Hi Darren,
I had some problems when adding the ipnat rule for TFTP proxy?
Can you help have a look at it? What I did is as below.
1. change makefile in SunOS5
$(OBJ)/ip_proxy.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h
$(TOP)/ip_compat.h \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_rcmd_pxy.c $(TOP)/ip_raudio_pxy.c
\
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_nat.h \
$(TOP)/ip_tftp_pxy.c $(TOP)/ip_fil.h
$(CC) -I$(TOP) $(DFLAGS) -c $(TOP)/ip_proxy.c -o $@
$(OBJ)/ip_proxy_u.o: $(TOP)/ip_proxy.c $(TOP)/ip_proxy.h
$(TOP)/ip_compat.h \
$(TOP)/ip_ftp_pxy.c $(TOP)/ip_rcmd_pxy.c $(TOP)/ip_raudio_pxy.c
\
$(TOP)/ip_rpcb_pxy.c $(TOP)/ip_ipsec_pxy.c $(TOP)/ip_nat.h \
$(TOP)/ip_tftp_pxy.c $(TOP)/ip_fil.h
$(CC) $(CCARGS) $(EXTRA) -c $(TOP)/ip_proxy.c -o $@
2. change ip_proxy.c below:
......
#include "netinet/ip_tftp_pxy.c"
......
aproxy_t ap_proxies[] = {
#ifdef IPF_FTP_PROXY
{ NULL, "ftp", (char)IPPROTO_TCP, 0, 0, ippr_ftp_init,
ippr_ftp_fini,
ippr_ftp_new, NULL, ippr_ftp_in, ippr_ftp_out, NULL },
#endif
#ifdef IPF_TFTP_PROXY
{ NULL, "tftp", (char)IPPROTO_TCP, 0, 0, ippr_tftp_init,
ippr_tftp_fini,
ippr_tftp_new, NULL, ippr_tftp_in, ippr_tftp_out, NULL },
#endif
......
}
3. try to load the following rule and return error below:
# ipnat -f -
map ce3 135.2.11.39/32 -> 135.2.11.39/32 proxy port 69 tftp/udp
1:ioctl(add/insert nat rule): No such file or directory
#
Thanks,
>Darren Reed wrote:
> Hi,
>
> Since I saw your email, I sat down and worked on a TFTP proxy to fit
> in with IPFilter.
>
> To make it work, you can take one of two paths.
> 1) copy ip_tftp_pxy.c into the IPFilter source code tree, modify the
> ip_proxy.c
> file to include it and recompile IPFilter;
> 2) if you're using 4.1.13 or later, you can compile it as a standalone
> LKM and
> load it into IPFilter for use that way.
>
> Darren
>
> Sorry, forgot to attach the .c file.
> Darren
["ip_tftp_pxy.c" (text/plain)]
<http://marc.info/?l=ipfilter&m=116584475719785&q=p3>
