@@ -1,3 +1,7 @@

+Mon Mar 21 02:24:33 CET 2005 (tk)

+---------------------------------

+  * freshclam: add LocalIPAddress/--local-address (patch by Thomas Lamy)

+

 Mon Mar 21 01:13:41 CET 2005 (tk)

 ---------------------------------

   * libclamav/pe.c: add W32.Magistr.A/B detection

@@ -55,6 +55,9 @@ Check #n times per day for a new database. #n must be between 1 and 50.

 \fB\-\-daemon\-notify=/path/to/clamd.conf\fR

 Notify the daemon about the new database. By default it reads a hardcoded config file but you can use an another one. Both local and TCP sockets are supported.

 .TP 

+\fB\-a IP, \-\-local-address=IP\fR

+Use (local) IP for HTTP downloads. Useful for multi-homed systems. If binding fails for whatever reason, a warning is issued and freshclam behaves like without this flag.

+.TP 

 \fB\-\-on\-error\-execute=COMMAND\fR

 Execute COMMAND if error occured. Remeber, that virus database freshness is the most important thing in anti\-virus system. With this option freshclam can alert you (eg. send SMS) when something is going wrong.

 .TP 

@@ -92,6 +92,11 @@ Proxy usage is authenticated through given username and password.

 .br .

 Default: no proxy authentication

 .TP 

+\fBLocalIPAddress IP\fR

+Use \fBIP\fR as client address for downloading databases. Useful for multi homed systems.

+.br .

+Default: Use OS\'es default outgoing IP address.

+.TP 

 \fBNotifyClamd \[STRING\]\fR

 Notify a running clamd(8) to reload it\'s database after a download has occured. Optionally a clamd.conf(5) file location may be given to tell freshclam(1) how to communicate with clamd(8).

 .br .

@@ -75,6 +75,11 @@ DatabaseMirror database.clamav.net

 #HTTPProxyUsername myusername

 #HTTPProxyPassword mypass

+# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for multi-

+# homed systems.

+# Default: Use OS'es default outgoing IP address.

+#LocalIPAddress aaa.bbb.ccc.ddd

+

 # Send the RELOAD command to clamd.

 # Default: disabled

 #NotifyClamd

@@ -445,6 +445,7 @@ void help(void)

 #ifdef BUILD_CLAMD

     mprintf("    --daemon-notify[=/path/clamd.conf]   send RELOAD command to clamd\n");

 #endif

+    mprintf("    --local-address=IP   -a IP           bind to IP for HTTP downloads\n");

     mprintf("    --on-update-execute=COMMAND          execute COMMAND after successful update\n");

     mprintf("    --on-error-execute=COMMAND           execute COMMAND if errors occured\n");

@@ -38,6 +38,7 @@

 #include <fcntl.h>

 #include <sys/stat.h>

 #include <clamav.h>

+#include <errno.h>

 #include "options.h"

 #include "defaults.h"

@@ -56,6 +57,7 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	int ret, updated = 0, signo = 0, ttl = -1;

 	char ipaddr[16], *dnsreply = NULL, *pt;

 	struct cfgstruct *cpt;

+	char *localip = NULL;

 #ifdef HAVE_RESOLV_H

 	const char *dnsdbinfo;

 #endif

@@ -131,9 +133,15 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

     }

 #endif /* HAVE_RESOLV_H */

+    if(optl(opt, "localip")) {

+        localip = getargl(opt, "localip");

+    } else if((cpt = cfgopt(copt, "LocalIPAddress"))) {

+	localip = cpt->strarg;

+    }

+

     memset(ipaddr, 0, sizeof(ipaddr));

-    if((ret = downloaddb(DB1NAME, "main.cvd", hostname, ipaddr, &signo, copt, dnsreply)) > 50) {

+    if((ret = downloaddb(DB1NAME, "main.cvd", hostname, ipaddr, &signo, copt, dnsreply, localip)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

@@ -143,7 +151,7 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	updated = 1;

     /* if ipaddr[0] != 0 it will use it to connect to the web host */

-    if((ret = downloaddb(DB2NAME, "daily.cvd", hostname, ipaddr, &signo, copt, dnsreply)) > 50) {

+    if((ret = downloaddb(DB2NAME, "daily.cvd", hostname, ipaddr, &signo, copt, dnsreply, localip)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

@@ -202,7 +210,7 @@ static int isnumb(const char *str)

     return 1;

 }

-int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply)

+int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply, char *localip)

 {

 	struct cl_cvd *current, *remote;

 	struct cfgstruct *cpt;

@@ -271,9 +279,9 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

     if(!nodb && dbver == -1) {

 	if(ip[0]) /* use ip to connect */

-	    hostfd = wwwconnect(ip, proxy, port, ipaddr);

+	    hostfd = wwwconnect(ip, proxy, port, ipaddr, localip);

 	else

-	    hostfd = wwwconnect(hostname, proxy, port, ipaddr);

+	    hostfd = wwwconnect(hostname, proxy, port, ipaddr, localip);

 	if(hostfd < 0) {

             mprintf("@No servers could be reached. Giving up\n");

@@ -335,9 +343,9 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

     if(ipaddr[0]) {

 	/* use ipaddr in order to connect to the same mirror */

-	hostfd = wwwconnect(ipaddr, proxy, port, NULL);

+	hostfd = wwwconnect(ipaddr, proxy, port, NULL, localip);

     } else {

-	hostfd = wwwconnect(hostname, proxy, port, ipaddr);

+	hostfd = wwwconnect(hostname, proxy, port, ipaddr, localip);

 	if(!ip[0])

 	    strcpy(ip, ipaddr);

     }

@@ -418,7 +426,7 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

 /* this function returns socket descriptor */

 /* proxy support finshed by njh@bandsman.co.uk */

-int wwwconnect(const char *server, const char *proxy, int pport, char *ip)

+int wwwconnect(const char *server, const char *proxy, int pport, char *ip, char *localip)

 {

 	int socketfd = -1, port, i;

 	struct sockaddr_in name;

@@ -426,13 +434,54 @@ int wwwconnect(const char *server, const char *proxy, int pport, char *ip)

 	char ipaddr[16];

 	unsigned char *ia;

 	const char *hostpt;

-

+	struct hostent *he = NULL;

     if(ip)

 	strcpy(ip, "???");

     name.sin_family = AF_INET;

+    if (localip) {

+	if ((he = gethostbyname(localip)) == NULL) {

+	    char *herr;

+	    switch(h_errno) {

+	        case HOST_NOT_FOUND:

+		    herr = "Host not found";

+		    break;

+

+		case NO_DATA:

+		    herr = "No IP address";

+		    break;

+

+		case NO_RECOVERY:

+		    herr = "Unrecoverable DNS error";

+		    break;

+

+		case TRY_AGAIN:

+		    herr = "Temporary DNS error";

+		    break;

+

+		default:

+		    herr = "Unknown error";

+		    break;

+	    }

+	    mprintf("!Could not resolve local ip address '%s': %s\n", localip, herr);

+	    mprintf("^Using standard local ip address and port for fetching.\n");

+	} else {

+	    struct sockaddr_in client;

+	    memset ((char *) &client, 0, sizeof(struct sockaddr_in));

+	    client.sin_family = AF_INET;

+	    client.sin_addr = *(struct in_addr *) he->h_addr_list[0];

+	    if (bind(socketfd, (struct sockaddr *) &client, sizeof(struct sockaddr_in)) != 0) {

+		mprintf("!Could not bind to local ip address '%s': %s\n", localip, strerror(errno));

+		mprintf("^Using default client ip.\n");

+	    } else {

+		ia = (unsigned char *) he->h_addr_list[0];

+		sprintf(ipaddr, "%u.%u.%u.%u", ia[0], ia[1], ia[2], ia[3]);

+		mprintf("*Using ip '%s' for fetching.\n", ipaddr);

+	    }

+	}

+    }

     if(proxy) {

 	hostpt = proxy;

@@ -457,7 +506,29 @@ int wwwconnect(const char *server, const char *proxy, int pport, char *ip)

     }

     if((host = gethostbyname(hostpt)) == NULL) {

-        mprintf("@Can't get information about %s host.\n", hostpt);

+	char *herr;

+	switch(h_errno) {

+	    case HOST_NOT_FOUND:

+		herr = "Host not found";

+		break;

+

+	    case NO_DATA:

+		herr = "No IP address";

+		break;

+

+	    case NO_RECOVERY:

+		herr = "Unrecoverable DNS error";

+		break;

+

+	    case TRY_AGAIN:

+		herr = "Temporary DNS error";

+		break;

+

+	    default:

+		herr = "Unknown error";

+		break;

+	}

+        mprintf("@Can't get information about %s: %s\n", hostpt, herr);

 	return -1;

     }

@@ -24,9 +24,9 @@

 int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, const char *hostname);

-int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply);

+int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply, char *localip);

-int wwwconnect(const char *server, const char *proxy, int pport, char *ip);

+int wwwconnect(const char *server, const char *proxy, int pport, char *remoteip, char *localip);

 struct cl_cvd *remote_cvdhead(const char *file, int socketfd, const char *hostname, const char *proxy, const char *user, const char *pass, int *ims);

@@ -38,7 +38,7 @@ int main(int argc, char **argv)

 	int ret, opt_index, i, len;

 	struct optstruct *opt;

-	const char *getopt_parameters = "hvdp:Vl:c:u:";

+	const char *getopt_parameters = "hvdp:Vl:c:u:a:";

 	static struct option long_options[] = {

 	    /* 

@@ -61,6 +61,7 @@ int main(int argc, char **argv)

 	    {"no-dns", 0, 0, 0},

 	    {"checks", 1, 0, 'c'},

 	    {"http-proxy", 1, 0, 0},

+	    {"client-address", 1, 0, 'a'},

 	    {"proxy-user", 1, 0, 0},

 	    {"daemon-notify", 2, 0, 0},

 	    {"on-update-execute", 1, 0, 0},

@@ -123,6 +123,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 	    {"NotifyClamd", OPT_OPTARG}, /* freshclam */

 	    {"OnUpdateExecute", OPT_FULLSTR}, /* freshclam */

 	    {"OnErrorExecute", OPT_FULLSTR}, /* freshclam */

+	    {"LocalIPAddress", OPT_STR}, /* freshclam */

 	    {0, 0}

 	};