--- redir-2.2.1.orig/debian/redir.docs +++ redir-2.2.1/debian/redir.docs @@ -0,0 +1,3 @@ +README +transproxy.txt +redir-2.2.lsm --- redir-2.2.1.orig/debian/README.source +++ redir-2.2.1/debian/README.source @@ -0,0 +1,38 @@ +This package uses dpatch to manage all modifications to the upstream +source. Changes are stored in the source package as diffs in +debian/patches and applied during the build. + +To get the fully patched source after unpacking the source package, cd +to the root level of the source package and run: + + debian/rules patch + +Removing a patch is as simple as removing its entry from the +debian/patches/00list file, and please also remove the patch file +itself. + +Creating a new patch is done with "dpatch-edit-patch patch XX_patchname" +where you should replace XX with a new number and patchname with a +descriptive shortname of the patch. You can then simply edit all the +files your patch wants to edit, and then simply "exit 0" from the shell +to actually create the patch file. + +To tweak an already existing patch, call "dpatch-edit-patch XX_patchname" +and replace XX_patchname with the actual filename from debian/patches +you want to use. + +To clean up afterwards again, "debian/rules unpatch" will do the +work for you - or you can of course choose to call +"fakeroot debian/rules clean" all together. + + +--- + +this documentation is part of dpatch package, and may be used by +packages using dpatch to comply with policy on README.source. This +documentation is meant to be useful to users who are not proficient in +dpatch in doing work with dpatch-based packages. Please send any +improvements to the BTS of dpatch package. + +original text by Gerfried Fuchs, edited by Junichi Uekawa +10 Aug 2008. --- redir-2.2.1.orig/debian/rules +++ redir-2.2.1/debian/rules @@ -0,0 +1,62 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# This file is public domain software, originally written by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +build: build-stamp +build-stamp: patch + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + + touch build-stamp + + +patch: patch-stamp +patch-stamp: + dpatch apply-all + touch patch-stamp + +unpatch: + dpatch deapply-all + rm -rf patch-stamp debian/patched + +clean: clean-patched unpatch +clean-patched: + dh_testdir + dh_testroot + rm -f build-stamp + + # Add here commands to clean up after the build process. + $(MAKE) clean + #-$(MAKE) distclean + + dh_clean + +# Build architecture-independent files here. +binary-indep: build +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build + dh_testdir + dh_testroot + dh_installchangelogs CHANGES + dh_installdocs + dh_install + dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary --- redir-2.2.1.orig/debian/redir.install +++ redir-2.2.1/debian/redir.install @@ -0,0 +1 @@ +redir usr/bin --- redir-2.2.1.orig/debian/notes +++ redir-2.2.1/debian/notes @@ -0,0 +1,20 @@ +I stumbled across this tool when I needed to redirect some outside traffic +to an inside machine (firewall of course realized with IP Masquerading...) + +I took one machine that was visible from the outside and redirected +traffic coming from the outside to the inside host while keeping the +ability to connect to that server from the inside. + +The following /etc/hosts.allow did the trick: + +in.telnetd: .school.edu +# Dont touch the above statement enables regular on campus telnet access +# to host. +# +# Add to lalug.org whatever hosts need access to the insidehost +in.telnetd: lalug.org : twist /usr/sbin/redir --inetd --chost=insidehost -cport=23 + +The first line allows regular access from our school. The second +allows special access from that outside host to the inside machine. + +Christoph Lameter, --- redir-2.2.1.orig/debian/copyright +++ redir-2.2.1/debian/copyright @@ -0,0 +1,20 @@ +redir + +This is the Debian GNU/Linux prepackaged version of redir. The Source is +downloaded from + +http://sammy.net/~sammy/hacks/redir-2.2.1.tar.gz + +a simple TCP Port Redirector + +Initial Debian Package was put together by Christoph Lameter, current +maintainer is Daniel Kahn Gillmor . + +redir is Copyright 1996-1999 Nigel Metheringham, Sam Creasey, Thomas +Osterried, Harald Holzer, and Emmanuel Chantréau. + +All modifications for debian are copyright by Christoph Lameter +(-1996), Bernd Eckenfels (1996-2005), and Daniel Kahn Gillmor (2005-) + +It is released under GPL version 2 or later (see +/usr/share/common-licenses/GPL-2). --- redir-2.2.1.orig/debian/changelog +++ redir-2.2.1/debian/changelog @@ -0,0 +1,169 @@ +redir (2.2.1-9) unstable; urgency=low + + * updated my e-mail address. + * fix calls to setsockopt to ensure that SO_REUSEADDR and SO_LINGER take + effect (Closes: #508140) + * bumped policy to 3.8.0 (added README.source) + * clean up manpage to make lintian happy. + + -- Daniel Kahn Gillmor Tue, 03 Mar 2009 19:04:40 -0500 + +redir (2.2.1-8) unstable; urgency=low + + * added Homepage, Vcs-Svn, Vcs-Browser, and XS-Dm-Upload-Allowed fields + to debian/control + * Bumped Standards-Version: to 3.7.3 (no changes needed) + + -- Daniel Kahn Gillmor Sun, 13 Jan 2008 14:39:30 -0500 + +redir (2.2.1-7) unstable; urgency=low + + * clean up diff.gz + + -- Daniel Kahn Gillmor Wed, 15 Aug 2007 16:13:14 -0400 + +redir (2.2.1-6) unstable; urgency=low + + * (Unreleased) don't strip binaries by default. Thanks, Julien + Danjou (Closes: #437898) + * bumped policy + * format Homepage in description. + * fix inetd example in notes file to match modern syntax + + -- Daniel Kahn Gillmor Wed, 15 Aug 2007 14:56:58 -0400 + +redir (2.2.1-5) unstable; urgency=low + + * (Unreleased) switched to debhelper compatibility version 5 + + -- Daniel Kahn Gillmor Fri, 25 Nov 2005 21:30:33 -0500 + +redir (2.2.1-4) unstable; urgency=low + + * (Unreleased) modified debian/watch to use the fancier version + suggested by the watch wizard at http://dehs.alioth.debian.org/ + -- Daniel Kahn Gillmor Fri, 25 Nov 2005 12:42:51 -0500 + +redir (2.2.1-3) unstable; urgency=low + + * (Unreleased) added debian/watch + + -- Daniel Kahn Gillmor Thu, 24 Nov 2005 01:10:16 -0500 + +redir (2.2.1-2) unstable; urgency=low + + * Now using dpatch + * fixed timeouts to only happen after full duration of inactivity, + rather than absolute. Thanks to Robert de Bath (Closes: #142382) + * fixed problematic buffer allocation introduced by bandwidth + throttling (Closes: #335288). + * Builds without any warnings from gcc, even with --pedantic + + -- Daniel Kahn Gillmor Sun, 23 Oct 2005 00:06:48 -0400 + +redir (2.2.1-1) unstable; urgency=low + + * New maintainer (closes: #328602) + * new upstream release, includes upstream's bandwidth throttling + (Closes: #147061, #139197) + * changed flag in docs from --maxbandwidth to --max_bandwidth + to match source. + * changed priority from optional to extra to match override + * redir-2.1.lsm changed to redir-2.2.lsm found at + http://www.ibiblio.org/linsearch/lsms/redir-2.2.html + * debian/control: version from 3.6.1.0 to 3.6.2.1 (no changes) + * debian/rules: now using debhelper, compatibility level 4 + + -- Daniel Kahn Gillmor Fri, 21 Oct 2005 23:54:05 -0400 + +redir (2.1-3) unstable; urgency=low + + * thanks for the NMU (Closes: #190515) + Looking for new Maintainer, see #328602 + * redir.c: fixed compile warnings (Closes: #291835) + * debian/copyright: fixed download url (Closes: #188299) + * debian/control: description typo fix (Closes: #277257) + * debian/copyright: make lintian happy - point to common-licenses + * debian/control: version from 3.1.1 to 3.6.1.0 (no changes) + + -- Bernd Eckenfels Fri, 16 Sep 2005 18:47:50 +0200 + +redir (2.1-2.1) unstable; urgency=low + + * NMU. + * Add Build-Depends on debhelper and libwrap0-dev. Closes: #190515. + + -- Daniel Schepler Mon, 18 Aug 2003 00:57:34 -0700 + +redir (2.1-2) unstable; urgency=low + + * use TCP_WRAPPER (closes: #66512) + * closes: #54247 (added a few ntohs() calls and reported it upstream) + * closes: #52518 (ignore accept errors) + * closes: #40260 (supported in 2.1) + * include section and priority in bin package (dh_gencontrol -- -isp) + + -- Bernd Eckenfels Sun, 23 Jul 2000 04:58:43 +0200 + +redir (2.1-1) unstable; urgency=low + + * new upstream release (#50815, #34500) + * new package upload of source and diff (#44259) + * fixed spelling in manpage (#36821, #36143) + + -- Bernd Eckenfels Sun, 21 Nov 1999 18:59:20 +0100 + +redir (1.2-1) unstable; urgency=low + + * new upstream release + * adds support for ftp + * adds support for transparency (Bug#13983) + + -- Bernd Eckenfels Sun, 1 Nov 1998 08:19:17 +0100 + +redir (1.0-2) unstable; urgency=low + + * make lintian happy (changelog.Debian) + * fixed typo in describtion + + -- Bernd Eckenfels Sun, 1 Nov 1998 08:19:17 +0100 + +redir (1.0-1) unstable; urgency=low + + * fixed a few compiler warnings (again), reported to upstream author + * new upstream source (Bug#27552) + + -- Bernd Eckenfels Sun, 1 Nov 1998 07:00:50 +0100 + +redir (0.7-4) frozen; urgency=low + + * fixed short describtion (#9925) + * added casting to setsockopt to fix compiler warning + + -- Bernd Eckenfels Sat, 18 Apr 1998 22:27:53 +0200 + +redir (0.7-3) frozen unstable; urgency=low + + * New Maintainer (old: Christoph Lameter ) + * more verbose copyright file + * removed /usr/doc/copyright + * compressed docu and man page + * clean removes debian/substvars + * fix permission of man page (bug#5552) + + -- Christoph Lameter Thu, 21 Nov 1996 21:14:54 +0100 + +redir (0.7-2) unstable; urgency=low + + * Forgot to install the copyright file into /usr/doc/copyright + + -- Christoph Lameter Sat, 21 Sep 1996 14:51:46 +0800 + +redir (0.7-1) unstable; urgency=low + + * Initial Release + + -- Christoph Lameter Tue, 17 Sep 1996 14:51:46 +0800 + + + --- redir-2.2.1.orig/debian/watch +++ redir-2.2.1/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://sammy.net/~sammy/hacks/ (?:.*/)?redir-?_?([\d+\.]+|\d+)\.tar.* debian uupdate --- redir-2.2.1.orig/debian/redir.dirs +++ redir-2.2.1/debian/redir.dirs @@ -0,0 +1,3 @@ +usr/bin +usr/share/doc/redir +usr/share/man/man1 --- redir-2.2.1.orig/debian/compat +++ redir-2.2.1/debian/compat @@ -0,0 +1 @@ +5 --- redir-2.2.1.orig/debian/control +++ redir-2.2.1/debian/control @@ -0,0 +1,25 @@ +Source: redir +Section: net +Priority: extra +Maintainer: Daniel Kahn Gillmor +Build-Depends: debhelper (>=5), libwrap0-dev, dpatch +Standards-Version: 3.8.0 +Homepage: http://sammy.net/~sammy/hacks/ +Vcs-Svn: http://cmrg.fifthhorseman.net/svn/trunk/redir +Vcs-Browser: http://cmrg.fifthhorseman.net/browser/trunk/redir +Dm-Upload-Allowed: yes + +Package: redir +Architecture: any +Depends: ${shlibs:Depends} +Description: Redirect TCP connections + It can run under inetd or stand alone (in which case it handles + multiple connections). It is 8 bit clean, not limited to line + mode, is small and light. Supports transparency, FTP redirects, http + proxying, and bandwidth limiting. + . + redir is all you need to redirect traffic across firewalls authenticate + based on an IP address etc. No need for the firewall toolkit. The + functionality of inetd/tcpd and "redir" will allow you to do everything + you need without screwy telnet/ftp etc gateways. (I assume you are running + IP Masquerading of course.) --- redir-2.2.1.orig/debian/redir.manpages +++ redir-2.2.1/debian/redir.manpages @@ -0,0 +1 @@ +redir.man --- redir-2.2.1.orig/debian/patches/05_pedantic.dpatch +++ redir-2.2.1/debian/patches/05_pedantic.dpatch @@ -0,0 +1,183 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 05_pedantic.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: changes to make clean up compilation + +@DPATCH@ +diff -urNad redir-2.2.1~/Makefile redir-2.2.1/Makefile +--- redir-2.2.1~/Makefile 2005-10-22 23:11:41.000000000 -0400 ++++ redir-2.2.1/Makefile 2005-10-22 23:11:48.818368360 -0400 +@@ -32,7 +32,7 @@ + # if your system lacks getopt_long, remove the comment from this line + OBJS = redir.o $(GETOPT_OBJS) + +-CFLAGS = -O2 -Wall $(STR_CFLAGS) $(WRAP_CFLAGS) $(EXTRA_CFLAGS) ++CFLAGS = -O2 -Wall --pedantic $(STR_CFLAGS) $(WRAP_CFLAGS) $(EXTRA_CFLAGS) + LDFLAGS = -s + + # solaris, and others, may also need these libraries to link +diff -urNad redir-2.2.1~/redir.c redir-2.2.1/redir.c +--- redir-2.2.1~/redir.c 2005-10-22 23:11:48.282449832 -0400 ++++ redir-2.2.1/redir.c 2005-10-22 23:12:23.201141384 -0400 +@@ -73,6 +73,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -460,7 +461,7 @@ + int lport, rport; + int remip[4]; + int localsock; +- int socksize = sizeof(struct sockaddr_in); ++ size_t socksize = sizeof(struct sockaddr_in); + + struct sockaddr_in newsession; + struct sockaddr_in sockname; +@@ -509,7 +510,7 @@ + if(getsockname(localsock, (struct sockaddr *)&sockname, &socksize) < 0) { + perror("getsockname"); + if (dosyslog) +- syslog(LOG_ERR, "getsockname failed: %m"); ++ syslog(LOG_ERR, "getsockname failed: %s",strerror(errno)); + exit(1); + } + +@@ -562,7 +563,7 @@ + switch(fork()) + { + case -1: /* Error */ +- syslog(LOG_ERR, "Couldn't fork: %m"); ++ syslog(LOG_ERR, "Couldn't fork: %s",strerror(errno)); + _exit(1); + case 0: /* Child */ + { +@@ -723,7 +724,7 @@ + int clisock; + int targetsock; + struct sockaddr_in client; +- int clientlen = sizeof(client); ++ size_t clientlen = sizeof(client); + int accept_errno; + + debug("top of accept loop\n"); +@@ -734,7 +735,7 @@ + perror("server: accept"); + + if (dosyslog) +- syslog(LOG_ERR, "accept failed: %m"); ++ syslog(LOG_ERR, "accept failed: %s",strerror(errno)); + + /* determine if this error is fatal */ + switch(accept_errno) { +@@ -768,7 +769,7 @@ + perror("(server) fork"); + + if (dosyslog) +- syslog(LOG_ERR, "(server) fork failed: %m"); ++ syslog(LOG_ERR, "(server) fork failed: %s",strerror(errno)); + + _exit(1); + case 0: /* Child */ +@@ -795,7 +796,7 @@ + perror("(child) fork"); + + if (dosyslog) +- syslog(LOG_ERR, "(child) fork failed: %m"); ++ syslog(LOG_ERR, "(child) fork failed: %s",strerror(errno)); + + _exit(1); + case 0: /* Child */ +@@ -826,7 +827,7 @@ + perror("target: socket"); + + if (dosyslog) +- syslog(LOG_ERR, "socket failed: %m"); ++ syslog(LOG_ERR, "socket failed: %s",strerror(errno)); + + _exit(1); + } +@@ -850,7 +851,7 @@ + only be different if the input value is 0 (let the system pick a + port) */ + if (dosyslog) +- syslog(LOG_ERR, "bind failed: %m"); ++ syslog(LOG_ERR, "bind failed: %s",strerror(errno)); + + _exit(1); + } +@@ -862,7 +863,7 @@ + perror("target: connect"); + + if (dosyslog) +- syslog(LOG_ERR, "bind failed: %m"); ++ syslog(LOG_ERR, "bind failed: %s",strerror(errno)); + + _exit(1); + } +@@ -923,7 +924,7 @@ + perror("server: socket"); + + if (dosyslog) +- syslog(LOG_ERR, "socket failed: %m"); ++ syslog(LOG_ERR, "socket failed: %s",strerror(errno)); + + exit(1); + } +@@ -962,7 +963,7 @@ + perror("server: bind"); + + if (dosyslog) +- syslog(LOG_ERR, "bind failed: %m"); ++ syslog(LOG_ERR, "bind failed: %s",strerror(errno)); + + exit(1); + } +@@ -980,7 +981,7 @@ + perror("server: listen"); + + if (dosyslog) +- syslog(LOG_ERR, "listen failed: %m"); ++ syslog(LOG_ERR, "listen failed: %s",strerror(errno)); + + exit(1); + } +@@ -1059,7 +1060,7 @@ + if (inetd) { + int targetsock; + struct sockaddr_in client; +- int client_size = sizeof(client); ++ size_t client_size = sizeof(client); + + #ifdef USE_TCP_WRAPPERS + request_init(&request, RQ_DAEMON, ident, RQ_FILE, 0, 0); +@@ -1079,7 +1080,7 @@ + perror("target: socket"); + + if (dosyslog) +- syslog(LOG_ERR, "targetsock failed: %m"); ++ syslog(LOG_ERR, "targetsock failed: %s",strerror(errno)); + + exit(1); + } +@@ -1097,7 +1098,7 @@ + perror("bind_addr: cannot bind to forcerd outgoing addr"); + + if (dosyslog) +- syslog(LOG_ERR, "bind failed: %m"); ++ syslog(LOG_ERR, "bind failed: %s",strerror(errno)); + + exit(1); + } +@@ -1109,7 +1110,7 @@ + perror("target: connect"); + + if (dosyslog) +- syslog(LOG_ERR, "connect failed: %m"); ++ syslog(LOG_ERR, "connect failed: %s",strerror(errno)); + + exit(1); + } --- redir-2.2.1.orig/debian/patches/25_fix_setsockopt.dpatch +++ redir-2.2.1/debian/patches/25_fix_setsockopt.dpatch @@ -0,0 +1,62 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 25_fix_setsockopt.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Ensure that the server socket has SO_REUSEADDR and SO_LINGER set properly. + +@DPATCH@ +diff -urNad redir~/redir.c redir/redir.c +--- redir~/redir.c 2009-03-03 17:35:12.022427586 -0500 ++++ redir/redir.c 2009-03-03 17:45:28.998426896 -0500 +@@ -90,8 +90,8 @@ + /* let's set up some globals... */ + int dodebug = 0; + int dosyslog = 0; +-unsigned char reuse_addr = 1; +-unsigned char linger_opt = 0; ++int reuse_addr = 1; /* allow address reuse */ ++struct linger linger_opt = { 0, 0}; /* do not linger */ + char * bind_addr = NULL; + struct sockaddr_in addr_out; + int timeout = 0; +@@ -906,6 +906,7 @@ + + int servsock; + struct sockaddr_in server; ++ int ret; + + /* + * Get a socket to work with. This socket will +@@ -944,8 +945,30 @@ + server.sin_addr.s_addr = htonl(inet_addr("0.0.0.0")); + } + +- setsockopt(servsock, SOL_SOCKET, SO_REUSEADDR, &reuse_addr, sizeof(reuse_addr)); +- setsockopt(servsock, SOL_SOCKET, SO_LINGER, &linger_opt, sizeof(SO_LINGER)); ++ ret = setsockopt(servsock, SOL_SOCKET, SO_REUSEADDR, &reuse_addr, sizeof(reuse_addr)); ++ if (ret != 0) { ++ if(fail) { ++ return -1; ++ } ++ else { ++ perror("server: setsockopt (SO_REUSEADDR)"); ++ if (dosyslog) ++ syslog(LOG_ERR, "setsockopt failed with SO_REUSEADDR: %s",strerror(errno)); ++ exit(1); ++ } ++ } ++ ret = setsockopt(servsock, SOL_SOCKET, SO_LINGER, &linger_opt, sizeof(linger_opt)); ++ if (ret != 0) { ++ if(fail) { ++ return -1; ++ } ++ else { ++ perror("server: setsockopt (SO_LINGER)"); ++ if (dosyslog) ++ syslog(LOG_ERR, "setsockopt failed with SO_LINGER: %s",strerror(errno)); ++ exit(1); ++ } ++ } + + /* + * Try to bind the address to the socket. --- redir-2.2.1.orig/debian/patches/00list +++ redir-2.2.1/debian/patches/00list @@ -0,0 +1,13 @@ +01_fix_max_bandwidth_docs.dpatch +02_use_ntohs.dpatch +03_fix_tcp_wrappers.dpatch +04_fix_timeouts.dpatch +05_pedantic.dpatch +06_fix_shaper_buffer.dpatch +07_cosmetics.dpatch +08_add_wrappers.dpatch +09_add_linux_software_map.dpatch +15_deb_cosmetics.dpatch +20_do_not_strip.dpatch +25_fix_setsockopt.dpatch +30_fix_manpage.dpatch --- redir-2.2.1.orig/debian/patches/15_deb_cosmetics.dpatch +++ redir-2.2.1/debian/patches/15_deb_cosmetics.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 15_deb_cosmetics.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Cosmetic changes applicable only to debian + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.man redir-2.2.1/redir.man +--- redir-2.2.1~/redir.man 2005-10-22 21:47:44.067287096 -0400 ++++ redir-2.2.1/redir.man 2005-10-22 21:48:34.218662928 -0400 +@@ -92,7 +92,7 @@ + .B \--transproxy + On a linux system with transparent proxying enabled, causes redir to + make connections appear as if they had come from their true origin. +-(see transproxy.txt in the source archive) ++(see /usr/share/doc/redir/transproxy.txt) + .TP + .B \--connect + Redirects connections through an HTTP proxy which supports the CONNECT --- redir-2.2.1.orig/debian/patches/02_use_ntohs.dpatch +++ redir-2.2.1/debian/patches/02_use_ntohs.dpatch @@ -0,0 +1,50 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 02_use_ntohs.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: use ntohs() to generate comprehensible debug()s and syslog()s. + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.c redir-2.2.1/redir.c +--- redir-2.2.1~/redir.c 1999-12-26 15:50:06.000000000 -0500 ++++ redir-2.2.1/redir.c 2005-10-22 21:29:55.491735272 -0400 +@@ -745,7 +745,7 @@ + } + + debug1("peer IP is %s\n", inet_ntoa(client.sin_addr)); +- debug1("peer socket is %d\n", client.sin_port); ++ debug1("peer socket is %d\n", ntohs(client.sin_port)); + + /* + * Double fork here so we don't have to wait later +@@ -871,8 +871,8 @@ + strcpy(tmp2, inet_ntoa(target->sin_addr)); + + syslog(LOG_NOTICE, "connecting %s/%d to %s/%d", +- tmp1, client.sin_port, +- tmp2, target->sin_port); ++ tmp1, ntohs(client.sin_port), ++ tmp2, ntohs(target->sin_port)); + } + + /* do proxy stuff */ +@@ -1066,7 +1066,7 @@ + + if (!getpeername(0, (struct sockaddr *) &client, &client_size)) { + debug1("peer IP is %s\n", inet_ntoa(client.sin_addr)); +- debug1("peer socket is %d\n", client.sin_port); ++ debug1("peer socket is %d\n", ntohs(client.sin_port)); + } + if ((targetsock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + perror("target: socket"); +@@ -1109,8 +1109,8 @@ + + if (dosyslog) { + syslog(LOG_NOTICE, "connecting %s/%d to %s/%d", +- inet_ntoa(client.sin_addr), client.sin_port, +- target_ip, target.sin_port); ++ inet_ntoa(client.sin_addr), ntohs(client.sin_port), ++ target_ip, ntohs(target.sin_port)); + } + + /* Just start copying - one side of the loop is stdin - 0 */ --- redir-2.2.1.orig/debian/patches/01_fix_max_bandwidth_docs.dpatch +++ redir-2.2.1/debian/patches/01_fix_max_bandwidth_docs.dpatch @@ -0,0 +1,61 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 01_fix_max_bandwidth_docs.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix docs and --help to show --max_bandwidth instead of --maxbandwidth + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.c redir-2.2.1/redir.c +--- redir-2.2.1~/redir.c 1999-12-26 15:50:06.000000000 -0500 ++++ redir-2.2.1/redir.c 2005-10-22 21:21:56.849499952 -0400 +@@ -233,7 +233,7 @@ + #ifndef NO_SHAPER + /* options for bandwidth */ + fprintf(stderr, "\t\t--bufsize=\tsize of the buffer\n"); +- fprintf(stderr, "\t\t--maxbandwidth=\tlimit the bandwidth\n"); ++ fprintf(stderr, "\t\t--max_bandwidth=\tlimit the bandwidth\n"); + fprintf(stderr, "\t\t--random_wait=\twait before each packet\n"); + fprintf(stderr, "\t\t--wait_in_out=\t1 wait for in, 2 out, 3 in&out\n"); + /* end options for bandwidth */ +diff -urNad redir-2.2.1~/redir.man redir-2.2.1/redir.man +--- redir-2.2.1~/redir.man 1999-12-26 15:52:24.000000000 -0500 ++++ redir-2.2.1/redir.man 2005-10-22 21:22:28.882630176 -0400 +@@ -18,7 +18,7 @@ + .I --lport=port + .I --cport=port + .RB [ \--bufsize=n ] +-.RB [ \--maxbandwidth=n ] ++.RB [ \--max_bandwidth=n ] + .RB [ \--random_wait=n ] + .RB [ \--wait_in_out=n ] + .ll -8 +@@ -35,7 +35,7 @@ + .RB [ \--connect=host:port ] + .I --cport=port + .RB [ \--bufsize=n ] +-.RB [ \--maxbandwidth=n ] ++.RB [ \--max_bandwidth=n ] + .RB [ \--random_wait=n ] + .RB [ \--wait_in_out=n ] + .ll -8 +@@ -102,9 +102,9 @@ + .TP + .B \--bufsize n + Set the bufsize (defaut 4096) in bytes. Can be used combined with +---maxbandwidth or --random_wait to simulate a slow connection. ++--max_bandwidth or --random_wait to simulate a slow connection. + .TP +-.B \--maxbandwidth n ++.B \--max_bandwidth n + Reduce the bandwidth to be no more than n bits/sec. The algorithme is + basic, the goal is to simulate a slow connection, so there is no pic + acceptance. +@@ -115,7 +115,7 @@ + than the bufsize (see also --bufsize). + .TP + .B \--wait_in_out n +-Apply --maxbandwidth and --random_wait for input if n=1, output if n=2 and ++Apply --max_bandwidth and --random_wait for input if n=1, output if n=2 and + both if n=3. + .SH "SEE ALSO" + inetd(1) --- redir-2.2.1.orig/debian/patches/09_add_linux_software_map.dpatch +++ redir-2.2.1/debian/patches/09_add_linux_software_map.dpatch @@ -0,0 +1,23 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 09_add_linux_software_map.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Add linux software map file + +@DPATCH@ + +--- redir-2.2.1.orig/redir-2.2.lsm ++++ redir-2.2.1/redir-2.2.lsm +@@ -0,0 +1,11 @@ ++Begin3 ++Title: redir ++Version: 2.2 ++Entered-date: 15DEC1999 ++Description: TCP Port redirector (for firewalls etc). ++Keywords: tcp port redirector bouncer proxy ++Author: sammy@oh.verio.com ++Primary-site: sunsite.unc.edu /pub/Linux/system/Network/daemons ++ 39936 redir-2.2.tar.gz ++Copying-policy: GPL ++End + --- redir-2.2.1.orig/debian/patches/06_fix_shaper_buffer.dpatch +++ redir-2.2.1/debian/patches/06_fix_shaper_buffer.dpatch @@ -0,0 +1,63 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 06_fix_shaper_buffer.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: properly allocate copyloop buffer + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.c redir-2.2.1/redir.c +--- redir-2.2.1~/redir.c 2005-10-22 23:20:05.235901424 -0400 ++++ redir-2.2.1/redir.c 2005-10-22 23:22:20.198384008 -0400 +@@ -260,7 +260,7 @@ + #endif + int *transproxy, + #ifndef NO_SHAPER +- unsigned int * bufsize, ++ unsigned int * bufsizeout, + int * max_bandwidth, + int * random_wait, + int * wait_in_out, +@@ -367,7 +367,7 @@ + + #ifndef NO_SHAPER + case 'z': +- *bufsize = (unsigned int)atol(optarg); ++ *bufsizeout = (unsigned int)atol(optarg); + break; + + case 'm': +@@ -594,7 +594,7 @@ + unsigned long bytes_in = 0; + unsigned long bytes_out = 0; + unsigned int start_time, end_time; +- char buf[bufsize]; ++ char* buf = malloc(bufsize); + + /* Record start time */ + start_time = (unsigned int) time(NULL); +@@ -637,7 +637,7 @@ + } + + if(FD_ISSET(insock, &c_iofds)) { +- if((bytes = read(insock, buf, sizeof(buf))) <= 0) ++ if((bytes = read(insock, buf, bufsize)) <= 0) + break; + #ifndef NO_FTP + if (ftp & FTP_PORT) +@@ -652,7 +652,7 @@ + bytes_out += bytes; + } + if(FD_ISSET(outsock, &c_iofds)) { +- if((bytes = read(outsock, buf, sizeof(buf))) <= 0) ++ if((bytes = read(outsock, buf, bufsize)) <= 0) + break; + /* if we're correcting for PASV on ftp redirections, then + fix buf and bytes to have the new address, among other +@@ -689,6 +689,7 @@ + syslog(LOG_NOTICE, "disconnect %d secs, %ld in %ld out", + (end_time - start_time), bytes_in, bytes_out); + } ++ free(buf); + return; + } + --- redir-2.2.1.orig/debian/patches/20_do_not_strip.dpatch +++ redir-2.2.1/debian/patches/20_do_not_strip.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 20_do_not_strip.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: don't strip by default. let dh_strip take care of it. + +@DPATCH@ +diff -urNad redir-2.2.1~/Makefile redir-2.2.1/Makefile +--- redir-2.2.1~/Makefile 2007-08-15 14:53:41.908911693 -0400 ++++ redir-2.2.1/Makefile 2007-08-15 14:53:59.409909018 -0400 +@@ -33,7 +33,7 @@ + OBJS = redir.o $(GETOPT_OBJS) + + CFLAGS = -O2 -Wall --pedantic $(STR_CFLAGS) $(WRAP_CFLAGS) $(EXTRA_CFLAGS) +-LDFLAGS = -s ++LDFLAGS = # -s + + # solaris, and others, may also need these libraries to link + # also edit here if you're using the TCP wrappers code --- redir-2.2.1.orig/debian/patches/08_add_wrappers.dpatch +++ redir-2.2.1/debian/patches/08_add_wrappers.dpatch @@ -0,0 +1,22 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 08_add_wrappers.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Enabling TCP wrapper support + +@DPATCH@ + +--- redir-2.2.1.orig/Makefile ++++ redir-2.2.1/Makefile +@@ -9,8 +9,8 @@ + # if you would like support for TCP wrappers (and have libwrap.a + # installed), remove these comments. + +-WRAP_CFLAGS = # -DUSE_TCP_WRAPPERS +-WRAP_LIBS = # -lwrap ++WRAP_CFLAGS = -DUSE_TCP_WRAPPERS ++WRAP_LIBS = -lwrap + + # if your system needs any additional libraries (solaris, for example, + # needs the ones commented out below), edit this line. + --- redir-2.2.1.orig/debian/patches/04_fix_timeouts.dpatch +++ redir-2.2.1/debian/patches/04_fix_timeouts.dpatch @@ -0,0 +1,45 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 04_fix_timeouts.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Apply a close approximation of Robert de Bath's patch for bug #142382 + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.c redir-2.2.1/redir.c +--- redir-2.2.1~/redir.c 2005-10-22 22:44:39.504061784 -0400 ++++ redir-2.2.1/redir.c 2005-10-22 22:47:14.746461352 -0400 +@@ -598,10 +598,6 @@ + /* Record start time */ + start_time = (unsigned int) time(NULL); + +- /* Set up timeout */ +- timeout.tv_sec = timeout_secs; +- timeout.tv_usec = 0; +- + /* file descriptor bits */ + FD_ZERO(&iofds); + FD_SET(insock, &iofds); +@@ -618,14 +614,21 @@ + while(1) { + (void) memcpy(&c_iofds, &iofds, sizeof(iofds)); + ++ /* Set up timeout, Linux returns seconds left in this structure ++ * so we have to reset it before each select(). */ ++ timeout.tv_sec = timeout_secs; ++ timeout.tv_usec = 0; ++ + + if (select(max_fd + 1, + &c_iofds, + (fd_set *)0, + (fd_set *)0, + (timeout_secs ? &timeout : NULL)) <= 0) { +- /* syslog(LLEV,"connection timeout: %d sec",timeout.tv_sec);*/ +- break; ++ if (dosyslog) { ++ syslog(LOG_NOTICE,"connection timeout: %d sec",timeout_secs); ++ } ++ break; + } + + if(FD_ISSET(insock, &c_iofds)) { --- redir-2.2.1.orig/debian/patches/03_fix_tcp_wrappers.dpatch +++ redir-2.2.1/debian/patches/03_fix_tcp_wrappers.dpatch @@ -0,0 +1,32 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 03_fix_tcp_wrappers.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: fix calls to tcp wrappers + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.c redir-2.2.1/redir.c +--- redir-2.2.1~/redir.c 2005-10-22 22:10:11.439455392 -0400 ++++ redir-2.2.1/redir.c 2005-10-22 22:10:51.625346208 -0400 +@@ -802,8 +802,8 @@ + #ifdef USE_TCP_WRAPPERS + request_init(&request, RQ_DAEMON, ident, RQ_FILE, clisock, 0); + sock_host(&request); +- sock_hostname(&request); +- sock_hostaddr(&request); ++ sock_hostname(request.client); ++ sock_hostaddr(request.client); + + if (!hosts_access(&request)) { + refuse(&request); +@@ -1057,8 +1057,8 @@ + #ifdef USE_TCP_WRAPPERS + request_init(&request, RQ_DAEMON, ident, RQ_FILE, 0, 0); + sock_host(&request); +- sock_hostname(&request); +- sock_hostaddr(&request); ++ sock_hostname(request.client); ++ sock_hostaddr(request.client); + + if (!hosts_access(&request)) + refuse(&request); --- redir-2.2.1.orig/debian/patches/30_fix_manpage.dpatch +++ redir-2.2.1/debian/patches/30_fix_manpage.dpatch @@ -0,0 +1,183 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 30_fix_manpage.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Clean up questionable formatting in man page. + +@DPATCH@ +diff -urNad redir~/redir.man redir/redir.man +--- redir~/redir.man 2009-03-03 18:55:37.790428922 -0500 ++++ redir/redir.man 2009-03-03 18:58:48.486428715 -0500 +@@ -1,43 +1,42 @@ +-.PU + .TH REDIR 1 local + .SH NAME +-redir \- redirect tcp connections ++redir - redirect tcp connections + .SH SYNOPSIS + .ll +8 + .B redir +-.RB [ \--laddr=incoming.ip.address ] +-.RB [ \--caddr=host ] +-.RB [ \--debug ] +-.RB [ \--syslog +-.RB [ \--name=str ] +-.RB [ \--timeout=n ] +-.RB [ \--bind_addr=my.other.ip.address ] +-.RB [ \--ftp=type ] +-.RB [ \--transproxy ] +-.RB [ \--connect=host:port ] +-.I --lport=port +-.I --cport=port +-.RB [ \--bufsize=n ] +-.RB [ \--max_bandwidth=n ] +-.RB [ \--random_wait=n ] +-.RB [ \--wait_in_out=n ] ++.RB [ \-\-laddr=incoming.ip.address ] ++.RB [ \-\-caddr=host ] ++.RB [ \-\-debug ] ++.RB [ \-\-syslog ++.RB [ \-\-name=str ] ++.RB [ \-\-timeout=n ] ++.RB [ \-\-bind_addr=my.other.ip.address ] ++.RB [ \-\-ftp=type ] ++.RB [ \-\-transproxy ] ++.RB [ \-\-connect=host:port ] ++.I \-\-lport=port ++.I \-\-cport=port ++.RB [ \-\-bufsize=n ] ++.RB [ \-\-max_bandwidth=n ] ++.RB [ \-\-random_wait=n ] ++.RB [ \-\-wait_in_out=n ] + .ll -8 + .br + .B redir +-.RB \--inetd +-.RB [ \--caddr=host ] +-.RB [ \--debug ] +-.RB [ \--syslog +-.RB [ \--name=str ] +-.RB [ \--timeout=n ] +-.RB [ \--ftp=type ] +-.RB [ \--transproxy ] +-.RB [ \--connect=host:port ] +-.I --cport=port +-.RB [ \--bufsize=n ] +-.RB [ \--max_bandwidth=n ] +-.RB [ \--random_wait=n ] +-.RB [ \--wait_in_out=n ] ++.RB \-\-inetd ++.RB [ \-\-caddr=host ] ++.RB [ \-\-debug ] ++.RB [ \-\-syslog ] ++.RB [ \-\-name=str ] ++.RB [ \-\-timeout=n ] ++.RB [ \-\-ftp=type ] ++.RB [ \-\-transproxy ] ++.RB [ \-\-connect=host:port ] ++.I \-\-cport=port ++.RB [ \-\-bufsize=n ] ++.RB [ \-\-max_bandwidth=n ] ++.RB [ \-\-random_wait=n ] ++.RB [ \-\-wait_in_out=n ] + .ll -8 + .br + .SH DESCRIPTION +@@ -49,74 +48,73 @@ + Depending on how redir was compiled, not all options may be available. + .SH OPTIONS + .TP +-.B \--lport ++.B \-\-lport + Specifies port to listen for connections on (when not running from inetd) + .TP +-.B \--laddr ++.B \-\-laddr + IP address to bind to when listening for connections (when not + running from inetd) + .TP +-.B \--cport ++.B \-\-cport + Specifies port to connect to. + .TP +-.B \--caddr ++.B \-\-caddr + Specifies remote host to connect to. (localhost if omitted) + .TP +-.B \--inetd ++.B \-\-inetd + Run as a process started from inetd, with the connection passed as stdin + and stdout on startup. + .TP +-.B \--debug ++.B \-\-debug + Write debug output to stderr or syslog. + .TP +-.B \--name ++.B \-\-name + Specify program name to be used for TCP wrapper checks and syslog logging. + .TP +-.B --timeout ++.B \-\-timeout + Timeout and close the connection after n seconds of inactivity. + .TP +-.B \--syslog ++.B \-\-syslog + Log information to syslog. + .TP +-.B \--bind_addr ++.B \-\-bind_addr + Forces redir to pick a specific address/interface to bind to when it listens + for incoming connections. + .TP +-.B \--ftp ++.B \-\-ftp + When using redir for an FTP server, this will cause redir to also + redirect ftp connections. Type should be specified as either "port", + "pasv", or "both", to specify what type of FTP connection to handle. +-Note that --transproxy often makes one or the other (generally port) ++Note that \-\-transproxy often makes one or the other (generally port) + undesirable. + .TP +-.B \--transproxy ++.B \-\-transproxy + On a linux system with transparent proxying enabled, causes redir to + make connections appear as if they had come from their true origin. + (see /usr/share/doc/redir/transproxy.txt) + .TP +-.B \--connect ++.B \-\-connect + Redirects connections through an HTTP proxy which supports the CONNECT +-command. Specify the address and port of the proxy using --caddr and +---cport. --connect requires the hostname and port which the HTTP ++command. Specify the address and port of the proxy using \-\-caddr and ++\-\-cport. \-\-connect requires the hostname and port which the HTTP + proxy will be asked to connect to. + .TP +-.B \--bufsize n ++.B \-\-bufsize n + Set the bufsize (defaut 4096) in bytes. Can be used combined with +---max_bandwidth or --random_wait to simulate a slow connection. ++\-\-max_bandwidth or \-\-random_wait to simulate a slow connection. + .TP +-.B \--max_bandwidth n ++.B \-\-max_bandwidth n + Reduce the bandwidth to be no more than n bits/sec. The algorithme is + basic, the goal is to simulate a slow connection, so there is no pic + acceptance. + .TP +-.B \--random_wait n ++.B \-\-random_wait n + Wait between 0 and 2 x n milliseconds before each "packet". A "packet" is + a bloc of data read in one time by redir. A "packet" size is always less +-than the bufsize (see also --bufsize). ++than the bufsize (see also \-\-bufsize). + .TP +-.B \--wait_in_out n +-Apply --max_bandwidth and --random_wait for input if n=1, output if n=2 and ++.B \-\-wait_in_out n ++Apply \-\-max_bandwidth and \-\-random_wait for input if n=1, output if n=2 and + both if n=3. + .SH "SEE ALSO" + inetd(1) +- --- redir-2.2.1.orig/debian/patches/07_cosmetics.dpatch +++ redir-2.2.1/debian/patches/07_cosmetics.dpatch @@ -0,0 +1,28 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 07_cosmetics.dpatch by Daniel Kahn Gillmor +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Cosmetic fixes which could be applied upstream + +@DPATCH@ +diff -urNad redir-2.2.1~/redir.man redir-2.2.1/redir.man +--- redir-2.2.1~/redir.man 2005-10-22 21:41:51.284918168 -0400 ++++ redir-2.2.1/redir.man 2005-10-22 21:42:42.115190792 -0400 +@@ -73,7 +73,7 @@ + Specify program name to be used for TCP wrapper checks and syslog logging. + .TP + .B --timeout +-Timeout and close the connection after n seconds on inactivity. ++Timeout and close the connection after n seconds of inactivity. + .TP + .B \--syslog + Log information to syslog. +@@ -90,7 +90,7 @@ + undesirable. + .TP + .B \--transproxy +-On a linux system with transparany proxying enables, causes redir to ++On a linux system with transparent proxying enabled, causes redir to + make connections appear as if they had come from their true origin. + (see transproxy.txt in the source archive) + .TP