bin/50955: [PATCH] natd / libalias support for multiple alias addresses

[Yaroslav Terletskyy]

>Number:         50955
>Category:       bin
>Synopsis:       [PATCH] natd / libalias support for multiple alias addresses
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 14 11:30:10 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Yaroslav Terletskyy
>Release:        FreeBSD 4.6-RELEASE i386
>Organization:
>Environment:
System: FreeBSD fire.lta.lviv.ua 4.6-RELEASE FreeBSD 4.6-RELEASE #0: Wed Oct 30 10:26:05 EET 2002 pwr at fire.lta.lviv.ua:/usr/src/sys/compile/FIRE i386

Machine running natd as router/firewall, ipfw, libalias.

>Description:
	Current implementation of natd does not allow to use multiple alias
	addresses for IP aliasing. Libalias library does not set variable
	newDefaultLink to 1 when new "outgoing" aliased connection is created,
	thus PacketAliasCheckNewLink() does not return non-zero value when
	a new aliasing link is created for outgoing packets.

>How-To-Repeat:
	Enable natd on the router/firewall. To see libalias problem insert
	the following line into natd.c code before packet direction and
	protocol type of IP packet is printed in verbose mode:

		if(PacketAliasCheckNewLink()) printf("New link created.\n");

	Recompile natd and run it in verbose mode. Test it with incoming
	packets (LSNAT) and see that it works, test it with outgoing packets
	(originated from the box itself) and see that PacketAliasCheckNewLink()
	does not inform about new aliasing link being created.

>Fix:
	To fix libalias problem and add support for multiple alias addresses
	apply patches found at http://www.lta.lviv.ua/~ts/natd/natd-maa2.tgz

>Release-Note:
>Audit-Trail:
>Unformatted: