git: d65b86dd9325 - stable/13 - netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support
Lutz Donnerhacke
donner at FreeBSD.org
Thu Feb 25 10:21:30 UTC 2021
The branch stable/13 has been updated by donner:
URL: https://cgit.FreeBSD.org/src/commit/?id=d65b86dd9325ce8d46fb7e82efb03c73c9957a77
commit d65b86dd9325ce8d46fb7e82efb03c73c9957a77
Author: Neel Chauhan <nc at FreeBSD.org>
AuthorDate: 2021-01-24 19:23:39 +0000
Commit: Lutz Donnerhacke <donner at FreeBSD.org>
CommitDate: 2021-02-25 10:21:03 +0000
netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support
This extends upon the RFC 6598 support to libalias/ipfw in r357092.
Reviewed By: manpages (bcr), donner, adrian, kp
Differential Revision: https://reviews.freebsd.org/D23461
(cherry picked from commit 5fe433a6e4d8cab6b64284698301afc0c55a9db2)
---
share/man/man4/ng_nat.4 | 8 +++++++-
sys/netgraph/ng_nat.c | 2 ++
sys/netgraph/ng_nat.h | 1 +
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/share/man/man4/ng_nat.4 b/share/man/man4/ng_nat.4
index b7c65fe89b20..e9c0f2acbcee 100644
--- a/share/man/man4/ng_nat.4
+++ b/share/man/man4/ng_nat.4
@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 12, 2018
+.Dd January 24, 2021
.Dt NG_NAT 4
.Os
.Sh NAME
@@ -75,7 +75,13 @@ struct ng_nat_mode {
#define NG_NAT_RESET_ON_ADDR_CHANGE 0x20
#define NG_NAT_PROXY_ONLY 0x40
#define NG_NAT_REVERSE 0x80
+#define NG_NAT_UNREGISTERED_CGN 0x100
.Ed
+.Pp
+The corresponding libalias flags can be found by replacing the
+.Vt "NG_NAT"
+prefix with
+.Vt "PKT_ALIAS" .
.It Dv NGM_NAT_SET_TARGET Pq Ic settarget
Configure target address for a node.
When an incoming packet not associated with any pre-existing aliasing
diff --git a/sys/netgraph/ng_nat.c b/sys/netgraph/ng_nat.c
index a5c776ef6db6..cd3442914311 100644
--- a/sys/netgraph/ng_nat.c
+++ b/sys/netgraph/ng_nat.c
@@ -961,6 +961,8 @@ ng_nat_translate_flags(unsigned int x)
res |= PKT_ALIAS_PROXY_ONLY;
if (x & NG_NAT_REVERSE)
res |= PKT_ALIAS_REVERSE;
+ if (x & NG_NAT_UNREGISTERED_CGN)
+ res |= PKT_ALIAS_UNREGISTERED_CGN;
return (res);
}
diff --git a/sys/netgraph/ng_nat.h b/sys/netgraph/ng_nat.h
index 46c9609772ff..b56d45c10671 100644
--- a/sys/netgraph/ng_nat.h
+++ b/sys/netgraph/ng_nat.h
@@ -54,6 +54,7 @@ struct ng_nat_mode {
#define NG_NAT_RESET_ON_ADDR_CHANGE 0x20
#define NG_NAT_PROXY_ONLY 0x40
#define NG_NAT_REVERSE 0x80
+#define NG_NAT_UNREGISTERED_CGN 0x100
#define NG_NAT_DESC_LENGTH 64
#define NG_NAT_REDIRPROTO_ADDR (IPPROTO_MAX + 3) /* LibAlias' LINK_ADDR, also unused in in.h */
More information about the dev-commits-src-all
mailing list