diff options
| author | cy <cy@FreeBSD.org> | 2007-09-20 06:48:24 +0800 |
|---|---|---|
| committer | cy <cy@FreeBSD.org> | 2007-09-20 06:48:24 +0800 |
| commit | 7f73576bdce258c392325e4e258b20b2a35bc0d7 (patch) | |
| tree | c5caf3df795995ad4c32c56ad2e84c8092068443 | |
| parent | 4577e87bdb3b6a25e8ba549b6cd0c6779e40a8a4 (diff) | |
| download | freebsd-ports-gnome-7f73576bdce258c392325e4e258b20b2a35bc0d7.tar.gz freebsd-ports-gnome-7f73576bdce258c392325e4e258b20b2a35bc0d7.tar.zst freebsd-ports-gnome-7f73576bdce258c392325e4e258b20b2a35bc0d7.zip | |
Add support for Kerberos 5 kshell and Kerberos 4 ekshell using the IP Filter
rcmd proxy.
15 files changed, 411 insertions, 0 deletions
diff --git a/security/fwbuilder-devel/Makefile b/security/fwbuilder-devel/Makefile index bbbc0109e6a8..331cea0da4bb 100644 --- a/security/fwbuilder-devel/Makefile +++ b/security/fwbuilder-devel/Makefile @@ -7,6 +7,7 @@ PORTNAME= fwbuilder PORTVERSION= 2.1.14 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}/fwbuilder/ MASTER_SITE_SUBDIR= fwbuilder diff --git a/security/fwbuilder-devel/files/patch-src-gui-ipfAdvancedDialog.cpp b/security/fwbuilder-devel/files/patch-src-gui-ipfAdvancedDialog.cpp new file mode 100644 index 000000000000..c53c042a7cb8 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-gui-ipfAdvancedDialog.cpp @@ -0,0 +1,11 @@ +--- src/gui/ipfAdvancedDialog.cpp.orig 2007-01-06 14:03:25.000000000 -0800 ++++ src/gui/ipfAdvancedDialog.cpp 2007-09-19 11:29:47.000000000 -0700 +@@ -88,6 +88,8 @@ + data.registerOption( ipf_nat_irc_proxy ,fwopt, "ipf_nat_irc_proxy"); + data.registerOption( ipf_nat_ftp_proxy ,fwopt, "ipf_nat_ftp_proxy"); + data.registerOption( ipf_nat_rcmd_proxy ,fwopt, "ipf_nat_rcmd_proxy"); ++ data.registerOption( ipf_nat_krcmd_proxy ,fwopt, "ipf_nat_krcmd_proxy"); ++ data.registerOption( ipf_nat_ekshell_proxy ,fwopt, "ipf_nat_ekshell_proxy"); + data.registerOption( ipf_fw_dir ,fwopt, "firewall_dir" ); + data.registerOption( ipf_user ,fwopt, "admUser" ); + data.registerOption( altAddress ,fwopt, "altAddress" ); diff --git a/security/fwbuilder-devel/files/patch-src-gui-ipfadvanceddialog_q.ui b/security/fwbuilder-devel/files/patch-src-gui-ipfadvanceddialog_q.ui new file mode 100644 index 000000000000..19216ff4bd76 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-gui-ipfadvanceddialog_q.ui @@ -0,0 +1,70 @@ +--- src/gui/ipfadvanceddialog_q.ui.orig 2006-10-23 21:05:57.000000000 -0700 ++++ src/gui/ipfadvanceddialog_q.ui 2007-09-19 14:20:52.000000000 -0700 +@@ -118,7 +118,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="4" column="1"> ++ <widget class="QCheckBox" row="6" column="1"> + <property name="name"> + <cstring>ipf_nat_raudio_proxy</cstring> + </property> +@@ -126,7 +126,7 @@ + <string>Use raudio proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="5" column="1"> ++ <widget class="QCheckBox" row="7" column="1"> + <property name="name"> + <cstring>ipf_nat_h323_proxy</cstring> + </property> +@@ -134,7 +134,7 @@ + <string>Use h323 proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="6" column="1"> ++ <widget class="QCheckBox" row="8" column="1"> + <property name="name"> + <cstring>ipf_nat_ipsec_proxy</cstring> + </property> +@@ -175,6 +175,22 @@ + <string>Use rcmd proxy in NAT rules</string> + </property> + </widget> ++ <widget class="QCheckBox" row="4" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_krcmd_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos rcmd proxy in NAT rules</string> ++ </property> ++ </widget> ++ <widget class="QCheckBox" row="5" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_ekshell_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos ekshell proxy in NAT rules</string> ++ </property> ++ </widget> + <spacer row="9" column="1"> + <property name="name"> + <cstring>spacer36</cstring> +@@ -192,7 +208,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="7" column="1"> ++ <widget class="QCheckBox" row="9" column="1"> + <property name="name"> + <cstring>ipf_nat_pptp_proxy</cstring> + </property> +@@ -200,7 +216,7 @@ + <string>Use PPTP proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="8" column="1"> ++ <widget class="QCheckBox" row="10" column="1"> + <property name="name"> + <cstring>ipf_nat_irc_proxy</cstring> + </property> diff --git a/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.cpp b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.cpp new file mode 100644 index 000000000000..c219847d030f --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.cpp @@ -0,0 +1,44 @@ +--- src/pflib/NATCompiler_ipf.cpp.orig 2006-09-10 17:41:09.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.cpp 2007-09-19 11:39:40.000000000 -0700 +@@ -398,6 +398,8 @@ + + bool ftp_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ftp_proxy"); + bool rcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_rcmd_proxy"); ++ bool krcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_krcmd_proxy"); ++ bool ekshell_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ekshell_proxy"); + bool raudio_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_raudio_proxy"); + bool h323_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_h323_proxy"); + bool ipsec_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ipsec_proxy"); +@@ -407,6 +409,8 @@ + char ipsec_proxy_str[64]; + char ftp_proxy_str[64]; + char rcmd_proxy_str[64]; ++ char krcmd_proxy_str[64]; ++ char ekshell_proxy_str[64]; + char raudio_proxy_str[64]; + char h323_proxy_str[64]; + char pptp_proxy_str[64]; +@@ -415,6 +419,8 @@ + sprintf(ipsec_proxy_str, "proxy port %d ipsec/udp ", ISAKMP_PORT); + sprintf(ftp_proxy_str, "proxy port %d ftp/tcp ", FTP_PORT); + sprintf(rcmd_proxy_str, "proxy port %d rcmd/tcp ", RCMD_PORT); ++ sprintf(krcmd_proxy_str, "proxy port %d rcmd/tcp ", KRCMD_PORT); ++ sprintf(ekshell_proxy_str,"proxy port %d rcmd/tcp ", EKSHELL_PORT); + sprintf(raudio_proxy_str, "proxy port %d raudio/tcp ", RAUDIO_PORT); + sprintf(h323_proxy_str, "proxy port %d h323/tcp ", H323_PORT); + sprintf(pptp_proxy_str, "proxy port %d pptp/tcp ", PPTP_PORT); +@@ -445,6 +451,14 @@ + s->getInt("dst_range_start")==RCMD_PORT && s->getInt("dst_range_end")==RCMD_PORT ) + rule->setStr("nat_rule_proxy",rcmd_proxy_str); + ++ if (krcmd_proxy && ++ s->getInt("dst_range_start")==KRCMD_PORT && s->getInt("dst_range_end")==KRCMD_PORT ) ++ rule->setStr("nat_rule_proxy",krcmd_proxy_str); ++ ++ if (ekshell_proxy && ++ s->getInt("dst_range_start")==EKSHELL_PORT && s->getInt("dst_range_end")==EKSHELL_PORT ) ++ rule->setStr("nat_rule_proxy",ekshell_proxy_str); ++ + if (raudio_proxy && + s->getInt("dst_range_start")==RAUDIO_PORT && s->getInt("dst_range_end")==RAUDIO_PORT ) + rule->setStr("nat_rule_proxy",raudio_proxy_str); diff --git a/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.h b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.h new file mode 100644 index 000000000000..2706197dd5d3 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.h @@ -0,0 +1,11 @@ +--- src/pflib/NATCompiler_ipf.h.orig 2006-05-16 16:00:17.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.h 2007-09-19 10:33:40.000000000 -0700 +@@ -33,6 +33,8 @@ + + #define FTP_PORT 21 + #define RCMD_PORT 514 ++#define KRCMD_PORT 544 ++#define EKSHELL_PORT 2106 + #define H323_PORT 1720 + #define RAUDIO_PORT 5050 + #define ISAKMP_PORT 500 diff --git a/security/fwbuilder/Makefile b/security/fwbuilder/Makefile index bbbc0109e6a8..331cea0da4bb 100644 --- a/security/fwbuilder/Makefile +++ b/security/fwbuilder/Makefile @@ -7,6 +7,7 @@ PORTNAME= fwbuilder PORTVERSION= 2.1.14 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}/fwbuilder/ MASTER_SITE_SUBDIR= fwbuilder diff --git a/security/fwbuilder/files/patch-src-gui-ipfAdvancedDialog.cpp b/security/fwbuilder/files/patch-src-gui-ipfAdvancedDialog.cpp new file mode 100644 index 000000000000..c53c042a7cb8 --- /dev/null +++ b/security/fwbuilder/files/patch-src-gui-ipfAdvancedDialog.cpp @@ -0,0 +1,11 @@ +--- src/gui/ipfAdvancedDialog.cpp.orig 2007-01-06 14:03:25.000000000 -0800 ++++ src/gui/ipfAdvancedDialog.cpp 2007-09-19 11:29:47.000000000 -0700 +@@ -88,6 +88,8 @@ + data.registerOption( ipf_nat_irc_proxy ,fwopt, "ipf_nat_irc_proxy"); + data.registerOption( ipf_nat_ftp_proxy ,fwopt, "ipf_nat_ftp_proxy"); + data.registerOption( ipf_nat_rcmd_proxy ,fwopt, "ipf_nat_rcmd_proxy"); ++ data.registerOption( ipf_nat_krcmd_proxy ,fwopt, "ipf_nat_krcmd_proxy"); ++ data.registerOption( ipf_nat_ekshell_proxy ,fwopt, "ipf_nat_ekshell_proxy"); + data.registerOption( ipf_fw_dir ,fwopt, "firewall_dir" ); + data.registerOption( ipf_user ,fwopt, "admUser" ); + data.registerOption( altAddress ,fwopt, "altAddress" ); diff --git a/security/fwbuilder/files/patch-src-gui-ipfadvanceddialog_q.ui b/security/fwbuilder/files/patch-src-gui-ipfadvanceddialog_q.ui new file mode 100644 index 000000000000..19216ff4bd76 --- /dev/null +++ b/security/fwbuilder/files/patch-src-gui-ipfadvanceddialog_q.ui @@ -0,0 +1,70 @@ +--- src/gui/ipfadvanceddialog_q.ui.orig 2006-10-23 21:05:57.000000000 -0700 ++++ src/gui/ipfadvanceddialog_q.ui 2007-09-19 14:20:52.000000000 -0700 +@@ -118,7 +118,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="4" column="1"> ++ <widget class="QCheckBox" row="6" column="1"> + <property name="name"> + <cstring>ipf_nat_raudio_proxy</cstring> + </property> +@@ -126,7 +126,7 @@ + <string>Use raudio proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="5" column="1"> ++ <widget class="QCheckBox" row="7" column="1"> + <property name="name"> + <cstring>ipf_nat_h323_proxy</cstring> + </property> +@@ -134,7 +134,7 @@ + <string>Use h323 proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="6" column="1"> ++ <widget class="QCheckBox" row="8" column="1"> + <property name="name"> + <cstring>ipf_nat_ipsec_proxy</cstring> + </property> +@@ -175,6 +175,22 @@ + <string>Use rcmd proxy in NAT rules</string> + </property> + </widget> ++ <widget class="QCheckBox" row="4" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_krcmd_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos rcmd proxy in NAT rules</string> ++ </property> ++ </widget> ++ <widget class="QCheckBox" row="5" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_ekshell_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos ekshell proxy in NAT rules</string> ++ </property> ++ </widget> + <spacer row="9" column="1"> + <property name="name"> + <cstring>spacer36</cstring> +@@ -192,7 +208,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="7" column="1"> ++ <widget class="QCheckBox" row="9" column="1"> + <property name="name"> + <cstring>ipf_nat_pptp_proxy</cstring> + </property> +@@ -200,7 +216,7 @@ + <string>Use PPTP proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="8" column="1"> ++ <widget class="QCheckBox" row="10" column="1"> + <property name="name"> + <cstring>ipf_nat_irc_proxy</cstring> + </property> diff --git a/security/fwbuilder/files/patch-src-pflib-NATCompiler_ipf.cpp b/security/fwbuilder/files/patch-src-pflib-NATCompiler_ipf.cpp new file mode 100644 index 000000000000..c219847d030f --- /dev/null +++ b/security/fwbuilder/files/patch-src-pflib-NATCompiler_ipf.cpp @@ -0,0 +1,44 @@ +--- src/pflib/NATCompiler_ipf.cpp.orig 2006-09-10 17:41:09.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.cpp 2007-09-19 11:39:40.000000000 -0700 +@@ -398,6 +398,8 @@ + + bool ftp_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ftp_proxy"); + bool rcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_rcmd_proxy"); ++ bool krcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_krcmd_proxy"); ++ bool ekshell_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ekshell_proxy"); + bool raudio_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_raudio_proxy"); + bool h323_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_h323_proxy"); + bool ipsec_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ipsec_proxy"); +@@ -407,6 +409,8 @@ + char ipsec_proxy_str[64]; + char ftp_proxy_str[64]; + char rcmd_proxy_str[64]; ++ char krcmd_proxy_str[64]; ++ char ekshell_proxy_str[64]; + char raudio_proxy_str[64]; + char h323_proxy_str[64]; + char pptp_proxy_str[64]; +@@ -415,6 +419,8 @@ + sprintf(ipsec_proxy_str, "proxy port %d ipsec/udp ", ISAKMP_PORT); + sprintf(ftp_proxy_str, "proxy port %d ftp/tcp ", FTP_PORT); + sprintf(rcmd_proxy_str, "proxy port %d rcmd/tcp ", RCMD_PORT); ++ sprintf(krcmd_proxy_str, "proxy port %d rcmd/tcp ", KRCMD_PORT); ++ sprintf(ekshell_proxy_str,"proxy port %d rcmd/tcp ", EKSHELL_PORT); + sprintf(raudio_proxy_str, "proxy port %d raudio/tcp ", RAUDIO_PORT); + sprintf(h323_proxy_str, "proxy port %d h323/tcp ", H323_PORT); + sprintf(pptp_proxy_str, "proxy port %d pptp/tcp ", PPTP_PORT); +@@ -445,6 +451,14 @@ + s->getInt("dst_range_start")==RCMD_PORT && s->getInt("dst_range_end")==RCMD_PORT ) + rule->setStr("nat_rule_proxy",rcmd_proxy_str); + ++ if (krcmd_proxy && ++ s->getInt("dst_range_start")==KRCMD_PORT && s->getInt("dst_range_end")==KRCMD_PORT ) ++ rule->setStr("nat_rule_proxy",krcmd_proxy_str); ++ ++ if (ekshell_proxy && ++ s->getInt("dst_range_start")==EKSHELL_PORT && s->getInt("dst_range_end")==EKSHELL_PORT ) ++ rule->setStr("nat_rule_proxy",ekshell_proxy_str); ++ + if (raudio_proxy && + s->getInt("dst_range_start")==RAUDIO_PORT && s->getInt("dst_range_end")==RAUDIO_PORT ) + rule->setStr("nat_rule_proxy",raudio_proxy_str); diff --git a/security/fwbuilder/files/patch-src-pflib-NATCompiler_ipf.h b/security/fwbuilder/files/patch-src-pflib-NATCompiler_ipf.h new file mode 100644 index 000000000000..2706197dd5d3 --- /dev/null +++ b/security/fwbuilder/files/patch-src-pflib-NATCompiler_ipf.h @@ -0,0 +1,11 @@ +--- src/pflib/NATCompiler_ipf.h.orig 2006-05-16 16:00:17.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.h 2007-09-19 10:33:40.000000000 -0700 +@@ -33,6 +33,8 @@ + + #define FTP_PORT 21 + #define RCMD_PORT 514 ++#define KRCMD_PORT 544 ++#define EKSHELL_PORT 2106 + #define H323_PORT 1720 + #define RAUDIO_PORT 5050 + #define ISAKMP_PORT 500 diff --git a/security/fwbuilder2/Makefile b/security/fwbuilder2/Makefile index bbbc0109e6a8..331cea0da4bb 100644 --- a/security/fwbuilder2/Makefile +++ b/security/fwbuilder2/Makefile @@ -7,6 +7,7 @@ PORTNAME= fwbuilder PORTVERSION= 2.1.14 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}/fwbuilder/ MASTER_SITE_SUBDIR= fwbuilder diff --git a/security/fwbuilder2/files/patch-src-gui-ipfAdvancedDialog.cpp b/security/fwbuilder2/files/patch-src-gui-ipfAdvancedDialog.cpp new file mode 100644 index 000000000000..c53c042a7cb8 --- /dev/null +++ b/security/fwbuilder2/files/patch-src-gui-ipfAdvancedDialog.cpp @@ -0,0 +1,11 @@ +--- src/gui/ipfAdvancedDialog.cpp.orig 2007-01-06 14:03:25.000000000 -0800 ++++ src/gui/ipfAdvancedDialog.cpp 2007-09-19 11:29:47.000000000 -0700 +@@ -88,6 +88,8 @@ + data.registerOption( ipf_nat_irc_proxy ,fwopt, "ipf_nat_irc_proxy"); + data.registerOption( ipf_nat_ftp_proxy ,fwopt, "ipf_nat_ftp_proxy"); + data.registerOption( ipf_nat_rcmd_proxy ,fwopt, "ipf_nat_rcmd_proxy"); ++ data.registerOption( ipf_nat_krcmd_proxy ,fwopt, "ipf_nat_krcmd_proxy"); ++ data.registerOption( ipf_nat_ekshell_proxy ,fwopt, "ipf_nat_ekshell_proxy"); + data.registerOption( ipf_fw_dir ,fwopt, "firewall_dir" ); + data.registerOption( ipf_user ,fwopt, "admUser" ); + data.registerOption( altAddress ,fwopt, "altAddress" ); diff --git a/security/fwbuilder2/files/patch-src-gui-ipfadvanceddialog_q.ui b/security/fwbuilder2/files/patch-src-gui-ipfadvanceddialog_q.ui new file mode 100644 index 000000000000..19216ff4bd76 --- /dev/null +++ b/security/fwbuilder2/files/patch-src-gui-ipfadvanceddialog_q.ui @@ -0,0 +1,70 @@ +--- src/gui/ipfadvanceddialog_q.ui.orig 2006-10-23 21:05:57.000000000 -0700 ++++ src/gui/ipfadvanceddialog_q.ui 2007-09-19 14:20:52.000000000 -0700 +@@ -118,7 +118,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="4" column="1"> ++ <widget class="QCheckBox" row="6" column="1"> + <property name="name"> + <cstring>ipf_nat_raudio_proxy</cstring> + </property> +@@ -126,7 +126,7 @@ + <string>Use raudio proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="5" column="1"> ++ <widget class="QCheckBox" row="7" column="1"> + <property name="name"> + <cstring>ipf_nat_h323_proxy</cstring> + </property> +@@ -134,7 +134,7 @@ + <string>Use h323 proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="6" column="1"> ++ <widget class="QCheckBox" row="8" column="1"> + <property name="name"> + <cstring>ipf_nat_ipsec_proxy</cstring> + </property> +@@ -175,6 +175,22 @@ + <string>Use rcmd proxy in NAT rules</string> + </property> + </widget> ++ <widget class="QCheckBox" row="4" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_krcmd_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos rcmd proxy in NAT rules</string> ++ </property> ++ </widget> ++ <widget class="QCheckBox" row="5" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_ekshell_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos ekshell proxy in NAT rules</string> ++ </property> ++ </widget> + <spacer row="9" column="1"> + <property name="name"> + <cstring>spacer36</cstring> +@@ -192,7 +208,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="7" column="1"> ++ <widget class="QCheckBox" row="9" column="1"> + <property name="name"> + <cstring>ipf_nat_pptp_proxy</cstring> + </property> +@@ -200,7 +216,7 @@ + <string>Use PPTP proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="8" column="1"> ++ <widget class="QCheckBox" row="10" column="1"> + <property name="name"> + <cstring>ipf_nat_irc_proxy</cstring> + </property> diff --git a/security/fwbuilder2/files/patch-src-pflib-NATCompiler_ipf.cpp b/security/fwbuilder2/files/patch-src-pflib-NATCompiler_ipf.cpp new file mode 100644 index 000000000000..c219847d030f --- /dev/null +++ b/security/fwbuilder2/files/patch-src-pflib-NATCompiler_ipf.cpp @@ -0,0 +1,44 @@ +--- src/pflib/NATCompiler_ipf.cpp.orig 2006-09-10 17:41:09.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.cpp 2007-09-19 11:39:40.000000000 -0700 +@@ -398,6 +398,8 @@ + + bool ftp_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ftp_proxy"); + bool rcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_rcmd_proxy"); ++ bool krcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_krcmd_proxy"); ++ bool ekshell_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ekshell_proxy"); + bool raudio_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_raudio_proxy"); + bool h323_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_h323_proxy"); + bool ipsec_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ipsec_proxy"); +@@ -407,6 +409,8 @@ + char ipsec_proxy_str[64]; + char ftp_proxy_str[64]; + char rcmd_proxy_str[64]; ++ char krcmd_proxy_str[64]; ++ char ekshell_proxy_str[64]; + char raudio_proxy_str[64]; + char h323_proxy_str[64]; + char pptp_proxy_str[64]; +@@ -415,6 +419,8 @@ + sprintf(ipsec_proxy_str, "proxy port %d ipsec/udp ", ISAKMP_PORT); + sprintf(ftp_proxy_str, "proxy port %d ftp/tcp ", FTP_PORT); + sprintf(rcmd_proxy_str, "proxy port %d rcmd/tcp ", RCMD_PORT); ++ sprintf(krcmd_proxy_str, "proxy port %d rcmd/tcp ", KRCMD_PORT); ++ sprintf(ekshell_proxy_str,"proxy port %d rcmd/tcp ", EKSHELL_PORT); + sprintf(raudio_proxy_str, "proxy port %d raudio/tcp ", RAUDIO_PORT); + sprintf(h323_proxy_str, "proxy port %d h323/tcp ", H323_PORT); + sprintf(pptp_proxy_str, "proxy port %d pptp/tcp ", PPTP_PORT); +@@ -445,6 +451,14 @@ + s->getInt("dst_range_start")==RCMD_PORT && s->getInt("dst_range_end")==RCMD_PORT ) + rule->setStr("nat_rule_proxy",rcmd_proxy_str); + ++ if (krcmd_proxy && ++ s->getInt("dst_range_start")==KRCMD_PORT && s->getInt("dst_range_end")==KRCMD_PORT ) ++ rule->setStr("nat_rule_proxy",krcmd_proxy_str); ++ ++ if (ekshell_proxy && ++ s->getInt("dst_range_start")==EKSHELL_PORT && s->getInt("dst_range_end")==EKSHELL_PORT ) ++ rule->setStr("nat_rule_proxy",ekshell_proxy_str); ++ + if (raudio_proxy && + s->getInt("dst_range_start")==RAUDIO_PORT && s->getInt("dst_range_end")==RAUDIO_PORT ) + rule->setStr("nat_rule_proxy",raudio_proxy_str); diff --git a/security/fwbuilder2/files/patch-src-pflib-NATCompiler_ipf.h b/security/fwbuilder2/files/patch-src-pflib-NATCompiler_ipf.h new file mode 100644 index 000000000000..2706197dd5d3 --- /dev/null +++ b/security/fwbuilder2/files/patch-src-pflib-NATCompiler_ipf.h @@ -0,0 +1,11 @@ +--- src/pflib/NATCompiler_ipf.h.orig 2006-05-16 16:00:17.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.h 2007-09-19 10:33:40.000000000 -0700 +@@ -33,6 +33,8 @@ + + #define FTP_PORT 21 + #define RCMD_PORT 514 ++#define KRCMD_PORT 544 ++#define EKSHELL_PORT 2106 + #define H323_PORT 1720 + #define RAUDIO_PORT 5050 + #define ISAKMP_PORT 500 |