diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2007-09-19 22:48:24 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2007-09-19 22:48:24 +0000 |
| commit | a6362a37c02b0de1e8176e97f41c5d60d2ec8438 (patch) | |
| tree | 19d828813e10ca4472c60ba9f6479abda48895b0 /security/fwbuilder-devel | |
| parent | 96e8747cf7089339f01f261e2d09cffafab04d1f (diff) | |
| download | ports-a6362a37c02b0de1e8176e97f41c5d60d2ec8438.tar.gz ports-a6362a37c02b0de1e8176e97f41c5d60d2ec8438.zip | |
Add support for Kerberos 5 kshell and Kerberos 4 ekshell using the IP Filter
rcmd proxy.
Notes
Notes:
svn path=/head/; revision=199784
Diffstat (limited to 'security/fwbuilder-devel')
5 files changed, 137 insertions, 0 deletions
diff --git a/security/fwbuilder-devel/Makefile b/security/fwbuilder-devel/Makefile index bbbc0109e6a8..331cea0da4bb 100644 --- a/security/fwbuilder-devel/Makefile +++ b/security/fwbuilder-devel/Makefile @@ -7,6 +7,7 @@ PORTNAME= fwbuilder PORTVERSION= 2.1.14 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}/fwbuilder/ MASTER_SITE_SUBDIR= fwbuilder diff --git a/security/fwbuilder-devel/files/patch-src-gui-ipfAdvancedDialog.cpp b/security/fwbuilder-devel/files/patch-src-gui-ipfAdvancedDialog.cpp new file mode 100644 index 000000000000..c53c042a7cb8 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-gui-ipfAdvancedDialog.cpp @@ -0,0 +1,11 @@ +--- src/gui/ipfAdvancedDialog.cpp.orig 2007-01-06 14:03:25.000000000 -0800 ++++ src/gui/ipfAdvancedDialog.cpp 2007-09-19 11:29:47.000000000 -0700 +@@ -88,6 +88,8 @@ + data.registerOption( ipf_nat_irc_proxy ,fwopt, "ipf_nat_irc_proxy"); + data.registerOption( ipf_nat_ftp_proxy ,fwopt, "ipf_nat_ftp_proxy"); + data.registerOption( ipf_nat_rcmd_proxy ,fwopt, "ipf_nat_rcmd_proxy"); ++ data.registerOption( ipf_nat_krcmd_proxy ,fwopt, "ipf_nat_krcmd_proxy"); ++ data.registerOption( ipf_nat_ekshell_proxy ,fwopt, "ipf_nat_ekshell_proxy"); + data.registerOption( ipf_fw_dir ,fwopt, "firewall_dir" ); + data.registerOption( ipf_user ,fwopt, "admUser" ); + data.registerOption( altAddress ,fwopt, "altAddress" ); diff --git a/security/fwbuilder-devel/files/patch-src-gui-ipfadvanceddialog_q.ui b/security/fwbuilder-devel/files/patch-src-gui-ipfadvanceddialog_q.ui new file mode 100644 index 000000000000..19216ff4bd76 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-gui-ipfadvanceddialog_q.ui @@ -0,0 +1,70 @@ +--- src/gui/ipfadvanceddialog_q.ui.orig 2006-10-23 21:05:57.000000000 -0700 ++++ src/gui/ipfadvanceddialog_q.ui 2007-09-19 14:20:52.000000000 -0700 +@@ -118,7 +118,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="4" column="1"> ++ <widget class="QCheckBox" row="6" column="1"> + <property name="name"> + <cstring>ipf_nat_raudio_proxy</cstring> + </property> +@@ -126,7 +126,7 @@ + <string>Use raudio proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="5" column="1"> ++ <widget class="QCheckBox" row="7" column="1"> + <property name="name"> + <cstring>ipf_nat_h323_proxy</cstring> + </property> +@@ -134,7 +134,7 @@ + <string>Use h323 proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="6" column="1"> ++ <widget class="QCheckBox" row="8" column="1"> + <property name="name"> + <cstring>ipf_nat_ipsec_proxy</cstring> + </property> +@@ -175,6 +175,22 @@ + <string>Use rcmd proxy in NAT rules</string> + </property> + </widget> ++ <widget class="QCheckBox" row="4" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_krcmd_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos rcmd proxy in NAT rules</string> ++ </property> ++ </widget> ++ <widget class="QCheckBox" row="5" column="1"> ++ <property name="name"> ++ <cstring>ipf_nat_ekshell_proxy</cstring> ++ </property> ++ <property name="text"> ++ <string>Use Kerberos ekshell proxy in NAT rules</string> ++ </property> ++ </widget> + <spacer row="9" column="1"> + <property name="name"> + <cstring>spacer36</cstring> +@@ -192,7 +208,7 @@ + </size> + </property> + </spacer> +- <widget class="QCheckBox" row="7" column="1"> ++ <widget class="QCheckBox" row="9" column="1"> + <property name="name"> + <cstring>ipf_nat_pptp_proxy</cstring> + </property> +@@ -200,7 +216,7 @@ + <string>Use PPTP proxy in NAT rules</string> + </property> + </widget> +- <widget class="QCheckBox" row="8" column="1"> ++ <widget class="QCheckBox" row="10" column="1"> + <property name="name"> + <cstring>ipf_nat_irc_proxy</cstring> + </property> diff --git a/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.cpp b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.cpp new file mode 100644 index 000000000000..c219847d030f --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.cpp @@ -0,0 +1,44 @@ +--- src/pflib/NATCompiler_ipf.cpp.orig 2006-09-10 17:41:09.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.cpp 2007-09-19 11:39:40.000000000 -0700 +@@ -398,6 +398,8 @@ + + bool ftp_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ftp_proxy"); + bool rcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_rcmd_proxy"); ++ bool krcmd_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_krcmd_proxy"); ++ bool ekshell_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ekshell_proxy"); + bool raudio_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_raudio_proxy"); + bool h323_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_h323_proxy"); + bool ipsec_proxy = compiler->getCachedFwOpt()->getBool("ipf_nat_ipsec_proxy"); +@@ -407,6 +409,8 @@ + char ipsec_proxy_str[64]; + char ftp_proxy_str[64]; + char rcmd_proxy_str[64]; ++ char krcmd_proxy_str[64]; ++ char ekshell_proxy_str[64]; + char raudio_proxy_str[64]; + char h323_proxy_str[64]; + char pptp_proxy_str[64]; +@@ -415,6 +419,8 @@ + sprintf(ipsec_proxy_str, "proxy port %d ipsec/udp ", ISAKMP_PORT); + sprintf(ftp_proxy_str, "proxy port %d ftp/tcp ", FTP_PORT); + sprintf(rcmd_proxy_str, "proxy port %d rcmd/tcp ", RCMD_PORT); ++ sprintf(krcmd_proxy_str, "proxy port %d rcmd/tcp ", KRCMD_PORT); ++ sprintf(ekshell_proxy_str,"proxy port %d rcmd/tcp ", EKSHELL_PORT); + sprintf(raudio_proxy_str, "proxy port %d raudio/tcp ", RAUDIO_PORT); + sprintf(h323_proxy_str, "proxy port %d h323/tcp ", H323_PORT); + sprintf(pptp_proxy_str, "proxy port %d pptp/tcp ", PPTP_PORT); +@@ -445,6 +451,14 @@ + s->getInt("dst_range_start")==RCMD_PORT && s->getInt("dst_range_end")==RCMD_PORT ) + rule->setStr("nat_rule_proxy",rcmd_proxy_str); + ++ if (krcmd_proxy && ++ s->getInt("dst_range_start")==KRCMD_PORT && s->getInt("dst_range_end")==KRCMD_PORT ) ++ rule->setStr("nat_rule_proxy",krcmd_proxy_str); ++ ++ if (ekshell_proxy && ++ s->getInt("dst_range_start")==EKSHELL_PORT && s->getInt("dst_range_end")==EKSHELL_PORT ) ++ rule->setStr("nat_rule_proxy",ekshell_proxy_str); ++ + if (raudio_proxy && + s->getInt("dst_range_start")==RAUDIO_PORT && s->getInt("dst_range_end")==RAUDIO_PORT ) + rule->setStr("nat_rule_proxy",raudio_proxy_str); diff --git a/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.h b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.h new file mode 100644 index 000000000000..2706197dd5d3 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-pflib-NATCompiler_ipf.h @@ -0,0 +1,11 @@ +--- src/pflib/NATCompiler_ipf.h.orig 2006-05-16 16:00:17.000000000 -0700 ++++ src/pflib/NATCompiler_ipf.h 2007-09-19 10:33:40.000000000 -0700 +@@ -33,6 +33,8 @@ + + #define FTP_PORT 21 + #define RCMD_PORT 514 ++#define KRCMD_PORT 544 ++#define EKSHELL_PORT 2106 + #define H323_PORT 1720 + #define RAUDIO_PORT 5050 + #define ISAKMP_PORT 500 |