d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d8caf56e9e
freebsd-dev/sbin
History
Andrey V. Elsukov d8caf56e9e Add ipfw_nat64 module that implements stateless and stateful NAT64. 
The module works together with ipfw(4) and implemented as its external
action module.

Stateless NAT64 registers external action with name nat64stl. This
keyword should be used to create NAT64 instance and to address this
instance in rules. Stateless NAT64 uses two lookup tables with mapped
IPv4->IPv6 and IPv6->IPv4 addresses to perform translation.

A configuration of instance should looks like this:
 1. Create lookup tables:
 # ipfw table T46 create type addr valtype ipv6
 # ipfw table T64 create type addr valtype ipv4
 2. Fill T46 and T64 tables.
 3. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 4. Create NAT64 instance:
 # ipfw nat64stl NAT create table4 T46 table6 T64
 5. Add rules that matches the traffic:
 # ipfw add nat64stl NAT ip from any to table(T46)
 # ipfw add nat64stl NAT ip from table(T64) to 64:ff9b::/96
 6. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Stateful NAT64 registers external action with name nat64lsn. The only
one option required to create nat64lsn instance - prefix4. It defines
the pool of IPv4 addresses used for translation.

A configuration of instance should looks like this:
 1. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 2. Create NAT64 instance:
 # ipfw nat64lsn NAT create prefix4 A.B.C.D/28
 3. Add rules that matches the traffic:
 # ipfw add nat64lsn NAT ip from any to A.B.C.D/28
 # ipfw add nat64lsn NAT ip6 from any to 64:ff9b::/96
 4. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6434
2016-08-13 16:09:49 +00:00
..
adjkerntz Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
atm Use NULL for pointers instead of 0. 2016-04-19 00:59:15 +00:00
badsect Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
bsdlabel Use NULL instead of 0 for pointers. 2016-04-18 07:40:36 +00:00
camcontrol Fix a couple of Coverity Unintended sign extension sign extension 2016-05-25 15:49:29 +00:00
ccdconfig Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
clri Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
comcontrol Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
conscontrol Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
ddb Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
devd Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
devfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
dhclient dhclient(1): correct obvious mismatch in get_char(). 2016-06-03 03:40:39 +00:00
dmesg Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
dump sbin: ake use of our rounddown() macro when sys/param.h is available. 2016-05-01 02:24:05 +00:00
dumpfs Use MIN macro from sys/param.h. 2016-05-02 01:40:31 +00:00
dumpon Use nitems() instead of sizeof(name) / sizeof(*name). 2016-04-19 04:28:25 +00:00
etherswitchcfg [etherswitch] add LED API to the documentation and command line tool. 2016-08-04 17:46:07 +00:00
fdisk fdisk: drop unused macro and make use of roundup()/rounddown(). 2016-04-30 19:58:54 +00:00
fdisk_pc98 fdisk: drop unused macro and make use of roundup()/rounddown(). 2016-04-30 19:58:54 +00:00
ffsinfo Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
fsck strchr(3) will return NULL if it cannot find the character in the 2016-04-18 07:44:53 +00:00
fsck_ffs fsck_ffs: Don't overrun mount device buffer 2016-05-11 16:20:23 +00:00
fsck_msdosfs fsck_msdosfs: Adjust a check. 2016-05-04 22:27:22 +00:00
fsdb Use nitems() from sys/param.h. 2016-07-30 06:19:34 +00:00
fsirand Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
gbde MFH 2016-03-02 16:14:46 +00:00
geom Fix misleading description of the -b option in the geli init command. 2016-08-03 18:02:10 +00:00
ggate Add pidfile support to ggated(8) 2016-01-28 03:24:06 +00:00
growfs Cosmetic fixes for growfs(8) - remove unneeded capitalization and a spurious 2016-05-11 09:26:23 +00:00
gvinum Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
hastctl MFH 2016-03-02 16:14:46 +00:00
hastd Improve performance and functionality of the bitstring(3) api 2016-05-04 22:34:11 +00:00
ifconfig ifconfig: fix wlan creation when unit number is not provided 2016-06-08 17:21:15 +00:00
init For pointers use NULL instead of 0. 2016-05-16 00:34:48 +00:00
ipf MFH 2016-03-02 16:14:46 +00:00
ipfw Add ipfw_nat64 module that implements stateless and stateful NAT64. 2016-08-13 16:09:49 +00:00
iscontrol Fix multiple Coverity Out-of-bounds access false postive issues in CAM 2016-05-24 00:57:11 +00:00
kldconfig Use nitems() from sys/param.h. 2016-04-19 04:52:13 +00:00
kldload Use nitems() from sys/param.h. 2016-04-19 04:52:51 +00:00
kldstat MFH 2016-04-04 23:55:32 +00:00
kldunload Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
ldconfig Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
md5 Import the skein hashing algorithm, based on the threefish block cipher 2016-05-29 01:15:36 +00:00
mdconfig Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
mdmfs MFH 2016-03-14 18:54:29 +00:00
mknod Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mksnap_ffs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_cd9660 Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_fusefs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_msdosfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_nfs MFH 2016-04-16 02:32:12 +00:00
mount_nullfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_udf Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
mount_unionfs Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
nandfs Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
natd Do not coredump if the packet is too long in the global (non-interface 2016-06-28 20:10:30 +00:00
newfs Use MIN()/MAX() macros from sys/param.h. 2016-05-02 00:45:46 +00:00
newfs_msdos Use nitems() from sys/param.h. 2016-04-19 04:57:57 +00:00
newfs_nandfs sbin: use our howmany() macro when available through <sys/param.h>. 2016-05-01 02:19:49 +00:00
nfsiod Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
nos-tun Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
nvmecontrol nvmecontrol.8: minor spelling fix. 2016-05-06 03:11:34 +00:00
pfctl Fix a regression in pf.conf while parsing the 'interval' keyword. 2016-08-05 02:19:03 +00:00
pflogd Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
ping Check for socket creation success before calling bind(). 2016-05-12 05:43:54 +00:00
ping6 Fix a regression introduced on revision r271909, when using argument -g 2016-07-05 07:01:42 +00:00
quotacheck For pointers use NULL instead of 0. 2016-05-16 00:36:12 +00:00
rcorder Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
reboot Add missing parameters -N and -l to reroot and halt usage() 2016-05-06 20:49:14 +00:00
recoverdisk sbin: ake use of our rounddown() macro when sys/param.h is available. 2016-05-01 02:24:05 +00:00
resolvconf resolvconf(8) now needs an additional @RESTARTCMD@ replacement when installing. 2016-07-31 18:14:42 +00:00
restore restore: promote some getfiles() parameters to size_t. 2016-05-01 21:17:30 +00:00
route Due to dropped mbuf in netisr queue route(8) can fall into infinity 2016-07-27 08:26:34 +00:00
routed routed(8): Use arc4random_uniform instead of arc4random. 2016-05-15 06:06:22 +00:00
rtsol Create packages for atm, ccdconfig, devd, ipf, ipfw, 2016-02-09 19:30:31 +00:00
savecore Don't leak fd on sectorsize malloc failure 2016-04-20 00:49:49 +00:00
sconfig Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
setkey Use nitems() from sys/param.h. 2016-04-19 09:43:51 +00:00
shutdown Explicitly add more files to the 'runtime' package. 2016-02-09 20:19:31 +00:00
spppcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
sunlabel Re-ident lines. 2016-04-20 01:35:09 +00:00
swapon Stop using the non-standard basename_r() function. 2016-05-31 06:45:19 +00:00
sysctl Fix "sysctl vm.vmtotal" output on machines with > 2TB virtual memory 2016-06-24 14:58:37 +00:00
tests Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
tunefs Mention fsck_ffs -E in tunefs(8). It's non-obvious that one should 2016-04-19 15:08:35 +00:00
umount Add new unmount(2) flag, MNT_NONBUSY, to check whether there are 2016-07-07 09:03:57 +00:00
Makefile Convert casperd(8) daemon to the libcasper. 2016-02-25 18:23:40 +00:00
Makefile.amd64 Integrate nvmecontrol(8) into the amd64 and i386 builds. 2012-09-17 21:41:38 +00:00
Makefile.arm MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.i386 Integrate nvmecontrol(8) into the amd64 and i386 builds. 2012-09-17 21:41:38 +00:00
Makefile.inc Use src.opts.mk in preference to bsd.own.mk except where we need stuff 2014-05-06 04:22:01 +00:00
Makefile.mips MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.pc98 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.sparc64 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00