/* -*-c-*-
*
- * $Id: fw.c,v 1.15 2003/11/25 14:46:50 mdw Exp $
+ * $Id: fw.c,v 1.16 2003/11/29 20:36:07 mdw Exp $
*
* Port forwarding thingy
*
/*----- Revision history --------------------------------------------------*
*
* $Log: fw.c,v $
+ * Revision 1.16 2003/11/29 20:36:07 mdw
+ * Privileged outgoing connections.
+ *
* Revision 1.15 2003/11/25 14:46:50 mdw
* Update docco for new options.
*
#include "fattr.h"
#include "file.h"
#include "fw.h"
+#include "privconn.h"
#include "scan.h"
#include "socket.h"
#include "source.h"
/* --- Combine the source and target --- */
s->ops->attach(s, sc, t);
+ if (t->ops->confirm)
+ t->ops->confirm(t);
}
/* --- Include configuration from a file --- *
socket.inet.source.[allow|deny] priv-port\n\
socket.inet.source.addr [=] any|ADDR\n\
socket.inet.dest.addr [=] any|ADDR\n\
+ socket.inet.dest.priv-port [=] yes|no\n\
\n\
socket.unix.fattr.*\n\
");
/* --- Drop privileges --- */
+ if (drop != (uid_t)-1)
+ privconn_split(sel);
#ifdef HAVE_SETGROUPS
if ((dropg != (gid_t)-1 && (setgid(dropg) || setgroups(1, &dropg))) ||
(drop != (uid_t)-1 && setuid(drop)))