d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ff2f6fe80f
freebsd-dev/sys/netinet
History
Paolo Pisati ff2f6fe80f Summer of Code 2005: improve libalias - part 2 of 2 
With the second (and last) part of my previous Summer of Code work, we get:

-ipfw's in kernel nat

-redirect_* and LSNAT support

General information about nat syntax and some examples are available
in the ipfw (8) man page. The redirect and LSNAT syntax are identical
to natd, so please refer to natd (8) man page.

To enable in kernel nat in rc.conf, two options were added:

o firewall_nat_enable: equivalent to natd_enable

o firewall_nat_interface: equivalent to natd_interface

Remember to set net.inet.ip.fw.one_pass to 0, if you want the packet
to continue being checked by the firewall ruleset after being
(de)aliased.

NOTA BENE: due to some problems with libalias architecture, in kernel
nat won't work with TSO enabled nic, thus you have to disable TSO via
ifconfig (ifconfig foo0 -tso).

Approved by: glebius (mentor)
2006-12-29 21:59:17 +00:00
..
libalias o made in kernel libalias mpsafe 2006-12-15 12:50:06 +00:00
accf_data.c
accf_http.c
icmp6.h
icmp_var.h
if_atm.c
if_atm.h
if_ether.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
if_ether.h
igmp_var.h
igmp.c Improve style(9) conformance of igmp.c. 2006-12-04 00:41:48 +00:00
igmp.h
in_cksum.c
in_gif.c
in_gif.h
in_pcb.c Some whitespace nits and remove a few casts. 2006-12-29 14:58:18 +00:00
in_pcb.h
in_proto.c Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
in_rmx.c
in_systm.h
in_var.h The IPv4 code should clean up multicast group state when an interface 2006-09-28 10:04:07 +00:00
in.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
in.h Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip6.h
ip_carp.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
ip_carp.h Make sure that carp_header is 36 bytes long 2006-12-01 18:37:41 +00:00
ip_divert.c Some whitespace nits and remove a few casts. 2006-12-29 14:58:18 +00:00
ip_divert.h
ip_dummynet.c - Use non-recursive mutex. MTX_RECURSE is unnecessary since rev. 1.70 2006-10-29 12:09:24 +00:00
ip_dummynet.h
ip_ecn.c
ip_ecn.h
ip_encap.c
ip_encap.h
ip_fastfwd.c
ip_fw2.c Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip_fw_pfil.c Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip_fw.h Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip_gre.c
ip_gre.h
ip_icmp.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ip_icmp.h
ip_id.c
ip_input.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ip_ipsec.c
ip_ipsec.h
ip_mroute.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
ip_mroute.h Nits. 2006-09-29 16:16:41 +00:00
ip_options.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ip_options.h
ip_output.c Back out revision 1.264. 2006-12-10 13:44:00 +00:00
ip_var.h
ip.h
ipprotosw.h
pim_var.h
pim.h
raw_ip.c Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
sctp_asconf.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_asconf.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_auth.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_auth.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_bsd_addr.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_bsd_addr.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_constants.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_crc32.c Revert previous commit, and instead make the expression in rev. 1.2 2006-11-05 14:36:59 +00:00
sctp_crc32.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_header.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_indata.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_indata.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_input.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_input.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_lock_bsd.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_os_bsd.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_os.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_output.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_output.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_pcb.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_pcb.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_peeloff.c 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_peeloff.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_structs.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_timer.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_timer.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_uio.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_usrreq.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_var.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctputil.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctputil.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c MFp4: 92972, 98913 + one more change 2006-12-12 12:17:58 +00:00
tcp_input.c MFp4: 92972, 98913 + one more change 2006-12-12 12:17:58 +00:00
tcp_output.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
tcp_reass.c MFp4: 92972, 98913 + one more change 2006-12-12 12:17:58 +00:00
tcp_sack.c
tcp_seq.h
tcp_subr.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
tcp_syncache.c Fix LOR between the syncache and inpcb locks when MAC is present in the 2006-12-13 06:00:57 +00:00
tcp_timer.c Back when we had T/TCP support, we used to apply different 2006-09-07 13:06:00 +00:00
tcp_timer.h if min is greater than max, prefer max over min... I managed to get a 2006-09-25 07:22:39 +00:00
tcp_timewait.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
tcp_usrreq.c Change error codes returned by protocol operations when an inpcb is 2006-11-22 17:16:54 +00:00
tcp_var.h Rewrite of TCP syncookies to remove locking requirements and to enhance 2006-09-13 13:08:27 +00:00
tcp.h
tcpip.h
udp_usrreq.c Some whitespace nits and remove a few casts. 2006-12-29 14:58:18 +00:00
udp_var.h
udp.h