From 7d6ccd32177262dcbd980be4c0769c4494f1514d Mon Sep 17 00:00:00 2001
From: Peter Pentchev <roam@ringlet.net>
Date: Tue, 4 Jan 2011 18:17:10 +0200
Subject: [PATCH] Abstract transparent proxying to also support IP_BINDANY.

The implementation is based on Jason Helfman's patch in
FreeBSD PR 153568, but is a bit more abstract to also allow
other transparent proxying implementations.
http://www.freebsd.org/cgi/query-pr.cgi?pr=153568

Reported by:	Jason Helfman <jhelfman@experts-exchange.com>,
		oscaruser@programmer.net
---
 src/client.c |    9 +++++----
 src/common.h |    9 +++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/client.c b/src/client.c
index f4b11a0..0e01c7e 100644
--- a/src/client.c
+++ b/src/client.c
@@ -1034,15 +1034,16 @@ static int connect_remote(CLI *c) { /* connect to remote host */
 static void local_bind(CLI *c) {
     SOCKADDR_UNION addr;
 
-#ifdef IP_TRANSPARENT
+#ifdef STUNNEL_TRANSPARENT
     int on=1;
     if(c->opt->option.transparent) {
-        if(setsockopt(c->fd, SOL_IP, IP_TRANSPARENT, &on, sizeof on))
-            sockerror("setsockopt IP_TRANSPARENT");
+        if(setsockopt(c->fd, STUNNEL_TRANSPARENT_LEVEL,
+	   STUNNEL_TRANSPARENT, &on, sizeof on))
+            sockerror("setsockopt " STUNNEL_TRANSPARENT_NAME);
         /* ignore the error to retain Linux 2.2 compatibility */
         /* the error will be handled by bind(), anyway */
     }
-#endif /* IP_TRANSPARENT */
+#endif /* STUNNEL_TRANSPARENT */
 
     memcpy(&addr, &c->bind_addr.addr[0], sizeof addr);
     if(ntohs(addr.in.sin_port)>=1024) { /* security check */
diff --git a/src/common.h b/src/common.h
index 0fe3aff..0a1cf6d 100644
--- a/src/common.h
+++ b/src/common.h
@@ -337,6 +337,15 @@ extern char *sys_errlist[];
 /* old kernel headers without IP_TRANSPARENT definition */
 #define IP_TRANSPARENT 19
 #endif /* IP_TRANSPARENT */
+#define STUNNEL_TRANSPARENT IP_TRANSPARENT
+#define STUNNEL_TRANSPARENT_NAME "IP_TRANSPARENT"
+#define STUNNEL_TRANSPARENT_LEVEL SOL_IP
+#else /* __linux__ */
+#ifdef IP_BINDANY
+#define STUNNEL_TRANSPARENT IP_BINDANY
+#define STUNNEL_TRANSPARENT_NAME "IP_BINDANY"
+#define STUNNEL_TRANSPARENT_LEVEL IPPROTO_IP
+#endif
 #endif /* __linux__ */
 
 #endif /* USE_WIN32 */
-- 
1.7.3.4