diff options
| -rw-r--r-- | src/options.c | 19 | ||||
| -rw-r--r-- | src/options.h | 6 | ||||
| -rw-r--r-- | src/pkt.c | 6 | ||||
| -rw-r--r-- | src/ptunnel.c | 22 |
4 files changed, 41 insertions, 12 deletions
diff --git a/src/options.c b/src/options.c index b0af314..89bae5e 100644 --- a/src/options.c +++ b/src/options.c @@ -332,7 +332,7 @@ void print_usage(const char *arg0) { } int parse_options(int argc, char **argv) { - int c = 0, optind = -1, has_logfile = 0, ret; + int c = 0, oidx = -1, has_logfile = 0, ret; md5_state_t state; #ifndef WIN32 struct passwd *pwnam; @@ -347,7 +347,7 @@ int parse_options(int argc, char **argv) { /* parse command line arguments */ while (1) { - c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::e::h", &long_options[0], &optind); + c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::e::h", &long_options[0], &oidx); if (c == -1) break; switch (c) { @@ -365,6 +365,7 @@ int parse_options(int argc, char **argv) { opts.tcp_listen_port = strtoul(optarg, NULL, 10); break; case 'r': + opts.restrict_dst_ip = 1; if (!optarg) break; if (opts.given_dst_hostname) @@ -372,6 +373,7 @@ int parse_options(int argc, char **argv) { opts.given_dst_hostname = strdup(optarg); break; case 'R': + opts.restrict_dst_port = 1; if (optarg) opts.given_dst_port = strtoul(optarg, NULL, 10); break; @@ -393,7 +395,7 @@ int parse_options(int argc, char **argv) { opts.pcap_device = strdup(optarg); break; #else - pt_log(kLog_error, "-%c: feature not supported\n", c); + pt_log(kLog_error, "pcap: %s\n", "feature not supported"); exit(1); #endif case 'o': @@ -467,7 +469,7 @@ int parse_options(int argc, char **argv) { case 'u': case 'g': case 'C': - pt_log(kLog_error, "-%c: feature not supported\n", c); + pt_log(kLog_error, "-%c: %s\n", c, "feature not supported"); exit(1); #endif case 'e': @@ -480,18 +482,23 @@ int parse_options(int argc, char **argv) { opts.selinux_context = strdup(optarg); break; #else - pt_log(kLog_error, "-%c: feature not supported\n", c); + pt_log(kLog_error, "SeLinux: %s\n", "feature not supported"); exit(1); #endif case 'h': print_usage(argv[0]); - _exit(EXIT_SUCCESS); + exit(EXIT_SUCCESS); case 0: /* long opt only */ default: break; } } + if (optind != argc) { + pt_log(kLog_error, "Unknown argument: %s\n", argv[optind]); + exit(1); + } + if (opts.given_proxy_hostname) { if ((ret = host_to_addr(opts.given_proxy_hostname, &opts.given_proxy_ip)) != 0) { pt_log(kLog_error, "Failed to look up %s as destination address: %s\n", diff --git a/src/options.h b/src/options.h index bdd2061..d5023a4 100644 --- a/src/options.h +++ b/src/options.h @@ -25,10 +25,12 @@ struct options { uint32_t given_proxy_ip; /** Port the client listens on */ uint32_t tcp_listen_port; - /** Forward/Proxy destination internet address */ + /** restrict Forward/Proxy destination internet address */ + int restrict_dst_ip; char *given_dst_hostname; uint32_t given_dst_ip; - /** Forward/Proxy destination port */ + /** restrict Forward/Proxy destination port */ + int restrict_dst_port; uint32_t given_dst_port; /** Default maximum number of tunnels to support at once */ uint32_t max_tunnels; @@ -107,8 +107,10 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a pt_log(kLog_info, "Starting new session to %s:%d with ID %d\n", inet_ntoa(in_addr), ntohl(pt_pkt->dst_port), pt_pkt->id_no); - if ((opts.given_dst_ip && opts.given_dst_ip != pt_pkt->dst_ip) || - ((uint32_t)-1 != opts.given_dst_port && opts.given_dst_port != ntohl(pt_pkt->dst_port))) + if ((opts.restrict_dst_ip && opts.given_dst_ip && + opts.given_dst_ip != pt_pkt->dst_ip) || + (opts.restrict_dst_port && (uint32_t)-1 != opts.given_dst_port && + opts.given_dst_port != ntohl(pt_pkt->dst_port))) { pt_log(kLog_info, "Destination administratively prohibited!\n"); return; diff --git a/src/ptunnel.c b/src/ptunnel.c index 32bc4df..e7a93de 100644 --- a/src/ptunnel.c +++ b/src/ptunnel.c @@ -144,6 +144,11 @@ int main(int argc, char *argv[]) { pt_log(kLog_error, "Packet capture is not supported (or needed) when using UDP for transport.\n"); opts.pcap = 0; } +#ifdef WIN32 + if (!opts.pcap && !opts.udp) { + pt_log(kLog_info, "WARNING: Running ptunnel-ng on Windows in ICMP mode without WinPcap enabled is not supported and may not work!\n"); + } +#endif #endif pt_log(kLog_info, "Starting %s.\n", PACKAGE_STRING); pt_log(kLog_info, "(c) 2004-2011 Daniel Stoedle, <daniels@cs.uit.no>\n"); @@ -368,6 +373,7 @@ void* pt_proxy(void *args) { proxy_desc_t *cur, *prev, *tmp; #ifdef HAVE_PCAP pcap_info_t pc; + pcap_if_t *alldevs = 0, *pdev; #endif xfer_stats_t xfer; #ifdef HAVE_PCAP @@ -429,8 +435,10 @@ void* pt_proxy(void *args) { pt_log(kLog_error, "pcap error: %s\n", pc.pcap_err_buf); opts.pcap = 0; } - pt_log(kLog_verbose, "Network: %s\n", inet_ntoa(*(struct in_addr*)&pc.netp)); - pt_log(kLog_verbose, "Netmask: %s\n", inet_ntoa(*(struct in_addr*)&pc.netmask)); + in_addr.s_addr = pc.netp; + pt_log(kLog_verbose, "Network: %s\n", inet_ntoa(in_addr)); + in_addr.s_addr = pc.netmask; + pt_log(kLog_verbose, "Netmask: %s\n", inet_ntoa(in_addr)); if (pcap_compile(pc.pcap_desc, &pc.fp, pcap_filter_program, 0, pc.netp) == -1) { pt_log(kLog_error, "Failed to compile pcap filter program.\n"); pcap_close(pc.pcap_desc); @@ -445,6 +453,16 @@ void* pt_proxy(void *args) { else { pt_log(kLog_error, "pcap error: %s\n", pc.pcap_err_buf); opts.pcap = 0; + + if (pcap_findalldevs(&alldevs, pc.pcap_err_buf) == 0) { + idx = 0; + pt_log(kLog_error, "Available pcap devices:\n"); + for (pdev = alldevs; pdev != NULL; pdev = pdev->next) { + pt_log(kLog_error, "[%d] \"%s\": \"%s\"\n", ++idx, + pdev->name, (pdev->description ? pdev->description : "UNKNOWN")); + } + pcap_freealldevs(alldevs); + } } pc.pkt_q.head = 0; pc.pkt_q.tail = 0; |