Add table/tablearg support to ipfw's nat.

MFC After: 1 week

sbin/ipfw/ipfw.8

@@ -1609,7 +1609,7 @@ This can significantly reduce number of rules in some configurations.
 The
 .Cm tablearg
 argument can be used with the following actions:
-.Cm pipe , queue, divert, tee, netgraph, ngtee, fwd
+.Cm nat, pipe , queue, divert, tee, netgraph, ngtee, fwd
 action parameters:
 .Cm tag, untag,
 rule options:

sbin/ipfw/ipfw2.c

@@ -1612,7 +1612,7 @@ show_ipfw(struct ip_fw *rule, int pcwidth, int bcwidth)
 			break;
 
 		case O_NAT:
- 			printf("nat %u", cmd->arg1);
+			PRINT_UINT_ARG("nat ", cmd->arg1);
  			break;
 			
 		default:
@@ -4848,6 +4848,10 @@ add(int ac, char *av[])
 		action->opcode = O_COUNT;
 		break;
 
+	case TOK_NAT:
+ 		action->opcode = O_NAT;
+ 		action->len = F_INSN_SIZE(ipfw_insn_nat);
+		goto chkarg;
 	case TOK_QUEUE:
 		action->opcode = O_QUEUE;
 		goto chkarg;
@@ -4929,14 +4933,6 @@ add(int ac, char *av[])
 		action->opcode = O_COUNT;
 		ac++; av--;	/* go back... */
 		break;
-
-	case TOK_NAT:
- 		action->opcode = O_NAT;
- 		action->len = F_INSN_SIZE(ipfw_insn_nat);
- 		NEED1("missing nat number");
- 	        action->arg1 = strtoul(*av, NULL, 10);
- 		ac--; av++;
- 		break;
 		
 	default:
 		errx(EX_DATAERR, "invalid action %s\n", av[-1]);

sys/netinet/ip_fw2.c

@@ -3486,7 +3486,7 @@ do {									\
 				struct cfg_nat *t;
 				struct mbuf *mcl;
 				/* XXX - libalias duct tape */
-				int ldt; 
+				int ldt, nat_id;
 				char *c;
 				
 				ldt = 0;
@@ -3494,7 +3494,9 @@ do {									\
 				retval = 0;
 				t = ((ipfw_insn_nat *)cmd)->nat;
 				if (t == NULL) {
-					t = lookup_nat(cmd->arg1);
+					nat_id = (cmd->arg1 == IP_FW_TABLEARG) ?
+					    tablearg : cmd->arg1;
+					t = lookup_nat(nat_id);
 					if (t == NULL) {
 						retval = IP_FW_DENY;
 						goto done;