Add the ``nat target'' command.

4 files changed, 50 insertions, 19 deletions

diff --git a/usr.sbin/ppp/ppp/command.c b/usr.sbin/ppp/ppp/command.c
index 7a4dc049cc2..93dfb40f866 100644
--- a/usr.sbin/ppp/ppp/command.c
+++ b/usr.sbin/ppp/ppp/command.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $OpenBSD: command.c,v 1.39 2000/03/19 10:33:32 brian Exp $
+ * $OpenBSD: command.c,v 1.40 2000/03/31 14:32:50 brian Exp $
  *
  */
 #include <sys/param.h>
@@ -172,8 +172,8 @@ static int IfaceDeleteCommand(struct cmdargs const *);
 static int IfaceClearCommand(struct cmdargs const *);
 static int SetProcTitle(struct cmdargs const *);
 #ifndef NONAT
-static int AliasEnable(struct cmdargs const *);
-static int AliasOption(struct cmdargs const *);
+static int NatEnable(struct cmdargs const *);
+static int NatOption(struct cmdargs const *);
 #endif
 
 static const char *
@@ -582,36 +582,37 @@ ResolvCommand(struct cmdargs const *arg)
 }
 
 #ifndef NONAT
-static struct cmdtab const AliasCommands[] =
+static struct cmdtab const NatCommands[] =
 {
   {"addr", NULL, nat_RedirectAddr, LOCAL_AUTH,
    "static address translation", "nat addr [addr_local addr_alias]"},
-  {"deny_incoming", NULL, AliasOption, LOCAL_AUTH,
+  {"deny_incoming", NULL, NatOption, LOCAL_AUTH,
    "stop incoming connections", "nat deny_incoming yes|no",
    (const void *) PKT_ALIAS_DENY_INCOMING},
-  {"enable", NULL, AliasEnable, LOCAL_AUTH,
+  {"enable", NULL, NatEnable, LOCAL_AUTH,
    "enable NAT", "nat enable yes|no"},
-  {"log", NULL, AliasOption, LOCAL_AUTH,
+  {"log", NULL, NatOption, LOCAL_AUTH,
    "log NAT link creation", "nat log yes|no",
    (const void *) PKT_ALIAS_LOG},
   {"port", NULL, nat_RedirectPort, LOCAL_AUTH, "port redirection",
    "nat port proto localaddr:port[-port] aliasport[-aliasport]"},
-  {"pptp", NULL, nat_Pptp, LOCAL_AUTH,
-   "Set the PPTP address", "nat pptp IP"},
+  {"pptp", NULL, nat_Pptp, LOCAL_AUTH, "Set the PPTP address", "nat pptp IP"},
   {"proxy", NULL, nat_ProxyRule, LOCAL_AUTH,
    "proxy control", "nat proxy server host[:port] ..."},
-  {"same_ports", NULL, AliasOption, LOCAL_AUTH,
+  {"same_ports", NULL, NatOption, LOCAL_AUTH,
    "try to leave port numbers unchanged", "nat same_ports yes|no",
    (const void *) PKT_ALIAS_SAME_PORTS},
-  {"unregistered_only", NULL, AliasOption, LOCAL_AUTH,
+  {"target", NULL, nat_SetTarget, LOCAL_AUTH,
+   "Default address for incoming connections", "nat target addr" },
+  {"unregistered_only", NULL, NatOption, LOCAL_AUTH,
    "translate unregistered (private) IP address space only",
    "nat unregistered_only yes|no",
    (const void *) PKT_ALIAS_UNREGISTERED_ONLY},
-  {"use_sockets", NULL, AliasOption, LOCAL_AUTH,
+  {"use_sockets", NULL, NatOption, LOCAL_AUTH,
    "allocate host sockets", "nat use_sockets yes|no",
    (const void *) PKT_ALIAS_USE_SOCKETS},
   {"help", "?", HelpCommand, LOCAL_AUTH | LOCAL_NO_AUTH,
-   "Display this message", "nat help|? [command]", AliasCommands},
+   "Display this message", "nat help|? [command]", NatCommands},
   {NULL, NULL, NULL},
 };
 #endif
@@ -688,7 +689,7 @@ static struct cmdtab const Commands[] = {
   "Load settings", "load [system ...]"},
 #ifndef NONAT
   {"nat", "alias", RunListCommand, LOCAL_AUTH,
-  "NAT control", "nat option yes|no", AliasCommands},
+  "NAT control", "nat option yes|no", NatCommands},
 #endif
   {"open", NULL, OpenCommand, LOCAL_AUTH | LOCAL_CX_OPT,
   "Open an FSM", "open! [lcp|ccp|ipcp]", (void *)1},
@@ -2129,7 +2130,7 @@ DeleteCommand(struct cmdargs const *arg)
 
 #ifndef NONAT
 static int
-AliasEnable(struct cmdargs const *arg)
+NatEnable(struct cmdargs const *arg)
 {
   if (arg->argc == arg->argn+1) {
     if (strcasecmp(arg->argv[arg->argn], "yes") == 0) {
@@ -2152,7 +2153,7 @@ AliasEnable(struct cmdargs const *arg)
 
 
 static int
-AliasOption(struct cmdargs const *arg)
+NatOption(struct cmdargs const *arg)
 {
   long param = (long)arg->cmd->args;
 
diff --git a/usr.sbin/ppp/ppp/nat_cmd.c b/usr.sbin/ppp/ppp/nat_cmd.c
index 702decfc9a0..f91ad38e633 100644
--- a/usr.sbin/ppp/ppp/nat_cmd.c
+++ b/usr.sbin/ppp/ppp/nat_cmd.c
@@ -2,7 +2,7 @@
  * The code in this file was written by Eivind Eklund <perhaps@yes.no>,
  * who places it in the public domain without restriction.
  *
- *	$OpenBSD: nat_cmd.c,v 1.8 2000/03/29 09:32:37 brian Exp $
+ *	$OpenBSD: nat_cmd.c,v 1.9 2000/03/31 14:32:51 brian Exp $
  */
 
 #include <sys/param.h>
@@ -339,6 +339,30 @@ nat_Pptp(struct cmdargs const *arg)
   return 0;
 }
 
+int
+nat_SetTarget(struct cmdargs const *arg)
+{
+  struct in_addr addr;
+
+  if (arg->argc == arg->argn) {
+    addr.s_addr = INADDR_ANY;
+    PacketAliasSetTarget(addr);
+    return 0;
+  }
+
+  if (arg->argc != arg->argn + 1)
+    return -1;
+
+  addr = GetIpAddr(arg->argv[arg->argn]);
+  if (addr.s_addr == INADDR_NONE) {
+    log_Printf(LogWARN, "%s: invalid address\n", arg->argv[arg->argn]);
+    return 1;
+  }
+
+  PacketAliasSetTarget(addr);
+  return 0;
+}
+
 static struct mbuf *
 nat_LayerPush(struct bundle *bundle, struct link *l, struct mbuf *bp,
                 int pri, u_short *proto)
diff --git a/usr.sbin/ppp/ppp/nat_cmd.h b/usr.sbin/ppp/ppp/nat_cmd.h
index 5ebaa6a6f79..fd2fef404a6 100644
--- a/usr.sbin/ppp/ppp/nat_cmd.h
+++ b/usr.sbin/ppp/ppp/nat_cmd.h
@@ -2,7 +2,7 @@
  * The code in this file was written by Eivind Eklund <perhaps@yes.no>,
  * who places it in the public domain without restriction.
  *
- *	$OpenBSD: nat_cmd.h,v 1.2 2000/02/27 01:38:27 brian Exp $
+ *	$OpenBSD: nat_cmd.h,v 1.3 2000/03/31 14:32:51 brian Exp $
  */
 
 struct cmdargs;
@@ -11,5 +11,6 @@ extern int nat_RedirectPort(struct cmdargs const *);
 extern int nat_RedirectAddr(struct cmdargs const *);
 extern int nat_ProxyRule(struct cmdargs const *);
 extern int nat_Pptp(struct cmdargs const *);
+extern int nat_SetTarget(struct cmdargs const *);
 
 extern struct layer natlayer;
diff --git a/usr.sbin/ppp/ppp/ppp.8 b/usr.sbin/ppp/ppp/ppp.8
index 371764b1952..e9f98950e37 100644
--- a/usr.sbin/ppp/ppp/ppp.8
+++ b/usr.sbin/ppp/ppp/ppp.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ppp.8,v 1.81 2000/03/19 17:57:11 aaron Exp $
+.\" $OpenBSD: ppp.8,v 1.82 2000/03/31 14:32:51 brian Exp $
 .Dd 20 September 1995
 .nr XX \w'\fC00'
 .Dt PPP 8
@@ -3183,6 +3183,11 @@ attempt to avoid changing the port number on outgoing packets.
 This is useful
 if you want to support protocols such as RPC and LPD which require
 connections to come from a well known port.
+.It nat target Op Ar address
+Set the given target address or clear it if no address is given.  The target
+address is used by libalias to specify how to NAT incoming packets by default.
+If a target address is not set, the alias address (that of the tun interface)
+is used.
 .It nat use_sockets yes|no
 When enabled, this option tells the network address translation engine to
 create a socket so that it can guarantee a correct incoming ftp data or