1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
$NetBSD: patch-cd,v 1.10 2005/08/09 15:48:30 taca Exp $
--- src/client_side.c.orig 2005-07-13 01:16:03.000000000 +0900
+++ src/client_side.c
@@ -41,6 +41,9 @@
#endif
#include <netinet/tcp.h>
#include <net/if.h>
+#if HAVE_NETINET_IPL_H
+#include <netinet/ipl.h>
+#endif
#if HAVE_IP_FIL_COMPAT_H
#include <ip_fil_compat.h>
#elif HAVE_NETINET_IP_FIL_COMPAT_H
@@ -2592,6 +2595,9 @@ parseHttpRequest(ConnStateData * conn, m
static int natfd = -1;
static int siocgnatl_cmd = SIOCGNATL & 0xff;
int x;
+#if defined(IPFILTER_VERSION) && (IPFILTER_VERSION >= 4000027)
+ struct ipfobj obj;
+#endif
#endif
#if PF_TRANSPARENT
struct pfioc_natlook nl;
@@ -2734,6 +2740,13 @@ parseHttpRequest(ConnStateData * conn, m
if (vhost_mode) {
#if IPF_TRANSPARENT
static time_t last_reported = 0;
+#if defined(IPFILTER_VERSION) && (IPFILTER_VERSION >= 4000027)
+ obj.ipfo_rev = IPFILTER_VERSION;
+ obj.ipfo_size = sizeof(natLookup);
+ obj.ipfo_ptr = &natLookup;
+ obj.ipfo_type = IPFOBJ_NATLOOKUP;
+ obj.ipfo_offset = 0;
+#endif
natLookup.nl_inport = http->conn->me.sin_port;
natLookup.nl_outport = http->conn->peer.sin_port;
natLookup.nl_inip = http->conn->me.sin_addr;
@@ -2742,8 +2755,8 @@ parseHttpRequest(ConnStateData * conn, m
if (natfd < 0) {
int save_errno;
enter_suid();
-#ifdef IPL_NAME
- natfd = open(IPL_NAME, O_RDONLY, 0);
+#ifdef IPNAT_NAME
+ natfd = open(IPNAT_NAME, O_RDONLY, 0);
#else
natfd = open(IPL_NAT, O_RDONLY, 0);
#endif
@@ -2757,6 +2770,9 @@ parseHttpRequest(ConnStateData * conn, m
last_reported = squid_curtime;
}
} else {
+#if defined(IPFILTER_VERSION) && (IPFILTER_VERSION >= 4000027)
+ x = ioctl(natfd, SIOCGNATL, &obj);
+#else
/*
* IP-Filter changed the type for SIOCGNATL between
* 3.3 and 3.4. It also changed the cmd value for
@@ -2770,6 +2786,7 @@ parseHttpRequest(ConnStateData * conn, m
} else {
x = ioctl(natfd, SIOCGNATL, &natLookup);
}
+#endif
if (x < 0) {
if (errno != ESRCH) {
if (squid_curtime - last_reported > 60) {
|