summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorDenis Vlasenko <vda.linux@googlemail.com>2007-04-01 10:59:33 +0000
committerDenis Vlasenko <vda.linux@googlemail.com>2007-04-01 10:59:33 +0000
commit57a426b15becb6b91850a55986244e53b8b22773 (patch)
treecffc17f98425a0db20f277706df84b7c37ecde34
parentba2fb719b92034e745b59d2c3b5b05209ce45352 (diff)
tcpsvd: fix line buffering, add firewall query code
-rw-r--r--ipsvd/ipsvd_perhost.c9
-rw-r--r--ipsvd/ipsvd_perhost.h9
-rw-r--r--ipsvd/tcpsvd.c42
3 files changed, 52 insertions, 8 deletions
diff --git a/ipsvd/ipsvd_perhost.c b/ipsvd/ipsvd_perhost.c
index c6f7de339..1c5c12af5 100644
--- a/ipsvd/ipsvd_perhost.c
+++ b/ipsvd/ipsvd_perhost.c
@@ -1,3 +1,12 @@
+/* Based on ipsvd utilities written by Gerrit Pape <pape@smarden.org>
+ * which are released into public domain by the author.
+ * Homepage: http://smarden.sunsite.dk/ipsvd/
+ *
+ * Copyright (C) 2007 Denis Vlasenko.
+ *
+ * Licensed under GPLv2, see file LICENSE in this tarball for details.
+ */
+
#include "busybox.h"
#include "ipsvd_perhost.h"
diff --git a/ipsvd/ipsvd_perhost.h b/ipsvd/ipsvd_perhost.h
index 05c939d89..26b4063ea 100644
--- a/ipsvd/ipsvd_perhost.h
+++ b/ipsvd/ipsvd_perhost.h
@@ -1,3 +1,12 @@
+/* Based on ipsvd utilities written by Gerrit Pape <pape@smarden.org>
+ * which are released into public domain by the author.
+ * Homepage: http://smarden.sunsite.dk/ipsvd/
+ *
+ * Copyright (C) 2007 Denis Vlasenko.
+ *
+ * Licensed under GPLv2, see file LICENSE in this tarball for details.
+ */
+
struct hcc {
char ip[32 - sizeof(int)];
int pid;
diff --git a/ipsvd/tcpsvd.c b/ipsvd/tcpsvd.c
index df9821652..2a3cd3b01 100644
--- a/ipsvd/tcpsvd.c
+++ b/ipsvd/tcpsvd.c
@@ -2,7 +2,7 @@
* which are released into public domain by the author.
* Homepage: http://smarden.sunsite.dk/ipsvd/
*
- * Copyright (C) 2007 by Denis Vlasenko.
+ * Copyright (C) 2007 Denis Vlasenko.
*
* Licensed under GPLv2, see file LICENSE in this tarball for details.
*/
@@ -14,8 +14,17 @@
* Code inside "#ifdef SSLSVD" is for sslsvd and is currently unused.
* Code inside #if 0" is parts of original tcpsvd which are not implemented
* for busyboxed version.
+ *
+ * Output of verbose mode matches original (modulo bugs and
+ * unimplemented stuff). Unnatural splitting of IP and PORT
+ * is retained (personally I prefer one-value "IP:PORT" notation -
+ * it is a natural string representation of struct sockaddr_XX).
+ *
+ * TCPORIGDST{IP,PORT} is busybox-specific addition
*/
+#include <limits.h>
+#include <linux/netfilter_ipv4.h> /* wants <limits.h> */
#include "busybox.h"
#include "ipsvd_perhost.h"
@@ -46,7 +55,7 @@ enum {
OPT_t = (1 << 10),
OPT_v = (1 << 11),
OPT_V = (1 << 12),
- OPT_U = (1 << 13),
+ OPT_U = (1 << 13), /* from here: sslsvd only */
OPT_slash = (1 << 14),
OPT_Z = (1 << 15),
OPT_K = (1 << 16),
@@ -104,7 +113,7 @@ int tcpsvd_main(int argc, char **argv)
const char *instructs;
char *msg_per_host = NULL;
unsigned len_per_host = len_per_host; /* gcc */
- int need_addresses;
+ int need_hostnames, need_remote_ip;
int pid;
int sock;
int conn;
@@ -171,7 +180,9 @@ int tcpsvd_main(int argc, char **argv)
if (!argv[0][0] || LONE_CHAR(argv[0], '0'))
argv[0] = (char*)"0.0.0.0";
- need_addresses = verbose || !(option_mask32 & OPT_E);
+ setlinebuf(stdout);
+ need_hostnames = verbose || !(option_mask32 & OPT_E);
+ need_remote_ip = max_per_host || need_hostnames;
#ifdef SSLSVD
sslser = user;
@@ -299,7 +310,7 @@ int tcpsvd_main(int argc, char **argv)
close(sock);
- if (!max_per_host)
+ if (!max_per_host && need_remote_ip)
remote_ip = xmalloc_sockaddr2dotted_noport(&sock_adr.sa, sizeof(sock_adr));
/* else it is already done */
@@ -311,7 +322,7 @@ int tcpsvd_main(int argc, char **argv)
printf("%s: info: pid %d from %s\n", applet_name, pid, remote_ip);
}
- if (need_addresses && (option_mask32 & OPT_h)) {
+ if (need_hostnames && (option_mask32 & OPT_h)) {
remote_hostname = xmalloc_sockaddr2host(&sock_adr.sa, sizeof(sock_adr));
if (!remote_hostname) {
bb_error_msg("warning: cannot look up hostname for %s", remote_ip);
@@ -324,7 +335,7 @@ int tcpsvd_main(int argc, char **argv)
* which doesn't know local ip) */
getsockname(conn, &sock_adr.sa, &sockadr_size);
- if (need_addresses) {
+ if (need_hostnames) {
local_ip = xmalloc_sockaddr2dotted_noport(&sock_adr.sa, sockadr_size);
local_port = get_nport(&sock_adr.sa);
local_port = ntohs(local_port);
@@ -337,6 +348,20 @@ int tcpsvd_main(int argc, char **argv)
if (!(option_mask32 & OPT_E)) {
/* setup ucspi env */
+
+ /* Extract "original" destination addr:port
+ * from Linux firewall. Useful when you redirect
+ * an outbond connection to local handler, and it needs
+ * to know where it originally tried to connect */
+ sockadr_size = sizeof(sock_adr);
+ if (getsockopt(conn, SOL_IP, SO_ORIGINAL_DST, &sock_adr.sa, &sockadr_size) == 0) {
+ char *ip = xmalloc_sockaddr2dotted_noport(&sock_adr.sa, sockadr_size);
+ port = get_nport(&sock_adr.sa);
+ port = ntohs(port);
+ xsetenv("TCPORIGDSTIP", ip);
+ xsetenv("TCPORIGDSTPORT", utoa(port));
+ free(ip);
+ }
xsetenv("PROTO", "TCP");
xsetenv("TCPLOCALIP", local_ip);
xsetenv("TCPLOCALPORT", utoa(local_port));
@@ -431,7 +456,8 @@ int tcpsvd_main(int argc, char **argv)
}
/*
-tcpsvd [-hpEvv] [-c n] [-C n:msg] [-b n] [-u user] [-l name] [-i dir|-x cdb] [ -t sec] host port prog
+tcpsvd [-hpEvv] [-c n] [-C n:msg] [-b n] [-u user] [-l name]
+ [-i dir|-x cdb] [ -t sec] host port prog
tcpsvd creates a TCP/IP socket, binds it to the address host:port,
and listens on the socket for incoming connections.