On Mon, Jun 09, 2003 at 01:05:07AM +0300, Ruslan Ermilov wrote:
On Sun, Jun 08, 2003 at 10:35:47PM +0200, Vaclav Petricek wrote:
Hello
I am trying to redirect all http traffic of unauthorized wifi users on a
wireless hotspot to a login page. The problem I have is that I can not
disable the regular address translation (I want the source address to stay
the same).
10.0.0.7 is the wifi client
195.250.155.29 is the web wifi user tries to access from his browser
195.113.17.94 is my login page
10.0.0.1 is the wifi interface on the server
What happens is
In [TCP] [TCP] 10.0.0.7:1036 - 195.250.155.29:80 aliased to
[TCP] 10.0.0.1:1036 - 195.113.17.94:80
The natd configuration file:
-
interface wi0
port 1234
#proxy_only yes
reverse
proxy_rule port 80 server 195.113.17.94:80
-
Natd was run as natd -f /etc/natd.conf -v with
00010 divert 1234 tcp from any to any via wi0
I was hoping proxy_only will do the trick but it does not seem to have
any impact and the source address is changed anyway.
A quick glance at the source did not help much to my understanding of the
proxy_only option.
Confirmed as a bug. The attached patch worked for me,
please test it. You'll have to recompile and reinstall
libalias(3), then recompile and reinstall natd(8) with
new library.
I was too fast. This patch doesn't work well. It works
in a sense that it doesn't modify source IP address of
the proxied packets, but it doesn't work in a sense that
reply packets do not undergo de-aliasing. The attached
patch is verified to work. Please test it instead.
Cheers,
--
Ruslan Ermilov Sysadmin and DBA,
[EMAIL PROTECTED] Sunbay Software Ltd,
[EMAIL PROTECTED] FreeBSD committer
Index: alias.c
===
RCS file: /home/ncvs/src/lib/libalias/alias.c,v
retrieving revision 1.36
diff -u -p -r1.36 alias.c
--- alias.c 23 Jul 2002 00:16:19 - 1.36
+++ alias.c 8 Jun 2003 22:38:36 -
@@ -1425,6 +1425,10 @@ PacketAliasOut(char *ptr, /* v
SetDefaultAliasAddress(pip-ip_src);
}
}
+else if (packetAliasMode PKT_ALIAS_PROXY_ONLY)
+{
+SetDefaultAliasAddress(pip-ip_src);
+}
iresult = PKT_ALIAS_IGNORED;
if ((ntohs(pip-ip_off) IP_OFFMASK) == 0)
pgp0.pgp
Description: PGP signature