| @@ -1,5 +1,5 @@
--- ucspi-tcp-0.88/tcpserver.c.orig 2009-06-01 19:36:13.000000000 +0200
-+++ ucspi-tcp-0.88/tcpserver.c 2013-09-25 10:28:33.624878916 +0200
++++ ucspi-tcp-0.88/tcpserver.c 2013-09-25 11:09:07.551224853 +0200
@@ -3,6 +3,7 @@
#include <netdb.h>
#include <openssl/ssl.h>
@@ -62,7 +62,15 @@
}
}
-@@ -379,13 +404,14 @@
+@@ -366,6 +391,7 @@
+ unsigned long u;
+ int s;
+ int t;
++ int fakev4=0;
+
+ #ifdef WITH_SSL
+ BIO *sbio;
+@@ -379,13 +405,14 @@
strerr_die2x(111,FATAL,"out of memory");
if (!stralloc_copys(&jaildir, JAILDIR) || !stralloc_0(&jaildir) )
strerr_die2x(111,FATAL,"out of memory");
@@ -79,7 +87,7 @@
case 'X': flagallownorules = 1; break;
case 'x': fnrules = optarg; break;
case 'B': banner = optarg; break;
-@@ -436,6 +462,11 @@
+@@ -436,6 +463,11 @@
if (!verbosity)
buffer_2->fd = -1;
@@ -91,7 +99,7 @@
hostname = *argv++;
if (!hostname) usage();
-@@ -458,6 +489,13 @@
+@@ -458,6 +490,13 @@
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_ignore(sig_pipe);
@@ -105,7 +113,7 @@
if (str_equal(hostname,"0")) {
byte_zero(localip,sizeof localip);
-@@ -527,6 +565,13 @@
+@@ -527,6 +566,13 @@
printstatus();
for (;;) {
@@ -119,7 +127,7 @@
while (numchildren >= limit) sig_pause();
sig_unblock(sig_child);
-@@ -534,9 +579,43 @@
+@@ -534,9 +580,49 @@
sig_block(sig_child);
if (t == -1) continue;
@@ -151,7 +159,13 @@
+ strerr_die2x(111,DROP,"internal problem");
+ }
+ if (ipcount->num > periplimit) {
-+ remoteipstr[ip4_fmt(remoteipstr,remoteip)] = 0;
++ if (!forcev6 && ip6_isv4mapped(remoteip))
++ fakev4=1;
++ if (fakev4)
++ remoteipstr[ip4_fmt(remoteipstr,remoteip+12)] = 0;
++ else
++ remoteipstr[ip6_fmt(remoteipstr,remoteip)] = 0;
++
+ strerr_warn3(DROP, "per ip limit reached for ", remoteipstr, 0);
+ close(t);
+ --ipcount->num;
@@ -164,7 +178,7 @@
case 0:
close(s);
doit(t);
-@@ -600,6 +679,10 @@
+@@ -600,6 +686,10 @@
case -1:
strerr_warn2(DROP,"unable to fork: ",&strerr_sys);
--numchildren; printstatus();
|
