From cc9111fe9cc327f5301c65341da4adb4371c1e63 Mon Sep 17 00:00:00 2001 From: jow Date: Thu, 7 May 2009 14:14:59 +0000 Subject: [PATCH] New package redir This patch adds a new package "redir" that allows to redirect incoming TCP connections to a specific destination in a proxy-like way. git-svn-id: svn://svn.openwrt.org/openwrt/packages@15686 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- net/redir/Makefile | 35 ++++++++++++++ net/redir/patches/00_honor_copts.patch | 12 +++++ net/redir/patches/01_fix_max_bandwidth_docs.patch | 54 ++++++++++++++++++++++ net/redir/patches/02_use_ntohs.patch | 43 +++++++++++++++++ net/redir/patches/03_fix_tcp_wrappers.patch | 25 ++++++++++ net/redir/patches/04_fix_timeouts.patch | 38 +++++++++++++++ net/redir/patches/06_fix_shaper_buffer.patch | 56 +++++++++++++++++++++++ 7 files changed, 263 insertions(+) create mode 100644 net/redir/Makefile create mode 100644 net/redir/patches/00_honor_copts.patch create mode 100644 net/redir/patches/01_fix_max_bandwidth_docs.patch create mode 100644 net/redir/patches/02_use_ntohs.patch create mode 100644 net/redir/patches/03_fix_tcp_wrappers.patch create mode 100644 net/redir/patches/04_fix_timeouts.patch create mode 100644 net/redir/patches/06_fix_shaper_buffer.patch diff --git a/net/redir/Makefile b/net/redir/Makefile new file mode 100644 index 000000000..71160b61f --- /dev/null +++ b/net/redir/Makefile @@ -0,0 +1,35 @@ +# Copyright (C) 2009 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=redir +PKG_VERSION:=2.2.1 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=http://sammy.net/~sammy/hacks +PKG_MD5SUM:=4342fadac30504c86c8db7beefe01995 + +include $(INCLUDE_DIR)/package.mk + +define Package/redir + SECTION:=net + CATEGORY:=Network + TITLE=Redirect TCP connections + URL:=http://sammy.net/~sammy/hacks +endef + +define Package/redir/description + A port redirector, used to forward incoming connections to somewhere else. +endef + +define Package/redir/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/redir $(1)/usr/bin/ +endef + +$(eval $(call BuildPackage,redir)) diff --git a/net/redir/patches/00_honor_copts.patch b/net/redir/patches/00_honor_copts.patch new file mode 100644 index 000000000..dfd6b46a7 --- /dev/null +++ b/net/redir/patches/00_honor_copts.patch @@ -0,0 +1,12 @@ +diff -ruN a/Makefile b/Makefile +--- a/Makefile 2009-05-07 14:31:14.000000000 +0100 ++++ b/Makefile 2009-05-07 14:31:47.000000000 +0100 +@@ -32,7 +32,7 @@ + # if your system lacks getopt_long, remove the comment from this line + OBJS = redir.o $(GETOPT_OBJS) + +-CFLAGS = -O2 -Wall $(STR_CFLAGS) $(WRAP_CFLAGS) $(EXTRA_CFLAGS) ++CFLAGS += -Wall $(STR_CFLAGS) $(WRAP_CFLAGS) $(EXTRA_CFLAGS) + LDFLAGS = -s + + # solaris, and others, may also need these libraries to link diff --git a/net/redir/patches/01_fix_max_bandwidth_docs.patch b/net/redir/patches/01_fix_max_bandwidth_docs.patch new file mode 100644 index 000000000..378061cca --- /dev/null +++ b/net/redir/patches/01_fix_max_bandwidth_docs.patch @@ -0,0 +1,54 @@ +diff -Nur a/redir.c b/redir.c +--- a/redir.c 1999-12-26 15:50:06.000000000 -0500 ++++ b/redir.c 2005-10-22 21:21:56.849499952 -0400 +@@ -233,7 +233,7 @@ + #ifndef NO_SHAPER + /* options for bandwidth */ + fprintf(stderr, "\t\t--bufsize=\tsize of the buffer\n"); +- fprintf(stderr, "\t\t--maxbandwidth=\tlimit the bandwidth\n"); ++ fprintf(stderr, "\t\t--max_bandwidth=\tlimit the bandwidth\n"); + fprintf(stderr, "\t\t--random_wait=\twait before each packet\n"); + fprintf(stderr, "\t\t--wait_in_out=\t1 wait for in, 2 out, 3 in&out\n"); + /* end options for bandwidth */ +diff -urNad redir-2.2.1~/redir.man redir-2.2.1/redir.man +--- redir-2.2.1~/redir.man 1999-12-26 15:52:24.000000000 -0500 ++++ redir-2.2.1/redir.man 2005-10-22 21:22:28.882630176 -0400 +@@ -18,7 +18,7 @@ + .I --lport=port + .I --cport=port + .RB [ \--bufsize=n ] +-.RB [ \--maxbandwidth=n ] ++.RB [ \--max_bandwidth=n ] + .RB [ \--random_wait=n ] + .RB [ \--wait_in_out=n ] + .ll -8 +@@ -35,7 +35,7 @@ + .RB [ \--connect=host:port ] + .I --cport=port + .RB [ \--bufsize=n ] +-.RB [ \--maxbandwidth=n ] ++.RB [ \--max_bandwidth=n ] + .RB [ \--random_wait=n ] + .RB [ \--wait_in_out=n ] + .ll -8 +@@ -102,9 +102,9 @@ + .TP + .B \--bufsize n + Set the bufsize (defaut 4096) in bytes. Can be used combined with +---maxbandwidth or --random_wait to simulate a slow connection. ++--max_bandwidth or --random_wait to simulate a slow connection. + .TP +-.B \--maxbandwidth n ++.B \--max_bandwidth n + Reduce the bandwidth to be no more than n bits/sec. The algorithme is + basic, the goal is to simulate a slow connection, so there is no pic + acceptance. +@@ -115,7 +115,7 @@ + than the bufsize (see also --bufsize). + .TP + .B \--wait_in_out n +-Apply --maxbandwidth and --random_wait for input if n=1, output if n=2 and ++Apply --max_bandwidth and --random_wait for input if n=1, output if n=2 and + both if n=3. + .SH "SEE ALSO" + inetd(1) diff --git a/net/redir/patches/02_use_ntohs.patch b/net/redir/patches/02_use_ntohs.patch new file mode 100644 index 000000000..a6b9f0fe3 --- /dev/null +++ b/net/redir/patches/02_use_ntohs.patch @@ -0,0 +1,43 @@ +diff -Nur a/redir.c b/redir.c +--- a/redir.c 1999-12-26 15:50:06.000000000 -0500 ++++ b/redir.c 2005-10-22 21:29:55.491735272 -0400 +@@ -745,7 +745,7 @@ + } + + debug1("peer IP is %s\n", inet_ntoa(client.sin_addr)); +- debug1("peer socket is %d\n", client.sin_port); ++ debug1("peer socket is %d\n", ntohs(client.sin_port)); + + /* + * Double fork here so we don't have to wait later +@@ -871,8 +871,8 @@ + strcpy(tmp2, inet_ntoa(target->sin_addr)); + + syslog(LOG_NOTICE, "connecting %s/%d to %s/%d", +- tmp1, client.sin_port, +- tmp2, target->sin_port); ++ tmp1, ntohs(client.sin_port), ++ tmp2, ntohs(target->sin_port)); + } + + /* do proxy stuff */ +@@ -1066,7 +1066,7 @@ + + if (!getpeername(0, (struct sockaddr *) &client, &client_size)) { + debug1("peer IP is %s\n", inet_ntoa(client.sin_addr)); +- debug1("peer socket is %d\n", client.sin_port); ++ debug1("peer socket is %d\n", ntohs(client.sin_port)); + } + if ((targetsock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + perror("target: socket"); +@@ -1109,8 +1109,8 @@ + + if (dosyslog) { + syslog(LOG_NOTICE, "connecting %s/%d to %s/%d", +- inet_ntoa(client.sin_addr), client.sin_port, +- target_ip, target.sin_port); ++ inet_ntoa(client.sin_addr), ntohs(client.sin_port), ++ target_ip, ntohs(target.sin_port)); + } + + /* Just start copying - one side of the loop is stdin - 0 */ diff --git a/net/redir/patches/03_fix_tcp_wrappers.patch b/net/redir/patches/03_fix_tcp_wrappers.patch new file mode 100644 index 000000000..3718c6536 --- /dev/null +++ b/net/redir/patches/03_fix_tcp_wrappers.patch @@ -0,0 +1,25 @@ +diff -Nur a/redir.c b/redir.c +--- a/redir.c 2005-10-22 22:10:11.439455392 -0400 ++++ b/redir.c 2005-10-22 22:10:51.625346208 -0400 +@@ -802,8 +802,8 @@ + #ifdef USE_TCP_WRAPPERS + request_init(&request, RQ_DAEMON, ident, RQ_FILE, clisock, 0); + sock_host(&request); +- sock_hostname(&request); +- sock_hostaddr(&request); ++ sock_hostname(request.client); ++ sock_hostaddr(request.client); + + if (!hosts_access(&request)) { + refuse(&request); +@@ -1057,8 +1057,8 @@ + #ifdef USE_TCP_WRAPPERS + request_init(&request, RQ_DAEMON, ident, RQ_FILE, 0, 0); + sock_host(&request); +- sock_hostname(&request); +- sock_hostaddr(&request); ++ sock_hostname(request.client); ++ sock_hostaddr(request.client); + + if (!hosts_access(&request)) + refuse(&request); diff --git a/net/redir/patches/04_fix_timeouts.patch b/net/redir/patches/04_fix_timeouts.patch new file mode 100644 index 000000000..45bba9b9e --- /dev/null +++ b/net/redir/patches/04_fix_timeouts.patch @@ -0,0 +1,38 @@ +diff -Nur a/redir.c b/redir.c +--- a/redir.c 2005-10-22 22:44:39.504061784 -0400 ++++ b/redir.c 2005-10-22 22:47:14.746461352 -0400 +@@ -598,10 +598,6 @@ + /* Record start time */ + start_time = (unsigned int) time(NULL); + +- /* Set up timeout */ +- timeout.tv_sec = timeout_secs; +- timeout.tv_usec = 0; +- + /* file descriptor bits */ + FD_ZERO(&iofds); + FD_SET(insock, &iofds); +@@ -618,14 +614,21 @@ + while(1) { + (void) memcpy(&c_iofds, &iofds, sizeof(iofds)); + ++ /* Set up timeout, Linux returns seconds left in this structure ++ * so we have to reset it before each select(). */ ++ timeout.tv_sec = timeout_secs; ++ timeout.tv_usec = 0; ++ + + if (select(max_fd + 1, + &c_iofds, + (fd_set *)0, + (fd_set *)0, + (timeout_secs ? &timeout : NULL)) <= 0) { +- /* syslog(LLEV,"connection timeout: %d sec",timeout.tv_sec);*/ +- break; ++ if (dosyslog) { ++ syslog(LOG_NOTICE,"connection timeout: %d sec",timeout_secs); ++ } ++ break; + } + + if(FD_ISSET(insock, &c_iofds)) { diff --git a/net/redir/patches/06_fix_shaper_buffer.patch b/net/redir/patches/06_fix_shaper_buffer.patch new file mode 100644 index 000000000..8cbe723eb --- /dev/null +++ b/net/redir/patches/06_fix_shaper_buffer.patch @@ -0,0 +1,56 @@ +diff -Nur a/redir.c b/redir.c +--- a/redir.c 2005-10-22 23:20:05.235901424 -0400 ++++ b/redir.c 2005-10-22 23:22:20.198384008 -0400 +@@ -259,7 +259,7 @@ + #endif + int *transproxy, + #ifndef NO_SHAPER +- unsigned int * bufsize, ++ unsigned int * bufsizeout, + int * max_bandwidth, + int * random_wait, + int * wait_in_out, +@@ -366,7 +366,7 @@ + + #ifndef NO_SHAPER + case 'z': +- *bufsize = (unsigned int)atol(optarg); ++ *bufsizeout = (unsigned int)atol(optarg); + break; + + case 'm': +@@ -593,7 +593,7 @@ + unsigned long bytes_in = 0; + unsigned long bytes_out = 0; + unsigned int start_time, end_time; +- char buf[bufsize]; ++ char* buf = malloc(bufsize); + + /* Record start time */ + start_time = (unsigned int) time(NULL); +@@ -632,7 +632,7 @@ + } + + if(FD_ISSET(insock, &c_iofds)) { +- if((bytes = read(insock, buf, sizeof(buf))) <= 0) ++ if((bytes = read(insock, buf, bufsize)) <= 0) + break; + #ifndef NO_FTP + if (ftp & FTP_PORT) +@@ -647,7 +647,7 @@ + bytes_out += bytes; + } + if(FD_ISSET(outsock, &c_iofds)) { +- if((bytes = read(outsock, buf, sizeof(buf))) <= 0) ++ if((bytes = read(outsock, buf, bufsize)) <= 0) + break; + /* if we're correcting for PASV on ftp redirections, then + fix buf and bytes to have the new address, among other +@@ -684,6 +684,7 @@ + syslog(LOG_NOTICE, "disconnect %d secs, %ld in %ld out", + (end_time - start_time), bytes_in, bytes_out); + } ++ free(buf); + return; + } + -- 2.11.0