tech-userlevel: Re: pppoe(4) man page in conjunction with Postfix leaves gaping relay

Subject: Re: pppoe(4) man page in conjunction with Postfix leaves gaping relay
To: None <TeCeEm@gmx.net>
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
List: tech-userlevel
Date: 10/02/2003 10:26:45
--NextPart-20031002102634-1563500
Content-Type: Text/Plain; charset=us-ascii

> > Jun-ichiro itojun Hagino wrote:
> > > 	0.0.0.0/8 will not match any source address.  am i mistaken?
> > You are not. However, upon establishing a successful pppoe link the 
> > result looks like this
> >     inet 80.130.149.14 -> 217.5.98.29 netmask 0xff000000
> > which causes Postfix to treat 80.0.0.0/8 as a trusted network to relay for.
> 
> 	now i see the problem.  yes, it has to be fixed (documentation fix only
> 	i suppose).

	does it address your problem?

itojun

--NextPart-20031002102634-1563500
Content-Type: Text/Plain; charset=us-ascii
Content-Disposition: attachment; filename="1"

Index: if_spppsubr.c
===================================================================
RCS file: /cvsroot/src/sys/net/if_spppsubr.c,v
retrieving revision 1.69
diff -u -r1.69 if_spppsubr.c
--- if_spppsubr.c	5 Sep 2003 23:02:41 -0000	1.69
+++ if_spppsubr.c	2 Oct 2003 01:26:12 -0000
@@ -2514,7 +2514,7 @@
 	else
 		sp->pp_phase = SPPP_PHASE_NETWORK;
 
-	if(debug)
+	if (debug)
 	{
 		log(LOG_INFO, "%s: phase %s\n", ifp->if_xname,
 		    sppp_phase_name(sp->pp_phase));
@@ -2561,7 +2561,7 @@
 
 	sp->pp_phase = SPPP_PHASE_TERMINATE;
 
-	if(debug)
+	if (debug)
 	{
 		log(LOG_INFO, "%s: phase %s\n", ifp->if_xname,
 			sppp_phase_name(sp->pp_phase));
@@ -2594,7 +2594,7 @@
 
 	sp->pp_phase = SPPP_PHASE_ESTABLISH;
 
-	if(debug)
+	if (debug)
 	{
 		log(LOG_INFO, "%s: phase %s\n", ifp->if_xname,
 			sppp_phase_name(sp->pp_phase));
@@ -2612,7 +2612,7 @@
 
 	sp->pp_phase = SPPP_PHASE_DEAD;
 
-	if(debug)
+	if (debug)
 	{
 		log(LOG_INFO, "%s: phase %s\n", ifp->if_xname,
 			sppp_phase_name(sp->pp_phase));
@@ -4759,6 +4759,7 @@
 	struct ifaddr *ifa;
 	struct sockaddr_in *si;
 	struct sockaddr_in *dest;
+	struct sockaddr_in *mask;
 
 	/*
 	 * Pick the first AF_INET address from the list,
@@ -4772,6 +4773,7 @@
 		{
 			si = (struct sockaddr_in *)ifa->ifa_addr;
 			dest = (struct sockaddr_in *)ifa->ifa_dstaddr;
+			mask = (struct sockaddr_in *)ifa->ifa_netmask;
 			if (si)
 				break;
 		}
@@ -4799,8 +4801,13 @@
 				*dest = new_dst; /* fix dstaddr in place */
 			}
 		}
+		if (myaddr != 0 || hisaddr != 0) {
+			memset(mask, 0, sizeof(*mask));
+			mask->sin_len = sizeof(*mask);
+			mask->sin_addr.s_addr = 0xffffffff;
+		}
 		error = in_ifinit(ifp, ifatoia(ifa), &new_sin, 0);
-		if(debug && error)
+		if (debug && error)
 		{
 			log(LOG_DEBUG, "%s: sppp_set_ip_addrs: in_ifinit "
 			" failed, error=%d\n", ifp->if_xname, error);
@@ -5019,7 +5026,7 @@
 		    }
 		}
 		if (cfg->hisname_length == 0) {
-		    if(sp->hisauth.name != NULL)
+		    if (sp->hisauth.name != NULL)
 			cfg->hisname_length = sp->hisauth.name_len + 1;
 		} else {
 		    if (sp->hisauth.name == NULL) {
@@ -5215,7 +5222,7 @@
 
 	sp->pp_phase = SPPP_PHASE_NETWORK;
 
-	if(debug)
+	if (debug)
 	{
 		log(LOG_INFO, "%s: phase %s\n", ifp->if_xname,
 			sppp_phase_name(sp->pp_phase));

--NextPart-20031002102634-1563500--