config root man

Current Path : /usr/src/contrib/ipfilter/FWTK/

FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64
Upload File :
Current File : //usr/src/contrib/ipfilter/FWTK/fwtkp

diff -c -r ./ftp-gw/ftp-gw.c ../../NEW/fwtk/ftp-gw/ftp-gw.c
*** ./ftp-gw/ftp-gw.c   Fri Sep  6 12:55:05 1996
--- ../../NEW/fwtk/ftp-gw/ftp-gw.c      Wed Oct  9 02:51:35 1996
***************
*** 40,47 ****
  
  extern        char    *optarg;
  
! #include      "firewall.h"
  
  
  #ifndef       BSIZ
  #define       BSIZ    2048
--- 40,48 ----
  
  extern        char    *optarg;
  
! char *getdsthost();
  
+ #include      "firewall.h"
  
  #ifndef       BSIZ
  #define       BSIZ    2048
***************
*** 84,89 ****
--- 85,92 ----
  static        int                     cmdcnt = 0;
  static        int                     timeout = PROXY_TIMEOUT;
  
+ static int do_transparent=0;
+ 
  
  static        int     cmd_user();
  static        int     cmd_authorize();
***************
*** 98,103 ****
--- 101,107 ----
  static        void    saveline();
  static        void    flushsaved();
  static        void    trap_sigurg();
+ static int connectdest();
  
  #define       OP_CONN 001     /* only valid if connected */
  #define       OP_WCON 002     /* writethrough if connected */
***************
*** 170,175 ****
--- 174,180 ----
        char            xuf[1024];
        char            huf[128];
        char            *passuser = (char *)0;  /* passed user as av */
+       char *psychic, *hotline;
  
  #ifndef       LOG_DAEMON
        openlog("ftp-gw",LOG_PID);
***************
*** 314,319 ****
--- 319,326 ----
        } else
                timeout = 60*60;
  
+         psychic=getdsthost(0,NULL);
+         if(psychic) { do_transparent++; }
  
        /* display a welcome file or message */
        if(passuser == (char *)0) {
***************
*** 322,327 ****
--- 329,340 ----
                                syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln);
                                exit(1);
                        }
+                       if(do_transparent) {
+                               if(sayfile2(0,cf->argv[0],220)) {
+                                       syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]);
+                                       exit(1);
+                               }
+                       } else
                        if(sayfile(0,cf->argv[0],220)) {
                                syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]);
                                exit(1);
***************
*** 332,338 ****
                        if(authallflg)
                                if(say(0,"220-Proxy first requires authentication"))
                                        exit(1);
!                       sprintf(xuf,"220 %s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR);
                        if(say(0,xuf))
                                exit(1);
                }
--- 345,357 ----
                        if(authallflg)
                                if(say(0,"220-Proxy first requires authentication"))
                                        exit(1);
! /* foo */
!                       if(do_transparent)
!                       sprintf(xuf,"220-%s FTP proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR);
!                       else
!                       sprintf(xuf,"220 %s FTP Proxy (Version %s) ready.",huf,FWTK_VERSION_MINOR);
! /* foo */
! 
                        if(say(0,xuf))
                                exit(1);
                }
***************
*** 353,358 ****
--- 372,381 ----
                                exit(1);
        }
  
+       if(do_transparent) {
+               connectdest(psychic,21);
+       }
+ 
        /* main loop */
        while(1) {
                FD_ZERO(&rdy);
***************
*** 676,681 ****
--- 699,713 ----
                        return(sayn(0,noad,sizeof(noad)-1));
        }
  
+       if(do_transparent) {
+               if((rfd==(-1)) && (x=connectdest(dest,port))) return x;
+               sprintf(buf,"USER %s",user);
+               if(say(rfd,buf)) return(1);
+               x=getresp(rfd,buf,sizeof(buf),1);
+               if(sendsaved(0,x)) return(1);
+               return(say(0,buf));
+       }
+ 
        if(*dest == '\0')
                dest = "localhost";
  
***************
*** 701,708 ****
                if(msg_int == 1) {
                        sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest);
                        syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser);
!                       say(0,mbuf);
!                       return(1);
                } else {
                        if(msg_int == -1) {
                                sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest);
--- 733,740 ----
                if(msg_int == 1) {
                        sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest);
                        syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser);
!                               say(0,mbuf);
!                               return(1);
                } else {
                        if(msg_int == -1) {
                                sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest);
***************
*** 717,723 ****
                char    ebuf[512];
  
                strcpy(ebuf,buf);
!               sprintf(buf,"521 %s: %s",dest,ebuf);
                rfd = -1;
                return(say(0,buf));
        }
--- 749,759 ----
                char    ebuf[512];
  
                strcpy(ebuf,buf);
!               if(do_transparent) {
!                       sprintf(buf,"521 %s,%d: %s",dest,ntohs(port),ebuf);
!               } else {
!                       sprintf(buf,"521 %s: %s",dest,ebuf);
!               }
                rfd = -1;
                return(say(0,buf));
        }
***************
*** 732,737 ****
--- 768,778 ----
        }
        saveline(buf);
  
+       /* if(do_transparent) {
+               sendsaved(0,-1);
+               return(0);
+       } /* EEEk. I can't remember what this does. */
+ 
        sprintf(buf,"USER %s",user);
        if(say(rfd,buf))
                return(1);
***************
*** 744,749 ****
--- 785,860 ----
        return 0;
  }
  
+ static int connectdest(dest, port)
+ char *dest;
+ short port;
+ {
+       char buf[1024], mbuf[512];
+       int msg_int, x;
+ 
+         if(*dest == '\0')
+                 dest = "localhost";
+ 
+         if(validests != (char **)0) {
+                 char    **xp;
+                 int     x;
+ 
+                 for(xp = validests; *xp != (char *)0; xp++) {
+                         if(**xp == '!' && hostmatch(*xp + 1,dest)) {
+                                 return(baddest(0,dest));
+                         } else {
+                                 if(hostmatch(*xp,dest))
+                                         break;
+                         }
+                 }
+                 if(*xp == (char *)0)
+                         return(baddest(0,dest));
+         }
+ 
+         /* Extended permissions processing goes in here for destination */
+         if(extendperm) {
+                 msg_int = auth_perm(confp, authuser, "ftp-gw", dest,(char *)0);
+                 if(msg_int == 1) {
+                         sprintf(mbuf,"Permission denied for user %s to connect to %s",authuser,dest);
+                         syslog(LLEV,"deny host=%s/%s connect to %s user=%s",rladdr,riaddr,dest,authuser);
+                                 say(0,mbuf);
+                                 return(1);
+                 } else {
+                         if(msg_int == -1) {
+                                 sprintf(mbuf,"No match in netperm-table for %s to ftp to %s",authuser,dest);
+                                 say(0,mbuf);
+                                 return(1);
+                         }
+                 }
+         }      
+ 
+         syslog(LLEV,"permit host=%s/%s connect to %s",rladdr,riaddr,dest);
+ 
+         if((rfd = conn_server(dest,port,0,buf)) < 0) {
+                 char    ebuf[512];
+ 
+                 strcpy(ebuf,buf);
+                 sprintf(buf,"521 %s: %s",dest,ebuf);
+                 rfd = -1;
+                 return(say(0,buf));
+         }
+       if(!do_transparent) {
+               sprintf(buf,"----GATEWAY CONNECTED TO %s----",dest);
+               saveline(buf);
+       }
+ 
+         /* we are now connected and need to try the autologin thing */
+         x = getresp(rfd,buf,sizeof(buf),1);
+         if(x / 100 != COMPLETE) {
+                 sendsaved(0,-1);
+                 return(say(0,buf));
+         }
+         saveline(buf);
+ 
+       sendsaved(0,-1);
+       return 0;
+ }
+ 
  
  
  static        int
***************
*** 1053,1058 ****
--- 1164,1171 ----
        static char             nprn[] = "500 cannot get peername";
        char                    buf[512];
  
+       /* syslog(LLEV,"DEBUG: port cmd"); */
+ 
        if(ac < 2)
                return(sayn(0,narg,sizeof(narg)-1));
  
***************
*** 1119,1124 ****
--- 1232,1238 ----
  #define UC(c)   (((int)c) & 0xff)
        sprintf(buf,"PORT %d,%d,%d,%d,%d,%d\r\n",UC(k[0]),UC(k[1]),UC(k[2]),
                UC(k[3]),UC(l[0]),UC(l[1]));
+       /* syslog(LLEV,"DEBUG: %s",buf); */
        s = strlen(buf);
        if (write(rfd, buf, s) != s)
                return 1;
***************
*** 1330,1335 ****
--- 1444,1450 ----
  callback()
  {
        /* if we haven't gotten a valid PORT scrub the connection */
+       /* syslog(LLEV,"DEBUG: callback()."); */
        if((outgoing = accept(boundport,(struct sockaddr *)0,(int *)0)) < 0 || clntport.sin_port == 0)
                goto bomb;
        if(pasvport != -1) { /* incoming handled by PASVcallback */
***************
*** 1796,1801 ****
--- 1911,1960 ----
        }
        return(0);
  }
+ 
+ /* ok, so i'm in a hurry. english paper due RSN. */
+ sayfile2(fd,fn,code)
+ int     fd;
+ char    *fn;
+ int     code;
+ {
+         FILE    *f;
+         char    buf[BUFSIZ];
+         char    yuf[BUFSIZ];
+         char    *c;
+         int     x;
+         int     saidsomething = 0;
+ 
+         if((f = fopen(fn,"r")) == (FILE *)0)
+                 return(1);
+         while(fgets(buf,sizeof(buf),f) != (char *)0) {
+                 if((c = index(buf,'\n')) != (char *)0)
+                         *c = '\0';
+                 x = fgetc(f);
+                 if(feof(f))
+                         sprintf(yuf,"%3.3d-%s",code,buf);
+                 else {
+                         sprintf(yuf,"%3.3d-%s",code,buf);
+                         ungetc(x,f);
+                 }
+                 if(say(fd,yuf)) {
+                         fclose(f);
+                         return(1);
+                 }
+                 saidsomething++;
+         }
+         fclose(f);
+         if (!saidsomething) {
+                 syslog(LLEV,"fwtkcfgerr: sayfile for %d is empty",code);
+                 sprintf(yuf, "%3.3d The file to display is empty",code);
+                 if(say(fd,yuf)) {
+                         fclose(f);
+                         return(1);
+                 }
+         }
+         return(0);
+ }
+ 
  
  
  porttoaddr(s,a)
diff -c -r ./http-gw/http-gw.c ../../NEW/fwtk/http-gw/http-gw.c
*** ./http-gw/http-gw.c Mon Sep  9 14:40:53 1996
--- ../../NEW/fwtk/http-gw/http-gw.c    Wed Oct  9 02:51:57 1996
***************
*** 27,32 ****
--- 27,37 ----
  static char http_buffer[8192];
  static char reason[8192];
  static        int     checkBrowserType = 1;
+ /* foo */
+ static int do_transparent=0;
+ /* foo */
+ 
+ char *getdsthost();
  
  static void do_logging()
  {     char *proto = "GOPHER";
***************
*** 422,427 ****
--- 427,443 ----
        /*(NOT A SPECIAL FORM)*/
  
                if((rem_type & TYPE_LOCAL)== 0){
+               /* foo */
+                       char *psychic=getdsthost(sockfd,&def_port);
+                       if(psychic) {
+                               if(strlen(psychic)<=MAXHOSTNAMELEN) {
+                                       do_transparent++;
+                                       strncpy(def_httpd,psychic,strlen(psychic));
+                                       strncpy(def_server,psychic,strlen(psychic));
+                               }
+                       }
+ 
+               /* foo */
  /*  See if it can be forwarded */
  
                        if( can_forward(buf)){
***************
*** 1513,1519 ****
                                                    parse_vec[0], 
                                                    parse_vec[1],
                                                    ourname, ourport);
!                                   }else{
                                            sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u",
                                                    parse_vec[0], parse_vec[2],
                                                    parse_vec[3], chk_type_ch,
--- 1529,1541 ----
                                                    parse_vec[0], 
                                                    parse_vec[1],
                                                    ourname, ourport);
!                                   }
! /* FOO */
! else if(do_transparent) {
!  sprintf(new_reply,"%s\t%s\t%s\t%s",parse_vec[0],parse_vec[1],parse_vec[2],parse_vec[3]);
! }
! /* FOO */
!                                       else{
                                            sprintf(new_reply,"%s\tgopher://%s:%s/%c%s\t%s\t%u",
                                                    parse_vec[0], parse_vec[2],
                                                    parse_vec[3], chk_type_ch,
diff -c -r ./lib/hnam.c ../../NEW/fwtk/lib/hnam.c
*** ./lib/hnam.c        Fri Nov  4 18:30:19 1994
--- ../../NEW/fwtk/lib/hnam.c   Wed Oct  9 02:34:13 1996
***************
*** 22,27 ****
--- 22,31 ----
  
  
  #include      "firewall.h"
+ #ifdef __FreeBSD__
+ #include      <net/if.h>
+ #include      "ip_nat.h"
+ #endif /* __FreeBSD__ */
  
  
  char  *
***************
*** 44,47 ****
--- 48,115 ----
  
        bcopy(hp->h_addr,&sin.sin_addr,hp->h_length);
        return(inet_ntoa(sin.sin_addr));
+ }
+ 
+ char *getdsthost(fd, ptr)
+ int fd;
+ int *ptr;
+ {
+  struct sockaddr_in sin;
+  struct hostent *hp;
+  int sl=sizeof(struct sockaddr_in), err=0, local_h=0, i=0;
+  char buf[255], hostbuf[255];
+ #ifdef __FreeBSD__
+  struct sockaddr_in rsin;
+  struct natlookup natlookup;
+ #endif
+ 
+ #ifdef linux
+ /* This should also work for UDP. Unfortunately, it doesn't.
+    Maybe when the Linux UDP proxy code gets a little cleaner.
+ */
+  if(!(err=getsockname(0,&sin,&sl))) {
+   if(ptr) *ptr=ntohs(sin.sin_port);
+   sprintf(buf,"%s",inet_ntoa(sin.sin_addr));
+   gethostname(hostbuf,254);
+   hp=gethostbyname(hostbuf);
+   while(hp->h_addr_list[i]) {
+    bzero(&sin,&sl);
+    memcpy(&sin.sin_addr,hp->h_addr_list[i++],sizeof(hp->h_addr_list[i++]));
+    if(!strcmp(buf,inet_ntoa(sin.sin_addr))) local_h++;
+   }
+   if(local_h) { /* syslog(LLEV,"DEBUG: hnam.c: non-transparent."); */ return(NULL); }
+   else { return(buf); }
+  }
+ #endif
+ 
+ #ifdef __FreeBSD__
+ /* The basis for this block of code is Darren Reed's
+    patches to the TIS ftwk's ftp-gw.
+ */
+  bzero((char*)&sin,sizeof(sin));
+  bzero((char*)&rsin,sizeof(rsin));
+  if(getsockname(fd,(struct sockaddr*)&sin,&sl)<0) {
+   return NULL;
+  }
+  sl=sizeof(rsin);
+  if(getpeername(fd,(struct sockaddr*)&rsin,&sl)<0) {
+   return NULL;
+  }
+  natlookup.nl_inport=sin.sin_port;
+  natlookup.nl_outport=rsin.sin_port;
+  natlookup.nl_inip=sin.sin_addr;
+  natlookup.nl_outip=rsin.sin_addr;
+  if((natfd=open(IPL_NAT,O_RDONLY))<0) {
+   return(NULL);
+  }
+  if(ioctl(natfd,SIOCGNATL,&natlookup)==(-1)) {
+   return(NULL);
+  }
+  close(natfd);
+  if(ptr) *ptr=ntohs(natlookup.nl_realport);
+  sprintf(buf,"%s",inet_ntoa(natlookup.nl_realip));
+ #endif
+ 
+  /* No transparent proxy support */
+  return(NULL);
  }
Only in ./lib: hnam.c.orig
diff -c -r ./plug-gw/plug-gw.c ../../NEW/fwtk/plug-gw/plug-gw.c
*** ./plug-gw/plug-gw.c Thu Sep  5 15:36:33 1996
--- ../../NEW/fwtk/plug-gw/plug-gw.c    Wed Oct  9 02:46:48 1996
***************
*** 39,44 ****
--- 39,48 ----
  static        char            **validdests = (char **)0;
  static        Cfg             *confp;
  
+ int do_transparent=0;
+ 
+ char *getdsthost();
+ 
  main(ac,av)
  int   ac;
  char  *av[];
***************
*** 193,201 ****
--- 197,213 ----
        char            *ptr;
        int             state = 0;
        int             ssl_plug = 0;
+       int             pport=0;
  
        struct timeval  timo;
  
+       /* Transparent plug-gw is probably a bad idea, but hey .. */
+       dhost=getdsthost(0,&pport);
+       if(dhost) {
+               do_transparent++;
+               portid=pport;
+       }
+ 
        if(c->flags & PERM_DENY) {
                if (p == -1)
                        syslog(LLEV,"deny host=%s/%s port=any",rhost,raddr);
***************
*** 215,221 ****
                                syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln);
                                exit (1);
                        }
!                       dhost = av[x];
                        continue;
                }
  
--- 227,234 ----
                                syslog(LLEV,"fwtkcfgerr: -plug-to takes an argument, line %d",c->ln);
                                exit (1);
                        }
!                       if(!dhost) dhost = av[x];
!                       /* syslog(LLEV,"DEBUG: dhost now is [%s]",dhost); */
                        continue;
                }
  
diff -c -r ./rlogin-gw/rlogin-gw.c ../../NEW/fwtk/rlogin-gw/rlogin-gw.c
*** ./rlogin-gw/rlogin-gw.c     Fri Sep  6 12:56:33 1996
--- ../../NEW/fwtk/rlogin-gw/rlogin-gw.c        Wed Oct  9 02:49:04 1996
***************
*** 39,45 ****
--- 39,47 ----
  
  
  extern        char    *maphostname();
+ char *getdsthost();
  
+ int do_transparent=0;
  
  static        int     cmd_quit();
  static        int     cmd_help();
***************
*** 120,125 ****
--- 122,130 ----
        static char     *tokav[56];
        int             tokac;
        struct timeval  timo;
+       /* foo */
+       char *psychic;
+       /* foo */
  
  #ifndef       LOG_NDELAY
        openlog("rlogin-gw",LOG_PID);
***************
*** 185,191 ****
                xforwarder = cf->argv[0];
        }
  
! 
  
        if((cf = cfg_get("directory",confp)) != (Cfg *)0) {
                if(cf->argc != 1) {
--- 190,203 ----
                xforwarder = cf->argv[0];
        }
  
!       /* foo */
!       psychic=getdsthost(0,NULL);
!       if(psychic) {
!               do_transparent++;
!               strncpy(dest,psychic,511);
!               dest[511]='\0';
!       }
!       /* foo */
  
        if((cf = cfg_get("directory",confp)) != (Cfg *)0) {
                if(cf->argc != 1) {
***************
*** 260,269 ****
        }
  
        /* if present a host name, chop and save username and hostname */
!       dest[0] = '\0';
        if((p = index(rusername,'@')) != (char *)0) {
                char    *namp;
  
                *p++ = '\0';
                if(*p == '\0')
                        p = "localhost";
--- 272,282 ----
        }
  
        /* if present a host name, chop and save username and hostname */
!       /* dest[0] = '\0'; */
        if((p = index(rusername,'@')) != (char *)0) {
                char    *namp;
  
+               dest[0] = '\0';
                *p++ = '\0';
                if(*p == '\0')
                        p = "localhost";
***************
*** 293,300 ****
--- 306,326 ----
                        goto leave;
        }
  
+       /* syslog(LLEV,"DEBUG: Uh-oh, $dest = %s\n",dest); */
+ 
        if(dest[0] != '\0') {
  /* Setup connection directly to remote machine */
+               if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) {
+                       if(cf->argc != 1) {
+                               syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln);
+                               exit(1);
+                       }
+                       if(sayfile(0,cf->argv[0])) {
+                               syslog(LLEV,"fwtksyserr: cannot display welcome %s: %m",cf->argv[0]);
+                               exit(1);
+                       }
+               }
+ /* Does this cmd_connect thing feel like a kludge or what? */
                sprintf(buf,"connect %.1000s",dest);
                tokac = enargv(buf, tokav, 56, tokbuf, sizeof(tokbuf));
                if (cmd_connect(tokac, tokav, buf) != 2)
***************
*** 526,539 ****
                char    ebuf[512];
  
                syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,namp);
                if(strlen(namp) > 20)
                        namp[20] = '\0';
                if(rusername[0] != '\0')
                        sprintf(ebuf,"Trying %s@%s...",rusername,namp);
                else
                        sprintf(ebuf,"Trying %s...",namp);
!               if(say(0,ebuf))
!                       return(1);
        } else
                syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,av[1]);
        if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) {
--- 552,567 ----
                char    ebuf[512];
  
                syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,namp);
+               if(!do_transparent) {
                if(strlen(namp) > 20)
                        namp[20] = '\0';
                if(rusername[0] != '\0')
                        sprintf(ebuf,"Trying %s@%s...",rusername,namp);
                else
                        sprintf(ebuf,"Trying %s...",namp);
!                       if(say(0,ebuf))
!                               return(1);
!               }
        } else
                syslog(LLEV,"permit host=%s/%s connect to %s",rhost,raddr,av[1]);
        if((serfd = conn_server(av[1],RLOGINPORT,1,buf)) < 0) {
diff -c -r ./tn-gw/tn-gw.c ../../NEW/fwtk/tn-gw/tn-gw.c
*** ./tn-gw/tn-gw.c     Fri Sep  6 12:55:48 1996
--- ../../NEW/fwtk/tn-gw/tn-gw.c        Wed Oct  9 02:50:17 1996
***************
*** 87,92 ****
--- 87,94 ----
  static        int                     cmd_xforward();
  static        int                     cmd_timeout();
  
+ char *getdsthost();
+ 
  static        int                     tn3270 = 1;     /* don't do tn3270 stuff */
  static        int                     doX;
  
***************
*** 97,102 ****
--- 99,106 ----
  static        int                     timeout = PROXY_TIMEOUT;
  static        char                    timed_out_msg[] = "\r\nConnection closed due to inactivity";
  
+ int do_transparent=0;
+ 
  typedef       struct  {
        char    *name;
        char    *hmsg;
***************
*** 140,145 ****
--- 144,151 ----
        char            tokbuf[BSIZ];
        char            *tokav[56];
        int             tokac;
+       int port;
+       char *psychic;
  
  #ifndef       LOG_DAEMON
        openlog("tn-gw",LOG_PID);
***************
*** 308,313 ****
--- 314,346 ----
                }
        }
  
+       psychic=getdsthost(0,&port);
+       if(psychic) {
+               if((strlen(psychic) + 10) < 510) {
+                       do_transparent++;
+                       if(port)
+                               sprintf(dest,"%s:%d",psychic,port);
+                       else
+                               sprintf(dest,"%s",psychic);
+ 
+ 
+               if(!welcomedone)
+                       if((cf = cfg_get("welcome-msg",confp)) != (Cfg *)0) {
+                                if(cf->argc != 1) {
+                                        syslog(LLEV,"fwtkcfgerr: welcome-msg must have one parameter, line %d",cf->ln);
+                                        exit(1);
+                                }
+                                if(sayfile(0,cf->argv[0])) {
+                                        syslog(LLEV,"fwtksyserr: cannot display welcome %s:%m",cf->argv[0]);
+                                        exit(1);
+                                }
+                                welcomedone = 1;
+                               }
+ 
+ 
+               }
+       }
+ 
        while (argc > 1) {
                argc--;
                argv++;
***************
*** 864,877 ****
                }
        }
  
- 
        if((namp = maphostname(av[1])) != (char *)0) {
                char    ebuf[512];
  
                syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,namp);
!               sprintf(ebuf,"Trying %s port %d...",namp,port);
!               if(say(0,ebuf))
!                       return(1);
        } else
                syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,av[1]);
  
--- 897,911 ----
                }
        }
  
        if((namp = maphostname(av[1])) != (char *)0) {
                char    ebuf[512];
  
                syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,namp);
!               if(!do_transparent) {
!                       sprintf(ebuf,"Trying %s port %d...",namp,port);
!                       if(say(0,ebuf))
!                               return(1);
!               }
        } else
                syslog(LLEV,"permit host=%s/%s destination=%s",rladdr,riaddr,av[1]);
  
***************
*** 903,910 ****
  
        syslog(LLEV,"connected host=%s/%s destination=%s",rladdr,riaddr,av[1]);
        strncpy(dest,av[1], 511);
!       sprintf(buf, "Connected to %s.", dest);
!       say(0, buf);
        return(2);
  }
  
--- 937,946 ----
  
        syslog(LLEV,"connected host=%s/%s destination=%s",rladdr,riaddr,av[1]);
        strncpy(dest,av[1], 511);
!       if(!do_transparent) {
!               sprintf(buf, "Connected to %s.", dest);
!               say(0, buf);
!       }
        return(2);
  }
  



Man Man