Client IP Address , Packet-Src-IP-Address

Arran Cudbard-Bell A.Cudbard-Bell at sussex.ac.uk
Wed May 2 17:23:01 CEST 2007


>   Hmm.... src/main/util.c has request_alloc_fake(), which initializes
> the tunneled request.  It may be worth changing it to copy the outer
> tunnel source/dest IP's and ports.
> 

So

@@ -385,8 +385,8 @@
     */
    request->packet->sockfd = -1;
    request->packet->src_ipaddr.af = AF_INET;
-  request->packet->src_ipaddr.ipaddr.ip4addr.s_addr = 
htonl(INADDR_LOOPBACK);
-  request->packet->dst_ipaddr = request->packet->src_ipaddr;
+  request->packet->src_ipaddr.ipaddr.ip4addr.s_addr = 
oldreq->packet->src_ipaddr.ipaddr.ip4addr.s_addr
+  request->packet->dst_ipaddr = htonl(INADDR_LOOPBACK);;
    request->packet->src_port = request->number >> 8;

    /*
@@ -408,7 +408,7 @@
     *   Fill in the fake reply, based on the fake request.
     */
    request->reply->sockfd = request->packet->sockfd;
-  request->reply->dst_ipaddr = request->packet->src_ipaddr;
+  request->reply->dst_ipaddr = request->packet->dst_ipaddr;
    request->reply->dst_port = request->packet->src_port;
    request->reply->id = request->packet->id;
    request->reply->code = 0; /* UNKNOWN code */

?

Would it be worth making this change in the cvs head ?

-- 
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk)
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900



More information about the Freeradius-Devel mailing list