Home | History | Annotate | only in /external/libppp/src
Up to higher level directory
NameDateSize
acf.c09-Oct-20133.5K
acf.h09-Oct-20131.5K
arp.c09-Oct-20138.3K
arp.h09-Oct-20131.8K
async.c09-Oct-20135.4K
async.h09-Oct-20131.9K
atm.c09-Oct-20136.2K
atm.h09-Oct-20131.7K
auth.c09-Oct-201312K
auth.h09-Oct-20132.7K
bundle.c09-Oct-201356.4K
bundle.h09-Oct-20137.7K
cbcp.c09-Oct-201322.6K
cbcp.h09-Oct-20132.5K
ccp.c09-Oct-201323.3K
ccp.h09-Oct-20135.5K
chap.c09-Oct-201327K
chap.h09-Oct-20132.7K
chap_ms.c09-Oct-201312.2K
chap_ms.h09-Oct-20132.5K
chat.c09-Oct-201320.3K
chat.h09-Oct-20132.9K
command.c09-Oct-2013101K
command.h09-Oct-20133K
datalink.c09-Oct-201342.9K
datalink.h09-Oct-20136.1K
deflate.c09-Oct-201315.9K
deflate.h09-Oct-20131.5K
defs.c09-Oct-20138.8K
defs.h09-Oct-20135.4K
descriptor.h09-Oct-20132.3K
ether.c09-Oct-201320.8K
ether.h09-Oct-20131.8K
exec.c09-Oct-201311.5K
exec.h09-Oct-20131.7K
filter.c09-Oct-201315.8K
filter.h09-Oct-20133.8K
fsm.c09-Oct-201331K
fsm.h09-Oct-20137K
hdlc.c09-Oct-201315.2K
hdlc.h09-Oct-20133.9K
i4b.c09-Oct-201311.1K
i4b.h09-Oct-20131.7K
id.c09-Oct-20136.4K
id.h09-Oct-20133.4K
iface.c09-Oct-201319.6K
iface.h09-Oct-20132.8K
ip.c09-Oct-201330K
ip.h09-Oct-20132.1K
ipcp.c09-Oct-201342.9K
ipcp.h09-Oct-20135.2K
iplist.c09-Oct-20135.6K
iplist.h09-Oct-20132K
ipv6cp.c09-Oct-201321.9K
ipv6cp.h09-Oct-20133.3K
layer.h09-Oct-20132K
lcp.c09-Oct-201339.2K
lcp.h09-Oct-20136.3K
link.c09-Oct-201310.3K
link.h09-Oct-20133.4K
log.c09-Oct-201310.9K
log.h09-Oct-20134.1K
lqr.c09-Oct-201317.5K
lqr.h09-Oct-20133.3K
main.c09-Oct-201317.9K
main.h09-Oct-20131.6K
Makefile09-Oct-20132.2K
mbuf.c09-Oct-201310K
mbuf.h09-Oct-20134K
mp.c09-Oct-201333.7K
mp.h09-Oct-20134.9K
mppe.c09-Oct-201320.3K
mppe.h09-Oct-20131.6K
nat_cmd.c09-Oct-201315.4K
nat_cmd.h09-Oct-20131.9K
ncp.c09-Oct-201313K
ncp.h09-Oct-20134.2K
ncpaddr.c09-Oct-201323.1K
ncpaddr.h09-Oct-20134.7K
netgraph.c09-Oct-201320.7K
netgraph.h09-Oct-20131.7K
pap.c09-Oct-20138.8K
pap.h09-Oct-20131.8K
physical.c09-Oct-201329.6K
physical.h09-Oct-20136.6K
ppp.8.m409-Oct-2013149.9K
pred.c09-Oct-20138.8K
pred.h09-Oct-20131.6K
probe.c09-Oct-20132.3K
probe.h09-Oct-20131.6K
prompt.c09-Oct-201312.9K
prompt.h09-Oct-20133.9K
proto.c09-Oct-20133.2K
proto.h09-Oct-20132.4K
radius.c09-Oct-201339.4K
radius.h09-Oct-20134.6K
README.changes09-Oct-20137.3K
README.nat09-Oct-201314.9K
route.c09-Oct-201325.7K
route.h09-Oct-20133.2K
server.c09-Oct-201310.9K
server.h09-Oct-20132.3K
sig.c09-Oct-20133.5K
sig.h09-Oct-20131.6K
slcompress.c09-Oct-201317.2K
slcompress.h09-Oct-20136.5K
sync.c09-Oct-20132.7K
sync.h09-Oct-20131.5K
systems.c09-Oct-201311.5K
systems.h09-Oct-20132K
tcp.c09-Oct-20135.7K
tcp.h09-Oct-20131.7K
tcpmss.c09-Oct-20135.1K
tcpmss.h09-Oct-20131.5K
throughput.c09-Oct-20138.8K
throughput.h09-Oct-20132.9K
timer.c09-Oct-20138.2K
timer.h09-Oct-20132.3K
tty.c09-Oct-201320.6K
tty.h09-Oct-20131.7K
tun.c09-Oct-20133.3K
tun.h09-Oct-20131.6K
ua.h09-Oct-20133K
udp.c09-Oct-20138.7K
udp.h09-Oct-20131.7K
vjcomp.c09-Oct-20135.7K
vjcomp.h09-Oct-20131.5K

README.changes

      1 Copyright (c) 2001 Brian Somers <brian (a] Awfulhak.org>
      2               based on work by Eivind Eklund <perhaps (a] yes.no>,
      3 All rights reserved.
      4 
      5 Redistribution and use in source and binary forms, with or without
      6 modification, are permitted provided that the following conditions
      7 are met:
      8 1. Redistributions of source code must retain the above copyright
      9    notice, this list of conditions and the following disclaimer.
     10 2. Redistributions in binary form must reproduce the above copyright
     11    notice, this list of conditions and the following disclaimer in the
     12    documentation and/or other materials provided with the distribution.
     13 
     14 THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
     15 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     16 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     17 ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
     18 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     19 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     20 OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     21 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     22 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     23 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     24 SUCH DAMAGE.
     25 
     26 $FreeBSD: src/usr.sbin/ppp/README.changes,v 1.24.26.1 2010/12/21 17:10:29 kensmith Exp $
     27 
     28 This file summarises changes made to ppp that effect
     29 its configuration.
     30 
     31 It does not describe new features, rather it attempts
     32 to answer any `this used to work, why doesn't it now?'
     33 questions.
     34 
     35 o The `set debug' command was replaced with `set log'.
     36 o The `set log LCP' command was split into LCP, IPCP and CCP logs.
     37 o Syslogd is used for logging.  /etc/syslog.conf must be updated.
     38 o LQR is disabled by default.
     39 o Openmode is active by default.
     40 o Users must be a member of group `network' for ppp access.  Furthermore,
     41   they must be `allow'ed to run ppp via the `allow' command in the
     42   configuration file.
     43   For a brief period, ppp could only be run as root.
     44 o No diagnostic socket is created by default.  The `set server' command
     45   must be used.
     46 o The diagnostic socket password must be specified *only* on the `set
     47   server' command line.
     48 o When `set server' is used to re-select a diagnostic port, all existing
     49   diagnostic connections are dropped.
     50 o pppd-deflate is now called deflate24.
     51 o Filter IPs of 0.0.0.0 have a default width of 0, not 32.
     52 o Errors in `add' and `delete' are logged as warnings rather than being
     53   written to the TCP/IP log.
     54 o Any number of diagnostic prompts are allowed, and they are allowed in
     55   interactive mode.
     56 o The default `device' is cuad1, then cuad0
     57 o A password of "*" in ppp.secret causes a passwd database lookup in
     58   pap mode.
     59 o The value of the CONNECT environment variable is logged in the
     60   utmp host field in -direct mode.
     61 o Out-of-sequence FSM packets (IPCP/LCP/CCP) are dropped by default.
     62 o Reconnect values are used after an LQR timeout.
     63 o ^C works on the parent in -background mode.
     64 o The dial/call/open command works asynchronously.  As a result, prompts
     65   do not lose control while dialing.
     66 o The `display' command has been removed.  All information is available
     67   with the appropriate `show' command.
     68 o Msext does not need to be enabled/disabled.  Setting the NBNS (set nbns)
     69   will auto enable it.  The DNS side may be enabled/disabled, and if
     70   enabled without a `set dns' (was `set ns') will use values from
     71   /etc/resolv.conf.
     72 o Filters are now called `allow', `dial', `in' and `out'.  `set
     73   ifilter ...' becomes `set filter in ...' etc.
     74 o Authname and Authkey may only be `set' in phase DEAD.
     75 o Set encrypt is no longer necessary.  Ppp will respond to M$CHAP
     76   servers correctly if it's built with DES.
     77 o Throughput statistics are enabled by default.
     78 o `Set stopped' only has two parameters.  It's no longer possible to
     79   have an IPCP stopped timer.
     80 o `Set timeout' only has one or two parameters.  Use `set lqrperiod' and
     81   `set {lcp,ccp,ipcp,chap,pap}retry' for the other timers.  These timeout
     82   values can be seen using the relevant show commands.
     83 o `set loopback' is now `enable/disable loopback'.
     84 o `show auto', `show loopback' and `show mtu' are all part of `show bundle'.
     85 o `show mru' is part of `show lcp'
     86 o `show msext' and `show vj' are part of `show ipcp'
     87 o `show reconnect' and `show redial' are part of `show link'
     88 o A signal 15 (TERM) will now shut down the link gracefully.
     89 o A signal 2 (HUP) will drop all links immediately.
     90 o Signal 30 (USR1) is now ignored.
     91 o Add & delete commands are not necessary in ppp.linkup if they are
     92   `sticky routes' (ie, contain MYADDR or HISADDR).
     93 o LINK and CARRIER logging are no longer available.
     94 o Timer based DEBUG messages are now logged in the new TIMER log.
     95 o Ppp can use tun devices > tun255.
     96 o Protocol-compressed packets are accepted even if they were denied
     97   at LCP negotiation time.
     98 o Passwords aren't logged when logging the ``set server'' line.
     99 o Command line options only need enough characters to uniquely identify
    100   them.  -a == -auto, -dd == -ddial etc.  -interactive is also allowed.
    101 o If you don't like seeing additional interface aliases when running in
    102   -auto -alias mode, add ``iface clear'' to your ppp.linkdown file -
    103   check the sample file.
    104 o Ppp waits for 1 second before checking whether the device supports
    105   carrier.  This is controllable with ``set cd''.
    106 o Random dial timeouts are now between 1 and 30 seconds inclusive rather
    107   than between 0 and 29.
    108 o Ppp now accepts M$CHAP (as well as normal CHAP) by default.  If this
    109   is not required, you must ``deny chap05 chap80''.
    110 o The ``set device'' command now expects each device to be specified as an
    111   argument rather than concatentating all arguments and splitting based
    112   on commas and spaces.
    113 o The ``show modem'' command is deprecated and has been changed to
    114   ``show physical''.
    115 o The words ``host'' and ``port'' are no longer accepted by the ``set filter''
    116   command.  Removing them should yield the same results as before.
    117 o The ``set weight'' command has been deprecated.  The ``set bandwidth''
    118   command should now be used instead.
    119 o The ``set autoload'' command syntax and implementation have changed as the
    120   old implementation was mis-designed and dysfunctional.
    121 o Ppp now waits either the full ``set cd'' time or until carrier is detected
    122   before running the login script (whichever comes first).
    123 o The -alias flag has been deprecated.  The -nat flag should be used instead.
    124 o Unbalanced quotes in commands are now warned about and the entire command
    125   is ignored.
    126 o It is now only necessary to escape the `-' character in chat scripts twice.
    127   See the example files for details.
    128 o Environment variables and ~ are expanded on in commands
    129 o ``nat pptp'' is no longer necessary as this is now done transparently
    130 o The ``!'' at the start of chat scripts and authkey can be made literal
    131   (rather than meaning execute) by doubling it to ``!!''.
    132 o MP autoload throughput measurements are now based on the maximum of input
    133   and output averages rather than on the total.
    134 o When only one link is open in MP mode, MP link level compression is not
    135   open and the peer MRU >= the peer MRRU, ppp sends outbound traffic as
    136   PROTO_IP traffic rather than PROTO_MP.
    137 o MSCHAPv2 is now accepted by default.  If you don't wish to negotiate
    138   this, you must explicitly deny it.
    139 o MPPE is enabled and accepted by default (although deflate and predictor1
    140   are preferred.
    141 

README.nat

      1 Copyright (c) 2001 Charles Mott <cm (a] linktel.net>
      2 All rights reserved.
      3 
      4 Redistribution and use in source and binary forms, with or without
      5 modification, are permitted provided that the following conditions
      6 are met:
      7 1. Redistributions of source code must retain the above copyright
      8    notice, this list of conditions and the following disclaimer.
      9 2. Redistributions in binary form must reproduce the above copyright
     10    notice, this list of conditions and the following disclaimer in the
     11    documentation and/or other materials provided with the distribution.
     12 
     13 THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
     14 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     15 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     16 ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
     17 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     18 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     19 OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     20 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     21 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     22 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     23 SUCH DAMAGE.
     24 
     25 $FreeBSD: src/usr.sbin/ppp/README.nat,v 1.7.40.1 2010/12/21 17:10:29 kensmith Exp $
     26 
     27 User PPP NAT (Packet Aliasing)
     28 
     29 
     30 
     31 0. Contents
     32     1. Background
     33     2. Setup
     34     3. New commands in ppp
     35     4. Future Work
     36     5. Authors / Acknowledgements
     37     6. Revision History for Aliasing Code
     38 
     39 
     40 
     41 1. Background
     42 
     43 User mode ppp has embedded NAT (Network Address Translation) code.
     44 Enabling this, either by the "-nat" command line option or the
     45 "nat enable yes" command in a ppp.conf file, makes the ppp host
     46 automatically NAT IP packets forwarded from a local network, making
     47 them appear to come from the ppp host machine.  Incoming packets
     48 from the outside world are then appropriately de-NAT'd.
     49 
     50 The process of NAT'ing involves both the IP address and the TCP or UDP
     51 port numbers. ICMP echo and timestamp packets are natted by their id
     52 numbers.  ICMP error messages can be properly directed by examining the
     53 fragment of the offending packet which is contained in the body of the
     54 message.
     55 
     56 This software was specifically meant to support users who have
     57 unregistered, private address IP networks (e.g. 192.168.0.x or 10.0.0.x
     58 addresses).  The ppp host can act as a gateway for these networks, and
     59 computers on the local area net will have some degree of Internet access
     60 without the need for a registered IP address.  Additionally, there will
     61 be no need for an Internet service provider to maintain routing tables
     62 for the local area network.
     63 
     64 A disadvantage of NAT is that machines on the local network,
     65 behind the ppp host, are not visible from the outside world.  They can
     66 establish TCP connections and make UDP inquiries (such as domain name
     67 service requests) but the connections seem to come from the ppp host
     68 itself.  There is, in effect, a partial firewall.  Of course, if this is
     69 what you want, the disadvantage becomes an advantage.
     70 
     71 A second disadvantage is that "IP encoding" protocols, which send IP
     72 address or port information within the data stream, are not supported
     73 for the cases where exception code exists.  This implementation has
     74 workarounds for FTP and IRC DCC, the most well known of the IP encoding
     75 protocols.  This frees users from depending on using the ftp passive
     76 mode and avoiding IRC DCC sends, as is sometimes the case with other
     77 masquerading solutions.
     78 
     79 The implementation supports all standard, non-encoding TCP and UDP protocols.
     80 Examples of these protocols are http, gopher and telnet. The standard UDP
     81 mode of Real-Audio is not presently supported, but the TCP mode does work
     82 correctly.
     83 
     84 The NAT code also handles many ICMP messages.  In particular,
     85 ping and traceroute are supported.
     86 
     87 
     88 
     89 2. Packet Aliasing Setup
     90 
     91 It is recommended that users first verify correct ppp operation without
     92 NAT enabled.  This will confirm that the ppp.conf file is
     93 properly set up and that there are no ppp problems. Then start ppp with
     94 the "-nat" option on the command line.  The user should verify that
     95 the ppp host can correctly connect to the Internet in NAT
     96 mode.  Finally, check that machines on the private network can access
     97 the Internet.
     98 
     99 The NAT software handles all packets, whether they come from
    100 the host or another computer on the local area network.  Thus, a correctly
    101 operating ppp host indicates that the software should work properly for
    102 other computers on the private network.
    103 
    104 If the ppp host can access the Internet, but other computers on the local
    105 network cannot, check that IP forwarding is enabled on the ppp host. Also,
    106 verify that the other computers use this machine as a gateway.  Of course,
    107 you should also verify that machines within the local area network
    108 communicate properly.  A common error is inconsistent subnet addresses
    109 and masks.
    110 
    111 
    112 
    113 3. New commands in ppp
    114 
    115 In order to control NAT behaviour in a simple manner (no need for
    116 recompilation), a new command has been added to ppp: nat.  This
    117 is in addition to the -nat command line option.  System managers and
    118 more experienced users may prefer to use the ppp command syntax
    119 within the ppp.conf file.  The nat command also allows NAT
    120 behaviour to be more precisely specified.
    121 
    122 The decision to add a command instead of extending 'set' or 'option' was
    123 to make obvious that these options only work when NAT is enabled.
    124 
    125 The syntax for 'nat' is
    126 
    127     ppp>  nat option [yes|no]
    128 
    129 where option is given by one of the following templates.
    130 
    131 
    132  - nat enable [yes|no]  (default no)
    133 
    134 Enable NAT functionality.  If disabled, no other NAT
    135 options will have any effect.  You should usually enable NAT
    136 before routing any packets over the link; good points are in the
    137 initial script or right before adding a route.  If you do not always
    138 want NAT, consider using the -nat option to ppp instead of this
    139 command.
    140 
    141 
    142  - nat deny_incoming [yes|no] (default yes)
    143 
    144 Set to "yes" to disable all incoming connections.  This just drops
    145 connections to, for example, ftp, telnet or web servers.  The NAT
    146 mechanism prevents these connections. Technically, this option denies
    147 all incoming TCP and UDP requests, making the NAT software a
    148 fairly efficient one-way firewall.  The default is no, which will allow
    149 all incoming connections to telnetd, ftpd, etc.
    150 
    151 
    152  - nat log [yes|no]
    153 
    154 Controls logging of NAT link creation to "/var/log/alias.log" - this
    155 is usually only useful if debugging a setup, to see if the bug is in
    156 the PPP NATing.  The debugging information is fairly limited, listing
    157 the number of NAT links open for different protocols.
    158 
    159 
    160  - nat same_ports [yes|no] (default yes)
    161 
    162 When a connection is being established going through the NAT
    163 routines, it will normally have its port number changed to allow the
    164 NAT code to track it.  If same_ports is enabled, the NAT
    165 software attempts to keep the connection's source port unchanged.
    166 This will allow rsh, RPC and other specialised protocols to work
    167 _most of the time_, at least on the host machine.  Please, do not
    168 report this being unstable as a bug - it is a result of the way
    169 NAT has to work. TCP/IP was intended to have one IP address
    170 per machine.
    171 
    172 
    173  - nat use_sockets [yes|no] (default yes)
    174 
    175 This is a fairly obscure option.  For the most part, the NAT
    176 software does not have to allocate system sockets when it chooses a
    177 NAT port number.  Under very specific circumstances, FTP data
    178 connections (which don't know the remote port number, though it is
    179 usually 20) and IRC DCC send (which doesn't know either the address or
    180 the port from which the connection will come), there can potentially be
    181 some interference with an open server socket having the same port number
    182 on the ppp host machine.  This possibility for interference only exists
    183 until the TCP connection has been acknowledged on both sides.  The safe
    184 option is yes, though fewer system resources are consumed by specifying
    185 no.
    186 
    187 
    188  - nat unregistered_only [yes|no] (default no)
    189 
    190 NAT normally remaps all packets coming from the local area
    191 network to the ppp host machine address.  Set this option to only map
    192 addresses from the following standard ranges for private, unregistered
    193 addresses:
    194 
    195                 10.0.0.0     ->   10.255.255.255
    196                 172.16.0.0   ->   172.31.255.255
    197                 192.168.0.0  ->   192.168.255.255  */
    198 
    199 In the instance that there is a subnet of public addresses and another
    200 subnet of private addresses being routed by the ppp host, then only the
    201 packets on the private subnet will be NAT'd.
    202 
    203 
    204 - nat port <proto> <local addr>:<port>  <nat port>
    205 
    206 This command allows incoming traffic to <nat port> on the host
    207 machine to be redirected to a specific machine and port on the
    208 local area network.  One example of this would be:
    209 
    210     nat port tcp 192.168.0.4:telnet  8066
    211 
    212 All traffic to port 8066 of the ppp host would then be sent to
    213 the telnet port (23) of machine 192.168.0.4.  Port numbers
    214 can either be designated numerically or by symbolic names
    215 listed in /etc/services.  Similarly, addresses can be either
    216 in dotted quad notation or in /etc/hosts.
    217 
    218 
    219 - nat addr <local addr> <public addr>
    220 
    221 This command allows traffic for a public IP address to be
    222 redirected to a machine on the local network.  This function
    223 is known as "static NAT".  An address assignment of 0 refers
    224 to the default address of the ppp host.  Normally static
    225 NAT is useful if your ISP has allocated a small block of
    226 IP addresses to the user, but it can even be used in the
    227 case of a single, dynamically allocated IP address:
    228 
    229     nat addr 10.0.0.8 0
    230 
    231 The above command would redirect all incoming traffic to
    232 machine 10.0.0.8.
    233 
    234 If several address NATs specify the same public address
    235 as follows
    236 
    237     nat addr 192.168.0.2  public_addr
    238     nat addr 192.168.0.3  public_addr
    239     nat addr 192.168.0.4  public_addr
    240 
    241 then incoming traffic will be directed to the last
    242 translated local address (192.168.0.4), but outgoing
    243 traffic to the first two addresses will still be NAT'd
    244 to the specified public address.
    245 
    246 
    247 
    248 4. Future Work
    249 
    250 What is called NAT here has been variously called masquerading, packet
    251 aliasing and transparent proxying by others.  It is an extremely useful
    252 function to many users, but it is also necessarily imperfect.  The
    253 occasional IP-encoding protocols always need workarounds (hacks).
    254 Users who are interested in supporting new IP-encoding protocols
    255 can follow the examples of alias_ftp.c and alias_irc.c.
    256 
    257 ICMP error messages are currently handled only in the incoming direction.
    258 A handler needs to be added to correctly NAT outgoing error messages.
    259 
    260 IRC and FTP exception handling make reasonable, though not strictly correct
    261 assumptions, about how IP encoded messages will appear in the control
    262 stream.  Programmers may wish to consider how to make this process more
    263 robust.
    264 
    265 The NAT engine (alias.c, alias_db.c, alias_ftp.c, alias_irc.c
    266 and alias_util.c) runs in user space, and is intended to be both portable
    267 and reusable for interfaces other than ppp.  To access the basic engine
    268 only requires four simple function calls (initialisation, communication of
    269 host address, outgoing NAT and incoming de-NATing).
    270 
    271 
    272 
    273 5. Authors / Acknowledgements
    274 
    275 Charles Mott (cm (a] linktel.net)  <versions 1.0 - 1.8, 2.0, 2.1>
    276 Eivind Eklund (perhaps (a] yes.no) <versions 1.8b - 1.9, new ppp commands>
    277 
    278 Listed below, in chronological order, are individuals who have provided
    279 valuable comments and/or debugging assistance.
    280 
    281     Gary Roberts
    282     Tom Torrance
    283     Reto Burkhalter
    284     Martin Renters
    285     Brian Somers
    286     Paul Traina
    287     Ari Suutari
    288     J. Fortes
    289     Andrzej Bialeki
    290 
    291 
    292 
    293 6. Revision History for Aliasing Code
    294 
    295 Version 1.0: August 11, 1996 (cjm)
    296 
    297 Version 1.1:  August 20, 1996  (cjm)
    298     PPP host accepts incoming connections for ports 0 to 1023.
    299 
    300 Version 1.2:  September 7, 1996 (cjm)
    301     Fragment handling error in alias_db.c corrected.
    302 
    303 Version 1.3: September 15, 1996 (cjm)
    304     - Generalised mechanism for handling incoming connections
    305       (no more 0 to 1023 restriction).
    306     - Increased ICMP support (will handle traceroute now).
    307     - Improved TCP close connection logic.
    308 
    309 Version 1.4: September 16, 1996
    310     Can't remember (this version only lasted a day -- cjm).
    311 
    312 Version 1.5: September 17, 1996 (cjm)
    313     Corrected error in handling incoming UDP packets
    314     with zero checksum.
    315 
    316 Version 1.6: September 18, 1996
    317     Simplified ICMP data storage.  Will now handle
    318     tracert from Win95 as well as FreeBSD traceroute.
    319 
    320 Version 1.7: January 9, 1997 (cjm)
    321     - Reduced malloc() activity for ICMP echo and
    322       timestamp requests.
    323     - Added handling for out-of-order IP fragments.
    324     - Switched to differential checksum computation
    325       for IP headers (TCP, UDP and ICMP checksums
    326       were already differential).
    327     - Accepts FTP data connections from other than
    328       port 20.  This allows one ftp connections
    329       from two hosts which are both running packet
    330       aliasing.
    331 
    332 Version 1.8: January 14, 1997 (cjm)
    333     - Fixed data type error in function StartPoint()
    334       in alias_db.c (this bug did not exist before v1.7)
    335 
    336 Version 1.8b: January 16, 1997 (Eivind Eklund <perhaps (a] yes.no>)
    337     - Upgraded base PPP version to be the source code from
    338       FreeBSD 2.1.6, with additional security patches.  This
    339       version should still be possible to run on 2.1.5, though -
    340       I've run it with a 2.1.5 kernel without problems.
    341       (Update done with the permission of cjm)
    342 
    343 Version 1.9: February 1, 1997 (Eivind Eklund <perhaps (a] yes.no>)
    344     - Added support for IRC DCC (ee)
    345     - Changed the aliasing routines to use ANSI style throughout -
    346       minor API changes for integration with other programs than PPP (ee)
    347     - Changed the build process, making all options switchable
    348       from the Makefile (ee)
    349     - Fixed minor security hole in alias_ftp.c for other applications
    350       of the aliasing software.  Hole could _not_ manifest in
    351       PPP+pktAlias, but could potentially manifest in other
    352       applications of the aliasing. (ee)
    353     - Connections initiated from packet aliasing host machine will
    354       not have their port number aliased unless it conflicts with
    355       an aliasing port already being used. (There is an option to
    356       disable this for debugging) (cjm)
    357     - Sockets will be allocated in cases where there might be
    358       port interference with the host machine.  This can be disabled
    359       in cases where the ppp host will be acting purely as a
    360       masquerading router and not generate any traffic of its own.
    361       (cjm)
    362 
    363 Version 2.0: March, 1997 (cjm)
    364     - Incoming packets which are not recognised by the packet
    365       aliasing engine are now completely dropped in ip.c.
    366     - Aliasing links are cleared when a host interface address
    367       changes (due to re-dial and dynamic address allocation).
    368     - PacketAliasPermanentLink() API added.
    369     - Option for only aliasing private, unregistered IP addresses
    370       added.
    371     - Substantial rework to the aliasing lookup engine.
    372 
    373 Version 2.1: May, 1997 (cjm)
    374     - Continuing rework to the aliasing lookup engine to support
    375       multiple incoming addresses and static NAT.
    376     - Now supports outgoing as well as incoming ICMP error messages/
    377     - PPP commands to support address and port redirection.
    378 
    379