netbsd-bugs: bin/30093: ipnat(4) is obsolete

Subject: bin/30093: ipnat(4) is obsolete
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Takahiro Kambe <taca@back-street.net>
List: netbsd-bugs
Date: 04/29/2005 15:46:00
>Number:         30093
>Category:       bin
>Synopsis:       ipnat(4) is obsolete
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Apr 29 15:46:00 +0000 2005
>Originator:     Takahiro Kambe
>Release:        NetBSD 3.99.3
>Organization:
Takahiro Kambe
>Environment:
	
	
System: NetBSD reef.back-street.net 3.99.3 NetBSD 3.99.3 (CF-R3E) #44: Wed Apr 20 10:55:53 JST 2005 taca@reef.back-street.net:/data/i386/obj/sys/arch/i386/compile/CF-R3E i386
Architecture: i386
Machine: i386
>Description:
	ipfnat(4)'s description is obsolete.  It describes:

	    SYNOPSIS
		   #include <netinet/ip_compat.h>
		   #include <netinet/ip_fil.h>
		   #include <netinet/ip_proxy.h>
		   #include <netinet/ip_nat.h>

	    IOCTLS
		   To  add  and  delete rules to the NAT list, two 'basic' ioctls are pro-
		   vided for use.  The ioctl's are called as:

			ioctl(fd, SIOCADNAT, struct ipnat **)
			ioctl(fd, SIOCRMNAT, struct ipnat **)
			ioctl(fd, SIOCGNATS, struct natstat **)
			ioctl(fd, SIOCGNATL, struct natlookup **)

	First, with these header files only, simple test program wouldn't
	compile.

	Next, <netinet/ip_nat.h> defines these ioctl(2) parameters:

	#if defined(__STDC__) || defined(__GNUC__)
	#define	SIOCADNAT	_IOW('r', 60, struct ipfobj)
	#define	SIOCRMNAT	_IOW('r', 61, struct ipfobj)
	#define	SIOCGNATS	_IOWR('r', 62, struct ipfobj)
	#define	SIOCGNATL	_IOWR('r', 63, struct ipfobj)
	#define	SIOCPROXY	_IOWR('r', 64, struct ap_control)
	#else
	#define	SIOCADNAT	_IOW(r, 60, struct ipfobj)
	#define	SIOCRMNAT	_IOW(r, 61, struct ipfobj)
	#define	SIOCGNATS	_IOWR(r, 62, struct ipfobj)
	#define	SIOCGNATL	_IOWR(r, 63, struct ipfobj)
	#define	SIOCPROXY	_IOWR(r, 64, struct ap_control)
	#endif

	Yes, parameters for ioctl(2) are different and SIOCPROXY lacks.

	ipnat(4)'s description is true for IP Filter before 4.0 but
	I don't know what was exact version which changed these API.

>How-To-Repeat:
	Try to compile this code.  (It isn't workable one if it could
	be compiled.)

#include <stdio.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/types.h>
#include <netinet/ip_compat.h>
#include <netinet/ip_fil.h>
#include <netinet/ip_proxy.h>
#include <netinet/ip_nat.h>

main()
{
	int natfd, status;
	struct natlookup natLookup;
	struct natlookup *nlp = &natLookup;

	natfd = open(IPNAT_NAME, O_RDONLY, 0);

	bzero(&natLookup);
	status = ioctl(natfd, SIOCGNATL, &nlp);
}

>Fix:
	Update ipnat(4), manual page.

>Unformatted: