[Bug 219918] [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full cone NAT)

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219918

            Bug ID: 219918
           Summary: [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full
                    cone NAT)
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: damjan.jov at gmail.com

Created attachment 183392
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=183392&action=edit
LibAlias RFC 4787 req 1 and 3 implementation

Implement NAT hole punching for UDP, as per RFC 4787 requirements 1 and 3,
creating an endpoint-independent mapping NAT also known as an (address- and
port-restricted) cone NAT.

Outgoing links are now hashed only on source IP/port, so they can be searched
using only those, allowing us to find and reuse the alias address/port already
in use by the packet's source address/port. When new links are allocated, we
also search for an alias address/port that is not used by any link.

Also updated the man page to reflect this.

Please also see the related bug 219803, which implements the same feature in
PF.

-- 
You are receiving this mail because:
You are the assignee for the bug.