[Bug 288380] ipfw libalias: Implementation of a simple NAT configuration for MAP-E (RFC 7597)

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288380

--- Comment #2 from Tatsuki Makino <tatsuki_makino@hotmail.com> ---
Created attachment 262482
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=262482&action=edit
patch for experimentation

It seems that using the skipto action as a dynamic rule should not be done due
to another issue.
So, I created a patch that can conduct experiments for this.
After confirming that it works in my environment, there are slightly added
parts, but it should probably be fine :)
If pf needs to be set to map-e-portset 4/8/229, it seems that ipfw+libalias
with this patch applied will work with the following configuration.

disable one_pass
nat 11 config if gif0 log reset port_range 4096-65535 port_range_mask
0xf00f^0x0e50
add nat 11 ip4 from any to any out xmit gif0
add nat 11 ip4 from any to any in recv gif0

The setting for port_range_mask is a format that matches the pattern of the
regexp /^[&^|]?(0[Xx]?)?\d+([&^|](0[Xx]?)?\d+)*$/
The omission of the first [&^|] is the same as &.
This patch allows for up to 4 operations.

It is not exclusive to MAP-E; it has been made a bit more flexible :)
It may also be possible to add a syntax that can calculate and set based on
three numbers separated by slashes.

-- 
You are receiving this mail because:
You are the assignee for the bug.