summaryrefslogtreecommitdiffstats
path: root/libexec/ftp-proxy/ftp-proxy.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* code is not being used; toss into Atticderaadt2005-11-241-1373/+0
|
* Check snprintf return value for -1.cloder2005-03-051-8/+9
| | | | OK otto, henning, hshoexer, krw, beck
* const correctness, string literals are const char *, no functional changedhartmei2005-02-241-4/+4
| | | | from Joerg Sonnenberger joerg(at)britannica(dot)bec(dot)de
* Fix -S flag for non-root; from Ewen McNeill (closes PR 4066)millert2005-01-191-2/+2
| | | | OK dhartmei@ and hshoexer@
* options sort and sync usage();jmc2004-11-191-4/+4
| | | | from wiz@netbsd
* addr -> address in usage() for consistency.brad2004-07-111-2/+2
|
* The 'reverse ftp-proxy' mode adds a command line option -R todhartmei2004-07-061-6/+49
| | | | | | | | | | | | | ftp-proxy which proxies connection from external ftp clients to an internal ftp server, supporting client passive mode (where server listens on a random port for data connections, and the client connects to the server for data connections). This is the reverse mode to normal operation, where ftp-proxy proxies connections from local clients to external servers, supporting client active mode. ok beck@, henning@
* #include fixes, from Max Laier, ok beck@ henning@dhartmei2004-03-141-2/+2
|
* Add a -a address option to set the address which the proxy will usebeck2004-01-221-5/+14
| | | | | | to bind the local end of outgoing connections, and some man page cleanup. Based on diff provided in pr 3538 by Karl O. Pinc <kop@meme.com> Closes pr 3538. ok dhartmei@
* pf spelling policedavid2003-08-221-2/+2
| | | | ok dhartmei@ jmc@
* correctly handle multiline responses with leading space followed by numberhenning2003-07-291-1/+3
| | | | PR3378 mayonez@ssnet.xim.pl, thanks!
* missing protosderaadt2003-06-281-3/+8
|
* delinting from beckderaadt2003-06-231-17/+14
|
* cmdline options in alphabetical order in usage() and manpagedavid2003-03-201-4/+4
| | | | | | and make sure they are consistent ok dhartmei@ henning@
* Honour TCP_WRAPPERS mk.conf setting; ok millert@djm2003-01-231-3/+14
|
* various tweaks. someone mailed in a huge diff that was so wrong in soderaadt2002-12-191-56/+65
| | | | many ways, and i wasted 2 hours finding the gems in it...
* accidental commitderaadt2002-12-191-66/+58
|
* missing .Ppderaadt2002-12-191-58/+66
|
* typos/grammar/better wordsjufi2002-07-071-3/+3
| | | | in comments.
* KNFderaadt2002-07-031-10/+10
|
* no newlines in syslogbeck2002-06-091-24/+24
|
* KNF during an audit; found an improperly initialized sockaddrderaadt2002-05-231-31/+19
|
* Pass full length to strlcat(). From Brian Poole.dhartmei2002-03-121-5/+6
|
* print proper host name for the proxy's peer; bob okmickey2002-01-101-4/+4
|
* RFC 959 wasn't clear about what happens around a PASV reply, and inbeck2001-12-141-5/+8
| | | | | | | fact RFC 1123 does say that it may not contain parenthesis, and you just have to look at the end of the line. Tholo managed to find a TOPS20 ftp server (toad.xkl.com) that doesn't put parens around the reply - This fixes it so it will handle either case.
* fix multi-line contunuations - ok deraadt@beck2001-10-101-2/+13
|
* Drop privs to named group, not group with same name as user.beck2001-09-211-2/+2
| | | | | | noticed by itojun, thanks. fries, you need to catch this for what you're using with faithd
* -Make ftp-proxy drop privs to user "proxy" by default.beck2001-09-051-5/+6
| | | | | | | *WARNING* this means that it will die when it can't find user proxy if you are not running with a passwd database generated from current - Speling cleanup and missing va_end() noticed by <d.doroshenko@omnitel.net> - fix logging of getpwnam|getgrnam failures.
* remove unneeded code (this is done later)beck2001-08-281-10/+1
|
* oh, some cleanups etc etcderaadt2001-08-281-77/+58
|
* -Functionify some of the main loop, so it isn't so horrificly deep and isbeck2001-08-221-233/+305
| | | | | | | | | | | | | a bit easier to look at, for small values of easier. -Add two options for -u user and -g group to optionally make the proxy drop privs after doing it's pf ioctl's to find out where to go. Running as non root does mean that the PORT and EPRT backchannels do not come from port 20, but this isn't a problem for most sensible ftp clients and sets of packet filter rules that aren't written by a knuckle dragging ape living in the 90's. I would make it drop privs by default, but technically this breaks the ftp specs, and for the upcoming stuff to deal with EPRT, we will need root privs to manipulate rdr rules).
* unsmokecrack - thanks millertbeck2001-08-191-22/+20
|
* decruftify with prejudicebeck2001-08-191-37/+25
|
* decruftifybeck2001-08-191-29/+8
|
* Argh. I must be wearing a stupid sign todaybeck2001-08-191-2/+2
|
* bye bye atoi.beck2001-08-191-8/+21
|
* oopsbeck2001-08-191-3/+3
|
* I'm a knuckle-dragging moron, the fd_set is overflowable - make it sobeck2001-08-191-28/+39
| | | | it isn't.
* 1564 lines of cleanupderaadt2001-08-191-271/+221
|
* KNFbeck2001-08-191-11/+5
|
* gratuitous KNFism's, don't have it looking like it's your first daybeck2001-08-191-13/+8
| | | | with your new crack pipe
* transparent ftp proxy, based on Obtuse Systems juniper stuff with muchbeck2001-08-191-0/+1320
modernizing and cleanup. still needs looking at. Currently supports PORT PASV EPRT data connections with only a pf rdr to capture the control connection. (I.E. you don't need ip forwarding or other NAT stuff). Runs from inetd. Supports all passive (EPSV PASV) when using -n flag, where the proxy ignores passive mode data connections (and assumes nat will get them through). Todo yet: More audit IpV6 Handle EPSV in proxy (with an rdr added then removed) Option to Daemonize and bind only to the loopback More Content/Login filtering, etc. etc. and more bloat
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.