1 /* $OpenBSD: netcat.c,v 1.111 2013/03/20 09:27:56 sthen Exp $ */
3 * Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 * Re-written nc(1) for OpenBSD. Original implementation by
33 * *Hobbit* <hobbit@avian.org>.
36 #include <sys/limits.h>
37 #include <sys/types.h>
38 #include <sys/socket.h>
39 #include <sys/sysctl.h>
43 #include <netinet/in.h>
44 #include <netinet/in_systm.h>
46 #include <netipsec/ipsec.h>
48 #include <netinet/tcp.h>
49 #include <netinet/ip.h>
50 #include <arpa/telnet.h>
68 (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
71 #define PORT_MAX 65535
72 #define PORT_MAX_LEN 6
73 #define UNIX_DG_TMP_SOCKET_SIZE 19
75 /* Command Line Options */
76 int dflag; /* detached, no stdin */
77 unsigned int iflag; /* Interval Flag */
78 int kflag; /* More than one connect */
79 int lflag; /* Bind to local port */
80 int Nflag; /* shutdown() network socket */
81 int nflag; /* Don't do name look up */
82 int FreeBSD_Oflag; /* Do not use TCP options */
83 char *Pflag; /* Proxy username */
84 char *pflag; /* Localport flag */
85 int rflag; /* Random ports flag */
86 char *sflag; /* Source Address */
87 int tflag; /* Telnet Emulation */
88 int uflag; /* UDP - Default to TCP */
89 int vflag; /* Verbosity */
90 int xflag; /* Socks proxy */
91 int zflag; /* Port Scan Flag */
92 int Dflag; /* sodebug */
93 int Iflag; /* TCP receive buffer size */
94 int Oflag; /* TCP send buffer size */
95 int Sflag; /* TCP MD5 signature option */
96 int Tflag = -1; /* IP Type of Service */
100 int family = AF_UNSPEC;
101 char *portlist[PORT_MAX+1];
102 char *unix_dg_tmp_socket;
104 void atelnet(int, unsigned char *, unsigned int);
105 void build_ports(char *);
107 int local_listen(char *, char *, struct addrinfo);
109 int remote_connect(const char *, const char *, struct addrinfo);
110 int timeout_connect(int, const struct sockaddr *, socklen_t);
111 int socks_connect(const char *, const char *, struct addrinfo,
112 const char *, const char *, struct addrinfo, int, const char *);
114 int unix_bind(char *);
115 int unix_connect(char *);
116 int unix_listen(char *);
117 void set_common_sockopts(int);
118 int map_tos(char *, int *);
119 void report_connect(const struct sockaddr *, socklen_t);
123 void add_ipsec_policy(int, char *);
125 char *ipsec_policy[2];
129 main(int argc, char *argv[])
131 int ch, s, ret, socksv, ipsec_count;
133 size_t intsize = sizeof(int);
135 struct addrinfo hints;
138 struct sockaddr_storage cliaddr;
140 const char *errstr, *proxyhost = "", *proxyport = NULL;
141 struct addrinfo proxyhints;
142 char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
143 struct option longopts[] = {
144 { "no-tcpopt", no_argument, &FreeBSD_Oflag, 1 },
156 while ((ch = getopt_long(argc, argv,
157 "46DdEe:hI:i:klNnoO:P:p:rSs:tT:UuV:vw:X:x:z",
158 longopts, NULL)) != -1) {
170 if (strcasecmp(optarg, "connect") == 0)
171 socksv = -1; /* HTTP proxy CONNECT */
172 else if (strcmp(optarg, "4") == 0)
173 socksv = 4; /* SOCKS v.4 */
174 else if (strcmp(optarg, "5") == 0)
175 socksv = 5; /* SOCKS v.5 */
177 errx(1, "unsupported proxy protocol");
184 ipsec_policy[ipsec_count++ % 2] = optarg;
186 errx(1, "IPsec support unavailable.");
191 ipsec_policy[0] = "in ipsec esp/transport//require";
192 ipsec_policy[1] = "out ipsec esp/transport//require";
194 errx(1, "IPsec support unavailable.");
201 iflag = strtonum(optarg, 0, UINT_MAX, &errstr);
203 errx(1, "interval %s: %s", errstr, optarg);
218 fprintf(stderr, "option -o is deprecated.\n");
239 if (sysctlbyname("net.fibs", &numfibs, &intsize, NULL, 0) == -1)
240 errx(1, "Multiple FIBS not supported");
241 rtableid = (unsigned int)strtonum(optarg, 0,
242 numfibs - 1, &errstr);
244 errx(1, "rtable %s: %s", errstr, optarg);
250 timeout = strtonum(optarg, 0, INT_MAX / 1000, &errstr);
252 errx(1, "timeout %s: %s", errstr, optarg);
257 if ((proxy = strdup(optarg)) == NULL)
267 Iflag = strtonum(optarg, 1, 65536 << 14, &errstr);
269 errx(1, "TCP receive window %s: %s",
273 Oflag = strtonum(optarg, 1, 65536 << 14, &errstr);
274 if (errstr != NULL) {
275 if (strcmp(errstr, "invalid") != 0)
276 errx(1, "TCP send window %s: %s",
286 if (map_tos(optarg, &Tflag))
288 if (strlen(optarg) > 1 && optarg[0] == '0' &&
290 Tflag = (int)strtol(optarg, NULL, 16);
292 Tflag = (int)strtonum(optarg, 0, 255,
294 if (Tflag < 0 || Tflag > 255 || errstr || errno)
295 errx(1, "illegal tos value %s", optarg);
304 /* Cruft to make sure options are clean, and used properly. */
305 if (argv[0] && !argv[1] && family == AF_UNIX) {
308 } else if (argv[0] && !argv[1]) {
313 } else if (argv[0] && argv[1]) {
320 errx(1, "cannot use -s and -l");
322 errx(1, "cannot use -p and -l");
324 errx(1, "cannot use -z and -l");
326 errx(1, "must use -l with -k");
328 /* Get name of temporary socket for unix datagram client */
329 if ((family == AF_UNIX) && uflag && !lflag) {
331 unix_dg_tmp_socket = sflag;
333 strlcpy(unix_dg_tmp_socket_buf, "/tmp/nc.XXXXXXXXXX",
334 UNIX_DG_TMP_SOCKET_SIZE);
335 if (mktemp(unix_dg_tmp_socket_buf) == NULL)
337 unix_dg_tmp_socket = unix_dg_tmp_socket_buf;
341 /* Initialize addrinfo structure. */
342 if (family != AF_UNIX) {
343 memset(&hints, 0, sizeof(struct addrinfo));
344 hints.ai_family = family;
345 hints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
346 hints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
348 hints.ai_flags |= AI_NUMERICHOST;
353 errx(1, "no proxy support for UDP mode");
356 errx(1, "no proxy support for listen");
358 if (family == AF_UNIX)
359 errx(1, "no proxy support for unix sockets");
361 /* XXX IPv6 transport to proxy would probably work */
362 if (family == AF_INET6)
363 errx(1, "no proxy support for IPv6");
366 errx(1, "no proxy support for local source address");
368 proxyhost = strsep(&proxy, ":");
371 memset(&proxyhints, 0, sizeof(struct addrinfo));
372 proxyhints.ai_family = family;
373 proxyhints.ai_socktype = SOCK_STREAM;
374 proxyhints.ai_protocol = IPPROTO_TCP;
376 proxyhints.ai_flags |= AI_NUMERICHOST;
383 if (family == AF_UNIX) {
387 s = unix_listen(host);
390 /* Allow only one connection at a time, but stay alive. */
392 if (family != AF_UNIX)
393 s = local_listen(host, uport, hints);
397 * For UDP and -k, don't connect the socket, let it
398 * receive datagrams from multiple socket pairs.
403 * For UDP and not -k, we will use recvfrom() initially
404 * to wait for a caller, then use the regular functions
405 * to talk to the caller.
407 else if (uflag && !kflag) {
410 struct sockaddr_storage z;
414 rv = recvfrom(s, buf, plen, MSG_PEEK,
415 (struct sockaddr *)&z, &len);
419 rv = connect(s, (struct sockaddr *)&z, len);
424 report_connect((struct sockaddr *)&z, len);
428 len = sizeof(cliaddr);
429 connfd = accept(s, (struct sockaddr *)&cliaddr,
432 /* For now, all errnos are fatal */
436 report_connect((struct sockaddr *)&cliaddr, len);
442 if (family != AF_UNIX)
445 if (connect(s, NULL, 0) < 0)
452 } else if (family == AF_UNIX) {
455 if ((s = unix_connect(host)) > 0 && !zflag) {
462 unlink(unix_dg_tmp_socket);
468 /* Construct the portlist[] array. */
471 /* Cycle through portlist, connecting to each port. */
472 for (i = 0; portlist[i] != NULL; i++) {
477 s = socks_connect(host, portlist[i], hints,
478 proxyhost, proxyport, proxyhints, socksv,
481 s = remote_connect(host, portlist[i], hints);
487 if (vflag || zflag) {
488 /* For UDP, make sure we are connected. */
490 if (udptest(s) == -1) {
496 /* Don't look up port if -n. */
501 ntohs(atoi(portlist[i])),
502 uflag ? "udp" : "tcp");
506 "Connection to %s %s port [%s/%s] "
507 "succeeded!\n", host, portlist[i],
508 uflag ? "udp" : "tcp",
509 sv ? sv->s_name : "*");
524 * Returns a unix socket bound to the given path
527 unix_bind(char *path)
529 struct sockaddr_un sun;
532 /* Create unix domain socket. */
533 if ((s = socket(AF_UNIX, uflag ? SOCK_DGRAM : SOCK_STREAM,
537 memset(&sun, 0, sizeof(struct sockaddr_un));
538 sun.sun_family = AF_UNIX;
540 if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
541 sizeof(sun.sun_path)) {
543 errno = ENAMETOOLONG;
547 if (bind(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
556 * Returns a socket connected to a local unix socket. Returns -1 on failure.
559 unix_connect(char *path)
561 struct sockaddr_un sun;
565 if ((s = unix_bind(unix_dg_tmp_socket)) < 0)
568 if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
571 (void)fcntl(s, F_SETFD, 1);
573 memset(&sun, 0, sizeof(struct sockaddr_un));
574 sun.sun_family = AF_UNIX;
576 if (strlcpy(sun.sun_path, path, sizeof(sun.sun_path)) >=
577 sizeof(sun.sun_path)) {
579 errno = ENAMETOOLONG;
582 if (connect(s, (struct sockaddr *)&sun, SUN_LEN(&sun)) < 0) {
592 * Create a unix domain socket, and listen on it.
595 unix_listen(char *path)
598 if ((s = unix_bind(path)) < 0)
601 if (listen(s, 5) < 0) {
610 * Returns a socket connected to a remote host. Properly binds to a local
611 * port or source address if needed. Returns -1 on failure.
614 remote_connect(const char *host, const char *port, struct addrinfo hints)
616 struct addrinfo *res, *res0;
617 int s, error, on = 1;
619 if ((error = getaddrinfo(host, port, &hints, &res)))
620 errx(1, "getaddrinfo: %s", gai_strerror(error));
624 if ((s = socket(res0->ai_family, res0->ai_socktype,
625 res0->ai_protocol)) < 0)
628 if (ipsec_policy[0] != NULL)
629 add_ipsec_policy(s, ipsec_policy[0]);
630 if (ipsec_policy[1] != NULL)
631 add_ipsec_policy(s, ipsec_policy[1]);
635 if (setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid,
636 sizeof(rtableid)) == -1)
637 err(1, "setsockopt(.., SO_SETFIB, %u, ..)",
641 /* Bind to a local port or source address if specified. */
642 if (sflag || pflag) {
643 struct addrinfo ahints, *ares;
645 /* try IP_BINDANY, but don't insist */
646 setsockopt(s, IPPROTO_IP, IP_BINDANY, &on, sizeof(on));
647 memset(&ahints, 0, sizeof(struct addrinfo));
648 ahints.ai_family = res0->ai_family;
649 ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
650 ahints.ai_protocol = uflag ? IPPROTO_UDP : IPPROTO_TCP;
651 ahints.ai_flags = AI_PASSIVE;
652 if ((error = getaddrinfo(sflag, pflag, &ahints, &ares)))
653 errx(1, "getaddrinfo: %s", gai_strerror(error));
655 if (bind(s, (struct sockaddr *)ares->ai_addr,
656 ares->ai_addrlen) < 0)
657 errx(1, "bind failed: %s", strerror(errno));
661 set_common_sockopts(s);
663 if (timeout_connect(s, res0->ai_addr, res0->ai_addrlen) == 0)
666 warn("connect to %s port %s (%s) failed", host, port,
667 uflag ? "udp" : "tcp");
671 } while ((res0 = res0->ai_next) != NULL);
679 timeout_connect(int s, const struct sockaddr *name, socklen_t namelen)
687 flags = fcntl(s, F_GETFL, 0);
688 if (fcntl(s, F_SETFL, flags | O_NONBLOCK) == -1)
689 err(1, "set non-blocking mode");
692 if ((ret = connect(s, name, namelen)) != 0 && errno == EINPROGRESS) {
694 pfd.events = POLLOUT;
695 if ((ret = poll(&pfd, 1, timeout)) == 1) {
696 optlen = sizeof(optval);
697 if ((ret = getsockopt(s, SOL_SOCKET, SO_ERROR,
698 &optval, &optlen)) == 0) {
700 ret = optval == 0 ? 0 : -1;
702 } else if (ret == 0) {
706 err(1, "poll failed");
709 if (timeout != -1 && fcntl(s, F_SETFL, flags) == -1)
710 err(1, "restoring flags");
717 * Returns a socket listening on a local port, binds to specified source
718 * address. Returns -1 on failure.
721 local_listen(char *host, char *port, struct addrinfo hints)
723 struct addrinfo *res, *res0;
727 /* Allow nodename to be null. */
728 hints.ai_flags |= AI_PASSIVE;
731 * In the case of binding to a wildcard address
732 * default to binding to an ipv4 address.
734 if (host == NULL && hints.ai_family == AF_UNSPEC)
735 hints.ai_family = AF_INET;
737 if ((error = getaddrinfo(host, port, &hints, &res)))
738 errx(1, "getaddrinfo: %s", gai_strerror(error));
742 if ((s = socket(res0->ai_family, res0->ai_socktype,
743 res0->ai_protocol)) < 0)
747 ret = setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid,
750 err(1, "setsockopt(.., SO_SETFIB, %u, ..)",
754 ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
758 if (ipsec_policy[0] != NULL)
759 add_ipsec_policy(s, ipsec_policy[0]);
760 if (ipsec_policy[1] != NULL)
761 add_ipsec_policy(s, ipsec_policy[1]);
764 if (setsockopt(s, IPPROTO_TCP, TCP_NOOPT,
765 &FreeBSD_Oflag, sizeof(FreeBSD_Oflag)) == -1)
766 err(1, "disable TCP options");
769 if (bind(s, (struct sockaddr *)res0->ai_addr,
770 res0->ai_addrlen) == 0)
775 } while ((res0 = res0->ai_next) != NULL);
777 if (!uflag && s != -1) {
778 if (listen(s, 1) < 0)
789 * Loop that polls on the network file descriptor and stdin.
794 struct pollfd pfd[2];
795 unsigned char buf[16384];
796 int n, wfd = fileno(stdin);
797 int lfd = fileno(stdout);
802 /* Setup Network FD */
804 pfd[0].events = POLLIN;
806 /* Set up STDIN FD. */
808 pfd[1].events = POLLIN;
810 while (pfd[0].fd != -1) {
814 if ((n = poll(pfd, 2 - dflag, timeout)) < 0) {
816 err(1, "Polling Error");
822 if (pfd[0].revents & POLLIN) {
823 if ((n = read(nfd, buf, plen)) < 0)
826 shutdown(nfd, SHUT_RD);
831 atelnet(nfd, buf, n);
832 if (atomicio(vwrite, lfd, buf, n) != n)
837 if (!dflag && pfd[1].revents & POLLIN) {
838 if ((n = read(wfd, buf, plen)) < 0)
842 shutdown(nfd, SHUT_WR);
846 if (atomicio(vwrite, nfd, buf, n) != n)
853 /* Deal with RFC 854 WILL/WONT DO/DONT negotiation. */
855 atelnet(int nfd, unsigned char *buf, unsigned int size)
857 unsigned char *p, *end;
858 unsigned char obuf[4];
862 end = buf + size - 2;
864 for (p = buf; p < end; p++) {
870 if ((*p == WILL) || (*p == WONT))
872 else if ((*p == DO) || (*p == DONT))
879 if (atomicio(vwrite, nfd, obuf, 3) != 3)
880 warn("Write Error!");
886 * Build an array of ports in portlist[], listing each port
887 * that we should try to connect to.
897 if ((n = strchr(p, '-')) != NULL) {
901 /* Make sure the ports are in order: lowest->highest. */
902 hi = strtonum(n, 1, PORT_MAX, &errstr);
904 errx(1, "port number %s: %s", errstr, n);
905 lo = strtonum(p, 1, PORT_MAX, &errstr);
907 errx(1, "port number %s: %s", errstr, p);
915 /* Load ports sequentially. */
916 for (cp = lo; cp <= hi; cp++) {
917 portlist[x] = calloc(1, PORT_MAX_LEN);
918 if (portlist[x] == NULL)
920 snprintf(portlist[x], PORT_MAX_LEN, "%d", cp);
924 /* Randomly swap ports. */
929 for (x = 0; x <= (hi - lo); x++) {
930 y = (arc4random() & 0xFFFF) % (hi - lo);
932 portlist[x] = portlist[y];
937 hi = strtonum(p, 1, PORT_MAX, &errstr);
939 errx(1, "port number %s: %s", errstr, p);
940 portlist[0] = strdup(p);
941 if (portlist[0] == NULL)
948 * Do a few writes to see if the UDP port is there.
949 * Fails once PF state table is full.
956 for (i = 0; i <= 3; i++) {
957 if (write(s, "X", 1) == 1)
966 set_common_sockopts(int s)
971 if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG,
972 &x, sizeof(x)) == -1)
976 if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
977 &x, sizeof(x)) == -1)
981 if (setsockopt(s, IPPROTO_IP, IP_TOS,
982 &Tflag, sizeof(Tflag)) == -1)
983 err(1, "set IP ToS");
986 if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
987 &Iflag, sizeof(Iflag)) == -1)
988 err(1, "set TCP receive buffer size");
991 if (setsockopt(s, SOL_SOCKET, SO_SNDBUF,
992 &Oflag, sizeof(Oflag)) == -1)
993 err(1, "set TCP send buffer size");
996 if (setsockopt(s, IPPROTO_TCP, TCP_NOOPT,
997 &FreeBSD_Oflag, sizeof(FreeBSD_Oflag)) == -1)
998 err(1, "disable TCP options");
1003 map_tos(char *s, int *val)
1005 /* DiffServ Codepoints and other TOS mappings */
1006 const struct toskeywords {
1007 const char *keyword;
1009 } *t, toskeywords[] = {
1010 { "af11", IPTOS_DSCP_AF11 },
1011 { "af12", IPTOS_DSCP_AF12 },
1012 { "af13", IPTOS_DSCP_AF13 },
1013 { "af21", IPTOS_DSCP_AF21 },
1014 { "af22", IPTOS_DSCP_AF22 },
1015 { "af23", IPTOS_DSCP_AF23 },
1016 { "af31", IPTOS_DSCP_AF31 },
1017 { "af32", IPTOS_DSCP_AF32 },
1018 { "af33", IPTOS_DSCP_AF33 },
1019 { "af41", IPTOS_DSCP_AF41 },
1020 { "af42", IPTOS_DSCP_AF42 },
1021 { "af43", IPTOS_DSCP_AF43 },
1022 { "critical", IPTOS_PREC_CRITIC_ECP },
1023 { "cs0", IPTOS_DSCP_CS0 },
1024 { "cs1", IPTOS_DSCP_CS1 },
1025 { "cs2", IPTOS_DSCP_CS2 },
1026 { "cs3", IPTOS_DSCP_CS3 },
1027 { "cs4", IPTOS_DSCP_CS4 },
1028 { "cs5", IPTOS_DSCP_CS5 },
1029 { "cs6", IPTOS_DSCP_CS6 },
1030 { "cs7", IPTOS_DSCP_CS7 },
1031 { "ef", IPTOS_DSCP_EF },
1032 { "inetcontrol", IPTOS_PREC_INTERNETCONTROL },
1033 { "lowdelay", IPTOS_LOWDELAY },
1034 { "netcontrol", IPTOS_PREC_NETCONTROL },
1035 { "reliability", IPTOS_RELIABILITY },
1036 { "throughput", IPTOS_THROUGHPUT },
1040 for (t = toskeywords; t->keyword != NULL; t++) {
1041 if (strcmp(s, t->keyword) == 0) {
1051 report_connect(const struct sockaddr *sa, socklen_t salen)
1053 char remote_host[NI_MAXHOST];
1054 char remote_port[NI_MAXSERV];
1056 int flags = NI_NUMERICSERV;
1059 flags |= NI_NUMERICHOST;
1061 if ((herr = getnameinfo(sa, salen,
1062 remote_host, sizeof(remote_host),
1063 remote_port, sizeof(remote_port),
1065 if (herr == EAI_SYSTEM)
1066 err(1, "getnameinfo");
1068 errx(1, "getnameinfo: %s", gai_strerror(herr));
1072 "Connection from %s %s "
1073 "received!\n", remote_host, remote_port);
1080 fprintf(stderr, "\tCommand Summary:\n\
1083 \t-D Enable the debug socket option\n\
1084 \t-d Detach from stdin\n");
1087 \t-E Use IPsec ESP\n\
1088 \t-e policy Use specified IPsec policy\n");
1091 \t-h This help text\n\
1092 \t-I length TCP receive buffer length\n\
1093 \t-i secs\t Delay interval for lines sent, ports scanned\n\
1094 \t-k Keep inbound sockets open for multiple connects\n\
1095 \t-l Listen mode, for inbound connects\n\
1096 \t-N Shutdown the network socket after EOF on stdin\n\
1097 \t-n Suppress name/port resolutions\n\
1098 \t--no-tcpopt Disable TCP options\n\
1099 \t-O length TCP send buffer length\n\
1100 \t-P proxyuser\tUsername for proxy authentication\n\
1101 \t-p port\t Specify local port for remote connects\n\
1102 \t-r Randomize remote ports\n\
1103 \t-S Enable the TCP MD5 signature option\n\
1104 \t-s addr\t Local source address\n\
1105 \t-T toskeyword\tSet IP Type of Service\n\
1106 \t-t Answer TELNET negotiation\n\
1107 \t-U Use UNIX domain socket\n\
1109 \t-V rtable Specify alternate routing table\n\
1111 \t-w secs\t Timeout for connects and final net reads\n\
1112 \t-X proto Proxy protocol: \"4\", \"5\" (SOCKS) or \"connect\"\n\
1113 \t-x addr[:port]\tSpecify proxy address and port\n\
1114 \t-z Zero-I/O mode [used for scanning]\n\
1115 Port numbers can be individual or ranges: lo-hi [inclusive]\n");
1117 fprintf(stderr, "See ipsec_set_policy(3) for -e argument format\n");
1124 add_ipsec_policy(int s, char *policy)
1129 raw = ipsec_set_policy(policy, strlen(policy));
1131 errx(1, "ipsec_set_policy `%s': %s", policy,
1133 e = setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, raw,
1134 ipsec_get_policylen(raw));
1136 err(1, "ipsec policy cannot be configured");
1139 fprintf(stderr, "ipsec policy configured: `%s'\n", policy);
1149 "usage: nc [-46DdEhklNnrStUuvz] [-e policy] [-I length] [-i interval] [-O length]\n"
1151 "usage: nc [-46DdhklNnrStUuvz] [-I length] [-i interval] [-O length]\n"
1153 "\t [-P proxy_username] [-p source_port] [-s source] [-T ToS]\n"
1154 "\t [-V rtable] [-w timeout] [-X proxy_protocol]\n"
1155 "\t [-x proxy_address[:port]] [destination] [port]\n");
projects / FreeBSD / releng / 10.0.git / blob