- Fix working with antiviruses on BSD systems.

A patch is taken from http://www.opennet.ru/openforum/vsluhforumID12/4446.html.
- Add support pf(4) firewalls.
  A patch is taken from http://www.clearchain.com/wiki/Frox_&_PF

Submitted by:	Cor Hilbrink (2Complex) <cor(at)2complex.nl>

ftp/frox/Makefile

@@ -7,6 +7,7 @@
 
 PORTNAME=	frox
 PORTVERSION=	0.7.18
+PORTREVISION=	1
 CATEGORIES=	ftp
 MASTER_SITES=	http://www.hollo.org/frox/download/ \
 		http://frox.sourceforge.net/download/ \
@@ -38,6 +39,7 @@ PKGMESSAGE=	${WRKDIR}/pkg-message
 CONFIGURE_ARGS=	--enable-configfile=${PREFIX}/etc/frox.conf
 
 OPTIONS=	IPFILTER "Use ipfilter instead of ipfw" off \
+		PF "Build with pf(4) support" off \
 		VIRUS_SCAN "Run external virus scaner on each download" off \
 		HTTP_CACHE "Enable use of external cache" on \
 		LOCAL_CACHE "Enable use of local cache" off \
@@ -56,6 +58,9 @@ WITH_CCP=	yes
 .if defined(WITH_IPFILTER)
 CONFIGURE_ARGS+=	--enable-ipfilter
 .endif
+.if defined(WITH_PF)
+CONFIGURE_ENV+=		"CPPFLAGS=-DPF"
+.endif
 .if defined(WITH_VIRUS_SCAN)
 CONFIGURE_ARGS+=	--enable-virus-scan
 .endif

ftp/frox/files/patch-lib-sstrlib-sstr_io.c

@@ -0,0 +1,27 @@
+--- lib/sstrlib/sstr_io.c.orig	2005-02-04 13:24:55.000000000 +0300
++++ lib/sstrlib/sstr_io.c	2007-12-14 18:07:15.000000000 +0300
+@@ -26,6 +26,7 @@
+ #include <sys/ioctl.h>
+ #include <unistd.h>
+ #include <ctype.h>
++#include <sys/stat.h>
+ 
+ #include "sstr.h"
+ #include "sstr_private.h"
+@@ -61,8 +62,14 @@
+ int sstr_append_read(int fd, sstr * p, int cnt)
+ {
+ 	int i;
+-	if(ioctl(fd, FIONREAD, &i) == -1)
+-		return (-1);
++	struct stat mystat;
++
++	if(ioctl(fd, FIONREAD, &i) == -1) {
++		fstat(fd,&mystat);
++		if (mystat.st_mode & S_IFREG == 0)
++			return (-1);
++		i=mystat.st_blksize;
++	}
+ 	if(i == 0)
+ 		return (0);
+ 

ftp/frox/files/patch-src-bsd.c

@@ -0,0 +1,75 @@
+--- src/bsd.c.orig	Fri Feb  4 20:54:55 2005
++++ src/bsd.c	Wed Jul 25 01:25:16 2007
+@@ -30,6 +30,16 @@
+ #error --enable-transparent-data not supported under BSD
+ #endif
+ 
++#ifdef PF
++#include <fcntl.h>
++#include <sys/ioctl.h>
++#include <net/if.h>
++#include <net/pfvar.h>
++
++static int natfd;
++#endif
++
++
+ #ifdef IPFILTER
+ #include <fcntl.h>
+ #include <sys/ioctl.h>
+@@ -51,6 +61,11 @@
+ 	if(natfd < 0)
+ 		write_log(ERROR, "Unable to initialise IPFilter");
+ #endif
++#ifdef PF
++       natfd = open("/dev/pf", O_RDWR);
++       if (natfd == -1)
++               write_log(ERROR, "Unable to initialise PF");
++#endif
+ 	return 0;
+ }
+ 
+@@ -61,6 +76,11 @@
+ int get_orig_dest(int fd, struct sockaddr_in *addr)
+ {
+ 	socklen_t len;
++#ifdef PF
++    struct pfioc_natlook nl;
++    struct sockaddr_in from;
++    int r2;
++#endif
+ #ifdef IPFILTER
+ 	struct natlookup nat;
+ 	struct sockaddr_in from;
+@@ -99,6 +119,31 @@
+ 		addr->sin_family = AF_INET;
+ 		return r2;
+ 	}
++#endif
++#ifdef PF
++       getpeername(fd, (struct sockaddr *) &from, &len);
++       memset(&nl, 0, sizeof(struct pfioc_natlook));
++       memcpy( &nl.daddr.v4, &to.sin_addr.s_addr, sizeof( nl.saddr.v4 ));
++       memcpy( &nl.saddr.v4, &from.sin_addr.s_addr, sizeof( nl.daddr.v4 ));
++       nl.dport = to.sin_port;
++       nl.sport = from.sin_port;
++       nl.af = AF_INET;
++       nl.proto = IPPROTO_TCP;
++       nl.direction = PF_INOUT;
++
++       if ( natfd > 0 ){
++           if (ioctl(natfd, DIOCNATLOOK, &nl)==-1){
++               write_log(ERROR, "Failed to lookup address");
++           }
++           else {
++               memset(addr, sizeof(*addr), 0);
++               memcpy(&addr->sin_addr.s_addr, &nl.rdaddr.v4.s_addr, sizeof(struct sockaddr_in));
++               addr->sin_len = sizeof(struct sockaddr_in);
++               addr->sin_port = nl.rdport;
++               addr->sin_family = AF_INET;
++               return r2;
++		   }
++	   }
+ #endif
+ 	memcpy(addr, &to, len);
+ 	return r1;