (((int)c) & 0xff) 283 sprintf(buf,"PORT %d,%d,%d,%d,%d,%d\r\n",UC(k[0]),UC(k[1]),UC(k[2]), 284 UC(k[3]),UC(l[0]),UC(l[1])); 285+ /* syslog(LLEV,"DEBUG: %s",buf); */ 286 s = strlen(buf); 287 if (write(rfd, buf, s) != s) 288 return 1; 289*************** 290*** 1330,1335 **** 291--- 1444,1450 ---- 292 callback() 293 { 294 /* if we haven't gotten a valid PORT scrub the connection */ 295+ /* syslog(LLEV,"DEBUG: callback()."); */ 296 if((outgoing = accept(boundport,(struct sockaddr *)0,(int *)0)) < 0 || clntport.sin_port == 0) 297 goto bomb; 298 if(pasvport != -1) { /* incoming handled by PASVcallback */ 299*************** 300*** 1796,1801 **** 301--- 1911,1960 ---- 302 } 303 return(0); 304 } 305+ 306+ /* ok, so i'm in a hurry. english paper due RSN. */ 307+ sayfile2(fd,fn,code) 308+ int fd; 309+ char *fn; 310+ int code; 311+ { 312+ FILE *f; 313+ char buf[BUFSIZ]; 314+ char yuf[BUFSIZ]; 315+ char *c; 316+ int x; 317+ int saidsomething = 0; 318+ 319+ if((f = fopen(fn,"r")) == (FILE *)0) 320+ return(1); 321+ while(fgets(buf,sizeof(buf),f) != (char *)0) { 322+ if((c = index(buf,'\n')) != (char *)0) 323+ *c = '\0'; 324+ x = fgetc(f); 325+ if(feof(f)) 326+ sprintf(yuf,"%3.3d-%s",code,buf); 327+ else { 328+ sprintf(yuf,"%3.3d-%s",code,buf); 329+ ungetc(x,f); 330+ } 331+ if(say(fd,yuf)) { 332+ fclose(f); 333+ return(1); 334+ } 335+ saidsomething++; 336+ } 337+ fclose(f); 338+ if (!saidsomething) { 339+ syslog(LLEV,"fwtkcfgerr: sayfile for %d is empty",code); 340+ sprintf(yuf, "%3.3d The file to display is empty",code); 341+ if(say(fd,yuf)) { 342+ fclose(f); 343+ return(1); 344+ } 345+ } 346+ return(0); 347+ } 348+ 349 350 351 porttoaddr(s,a) 352diff -c -r ./http-gw/http-gw.c ../../NEW/fwtk/http-gw/http-gw.c 353*** ./http-gw/http-gw.c Mon Sep 9 14:40:53 1996 354--- ../../NEW/fwtk/http-gw/http-gw.c Wed Oct 9 02:51:57 1996 355*************** 356*** 27,32 **** 357--- 27,37 ---- 358 static char http_buffer[8192]; 359 static char reason[8192]; 360 static int checkBrowserType = 1; 361+ /* foo */ 362+ static int do_transparent=0; 363+ /* foo */ 364+ 365+ char *getdsthost(); 366 367 static void do_logging() 368 { char *proto = "GOPHER"; 369*************** 370*** 422,427 **** 371--- 427,443 ---- 372 /*(NOT A SPECIAL FORM)*/ 373 374 if((rem_type & TYPE_LOCAL)== 0){ 375+ /* foo */ 376+ char *psychic=getdsthost(sockfd,&def_port); 377+ if(psychic) { 378+ if(strlen(psychic)<=MAXHOSTNAMELEN) { 379+ do_transparent++; 380+ strncpy(def_httpd,psychic,strlen(psychic)); 381+ strncpy(def_server,psychic,strlen(psychic)); 382+ } 383+ } 384+ 385+ /* foo */ 386 /* See if it can be forwarded */ 387 388 if( can_forward(buf)){ 389*************** 390*** 1513,1519 **** 391 parse_vec[0], 392 parse_vec[1], 393 ourname, ourport); 394! }else{ 395 sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u", 396 parse_vec[0], parse_vec[2], 397 parse_vec[3], chk_type_ch, 398--- 1529,1541 ---- 399 parse_vec[0], 400 parse_vec[1], 401 ourname, ourport); 402! } 403! /* FOO */ 404! else if(do_transparent) { 405! sprintf(new_reply,"%s\t%s\t%s\t%s",parse_vec[0],parse_vec[1],parse_vec[2],parse_vec[3]); 406! } 407! /* FOO */ 408! else{ 409 sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u", 410 parse_vec[0], parse_vec[2], 411 parse_vec[3], chk_type_ch, 412diff -c -r ./lib/hnam.c ../../NEW/fwtk/lib/hnam.c 413*** ./lib/hnam.c Fri Nov 4 18:30:19 1994 414--- ../../NEW/fwtk/lib/hnam.c Wed Oct 9 02:34:13 1996 415*************** 416*** 22,27 **** 417--- 22,31 ---- 418 419 420 #include "firewall.h" 421+ #ifdef __FreeBSD__ 422+ #include <net/if.h> 423+ #include "ip_nat.h" 424+ #endif /* __FreeBSD__ */ 425 426 427 char * 428*************** 429*** 44,47 **** 430--- 48,115 ---- 431 432 bcopy(hp->h_addr,&sin.sin_addr,hp->h_length); 433 return(inet_ntoa(sin.sin_addr)); 434+ } 435+ 436+ char *getdsthost(fd, ptr) 437+ int fd; 438+ int *ptr; 439+ { 440+ struct sockaddr_in sin; 441+ struct hostent *hp; 442+ int sl=sizeof(struct sockaddr_in), err=0, local_h=0, i=0; 443+ char buf[255], hostbuf[255]; 444+ #ifdef __FreeBSD__ 445+ struct sockaddr_in rsin; 446+ struct natlookup natlookup; 447+ #endif 448+ 449+ #ifdef linux 450+ /* This should also work for UDP. Unfortunately, it doesn't. 451+ Maybe when the Linux UDP proxy code gets a little cleaner. 452+ */ 453+ if(!(err=getsockname(0,&sin,&sl))) { 454+ if(ptr) *ptr=ntohs(sin.sin_port); 455+ sprintf(buf,"%s",inet_ntoa(sin.sin_addr)); 456+ gethostname(hostbuf,254); 457+ hp=gethostbyname(hostbuf); 458+ while(hp->h_addr_list[i]) { 459+ bzero(&sin,&sl); 460+ memcpy(&sin.sin_addr,hp->h_addr_list[i++],sizeof(hp->h_addr_list[i++])); 461+ if(!strcmp(buf,inet_ntoa(sin.sin_addr))) local_h++; 462+ } 463+ if(local_h) { /* syslog(LLEV,"DEBUG: hnam.c: non-transparent."); */ return(NULL); } 464+ else { return(buf); } 465+ } 466+ #endif 467+ 468+ #ifdef __FreeBSD__ 469+ /* The basis for this block of code is Darren Reed's 470+ patches to the TIS ftwk's ftp-gw. 471+ */ 472+ bzero((char*)&sin,sizeof(sin)); 473+ bzero((char*)&rsin,sizeof(rsin)); 474+ if(getsockname(fd,(struct sockaddr*)&sin,&sl)<0) { 475+ return NULL; 476+ } 477+ sl=sizeof(rsin); 478+ if(getpeername(fd,(struct sockaddr*)&rsin,&sl)<0) { 479+ return NULL; 480+ } 481+ natlookup.nl_inport=sin.sin_port; 482+ natlookup.nl_outport=rsin.sin_port; 483+ natlookup.nl_inip=sin.sin_addr; 484+ natlookup.nl_outip=rsin.sin_addr; 485+ if((natfd=open(IPL_NAT,O_RDONLY))<0) { 486+ return(NULL); 487+ } 488+ if(ioctl(natfd,SIOCGNATL,&natlookup)==(-1)) { 489+ return(NULL); 490+ } 491+ close(natfd); 492+ if(ptr) *ptr=ntohs(natlookup.nl_realport); 493+ sprintf(buf,"%s",inet_ntoa(natlookup.nl_realip)); 494+ #endif 495+ 496+ /* No transparent proxy support */ 497+ return(NULL); 498 } 499Only in ./lib: hnam.c.orig 500diff -c -r ./plug-gw/plug-gw.c ../../NEW/fwtk/plug-gw/plug-gw.c 501*** ./plug-gw/plug-gw.c Thu Sep 5 15:36:33 1996 502--- ../../NEW/fwtk/plug-gw/plug-gw.c Wed Oct 9 02:46:48 1996 503*************** 504*** 39,44 **** 505--- 39,48 ---- 506 static char **validdests = (char **)0; 507 static Cfg *confp; 508 509+ int do_transparent=0; 510+ 511+ char *getdsthost(); 512+ 513 main(ac,av) 514 int ac; 515 char *av[]; 516*************** 517*** 193,201 **** 518--- 197,213 ---- 519 char *ptr; 520 int state = 0; 521 int ssl_plug = 0; 522+ int pport=0; 523 524 struct timeval timo; 525 526+ /* Transparent plug-gw is probably a bad idea, but hey .. */ 527+ dhost=getdsthost(0,&pport); 528+ if(dhost) { 529+ do_transparent++; 530+ portid=pport; 531+ } 532+ 533 if(c->flags & PERM_DENY) { 534 if (p == -1) 535 syslog(LLEV,"deny host=%s/%s port=any",rhost,raddr); 536*************** 537*** 215,221 **** 538 syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln); 539 exit (1); 540 } 541! dhost = av[x]; 542 continue; 543 } 544 545--- 227,234 ---- 546 syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln); 547 exit (1); 548 } 549! if(!dhost) dhost = av[x]; 550! /* syslog(LLEV,"DEBUG: dhost now is [%s]",dhost); */ 551 continue; 552 } 553 554diff -c -r ./rlogin-gw/rlogin-gw.c ../../NEW/fwtk/rlogin-gw/rlogin-gw.c 555*** ./rlogin-gw/rlogin-gw.c Fri Sep 6 12:56:33 1996 556--- ../../NEW/fwtk/rlogin-gw/rlogin-gw.c Wed Oct 9 02:49:04 1996 557*************** 558*** 39,45 **** 559--- 39,47 ---- 560 561 562 extern char *maphostname(); 563+ char *getdsthost(); 564 565+ int do_transparent=0; 566 567 static int cmd_quit(); 568 static int cmd_help(); 569*************** 570*** 120,125 **** 571--- 122,130 ---- 572 static char *tokav[56]; 573 int tokac; 574 struct timeval timo; 575+ /* foo */ 576+ char *psychic; 577+ /* foo */ 578 579 #ifndef LOG_NDELAY 580 openlog("rlogin-gw",LOG_PID); 581*************** 582*** 185,191 **** 583 xforwarder = cf->argv[0]; 584 } 585 586! 587 588 if((cf = cfg_get("directory",confp)) != (Cfg *)0) { 589 if(cf->argc != 1) { 590--- 190,203 ---- 591 xforwarder = cf->argv[0]; 592 } 593 594! /* foo */ 595! psychic=getdsthost(0,NULL); 596! if(psychic) { 597! do_transparent++; 598! strncpy(dest,psychic,511); 599! dest[511]='\0'; 600! } 601! /* foo */ 602 603 if((cf = cfg_get("directory",confp)) != (Cfg *)0) { 604 if(cf->argc != 1) { 605*************** 606*** 260,269 **** 607 } 608 609 /* if present a host name, chop and save username and hostname */ 610! dest[0] = '\0'; 611 if((p = index(rusername,'@')) != (char *)0) { 612 char *namp; 613 614 *p++ = '\0'; 615 if(*p == '\0') 616 p = "localhost"; 617--- 272,282 ---- 618 } 619 620 /* if present a host name, chop and save username and hostname */ 621! /* dest[0] = '\0'; */ 622 if((p = index(rusername,'@')) != (char *)0) { 623 char *namp; 624 625+ dest[0] = '\0'; 626 *p++ = '\0'; 627 if(*p == '\0') 628 p = "localhost"; 629*************** 630*** 293,300 **** 631--- 306,326 ---- 632 goto leave; 633 } 634 635+ /* syslog(LLEV,"DEBUG: Uh-oh, $dest = %s\n",dest); */ 636+ 637 if(dest[0] != '\0') { 638 /* Setup connection directly to remote machine */ 639+ if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { 640+ if(cf->argc != 1) { 641+ syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); 642+ exit(1); 643+ } 644+ if(sayfile(0,cf->argv[0])) { 645+ syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]); 646+ exit(1); 647+ } 648+ } 649+ /* Does this cmd_connect thing feel like a kludge or what? */ 650 sprintf(buf,"connect %.1000s",dest); 651 tokac = enargv(buf, tokav, 56, tokbuf, sizeof(tokbuf)); 652 if (cmd_connect(tokac, tokav, buf) != 2) 653*************** 654*** 526,539 **** 655 char ebuf[512]; 656 657 syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,namp); 658 if(strlen(namp) > 20) 659 namp[20] = '\0'; 660 if(rusername[0] != '\0') 661 sprintf(ebuf,"Trying %s@%s...",rusername,namp); 662 else 663 sprintf(ebuf,"Trying %s...",namp); 664! if(say(0,ebuf)) 665! return(1); 666 } else 667 syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,av[1]); 668 if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) { 669--- 552,567 ---- 670 char ebuf[512]; 671 672 syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,namp); 673+ if(!do_transparent) { 674 if(strlen(namp) > 20) 675 namp[20] = '\0'; 676 if(rusername[0] != '\0') 677 sprintf(ebuf,"Trying %s@%s...",rusername,namp); 678 else 679 sprintf(ebuf,"Trying %s...",namp); 680! if(say(0,ebuf)) 681! return(1); 682! } 683 } else 684 syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,av[1]); 685 if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) { 686diff -c -r ./tn-gw/tn-gw.c ../../NEW/fwtk/tn-gw/tn-gw.c 687*** ./tn-gw/tn-gw.c Fri Sep 6 12:55:48 1996 688--- ../../NEW/fwtk/tn-gw/tn-gw.c Wed Oct 9 02:50:17 1996 689*************** 690*** 87,92 **** 691--- 87,94 ---- 692 static int cmd_xforward(); 693 static int cmd_timeout(); 694 695+ char *getdsthost(); 696+ 697 static int tn3270 = 1; /* don't do tn3270 stuff */ 698 static int doX; 699 700*************** 701*** 97,102 **** 702--- 99,106 ---- 703 static int timeout = PROXY_TIMEOUT; 704 static char timed_out_msg[] = "\r\nConnection closed due to inactivity"; 705 706+ int do_transparent=0; 707+ 708 typedef struct { 709 char *name; 710 char *hmsg; 711*************** 712*** 140,145 **** 713--- 144,151 ---- 714 char tokbuf[BSIZ]; 715 char *tokav[56]; 716 int tokac; 717+ int port; 718+ char *psychic; 719 720 #ifndef LOG_DAEMON 721 openlog("tn-gw",LOG_PID); 722*************** 723*** 308,313 **** 724--- 314,346 ---- 725 } 726 } 727 728+ psychic=getdsthost(0,&port); 729+ if(psychic) { 730+ if((strlen(psychic) + 10) < 510) { 731+ do_transparent++; 732+ if(port) 733+ sprintf(dest,"%s:%d",psychic,port); 734+ else 735+ sprintf(dest,"%s",psychic); 736+ 737+ 738+ if(!welcomedone) 739+ if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) { 740+ if(cf->argc != 1) { 741+ syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln); 742+ exit(1); 743+ } 744+ if(sayfile(0,cf->argv[0])) { 745+ syslog(LLEV,"fwtksyserr: cannot display welcome %s:%m",cf->argv[0]); 746+ exit(1); 747+ } 748+ welcomedone = 1; 749+ } 750+ 751+ 752+ } 753+ } 754+ 755 while (argc > 1) { 756 argc--; 757 argv++; 758*************** 759*** 864,877 **** 760 } 761 } 762 763- 764 if((namp = maphostname(av[1])) != (char *)0) { 765 char ebuf[512]; 766 767 syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,namp); 768! sprintf(ebuf,"Trying %s port %d...",namp,port); 769! if(say(0,ebuf)) 770! return(1); 771 } else 772 syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,av[1]); 773 774--- 897,911 ---- 775 } 776 } 777 778 if((namp = maphostname(av[1])) != (char *)0) { 779 char ebuf[512]; 780 781 syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,namp); 782! if(!do_transparent) { 783! sprintf(ebuf,"Trying %s port %d...",namp,port); 784! if(say(0,ebuf)) 785! return(1); 786! } 787 } else 788 syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,av[1]); 789 790*************** 791*** 903,910 **** 792 793 syslog(LLEV,"connected host=%s/%s destination=%s",rladdr,riaddr,av[1]); 794 strncpy(dest,av[1], 511); 795! sprintf(buf, "Connected to %s.", dest); 796! say(0, buf); 797 return(2); 798 } 799 800--- 937,946 ---- 801 802 syslog(LLEV,"connected host=%s/%s destination=%s",rladdr,riaddr,av[1]); 803 strncpy(dest,av[1], 511); 804! if(!do_transparent) { 805! sprintf(buf, "Connected to %s.", dest); 806! say(0, buf); 807! } 808 return(2); 809 } 810 811 812 813