Mostly mechanical rework of libalias:

Makes it possible to have multiple packet aliasing instances in a single process by moving all static and global variables into an instance structure called "struct libalias". Redefine a new API based on s/PacketAlias/LibAlias/g Add new "instance" argument to all functions in the new API. Implement old API in terms of the new API.
2004-01-17 10:52:21 +00:00 · 2004-01-17 10:52:21 +00:00 · 5e289f9eb6
commit 5e289f9eb6
parent 135bd3f8a1
32 changed files with 2138 additions and 1470 deletions
--- a/lib/libalias/Makefile
+++ b/lib/libalias/Makefile
@ -6,7 +6,7 @@ SHLIB_MAJOR=	4
 MAN=	libalias.3
 SRCS=	alias.c alias_cuseeme.c alias_db.c alias_ftp.c alias_irc.c \
 	alias_nbt.c alias_pptp.c alias_proxy.c alias_skinny.c alias_smedia.c \
-	alias_util.c
+	alias_util.c alias_old.c
 INCS=	alias.h
 .include <bsd.lib.mk>
--- a/lib/libalias/alias.c
+++ b/lib/libalias/alias.c
@ -247,26 +247,26 @@ the gateway machine or other machines on a local area network.
 /* Local prototypes */
-static int IcmpAliasIn1(struct ip *);
+static int IcmpAliasIn1(struct libalias *, struct ip *);
-static int IcmpAliasIn2(struct ip *);
+static int IcmpAliasIn2(struct libalias *, struct ip *);
-static int IcmpAliasIn (struct ip *);
+static int IcmpAliasIn (struct libalias *, struct ip *);
-static int IcmpAliasOut1(struct ip *);
+static int IcmpAliasOut1(struct libalias *, struct ip *);
-static int IcmpAliasOut2(struct ip *);
+static int IcmpAliasOut2(struct libalias *, struct ip *);
-static int IcmpAliasOut (struct ip *);
+static int IcmpAliasOut (struct libalias *, struct ip *);
-static int ProtoAliasIn(struct ip *);
+static int ProtoAliasIn(struct libalias *, struct ip *);
-static int ProtoAliasOut(struct ip *);
+static int ProtoAliasOut(struct libalias *, struct ip *);
-static int UdpAliasOut(struct ip *);
+static int UdpAliasOut(struct libalias *, struct ip *);
-static int UdpAliasIn (struct ip *);
+static int UdpAliasIn (struct libalias *, struct ip *);
-static int TcpAliasOut(struct ip *, int);
+static int TcpAliasOut(struct libalias *, struct ip *, int);
-static int TcpAliasIn (struct ip *);
+static int TcpAliasIn (struct libalias *, struct ip *);
 static int
-IcmpAliasIn1(struct ip *pip)
+IcmpAliasIn1(struct libalias *la, struct ip *pip)
 {
 /*
    De-alias incoming echo and timestamp replies.
@ -278,7 +278,7 @@ IcmpAliasIn1(struct ip *pip)
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
 /* Get source address from ICMP data field and restore original data */
-    link = FindIcmpIn(pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
+    link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
    if (link != NULL)
    {
        u_short original_id;
@ -312,7 +312,7 @@ IcmpAliasIn1(struct ip *pip)
 }
 static int
-IcmpAliasIn2(struct ip *pip)
+IcmpAliasIn2(struct libalias *la, struct ip *pip)
 {
 /*
    Alias incoming ICMP error messages containing
@ -332,16 +332,16 @@ IcmpAliasIn2(struct ip *pip)
    ic2 = (struct icmp *) ud;
    if (ip->ip_p == IPPROTO_UDP)
-        link = FindUdpTcpIn(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
                            ud->uh_dport, ud->uh_sport,
                            IPPROTO_UDP, 0);
    else if (ip->ip_p == IPPROTO_TCP)
-        link = FindUdpTcpIn(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
                            tc->th_dport, tc->th_sport,
                            IPPROTO_TCP, 0);
    else if (ip->ip_p == IPPROTO_ICMP) {
        if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
-            link = FindIcmpIn(ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+            link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
        else
            link = NULL;
    } else
@ -430,13 +430,13 @@ fragment contained in ICMP data section */
 static int
-IcmpAliasIn(struct ip *pip)
+IcmpAliasIn(struct libalias *la, struct ip *pip)
 {
    int iresult;
    struct icmp *ic;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
@ -448,18 +448,18 @@ IcmpAliasIn(struct ip *pip)
        case ICMP_TSTAMPREPLY:
            if (ic->icmp_code == 0)
            {
-                iresult = IcmpAliasIn1(pip);
+                iresult = IcmpAliasIn1(la, pip);
            }
            break;
        case ICMP_UNREACH:
        case ICMP_SOURCEQUENCH:
        case ICMP_TIMXCEED:
        case ICMP_PARAMPROB:
-            iresult = IcmpAliasIn2(pip);
+            iresult = IcmpAliasIn2(la, pip);
            break;
        case ICMP_ECHO:
        case ICMP_TSTAMP:
-            iresult = IcmpAliasIn1(pip);
+            iresult = IcmpAliasIn1(la, pip);
            break;
    }
    return(iresult);
@ -467,7 +467,7 @@ IcmpAliasIn(struct ip *pip)
 static int
-IcmpAliasOut1(struct ip *pip)
+IcmpAliasOut1(struct libalias *la, struct ip *pip)
 {
 /*
    Alias outgoing echo and timestamp requests.
@ -479,7 +479,7 @@ IcmpAliasOut1(struct ip *pip)
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
 /* Save overwritten data for when echo packet returns */
-    link = FindIcmpOut(pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
+    link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
    if (link != NULL)
    {
        u_short alias_id;
@ -514,7 +514,7 @@ IcmpAliasOut1(struct ip *pip)
 static int
-IcmpAliasOut2(struct ip *pip)
+IcmpAliasOut2(struct libalias *la, struct ip *pip)
 {
 /*
    Alias outgoing ICMP error messages containing
@ -534,16 +534,16 @@ IcmpAliasOut2(struct ip *pip)
    ic2 = (struct icmp *) ud;
    if (ip->ip_p == IPPROTO_UDP)
-        link = FindUdpTcpOut(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
                            ud->uh_dport, ud->uh_sport,
                            IPPROTO_UDP, 0);
    else if (ip->ip_p == IPPROTO_TCP)
-        link = FindUdpTcpOut(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
                            tc->th_dport, tc->th_sport,
                            IPPROTO_TCP, 0);
    else if (ip->ip_p == IPPROTO_ICMP) {
        if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
-            link = FindIcmpOut(ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+            link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
        else
            link = NULL;
    } else
@ -634,13 +634,13 @@ fragment contained in ICMP data section */
 static int
-IcmpAliasOut(struct ip *pip)
+IcmpAliasOut(struct libalias *la, struct ip *pip)
 {
    int iresult;
    struct icmp *ic;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
@ -652,18 +652,18 @@ IcmpAliasOut(struct ip *pip)
        case ICMP_TSTAMP:
            if (ic->icmp_code == 0)
            {
-                iresult = IcmpAliasOut1(pip);
+                iresult = IcmpAliasOut1(la, pip);
            }
            break;
        case ICMP_UNREACH:
        case ICMP_SOURCEQUENCH:
        case ICMP_TIMXCEED:
        case ICMP_PARAMPROB:
-            iresult = IcmpAliasOut2(pip);
+            iresult = IcmpAliasOut2(la, pip);
            break;
        case ICMP_ECHOREPLY:
        case ICMP_TSTAMPREPLY:
-            iresult = IcmpAliasOut1(pip);
+            iresult = IcmpAliasOut1(la, pip);
    }
    return(iresult);
 }
@ -671,7 +671,7 @@ IcmpAliasOut(struct ip *pip)
 static int
-ProtoAliasIn(struct ip *pip)
+ProtoAliasIn(struct libalias *la, struct ip *pip)
 {
 /*
  Handle incoming IP packets. The
@ -682,10 +682,10 @@ ProtoAliasIn(struct ip *pip)
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
-    link = FindProtoIn(pip->ip_src, pip->ip_dst, pip->ip_p);
+    link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p);
    if (link != NULL)
    {
        struct in_addr original_address;
@ -706,7 +706,7 @@ ProtoAliasIn(struct ip *pip)
 static int
-ProtoAliasOut(struct ip *pip)
+ProtoAliasOut(struct libalias *la, struct ip *pip)
 {
 /*
  Handle outgoing IP packets. The
@ -716,10 +716,10 @@ ProtoAliasOut(struct ip *pip)
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
-    link = FindProtoOut(pip->ip_src, pip->ip_dst, pip->ip_p);
+    link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p);
    if (link != NULL)
    {
        struct in_addr alias_address;
@ -740,18 +740,18 @@ ProtoAliasOut(struct ip *pip)
 static int
-UdpAliasIn(struct ip *pip)
+UdpAliasIn(struct libalias *la, struct ip *pip)
 {
    struct udphdr *ud;
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
-    link = FindUdpTcpIn(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
                        ud->uh_sport, ud->uh_dport,
                        IPPROTO_UDP, 1);
    if (link != NULL)
@ -770,14 +770,14 @@ UdpAliasIn(struct ip *pip)
 /* Special processing for IP encoding protocols */
 	if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
-	    AliasHandleCUSeeMeIn(pip, original_address);
+	    AliasHandleCUSeeMeIn(la, pip, original_address);
 /* If NETBIOS Datagram, It should be alias address in UDP Data, too */
 	else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
-	    r = AliasHandleUdpNbt(pip, link, &original_address, ud->uh_dport);
+	    r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport);
 	else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
-	    r = AliasHandleUdpNbtNS(pip, link, &alias_address, &alias_port,
+	    r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port,
 				    &original_address, &ud->uh_dport);
 /* If UDP checksum is not zero, then adjust since destination port */
@ -814,18 +814,18 @@ UdpAliasIn(struct ip *pip)
 }
 static int
-UdpAliasOut(struct ip *pip)
+UdpAliasOut(struct libalias *la, struct ip *pip)
 {
    struct udphdr *ud;
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
-    link = FindUdpTcpOut(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
                         ud->uh_sport, ud->uh_dport,
                         IPPROTO_UDP, 1);
    if (link != NULL)
@ -838,14 +838,14 @@ UdpAliasOut(struct ip *pip)
 /* Special processing for IP encoding protocols */
 	if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
-	    AliasHandleCUSeeMeOut(pip, link);
+	    AliasHandleCUSeeMeOut(la, pip, link);
 /* If NETBIOS Datagram, It should be alias address in UDP Data, too */
 	else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
-	    AliasHandleUdpNbt(pip, link, &alias_address, alias_port);
+	    AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port);
 	else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
-	    AliasHandleUdpNbtNS(pip, link, &pip->ip_src, &ud->uh_sport,
+	    AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport,
 				&alias_address, &alias_port);
 /*
 * We don't know in advance what TID the TFTP server will choose,
@ -853,7 +853,7 @@ UdpAliasOut(struct ip *pip)
 * that will match any TID from a given destination.
 */
 	else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER)
-	    FindRtspOut(pip->ip_src, pip->ip_dst,
+	    FindRtspOut(la, pip->ip_src, pip->ip_dst,
 			ud->uh_sport, alias_port, IPPROTO_UDP);
 /* If UDP checksum is not zero, adjust since source port is */
@ -892,17 +892,17 @@ UdpAliasOut(struct ip *pip)
 static int
-TcpAliasIn(struct ip *pip)
+TcpAliasIn(struct libalias *la, struct ip *pip)
 {
    struct tcphdr *tc;
    struct alias_link *link;
    tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-    link = FindUdpTcpIn(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
                        tc->th_sport, tc->th_dport,
                        IPPROTO_TCP,
-                        !(packetAliasMode & PKT_ALIAS_PROXY_ONLY));
+                        !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
    if (link != NULL)
    {
        struct in_addr alias_address;
@ -916,10 +916,10 @@ TcpAliasIn(struct ip *pip)
 /* Special processing for IP encoding protocols */
        if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
         || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
-            AliasHandlePptpIn(pip, link);
+            AliasHandlePptpIn(la, pip, link);
-        else if (skinnyPort != 0 && (ntohs(tc->th_dport) == skinnyPort
+        else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort
-         || ntohs(tc->th_sport) == skinnyPort))
+         || ntohs(tc->th_sport) == la->skinnyPort))
-            AliasHandleSkinny(pip, link);
+            AliasHandleSkinny(la, pip, link);
        alias_address = GetAliasAddress(link);
        original_address = GetOriginalAddress(link);
@ -1008,7 +1008,7 @@ TcpAliasIn(struct ip *pip)
 }
 static int
-TcpAliasOut(struct ip *pip, int maxpacketsize)
+TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize)
 {
    int proxy_type;
    u_short dest_port;
@ -1020,9 +1020,9 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
    tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-    proxy_type = ProxyCheck(pip, &proxy_server_address, &proxy_server_port);
+    proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port);
-    if (proxy_type == 0 && (packetAliasMode & PKT_ALIAS_PROXY_ONLY))
+    if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
        return PKT_ALIAS_OK;
 /* If this is a transparent proxy, save original destination,
@ -1058,7 +1058,7 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
        ADJUST_CHECKSUM(accumulate, pip->ip_sum);
    }
-    link = FindUdpTcpOut(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
                         tc->th_sport, tc->th_dport,
                         IPPROTO_TCP, 1);
    if (link !=NULL)
@ -1075,7 +1075,7 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
        {
            SetProxyPort(link, dest_port);
            SetProxyAddress(link, dest_address);
-            ProxyModify(link, pip, maxpacketsize, proxy_type);
+            ProxyModify(la, link, pip, maxpacketsize, proxy_type);
            tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
        }
@ -1089,21 +1089,21 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
 /* Special processing for IP encoding protocols */
        if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER
         || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER)
-            AliasHandleFtpOut(pip, link, maxpacketsize);
+            AliasHandleFtpOut(la, pip, link, maxpacketsize);
        else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1
         || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2)
-            AliasHandleIrcOut(pip, link, maxpacketsize);
+            AliasHandleIrcOut(la, pip, link, maxpacketsize);
        else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1
         || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1
         || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2
         || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2)
-            AliasHandleRtspOut(pip, link, maxpacketsize);
+            AliasHandleRtspOut(la, pip, link, maxpacketsize);
        else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
         || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
-            AliasHandlePptpOut(pip, link);
+            AliasHandlePptpOut(la, pip, link);
-        else if (skinnyPort != 0 && (ntohs(tc->th_sport) == skinnyPort
+        else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort
-         || ntohs(tc->th_dport) == skinnyPort))
+         || ntohs(tc->th_dport) == la->skinnyPort))
-            AliasHandleSkinny(pip, link);
+            AliasHandleSkinny(la, pip, link);
 /* Adjust TCP checksum since source port is being aliased */
 /* and source address is being altered                    */
@ -1171,16 +1171,16 @@ saved and recalled when a header fragment is seen.
 */
 /* Local prototypes */
-static int FragmentIn(struct ip *);
+static int FragmentIn(struct libalias *, struct ip *);
-static int FragmentOut(struct ip *);
+static int FragmentOut(struct libalias *, struct ip *);
 static int
-FragmentIn(struct ip *pip)
+FragmentIn(struct libalias *la, struct ip *pip)
 {
    struct alias_link *link;
-    link = FindFragmentIn2(pip->ip_src, pip->ip_dst, pip->ip_id);
+    link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id);
    if (link != NULL)
    {
        struct in_addr original_address;
@ -1199,11 +1199,11 @@ FragmentIn(struct ip *pip)
 static int
-FragmentOut(struct ip *pip)
+FragmentOut(struct libalias *la, struct ip *pip)
 {
    struct in_addr alias_address;
-    alias_address = FindAliasAddress(pip->ip_src);
+    alias_address = FindAliasAddress(la, pip->ip_src);
    DifferentialChecksum(&pip->ip_sum,
                         (u_short *) &alias_address,
                         (u_short *) &pip->ip_src,
@ -1232,14 +1232,14 @@ FragmentOut(struct ip *pip)
 int
-PacketAliasSaveFragment(char *ptr)
+LibAliasSaveFragment(struct libalias *la, char *ptr)
 {
    int iresult;
    struct alias_link *link;
    struct ip *pip;
    pip = (struct ip *) ptr;
-    link = AddFragmentPtrLink(pip->ip_src, pip->ip_id);
+    link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id);
    iresult = PKT_ALIAS_ERROR;
    if (link != NULL)
    {
@ -1251,14 +1251,14 @@ PacketAliasSaveFragment(char *ptr)
 char *
-PacketAliasGetFragment(char *ptr)
+LibAliasGetFragment(struct libalias *la, char *ptr)
 {
    struct alias_link *link;
    char *fptr;
    struct ip *pip;
    pip = (struct ip *) ptr;
-    link = FindFragmentPtr(pip->ip_src, pip->ip_id);
+    link = FindFragmentPtr(la, pip->ip_src, pip->ip_id);
    if (link != NULL)
    {
        GetFragmentPtr(link, &fptr);
@ -1275,7 +1275,7 @@ PacketAliasGetFragment(char *ptr)
 void
-PacketAliasFragmentIn(char *ptr,          /* Points to correctly de-aliased
+LibAliasFragmentIn(struct libalias *la, char *ptr,          /* Points to correctly de-aliased
                                             header fragment */
                      char *ptr_fragment  /* Points to fragment which must
                                             be de-aliased   */
@ -1296,21 +1296,21 @@ PacketAliasFragmentIn(char *ptr,          /* Points to correctly de-aliased
 int
-PacketAliasIn(char *ptr, int maxpacketsize)
+LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize)
 {
    struct in_addr alias_addr;
    struct ip *pip;
    int iresult;
-    if (packetAliasMode & PKT_ALIAS_REVERSE) {
+    if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
-        packetAliasMode &= ~PKT_ALIAS_REVERSE;
+        la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
        iresult = PacketAliasOut(ptr, maxpacketsize);
-        packetAliasMode |= PKT_ALIAS_REVERSE;
+        la->packetAliasMode |= PKT_ALIAS_REVERSE;
        return iresult;
    }
-    HouseKeeping();
+    HouseKeeping(la);
-    ClearCheckNewLink();
+    ClearCheckNewLink(la);
    pip = (struct ip *) ptr;
    alias_addr = pip->ip_dst;
@ -1325,23 +1325,23 @@ PacketAliasIn(char *ptr, int maxpacketsize)
        switch (pip->ip_p)
        {
            case IPPROTO_ICMP:
-                iresult = IcmpAliasIn(pip);
+                iresult = IcmpAliasIn(la, pip);
                break;
            case IPPROTO_UDP:
-                iresult = UdpAliasIn(pip);
+                iresult = UdpAliasIn(la, pip);
                break;
            case IPPROTO_TCP:
-                iresult = TcpAliasIn(pip);
+                iresult = TcpAliasIn(la, pip);
                break;
            case IPPROTO_GRE:
-		if (packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
+		if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
-		    AliasHandlePptpGreIn(pip) == 0)
+		    AliasHandlePptpGreIn(la, pip) == 0)
 		    iresult = PKT_ALIAS_OK;
 		else
-		    iresult = ProtoAliasIn(pip);
+		    iresult = ProtoAliasIn(la, pip);
 		break;
 	    default:
-		iresult = ProtoAliasIn(pip);
+		iresult = ProtoAliasIn(la, pip);
                break;
        }
@ -1349,7 +1349,7 @@ PacketAliasIn(char *ptr, int maxpacketsize)
        {
            struct alias_link *link;
-            link = FindFragmentIn1(pip->ip_src, alias_addr, pip->ip_id);
+            link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id);
            if (link != NULL)
            {
                iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT;
@ -1363,7 +1363,7 @@ PacketAliasIn(char *ptr, int maxpacketsize)
    }
    else
    {
-        iresult = FragmentIn(pip);
+        iresult = FragmentIn(la, pip);
    }
    return(iresult);
@ -1386,7 +1386,7 @@ PacketAliasIn(char *ptr, int maxpacketsize)
 #define UNREG_ADDR_C_UPPER 0xc0a8ffff
 int
-PacketAliasOut(char *ptr,           /* valid IP packet */
+LibAliasOut(struct libalias *la, char *ptr,           /* valid IP packet */
               int  maxpacketsize   /* How much the packet data may grow
                                       (FTP and IRC inline changes) */
              )
@ -1395,15 +1395,15 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
    struct in_addr addr_save;
    struct ip *pip;
-    if (packetAliasMode & PKT_ALIAS_REVERSE) {
+    if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
-        packetAliasMode &= ~PKT_ALIAS_REVERSE;
+        la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
        iresult = PacketAliasIn(ptr, maxpacketsize);
-        packetAliasMode |= PKT_ALIAS_REVERSE;
+        la->packetAliasMode |= PKT_ALIAS_REVERSE;
        return iresult;
    }
-    HouseKeeping();
+    HouseKeeping(la);
-    ClearCheckNewLink();
+    ClearCheckNewLink(la);
    pip = (struct ip *) ptr;
    /* Defense against mangled packets */
@ -1411,8 +1411,8 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
     || (pip->ip_hl<<2) > maxpacketsize)
        return PKT_ALIAS_IGNORED;
-    addr_save = GetDefaultAliasAddress();
+    addr_save = GetDefaultAliasAddress(la);
-    if (packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY)
    {
        u_long addr;
        int iclass;
@ -1428,12 +1428,12 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
        if (iclass == 0)
        {
-            SetDefaultAliasAddress(pip->ip_src);
+            SetDefaultAliasAddress(la, pip->ip_src);
        }
    }
-    else if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
    {
-        SetDefaultAliasAddress(pip->ip_src);
+        SetDefaultAliasAddress(la, pip->ip_src);
    }
    iresult = PKT_ALIAS_IGNORED;
@ -1442,36 +1442,36 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
        switch (pip->ip_p)
        {
            case IPPROTO_ICMP:
-                iresult = IcmpAliasOut(pip);
+                iresult = IcmpAliasOut(la, pip);
                break;
            case IPPROTO_UDP:
-                iresult = UdpAliasOut(pip);
+                iresult = UdpAliasOut(la, pip);
                break;
            case IPPROTO_TCP:
-                iresult = TcpAliasOut(pip, maxpacketsize);
+                iresult = TcpAliasOut(la, pip, maxpacketsize);
                break;
 	    case IPPROTO_GRE:
-		if (AliasHandlePptpGreOut(pip) == 0)
+		if (AliasHandlePptpGreOut(la, pip) == 0)
 		    iresult = PKT_ALIAS_OK;
 		else
-		    iresult = ProtoAliasOut(pip);
+		    iresult = ProtoAliasOut(la, pip);
 		break;
 	    default:
-		iresult = ProtoAliasOut(pip);
+		iresult = ProtoAliasOut(la, pip);
                break;
        }
    }
    else
    {
-        iresult = FragmentOut(pip);
+        iresult = FragmentOut(la, pip);
    }
-    SetDefaultAliasAddress(addr_save);
+    SetDefaultAliasAddress(la, addr_save);
    return(iresult);
 }
 int
-PacketUnaliasOut(char *ptr,           /* valid IP packet */
+LibAliasUnaliasOut(struct libalias *la, char *ptr,           /* valid IP packet */
                 int  maxpacketsize   /* for error checking */
                )
 {
@ -1495,15 +1495,15 @@ PacketUnaliasOut(char *ptr,           /* valid IP packet */
    /* Find a link */
    if (pip->ip_p == IPPROTO_UDP)
-        link = FindUdpTcpIn(pip->ip_dst, pip->ip_src,
+        link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
                            ud->uh_dport, ud->uh_sport,
                            IPPROTO_UDP, 0);
    else if (pip->ip_p == IPPROTO_TCP)
-        link = FindUdpTcpIn(pip->ip_dst, pip->ip_src,
+        link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
                            tc->th_dport, tc->th_sport,
                            IPPROTO_TCP, 0);
    else if (pip->ip_p == IPPROTO_ICMP)
-        link = FindIcmpIn(pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
+        link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
    else
        link = NULL;
--- a/lib/libalias/alias.h
+++ b/lib/libalias/alias.h
@ -39,7 +39,37 @@
 #ifndef _ALIAS_H_
 #define	_ALIAS_H_
-/* The external interface to libalias, the packet aliasing engine. */
+/*
 * The external interface to libalias, the packet aliasing engine.
 *
 * There are two sets of functions:
 *
 * PacketAlias*() the old API which doesn't take an instance pointer
 * and therefore can only have one packet engine at a time.
 *
 * LibAlias*() the new API which takes as first argument a pointer to 
 * the instance of the packet aliasing engine.
 *
 * The functions otherwise correspond to each other one for one, except
 * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were 
 * were misnamed in the old API.
 */
 /*
 * The instance structure
 */
 struct libalias;
 /*
 * An anonymous structure, a pointer to which is returned from
 * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
 * PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
 * and freed by PacketAliasRedirectDelete().
 */
 struct	alias_link;
 /* OLD API */
 /* Initialization and control functions. */
 void	 PacketAliasInit(void);
@ -57,13 +87,6 @@ int	 PacketUnaliasOut(char *_ptr, int _maxpacketsize);
 /* Port and address redirection functions. */
 /*
 * An anonymous structure, a pointer to which is returned from
 * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
 * PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
 * and freed by PacketAliasRedirectDelete().
 */
 struct	alias_link;
 int	 PacketAliasAddServer(struct alias_link *_link,
 	    struct in_addr _addr, unsigned short _port);
@ -96,6 +119,61 @@ void	 PacketAliasSetTarget(struct in_addr _target_addr);
 /* Transparent proxying routines. */
 int	 PacketAliasProxyRule(const char *_cmd);
 /* NEW API */
 /* Initialization and control functions. */
 struct libalias	*LibAliasInit(struct libalias *);
 void	 LibAliasSetAddress(struct libalias *, struct in_addr _addr);
 void	 LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
 void	 LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
 unsigned int
 	 LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
 void	 LibAliasUninit(struct libalias *);
 /* Packet Handling functions. */
 int	 LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize);
 int	 LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
 int	 LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
 /* Port and address redirection functions. */
 int	 LibAliasAddServer(struct libalias *, struct alias_link *_link,
 	    struct in_addr _addr, unsigned short _port);
 struct alias_link *
 	 LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
 	    struct in_addr _alias_addr);
 int	 LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
 void	 LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
 struct alias_link *
 	 LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
 	    unsigned short _src_port, struct in_addr _dst_addr,
 	    unsigned short _dst_port, struct in_addr _alias_addr,
 	    unsigned short _alias_port, unsigned char _proto);
 struct alias_link *
 	 LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
 	    struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    unsigned char _proto);
 /* Fragment Handling functions. */
 void	 LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
 char	*LibAliasGetFragment(struct libalias *, char *_ptr);
 int	 LibAliasSaveFragment(struct libalias *, char *_ptr);
 /* Miscellaneous functions. */
 int	 LibAliasCheckNewLink(struct libalias *);
 unsigned short
 	 LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
 void	 LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
 /* Transparent proxying routines. */
 int	 LibAliasProxyRule(struct libalias *, const char *_cmd);
 /*
 * Mode flags and other constants.
 */
 /* Mode flags, set using PacketAliasSetMode() */
 /*
--- a/lib/libalias/alias_cuseeme.c
+++ b/lib/libalias/alias_cuseeme.c
@ -29,6 +29,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 #include <stdio.h>
 #include <sys/types.h>
 #include <netinet/in_systm.h>
 #include <netinet/in.h>
@ -66,7 +67,7 @@ struct client_info {
 };
 void
-AliasHandleCUSeeMeOut(struct ip *pip, struct alias_link *link)
+AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link)
 {
  struct udphdr *ud;
@ -79,7 +80,7 @@ AliasHandleCUSeeMeOut(struct ip *pip, struct alias_link *link)
    if (cu->addr)
      cu->addr = (u_int32_t)GetAliasAddress(link).s_addr;
-    cu_link = FindUdpTcpOut(pip->ip_src, GetDestAddress(link),
+    cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
                            ud->uh_dport, 0, IPPROTO_UDP, 1);
 #ifndef NO_FW_PUNCH
@ -90,7 +91,7 @@ AliasHandleCUSeeMeOut(struct ip *pip, struct alias_link *link)
 }
 void
-AliasHandleCUSeeMeIn(struct ip *pip, struct in_addr original_addr)
+AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr)
 {
  struct in_addr alias_addr;
  struct udphdr *ud;
--- a/lib/libalias/alias_db.c
+++ b/lib/libalias/alias_db.c
--- a/lib/libalias/alias_ftp.c
+++ b/lib/libalias/alias_ftp.c
@ -94,17 +94,15 @@ enum ftp_message_type {
    FTP_UNKNOWN_MESSAGE
 };
-static int ParseFtpPortCommand(char *, int);
+static int ParseFtpPortCommand(struct libalias *la, char *, int);
-static int ParseFtpEprtCommand(char *, int);
+static int ParseFtpEprtCommand(struct libalias *la, char *, int);
-static int ParseFtp227Reply(char *, int);
+static int ParseFtp227Reply(struct libalias *la, char *, int);
-static int ParseFtp229Reply(char *, int);
+static int ParseFtp229Reply(struct libalias *la, char *, int);
-static void NewFtpMessage(struct ip *, struct alias_link *, int, int);
+static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
 static struct in_addr true_addr;	/* in network byte order. */
 static u_short true_port;		/* in host byte order. */
 void
 AliasHandleFtpOut(
 struct libalias *la,
 struct ip *pip,	  /* IP packet to examine/patch */
 struct alias_link *link, /* The link to go through (aliased port) */
 int maxpacketsize  /* The maximum size this packet can grow to (including headers) */)
@ -136,24 +134,24 @@ int maxpacketsize  /* The maximum size this packet can grow to (including header
 /*
 * When aliasing a client, check for the PORT/EPRT command.
 */
-	    if (ParseFtpPortCommand(sptr, dlen))
+	    if (ParseFtpPortCommand(la, sptr, dlen))
 		ftp_message_type = FTP_PORT_COMMAND;
-	    else if (ParseFtpEprtCommand(sptr, dlen))
+	    else if (ParseFtpEprtCommand(la, sptr, dlen))
 		ftp_message_type = FTP_EPRT_COMMAND;
 	} else {
 /*
 * When aliasing a server, check for the 227/229 reply.
 */
-	    if (ParseFtp227Reply(sptr, dlen))
+	    if (ParseFtp227Reply(la, sptr, dlen))
 		ftp_message_type = FTP_227_REPLY;
-	    else if (ParseFtp229Reply(sptr, dlen)) {
+	    else if (ParseFtp229Reply(la, sptr, dlen)) {
 		ftp_message_type = FTP_229_REPLY;
-		true_addr.s_addr = pip->ip_src.s_addr;
+		la->true_addr.s_addr = pip->ip_src.s_addr;
 	    }
 	}
 	if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
-	    NewFtpMessage(pip, link, maxpacketsize, ftp_message_type);
+	    NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
    }
 /* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
@ -170,7 +168,7 @@ int maxpacketsize  /* The maximum size this packet can grow to (including header
 }
 static int
-ParseFtpPortCommand(char *sptr, int dlen)
+ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen)
 {
    char ch;
    int i, state;
@ -228,15 +226,15 @@ ParseFtpPortCommand(char *sptr, int dlen)
    }
    if (state == 13) {
-	true_addr.s_addr = htonl(addr);
+	la->true_addr.s_addr = htonl(addr);
-	true_port = port;
+	la->true_port = port;
 	return 1;
    } else
 	return 0;
 }
 static int
-ParseFtpEprtCommand(char *sptr, int dlen)
+ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen)
 {
    char ch, delim;
    int i, state;
@ -315,15 +313,15 @@ ParseFtpEprtCommand(char *sptr, int dlen)
    }
    if (state == 13) {
-	true_addr.s_addr = htonl(addr);
+	la->true_addr.s_addr = htonl(addr);
-	true_port = port;
+	la->true_port = port;
 	return 1;
    } else
 	return 0;
 }
 static int
-ParseFtp227Reply(char *sptr, int dlen)
+ParseFtp227Reply(struct libalias *la, char *sptr, int dlen)
 {
    char ch;
    int i, state;
@ -381,15 +379,15 @@ ParseFtp227Reply(char *sptr, int dlen)
    }
    if (state == 13) {
-        true_port = port;
+        la->true_port = port;
-        true_addr.s_addr = htonl(addr);
+        la->true_addr.s_addr = htonl(addr);
 	return 1;
    } else
 	return 0;
 }
 static int
-ParseFtp229Reply(char *sptr, int dlen)
+ParseFtp229Reply(struct libalias *la, char *sptr, int dlen)
 {
    char ch, delim;
    int i, state;
@ -452,14 +450,14 @@ ParseFtp229Reply(char *sptr, int dlen)
    }
    if (state == 7) {
-	true_port = port;
+	la->true_port = port;
 	return 1;
    } else
 	return 0;
 }
 static void
-NewFtpMessage(struct ip *pip,
+NewFtpMessage(struct libalias *la, struct ip *pip,
              struct alias_link *link,
              int maxpacketsize,
              int ftp_message_type)
@ -467,15 +465,15 @@ NewFtpMessage(struct ip *pip,
    struct alias_link *ftp_link;
 /* Security checks. */
-    if (pip->ip_src.s_addr != true_addr.s_addr)
+    if (pip->ip_src.s_addr != la->true_addr.s_addr)
 	return;
-    if (true_port < IPPORT_RESERVED)
+    if (la->true_port < IPPORT_RESERVED)
 	return;
 /* Establish link to address and port found in FTP control message. */
-    ftp_link = FindUdpTcpOut(true_addr, GetDestAddress(link),
+    ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
-                             htons(true_port), 0, IPPROTO_TCP, 1);
+                             htons(la->true_port), 0, IPPROTO_TCP, 1);
    if (ftp_link != NULL)
    {
--- a/lib/libalias/alias_irc.c
+++ b/lib/libalias/alias_irc.c
@ -65,7 +65,8 @@ __FBSDID("$FreeBSD$");
 void
-AliasHandleIrcOut(struct ip *pip, /* IP packet to examine */
+AliasHandleIrcOut(struct libalias *la, 
 				 struct ip *pip, /* IP packet to examine */
 				 struct alias_link *link,		  /* Which link are we on? */
 				 int maxsize		  /* Maximum size of IP packet including headers */
 				 )
@ -246,7 +247,7 @@ lFOUND_CTCP:
 			 /* Steal the FTP_DATA_PORT - it doesn't really matter, and this
 				 would probably allow it through at least _some_
 				 firewalls. */
-			 dcc_link = FindUdpTcpOut(true_addr, destaddr,
+			 dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
 						  true_port, 0,
 						  IPPROTO_TCP, 1);
 			 DBprintf(("Got a DCC link\n"));
--- a/lib/libalias/alias_local.h
+++ b/lib/libalias/alias_local.h
@ -46,6 +46,92 @@
 #ifndef _ALIAS_LOCAL_H_
 #define	_ALIAS_LOCAL_H_
 #include <sys/queue.h>
 /* Sizes of input and output link tables */
 #define LINK_TABLE_OUT_SIZE         101
 #define LINK_TABLE_IN_SIZE         4001
 struct proxy_entry;
 struct libalias {
 	LIST_ENTRY(libalias)	instancelist;
 	int packetAliasMode;		/* Mode flags                      */
 					/*        - documented in alias.h  */
 	struct in_addr aliasAddress;	/* Address written onto source     */
 					/*   field of IP packet.           */
 	struct in_addr targetAddress;	/* IP address incoming packets     */
 					/*   are sent to if no aliasing    */
 					/*   link already exists           */
 	struct in_addr nullAddress;	/* Used as a dummy parameter for   */
 					/*   some function calls           */
 	LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
 					/* Lookup table of pointers to     */
 					/*   chains of link records. Each  */
 	LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
 					/*   link record is doubly indexed */
 					/*   into input and output lookup  */
 					/*   tables.                       */
 					/* Link statistics                 */
 	int icmpLinkCount;
 	int udpLinkCount;
 	int tcpLinkCount;
 	int pptpLinkCount;
 	int protoLinkCount;
 	int fragmentIdLinkCount;
 	int fragmentPtrLinkCount;
 	int sockCount;
 	int cleanupIndex;		/* Index to chain of link table    */
 					/* being inspected for old links   */
 	int timeStamp;			/* System time in seconds for      */
 					/* current packet                  */
 	int lastCleanupTime;		/* Last time IncrementalCleanup()  */
 					/* was called                      */
 	int houseKeepingResidual;	/* used by HouseKeeping()          */
 	int deleteAllLinks;		/* If equal to zero, DeleteLink()  */
 					/* will not remove permanent links */
 	FILE *monitorFile;		/* File descriptor for link        */
 					/* statistics monitoring file      */
 	int newDefaultLink;		/* Indicates if a new aliasing     */
 					/* link has been created after a   */
 					/* call to PacketAliasIn/Out().    */
 #ifndef NO_FW_PUNCH
 	int fireWallFD;			/* File descriptor to be able to   */
 					/* control firewall.  Opened by    */
 					/* PacketAliasSetMode on first     */
 					/* setting the PKT_ALIAS_PUNCH_FW  */
 					/* flag.                           */
 	int fireWallBaseNum;     /* The first firewall entry free for our use */
 	int fireWallNumNums;     /* How many entries can we use? */
 	int fireWallActiveNum;   /* Which entry did we last use? */
 	char *fireWallField;     /* bool array for entries */
 #endif
 	unsigned int skinnyPort;	/* TCP port used by the Skinny     */
 					/* protocol.                       */
 	struct proxy_entry *proxyList;
 	struct in_addr true_addr;	/* in network byte order. */
 	u_short true_port;		/* in host byte order. */
 };
 /* Macros */
 /*
@ -71,10 +157,6 @@
 		} \
 	} while (0)
 /* Globals */
 extern int packetAliasMode;
 extern unsigned int skinnyPort;
 /* Prototypes */
@ -86,58 +168,58 @@ void	 DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old,
 /* Internal data access */
 struct alias_link *
-	 FindIcmpIn(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _id_alias, int _create);
 struct alias_link *
-	 FindIcmpOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_short _id, int _create);
 struct alias_link *
-	 FindFragmentIn1(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _ip_id);
 struct alias_link *
-	 FindFragmentIn2(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _ip_id);
 struct alias_link *
-	 AddFragmentPtrLink(struct in_addr _dst_addr, u_short _ip_id);
+	 AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
 struct alias_link *
-	 FindFragmentPtr(struct in_addr _dst_addr, u_short _ip_id);
+	 FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
 struct alias_link *
-	 FindProtoIn(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_char _proto);
 struct alias_link *
-	 FindProtoOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_char _proto);
 struct alias_link *
-	 FindUdpTcpIn(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
 struct alias_link *
-	 FindUdpTcpOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_short _src_port, u_short _dst_port, u_char _proto, int _create);
 struct alias_link *
-	 AddPptp(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    struct in_addr _alias_addr, u_int16_t _src_call_id);
 struct alias_link *
-	 FindPptpOutByCallId(struct in_addr _src_addr,
+	 FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
 	    struct in_addr _dst_addr, u_int16_t _src_call_id);
 struct alias_link *
-	 FindPptpInByCallId(struct in_addr _dst_addr,
+	 FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
 	    struct in_addr _alias_addr, u_int16_t _dst_call_id);
 struct alias_link *
-	 FindPptpOutByPeerCallId(struct in_addr _src_addr,
+	 FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
 	    struct in_addr _dst_addr, u_int16_t _dst_call_id);
 struct alias_link *
-	 FindPptpInByPeerCallId(struct in_addr _dst_addr,
+	 FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
 	    struct in_addr _alias_addr, u_int16_t _alias_call_id);
 struct alias_link *
-	 FindRtspOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_short _src_port, u_short _alias_port, u_char _proto);
 struct in_addr
-	 FindOriginalAddress(struct in_addr _alias_addr);
+	 FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
 struct in_addr
-	 FindAliasAddress(struct in_addr _original_addr);
+	 FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
 /* External data access/modification */
-int	 FindNewPortGroup(struct in_addr _dst_addr, struct in_addr _alias_addr,
+int	 FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
                     u_short _src_port, u_short _dst_port, u_short _port_count,
 		     u_char _proto, u_char _align);
 void	 GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
@ -155,8 +237,8 @@ struct in_addr
 struct in_addr
 	 GetAliasAddress(struct alias_link *_link);
 struct in_addr
-	 GetDefaultAliasAddress(void);
+	 GetDefaultAliasAddress(struct libalias *la);
-void	 SetDefaultAliasAddress(struct in_addr _alias_addr);
+void	 SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
 u_short	 GetOriginalPort(struct alias_link *_link);
 u_short	 GetAliasPort(struct alias_link *_link);
 struct in_addr
@ -170,7 +252,7 @@ int	 GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
 int	 GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
 void	 AddSeq(struct ip *_pip, struct alias_link *_link, int _delta);
 void	 SetExpire(struct alias_link *_link, int _expire);
-void	 ClearCheckNewLink(void);
+void	 ClearCheckNewLink(struct libalias *la);
 void	 SetProtocolFlags(struct alias_link *_link, int _pflags);
 int	 GetProtocolFlags(struct alias_link *_link);
 void	 SetDestCallId(struct alias_link *_link, u_int16_t _cid);
@ -179,47 +261,47 @@ void	 PunchFWHole(struct alias_link *_link);
 #endif
 /* Housekeeping function */
-void	 HouseKeeping(void);
+void	 HouseKeeping(struct libalias *);
 /* Tcp specfic routines */
 /* lint -save -library Suppress flexelint warnings */
 /* FTP routines */
-void	 AliasHandleFtpOut(struct ip *_pip, struct alias_link *_link,
+void	 AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    int _maxpacketsize);
 /* IRC routines */
-void	 AliasHandleIrcOut(struct ip *_pip, struct alias_link *_link,
+void	 AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    int _maxsize);
 /* RTSP routines */
-void	 AliasHandleRtspOut(struct ip *_pip, struct alias_link *_link,
+void	 AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    int _maxpacketsize);
 /* PPTP routines */
-void	 AliasHandlePptpOut(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-void	 AliasHandlePptpIn(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-int	 AliasHandlePptpGreOut(struct ip *_pip);
+int	 AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
-int	 AliasHandlePptpGreIn(struct ip *_pip);
+int	 AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
 /* NetBIOS routines */
-int	 AliasHandleUdpNbt(struct ip *_pip, struct alias_link *_link,
+int	 AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    struct in_addr *_alias_address, u_short _alias_port);
-int	 AliasHandleUdpNbtNS(struct ip *_pip, struct alias_link *_link,
+int	 AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    struct in_addr *_alias_address, u_short *_alias_port,
 	    struct in_addr *_original_address, u_short *_original_port);
 /* CUSeeMe routines */
-void	 AliasHandleCUSeeMeOut(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-void	 AliasHandleCUSeeMeIn(struct ip *_pip, struct in_addr _original_addr);
+void	 AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
 /* Skinny routines */
-void	 AliasHandleSkinny(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
 /* Transparent proxy routines */
-int	 ProxyCheck(struct ip *_pip, struct in_addr *_proxy_server_addr,
+int	 ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
 	    u_short *_proxy_server_port);
-void	 ProxyModify(struct alias_link *_link, struct ip *_pip,
+void	 ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
 	    int _maxpacketsize, int _proxy_type);
 enum alias_tcp_state {
--- a/lib/libalias/alias_nbt.c
+++ b/lib/libalias/alias_nbt.c
@ -196,6 +196,7 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
 #define DGM_NEGATIVE_RES	0x16
 int AliasHandleUdpNbt(
 	struct libalias *la,
 	struct ip 		  	*pip,	 /* IP packet to examine/patch */
 	struct alias_link 	*link,
 	struct in_addr		*alias_address,
@ -612,6 +613,7 @@ AliasHandleResource(
 }
 int AliasHandleUdpNbtNS(
 	struct libalias *la,
 	struct ip 		  	*pip,	 /* IP packet to examine/patch */
 	struct alias_link 	*link,
 	struct in_addr		*alias_address,
--- a/lib/libalias/alias_old.c
+++ b/lib/libalias/alias_old.c
@ -0,0 +1,205 @@
 /*-
 * Copyright (c) 2004 Poul-Henning Kamp <phk@FreeBSD.org>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 #include <stdlib.h>
 #include <sys/types.h>
 #include <netinet/in.h>
 #include <alias.h>
 /*
 * These functions are for backwards compatibility and because apps may
 * be linked against shlib versions, they have to be actual functions,
 * we cannot inline them.
 */
 static struct libalias *la;
 void
 PacketAliasInit(void)
 {
 	la = LibAliasInit(la);
 }
 void
 PacketAliasSetAddress(struct in_addr _addr)
 {
 	LibAliasSetAddress(la, _addr);
 }
 void
 PacketAliasSetFWBase(unsigned int _base, unsigned int _num)
 {
 	LibAliasSetFWBase(la, _base, _num);
 }
 void
 PacketAliasSetSkinnyPort(unsigned int _port)
 {
 	LibAliasSetSkinnyPort(la, _port);
 }
 unsigned int
 PacketAliasSetMode(unsigned int _flags, unsigned int _mask)
 {
 	return LibAliasSetMode(la, _flags, _mask);
 }
 void
 PacketAliasUninit(void)
 {
 	LibAliasUninit(la);
 	la = NULL;
 }
 int
 PacketAliasIn(char *_ptr, int _maxpacketsize)
 {
 	return LibAliasIn(la, _ptr, _maxpacketsize);
 }
 int
 PacketAliasOut(char *_ptr, int _maxpacketsize)
 {
 	return LibAliasOut(la, _ptr, _maxpacketsize);
 }
 int
 PacketUnaliasOut(char *_ptr, int _maxpacketsize)
 {
 	return LibAliasUnaliasOut(la, _ptr, _maxpacketsize);
 }
 int
 PacketAliasAddServer(struct alias_link *_link,
    struct in_addr _addr, unsigned short _port)
 {
 	return LibAliasAddServer(la, _link, _addr, _port);
 }
 struct alias_link *
 PacketAliasRedirectAddr(struct in_addr _src_addr,
 	    struct in_addr _alias_addr)
 {
 	return LibAliasRedirectAddr(la, _src_addr, _alias_addr);
 }
 int
 PacketAliasRedirectDynamic(struct alias_link *_link)
 {
 	return LibAliasRedirectDynamic(la, _link);
 }
 void
 PacketAliasRedirectDelete(struct alias_link *_link)
 {
 	LibAliasRedirectDelete(la, _link);
 }
 struct alias_link *
 PacketAliasRedirectPort(struct in_addr _src_addr,
    unsigned short _src_port, struct in_addr _dst_addr,
    unsigned short _dst_port, struct in_addr _alias_addr,
    unsigned short _alias_port, unsigned char _proto)
 {
 	return LibAliasRedirectPort(la, _src_addr, _src_port, _dst_addr,
 	    _dst_port, _alias_addr, _alias_port, _proto);
 }
 struct alias_link *
 PacketAliasRedirectProto(struct in_addr _src_addr,
    struct in_addr _dst_addr, struct in_addr _alias_addr,
    unsigned char _proto)
 {
 	return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr,
 	     _proto);
 }
 void
 PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment)
 {
 	LibAliasFragmentIn(la, _ptr, _ptr_fragment);
 }
 char *
 PacketAliasGetFragment(char *_ptr)
 {
 	return LibAliasGetFragment(la, _ptr);
 }
 int
 PacketAliasSaveFragment(char *_ptr)
 {
 	return LibAliasSaveFragment(la, _ptr);
 }
 int
 PacketAliasCheckNewLink(void)
 {
 	return LibAliasCheckNewLink(la);
 }
 unsigned short
 PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes)
 {
 	return LibAliasInternetChecksum(la, _ptr, _nbytes);
 }
 void
 PacketAliasSetTarget(struct in_addr _target_addr)
 {
 	LibAliasSetTarget(la, _target_addr);
 }
 /* Transparent proxying routines. */
 int
 PacketAliasProxyRule(const char *_cmd)
 {
 	return LibAliasProxyRule(la, _cmd);
 }
--- a/lib/libalias/alias_pptp.c
+++ b/lib/libalias/alias_pptp.c
@ -145,7 +145,8 @@ static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
 void
-AliasHandlePptpOut(struct ip *pip,	    /* IP packet to examine/patch */
+AliasHandlePptpOut(struct libalias *la,
 		   struct ip *pip,	    /* IP packet to examine/patch */
                   struct alias_link *link) /* The PPTP control link */
 {
    struct alias_link   *pptp_link;
@ -165,13 +166,13 @@ AliasHandlePptpOut(struct ip *pip,	    /* IP packet to examine/patch */
    case PPTP_InCallRequest:
    case PPTP_InCallReply:
 	/* Establish PPTP link for address and Call ID found in control message. */
-	pptp_link = AddPptp(GetOriginalAddress(link), GetDestAddress(link),
+	pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
 			    GetAliasAddress(link), cptr->cid1);
 	break;
    case PPTP_CallClearRequest:
    case PPTP_CallDiscNotify:
 	/* Find PPTP link for address and Call ID found in control message. */
-	pptp_link = FindPptpOutByCallId(GetOriginalAddress(link),
+	pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
 					GetDestAddress(link),
 					cptr->cid1);
 	break;
@ -208,7 +209,8 @@ AliasHandlePptpOut(struct ip *pip,	    /* IP packet to examine/patch */
 }
 void
-AliasHandlePptpIn(struct ip *pip,	   /* IP packet to examine/patch */
+AliasHandlePptpIn(struct libalias *la, 
 		  struct ip *pip,	   /* IP packet to examine/patch */
                  struct alias_link *link) /* The PPTP control link */
 {
    struct alias_link   *pptp_link;
@ -234,7 +236,7 @@ AliasHandlePptpIn(struct ip *pip,	   /* IP packet to examine/patch */
      pcall_id = &cptr->cid2;
      break;
    case PPTP_CallDiscNotify:			/* Connection closed. */
-      pptp_link = FindPptpInByCallId(GetDestAddress(link),
+      pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
 				     GetAliasAddress(link),
 				     cptr->cid1);
      if (pptp_link != NULL)
@ -245,7 +247,7 @@ AliasHandlePptpIn(struct ip *pip,	   /* IP packet to examine/patch */
    }
    /* Find PPTP link for address and Call ID found in PPTP Control Msg */
-    pptp_link = FindPptpInByPeerCallId(GetDestAddress(link),
+    pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
 				       GetAliasAddress(link),
 				       *pcall_id);
@ -311,7 +313,7 @@ AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch
 int
-AliasHandlePptpGreOut(struct ip *pip)
+AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
 {
    GreHdr		*gr;
    struct alias_link	*link;
@ -322,7 +324,7 @@ AliasHandlePptpGreOut(struct ip *pip)
    if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
 	return (-1);
-    link = FindPptpOutByPeerCallId(pip->ip_src, pip->ip_dst, gr->gh_call_id);
+    link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
    if (link != NULL) {
 	struct in_addr alias_addr = GetAliasAddress(link);
@ -339,7 +341,7 @@ AliasHandlePptpGreOut(struct ip *pip)
 int
-AliasHandlePptpGreIn(struct ip *pip)
+AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
 {
    GreHdr		*gr;
    struct alias_link	*link;
@ -350,7 +352,7 @@ AliasHandlePptpGreIn(struct ip *pip)
    if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
 	return (-1);
-    link = FindPptpInByPeerCallId(pip->ip_src, pip->ip_dst, gr->gh_call_id);
+    link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
    if (link != NULL) {
 	struct in_addr src_addr = GetOriginalAddress(link);
--- a/lib/libalias/alias_proxy.c
+++ b/lib/libalias/alias_proxy.c
@ -86,6 +86,7 @@ __FBSDID("$FreeBSD$");
 */
 struct proxy_entry
 {
    struct libalias *la;
 #define PROXY_TYPE_ENCODE_NONE      1
 #define PROXY_TYPE_ENCODE_TCPSTREAM 2
 #define PROXY_TYPE_ENCODE_IPHDR     3
@ -113,8 +114,6 @@ struct proxy_entry
    File scope variables
 */
 static struct proxy_entry *proxyList;
 /* Local (static) functions:
@ -138,9 +137,9 @@ static struct proxy_entry *proxyList;
 static int IpMask(int, struct in_addr *);
 static int IpAddr(char *, struct in_addr *);
 static int IpPort(char *, int, int *);
-static void RuleAdd(struct proxy_entry *);
+static void RuleAdd(struct libalias *la, struct proxy_entry *);
 static void RuleDelete(struct proxy_entry *);
-static int RuleNumberDelete(int);
+static int RuleNumberDelete(struct libalias *la, int);
 static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
 static void ProxyEncodeIpHeader(struct ip *, int);
@ -197,22 +196,23 @@ IpPort(char *s, int proto, int *port)
 }
 void
-RuleAdd(struct proxy_entry *entry)
+RuleAdd(struct libalias *la, struct proxy_entry *entry)
 {
    int rule_index;
    struct proxy_entry *ptr;
    struct proxy_entry *ptr_last;
-    if (proxyList == NULL)
+    if (la->proxyList == NULL)
    {
-        proxyList = entry;
+        la->proxyList = entry;
        entry->last = NULL;
        entry->next = NULL;
        return;
    }
    entry->la = la;
    rule_index = entry->rule_index;
-    ptr = proxyList;
+    ptr = la->proxyList;
    ptr_last = NULL;
    while (ptr != NULL)
    {
@ -220,10 +220,10 @@ RuleAdd(struct proxy_entry *entry)
        {
            if (ptr_last == NULL)
            {
-                entry->next = proxyList;
+                entry->next = la->proxyList;
                entry->last = NULL;
-                proxyList->last = entry;
+                la->proxyList->last = entry;
-                proxyList = entry;
+                la->proxyList = entry;
                return;
            }
@ -245,10 +245,13 @@ RuleAdd(struct proxy_entry *entry)
 static void
 RuleDelete(struct proxy_entry *entry)
 {
    struct libalias *la;
    la = entry->la;
    if (entry->last != NULL)
        entry->last->next = entry->next;
    else
-        proxyList = entry->next;
+        la->proxyList = entry->next;
    if (entry->next != NULL)
        entry->next->last = entry->last;
@ -257,13 +260,13 @@ RuleDelete(struct proxy_entry *entry)
 }
 static int
-RuleNumberDelete(int rule_index)
+RuleNumberDelete(struct libalias *la, int rule_index)
 {
    int err;
    struct proxy_entry *ptr;
    err = -1;
-    ptr = proxyList;
+    ptr = la->proxyList;
    while (ptr != NULL)
    {
        struct proxy_entry *ptr_next;
@ -447,7 +450,7 @@ ProxyEncodeIpHeader(struct ip *pip,
 */
 int
-ProxyCheck(struct ip *pip,
+ProxyCheck(struct libalias *la, struct ip *pip,
           struct in_addr *proxy_server_addr,
           u_short *proxy_server_port)
 {
@ -461,7 +464,7 @@ ProxyCheck(struct ip *pip,
    dst_port = ((struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)))
        ->th_dport;
-    ptr = proxyList;
+    ptr = la->proxyList;
    while (ptr != NULL)
    {
        u_short proxy_port;
@ -493,7 +496,7 @@ ProxyCheck(struct ip *pip,
 }
 void
-ProxyModify(struct alias_link *link,
+ProxyModify(struct libalias *la, struct alias_link *link,
            struct ip *pip,
            int maxpacketsize,
            int proxy_type)
@ -516,7 +519,7 @@ ProxyModify(struct alias_link *link,
 */
 int
-PacketAliasProxyRule(const char *cmd)
+LibAliasProxyRule(struct libalias *la, const char *cmd)
 {
 /*
 * This function takes command strings of the form:
@ -694,7 +697,7 @@ PacketAliasProxyRule(const char *cmd)
                n = sscanf(token, "%d", &rule_to_delete);
                if (n != 1)
                    return -1;
-                err = RuleNumberDelete(rule_to_delete);
+                err = RuleNumberDelete(la, rule_to_delete);
                if (err)
                    return -1;
                return 0;
@ -831,7 +834,7 @@ PacketAliasProxyRule(const char *cmd)
    proxy_entry->src_mask = src_mask;
    proxy_entry->dst_mask = dst_mask;
-    RuleAdd(proxy_entry);
+    RuleAdd(la, proxy_entry);
    return 0;
 }
--- a/lib/libalias/alias_skinny.c
+++ b/lib/libalias/alias_skinny.c
@ -173,7 +173,7 @@ alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
 }
 static int
-alias_skinny_opnrcvch_ack(struct OpenReceiveChannelAck *opnrcvch_ack,
+alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack,
                          struct ip * pip, struct tcphdr *tc,
                          struct alias_link *link, u_int32_t *localIpAddr,
                          ConvDirection direction)
@ -186,7 +186,7 @@ alias_skinny_opnrcvch_ack(struct OpenReceiveChannelAck *opnrcvch_ack,
  localPort = opnrcvch_ack->port;
  null_addr.s_addr = INADDR_ANY;
-  opnrcv_link = FindUdpTcpOut(pip->ip_src, null_addr,
+  opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
                              htons((u_short) opnrcvch_ack->port), 0,
                              IPPROTO_UDP, 1);
  opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
@ -199,7 +199,7 @@ alias_skinny_opnrcvch_ack(struct OpenReceiveChannelAck *opnrcvch_ack,
 }
 void
-AliasHandleSkinny(struct ip *pip, struct alias_link *link)
+AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link)
 {
  int             hlen, tlen, dlen;
  struct tcphdr  *tc;
@ -220,9 +220,9 @@ AliasHandleSkinny(struct ip *pip, struct alias_link *link)
   * handle the scenario where the call manager is on the inside, and
   * the calling phone is on the global outside.
   */
-  if (ntohs(tc->th_dport) == skinnyPort) {
+  if (ntohs(tc->th_dport) == la->skinnyPort) {
    direction = ClientToServer;
-  } else if (ntohs(tc->th_sport) == skinnyPort) {
+  } else if (ntohs(tc->th_sport) == la->skinnyPort) {
    direction = ServerToClient;
  } else {
 #ifdef DEBUG
@ -306,7 +306,7 @@ AliasHandleSkinny(struct ip *pip, struct alias_link *link)
                  "PacketAlias/Skinny: Received open rcv channel msg\n");
 #endif
          opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId;
-          alias_skinny_opnrcvch_ack(opnrcvchn_ack, pip, tc, link, &lip, direction);
+          alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
        }
        break;
      case START_MEDIATX:
--- a/lib/libalias/alias_smedia.c
+++ b/lib/libalias/alias_smedia.c
@ -137,7 +137,7 @@ search_string(char *data, int dlen, const char *search_str)
 }
 static int
-alias_rtsp_out(struct ip *pip,
+alias_rtsp_out(struct libalias *la, struct ip *pip,
 		   struct alias_link *link,
 		   char *data,
 		   const char *port_str)
@ -221,8 +221,8 @@ alias_rtsp_out(struct ip *pip,
 		  /* Find an even numbered port number base that
 		     satisfies the contiguous number of ports we need  */
 		  null_addr.s_addr = 0;
-		  if (0 == (salias = FindNewPortGroup(null_addr,
+		  if (0 == (salias = FindNewPortGroup(la, null_addr,
-	       			    FindAliasAddress(pip->ip_src),
+	       			    FindAliasAddress(la, pip->ip_src),
 				    sport, 0,
 				    RTSP_PORT_GROUP,
 				    IPPROTO_UDP, 1))) {
@ -235,7 +235,7 @@ alias_rtsp_out(struct ip *pip,
  		    base_alias = ntohs(salias);
 		    for (j = 0; j < RTSP_PORT_GROUP; j++) {
 		      /* Establish link to port found in RTSP packet */
-		      rtsp_link = FindRtspOut(GetOriginalAddress(link), null_addr,
+		      rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
                                htons(base_port + j), htons(base_alias + j),
                                IPPROTO_UDP);
 		      if (rtsp_link != NULL) {
@ -319,7 +319,7 @@ alias_rtsp_out(struct ip *pip,
 /* Support the protocol used by early versions of RealPlayer */
 static int
-alias_pna_out(struct ip *pip,
+alias_pna_out(struct libalias *la, struct ip *pip,
 		  struct alias_link *link,
 		  char *data,
 		  int dlen)
@ -343,7 +343,7 @@ alias_pna_out(struct ip *pip,
 	}
 	if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
 	    memcpy(&port, work, 2);
-	    pna_links = FindUdpTcpOut(pip->ip_src, GetDestAddress(link),
+	    pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
 				      port, 0, IPPROTO_UDP, 1);
 	    if (pna_links != NULL) {
 #ifndef NO_FW_PUNCH
@ -366,7 +366,7 @@ alias_pna_out(struct ip *pip,
 }
 void
-AliasHandleRtspOut(struct ip *pip, struct alias_link *link, int maxpacketsize)
+AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize)
 {
    int    hlen, tlen, dlen;
    struct tcphdr *tc;
@ -390,13 +390,13 @@ AliasHandleRtspOut(struct ip *pip, struct alias_link *link, int maxpacketsize)
      if (dlen >= strlen(setup)) {
        if (memcmp(data, setup, strlen(setup)) == 0) {
-	    alias_rtsp_out(pip, link, data, client_port_str);
+	    alias_rtsp_out(la, pip, link, data, client_port_str);
 	    return;
 	}
      }
      if (dlen >= strlen(pna)) {
 	if (memcmp(data, pna, strlen(pna)) == 0) {
-	    alias_pna_out(pip, link, data, dlen);
+	    alias_pna_out(la, pip, link, data, dlen);
 	}
      }
@ -424,7 +424,7 @@ AliasHandleRtspOut(struct ip *pip, struct alias_link *link, int maxpacketsize)
          if ((dlen - i) >= strlen(okstr)) {
            if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
-              alias_rtsp_out(pip, link, data, server_port_str);
+              alias_rtsp_out(la, pip, link, data, server_port_str);
          }
        }
--- a/lib/libalias/alias_util.c
+++ b/lib/libalias/alias_util.c
@ -50,6 +50,7 @@ then these routines will give a result of zero (useful for testing
 purposes);
 */
 #include <stdio.h>
 #include <sys/types.h>
 #include <netinet/in_systm.h>
 #include <netinet/in.h>
@ -60,7 +61,7 @@ purposes);
 #include "alias_local.h"
 u_short
-PacketAliasInternetChecksum(u_short *ptr, int nbytes)
+LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes)
 {
    int sum, oddbyte;
--- a/lib/libalias/libalias.3
+++ b/lib/libalias/libalias.3
@ -67,24 +67,26 @@ of the kernel, without any access to private kernel data structure, but
 the source code can also be ported to a kernel environment.
 .Sh INITIALIZATION AND CONTROL
 One special function,
-.Fn PacketAliasInit ,
+.Fn LibAliasInit ,
-must always be called before any packet handling may be performed.
+must always be called before any packet handling may be performed and
 the returned instance pointer passed to all the other functions.
 Normally, the
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 function is called afterwards, to set the default aliasing address.
 In addition, the operating mode of the packet aliasing engine can be
 customized by calling
-.Fn PacketAliasSetMode .
+.Fn LibAliasSetMode .
 .Pp
-.Ft void
+.Ft "struct libalias *"
-.Fn PacketAliasInit void
+.Fn LibAliasInit "struct libalias *"
 .Bd -ragged -offset indent
-This function has no arguments or return value and is used to initialize
+This function is used to initialize
 internal data structures.
 When called first time a NULL pointer should be passed as argument.
 The following mode bits are always set after calling
-.Fn PacketAliasInit .
+.Fn LibAliasInit .
 See the description of
-.Fn PacketAliasSetMode
+.Fn LibAliasSetMode
 below for the meaning of these mode bits.
 .Pp
 .Bl -item -offset indent -compact
@ -99,19 +101,19 @@ below for the meaning of these mode bits.
 This function will always return the packet aliasing engine to the same
 initial state.
 The
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 function is normally called afterwards, and any desired changes from the
 default mode bits listed above require a call to
-.Fn PacketAliasSetMode .
+.Fn LibAliasSetMode .
 .Pp
 It is mandatory that this function be called at the beginning of a program
 prior to any packet handling.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasUninit void
+.Fn LibAliasUninit "struct libalias *"
 .Bd -ragged -offset indent
-This function has no arguments or return value and is used to clear any
+This function has no return value and is used to clear any
 resources attached to internal data structures.
 .Pp
 This functions should be called when a program stops using the aliasing
@ -120,18 +122,17 @@ To provide backwards compatibility and extra security, it is added to
 the
 .Xr atexit 3
 chain by
-.Fn PacketAliasInit .
+.Fn LibAliasInit .
 Calling it multiple times is harmless.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasSetAddress "struct in_addr addr"
+.Fn LibAliasSetAddress "struct libalias *" "struct in_addr addr"
 .Bd -ragged -offset indent
 This function sets the source address to which outgoing packets from the
 local area network are aliased.
 All outgoing packets are re-mapped to this address unless overridden by a
 static address mapping established by
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 If this function is not called, and no static rules match, an outgoing
 packet retains its source address.
 .Pp
@ -153,7 +154,7 @@ It is mandatory that this function be called prior to any packet handling.
 .Ed
 .Pp
 .Ft unsigned int
-.Fn PacketAliasSetMode "unsigned int flags" "unsigned int mask"
+.Fn LibAliasSetMode "struct libalias *" "unsigned int flags" "unsigned int mask"
 .Bd -ragged -offset indent
 This function sets or clears mode bits
 according to the value of
@ -174,7 +175,7 @@ Mainly useful for debugging when the log file is viewed continuously with
 .It Dv PKT_ALIAS_DENY_INCOMING
 If this mode bit is set, all incoming packets associated with new TCP
 connections or new UDP transactions will be marked for being ignored
-.Fn ( PacketAliasIn
+.Fn ( LibAliasIn
 returns
 .Dv PKT_ALIAS_IGNORED
 code)
@ -214,7 +215,7 @@ The registered subnet is fully accessible to the outside world, so traffic
 from it does not need to be passed through the packet aliasing engine.
 .It Dv PKT_ALIAS_RESET_ON_ADDR_CHANGE
 When this mode bit is set and
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the aliasing address, the internal link table of the
 packet aliasing engine will be cleared.
 This operating mode is useful for
@ -238,7 +239,7 @@ To cater to unexpected death of a program using
 changing the state of the flag will clear the entire firewall range
 allocated for holes.
 This will also happen on the initial call to
-.Fn PacketAliasSetFWBase .
+.Fn LibAliasSetFWBase .
 This call must happen prior to setting this flag.
 .It Dv PKT_ALIAS_REVERSE
 This option makes
@ -252,13 +253,13 @@ This option tells
 to obey transparent proxy rules only.
 Normal packet aliasing is not performed.
 See
-.Fn PacketAliasProxyRule
+.Fn LibAliasProxyRule
 below for details.
 .El
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasSetFWBase "unsigned int base" "unsigned int num"
+.Fn LibAliasSetFWBase "struct libalias *" "unsigned int base" "unsigned int num"
 .Bd -ragged -offset indent
 Set firewall range allocated for punching firewall holes (with the
 .Dv PKT_ALIAS_PUNCH_FW
@ -267,7 +268,7 @@ The range will be cleared for all rules on initialization.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasSkinnyPort "unsigned int port"
+.Fn LibAliasSkinnyPort "struct libalias *" "unsigned int port"
 .Bd -ragged -offset indent
 Set the TCP port used by the Skinny Station protocol.
 Skinny is used by Cisco IP phones to communicate with
@ -282,18 +283,18 @@ The calling program is responsible for receiving and sending packets via
 network interfaces.
 .Pp
 Along with
-.Fn PacketAliasInit
+.Fn LibAliasInit
 and
-.Fn PacketAliasSetAddress ,
+.Fn LibAliasSetAddress ,
 the two packet handling functions,
-.Fn PacketAliasIn
+.Fn LibAliasIn
 and
-.Fn PacketAliasOut ,
+.Fn LibAliasOut ,
 comprise minimal set of functions needed for a basic IP masquerading
 implementation.
 .Pp
 .Ft int
-.Fn PacketAliasIn "char *buffer" "int maxpacketsize"
+.Fn LibAliasIn "struct libalias *" "char *buffer" "int maxpacketsize"
 .Bd -ragged -offset indent
 An incoming packet coming from a remote machine to the local network is
 de-aliased by this function.
@ -315,26 +316,26 @@ type is not handled or if incoming packets for new connections are being
 ignored (if
 .Dv PKT_ALIAS_DENY_INCOMING
 mode bit was set by
-.Fn PacketAliasSetMode ) .
+.Fn LibAliasSetMode ) .
 .It Dv PKT_ALIAS_UNRESOLVED_FRAGMENT
 This is returned when a fragment cannot be resolved because the header
 fragment has not been sent yet.
 In this situation, fragments must be saved with
-.Fn PacketAliasSaveFragment
+.Fn LibAliasSaveFragment
 until a header fragment is found.
 .It Dv PKT_ALIAS_FOUND_HEADER_FRAGMENT
 The packet aliasing process was successful, and a header fragment was found.
 This is a signal to retrieve any unresolved fragments with
-.Fn PacketAliasGetFragment
+.Fn LibAliasGetFragment
 and de-alias them with
-.Fn PacketAliasFragmentIn .
+.Fn LibAliasFragmentIn .
 .It Dv PKT_ALIAS_ERROR
 An internal error within the packet aliasing engine occurred.
 .El
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasOut "char *buffer" "int maxpacketsize"
+.Fn LibAliasOut "struct libalias *" "char *buffer" "int maxpacketsize"
 .Bd -ragged -offset indent
 An outgoing packet coming from the local network to a remote machine is
 aliased by this function.
@ -369,7 +370,8 @@ Individual ports can be re-mapped or static network address translations can
 be designated.
 .Pp
 .Ft struct alias_link *
-.Fo PacketAliasRedirectPort
+.Fo LibAliasRedirectPort
 .Fa "struct libalias *"
 .Fa "struct in_addr local_addr"
 .Fa "u_short local_port"
 .Fa "struct in_addr remote_addr"
@ -396,12 +398,12 @@ or
 .Fa alias_addr
 is zero, this indicates that the packet aliasing address as established
 by
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is to be used.
 Even if
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the address after
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 is called, a zero reference will track this change.
 .Pp
 If the link is further set up to operate for a load sharing, then
@ -409,7 +411,7 @@ If the link is further set up to operate for a load sharing, then
 and
 .Fa local_port
 are ignored, and are selected dynamically from the server pool, as described in
-.Fn PacketAliasAddServer
+.Fn LibAliasAddServer
 below.
 .Pp
 If
@ -422,12 +424,12 @@ port number.
 Almost always, the remote port specification will be zero, but non-zero
 remote addresses can sometimes be useful for firewalling.
 If two calls to
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 overlap in their address/port specifications, then the most recent call
 will have precedence.
 .Pp
 This function returns a pointer which can subsequently be used by
-.Fn PacketAliasRedirectDelete .
+.Fn LibAliasRedirectDelete .
 If
 .Dv NULL
 is returned, then the function call did not complete successfully.
@ -443,7 +445,8 @@ data type.
 .Ed
 .Pp
 .Ft struct alias_link *
-.Fo PacketAliasRedirectAddr
+.Fo LibAliasRedirectAddr
 .Fa "struct libalias *"
 .Fa "struct in_addr local_addr"
 .Fa "struct in_addr alias_addr"
 .Fc
@ -462,22 +465,22 @@ If
 or
 .Fa alias_addr
 is zero, this indicates that the packet aliasing address as established by
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is to be used.
 Even if
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the address after
-.Fn PacketAliasRedirectAddr
+.Fn LibAliasRedirectAddr
 is called, a zero reference will track this change.
 .Pp
 If the link is further set up to operate for a load sharing, then
 .Fa local_addr
 is ignored, and is selected dynamically from the server pool, as described in
-.Fn PacketAliasAddServer
+.Fn LibAliasAddServer
 below.
 .Pp
 If subsequent calls to
-.Fn PacketAliasRedirectAddr
+.Fn LibAliasRedirectAddr
 use the same aliasing address, all new incoming traffic to this aliasing
 address will be redirected to the local address made in the last function
 call.
@ -485,11 +488,11 @@ New traffic generated by any of the local machines, designated in the
 several function calls, will be aliased to the same address.
 Consider the following example:
 .Bd -literal -offset indent
-PacketAliasRedirectAddr(inet_aton("192.168.0.2"),
+LibAliasRedirectAddr(inet_aton("192.168.0.2"),
                        inet_aton("141.221.254.101"));
-PacketAliasRedirectAddr(inet_aton("192.168.0.3"),
+LibAliasRedirectAddr(inet_aton("192.168.0.3"),
                        inet_aton("141.221.254.101"));
-PacketAliasRedirectAddr(inet_aton("192.168.0.4"),
+LibAliasRedirectAddr(inet_aton("192.168.0.4"),
                        inet_aton("141.221.254.101"));
 .Ed
 .Pp
@ -502,19 +505,20 @@ from 192.168.0.2, 192.168.0.3 and 192.168.0.4 will appear to come from
 Any incoming connections to 141.221.254.101 will be directed to 192.168.0.4.
 .Pp
 Any calls to
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 will have precedence over address mappings designated by
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 .Pp
 This function returns a pointer which can subsequently be used by
-.Fn PacketAliasRedirectDelete .
+.Fn LibAliasRedirectDelete .
 If
 .Dv NULL
 is returned, then the function call did not complete successfully.
 .Ed
 .Pp
 .Ft int
-.Fo PacketAliasAddServer
+.Fo LibAliasAddServer
 .Fa "struct libalias *"
 .Fa "struct alias_link *link"
 .Fa "struct in_addr addr"
 .Fa "u_short port"
@ -541,17 +545,17 @@ the host.
 First, the
 .Fa link
 is created by either
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 or
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 Then,
-.Fn PacketAliasAddServer
+.Fn LibAliasAddServer
 is called multiple times to add entries to the
 .Fa link Ns 's
 server pool.
 .Pp
 For links created with
-.Fn PacketAliasRedirectAddr ,
+.Fn LibAliasRedirectAddr ,
 the
 .Fa port
 argument is ignored and could have any value, e.g. htons(~0).
@ -560,10 +564,10 @@ This function returns 0 on success, \-1 otherwise.
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasRedirectDynamic "struct alias_link *link"
+.Fn LibAliasRedirectDynamic "struct libalias *" "struct alias_link *link"
 .Bd -ragged -offset indent
 This function marks the specified static redirect rule entered by
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 as dynamic.
 This can be used to e.g. dynamically redirect a single TCP connection,
 after which the rule is removed.
@ -579,23 +583,23 @@ This function returns 0 on success, \-1 otherwise.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasRedirectDelete "struct alias_link *link"
+.Fn LibAliasRedirectDelete "struct libalias *" "struct alias_link *link"
 .Bd -ragged -offset indent
 This function will delete a specific static redirect rule entered by
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 or
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 The parameter
 .Fa link
 is the pointer returned by either of the redirection functions.
 If an invalid pointer is passed to
-.Fn PacketAliasRedirectDelete ,
+.Fn LibAliasRedirectDelete ,
 then a program crash or unpredictable operation could result, so it is
 necessary to be careful using this function.
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasProxyRule "const char *cmd"
+.Fn LibAliasProxyRule "struct libalias *" "const char *cmd"
 .Bd -ragged -offset indent
 The passed
 .Fa cmd
@ -640,14 +644,14 @@ specification is mandatory unless the
 command is being used.
 .It Cm rule Ar index
 Normally, each call to
-.Fn PacketAliasProxyRule
+.Fn LibAliasProxyRule
 inserts the next rule at the start of a linear list of rules.
 If an
 .Ar index
 is specified, the new rule will be checked after all rules with lower
 indices.
 Calls to
-.Fn PacketAliasProxyRule
+.Fn LibAliasProxyRule
 that do not specify a rule are assigned rule 0.
 .It Cm delete Ar index
 This token and its argument MUST NOT be used with any other tokens.
@ -688,7 +692,8 @@ access, or to restrict access to certain external machines.
 .Ed
 .Pp
 .Ft struct alias_link *
-.Fo PacketAliasRedirectProto
+.Fo LibAliasRedirectProto
 .Fa "struct libalias *"
 .Fa "struct in_addr local_addr"
 .Fa "struct in_addr remote_addr"
 .Fa "struct in_addr alias_addr"
@ -706,12 +711,12 @@ or
 .Fa alias_addr
 is zero, this indicates that the packet aliasing address as established
 by
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is to be used.
 Even if
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the address after
-.Fn PacketAliasRedirectProto
+.Fn LibAliasRedirectProto
 is called, a zero reference will track this change.
 .Pp
 If
@ -720,12 +725,12 @@ is zero, this indicates to redirect packets from any remote address.
 Non-zero remote addresses can sometimes be useful for firewalling.
 .Pp
 If two calls to
-.Fn PacketAliasRedirectProto
+.Fn LibAliasRedirectProto
 overlap in their address specifications, then the most recent call
 will have precedence.
 .Pp
 This function returns a pointer which can subsequently be used by
-.Fn PacketAliasRedirectDelete .
+.Fn LibAliasRedirectDelete .
 If
 .Dv NULL
 is returned, then the function call did not complete successfully.
@ -734,11 +739,11 @@ is returned, then the function call did not complete successfully.
 The functions in this section are used to deal with incoming fragments.
 .Pp
 Outgoing fragments are handled within
-.Fn PacketAliasOut
+.Fn LibAliasOut
 by changing the address according to any applicable mapping set by
-.Fn PacketAliasRedirectAddr ,
+.Fn LibAliasRedirectAddr ,
 or the default aliasing address set by
-.Fn PacketAliasSetAddress .
+.Fn LibAliasSetAddress .
 .Pp
 Incoming fragments are handled in one of two ways.
 If the header of a fragmented IP packet has already been seen, then all
@ -748,10 +753,10 @@ Fragments which arrive before the header are saved and then retrieved
 once the header fragment has been resolved.
 .Pp
 .Ft int
-.Fn PacketAliasSaveFragment "char *ptr"
+.Fn LibAliasSaveFragment "struct libalias *" "char *ptr"
 .Bd -ragged -offset indent
 When
-.Fn PacketAliasIn
+.Fn LibAliasIn
 returns
 .Dv PKT_ALIAS_UNRESOLVED_FRAGMENT ,
 this function can be used to save the pointer to the unresolved fragment.
@ -773,33 +778,33 @@ if there was an error.
 .Ed
 .Pp
 .Ft char *
-.Fn PacketAliasGetFragment "char *buffer"
+.Fn LibAliasGetFragment "struct libalias *" "char *buffer"
 .Bd -ragged -offset indent
 This function can be used to retrieve fragment pointers saved by
-.Fn PacketAliasSaveFragment .
+.Fn LibAliasSaveFragment .
 The IP header fragment pointed to by
 .Fa buffer
 is the header fragment indicated when
-.Fn PacketAliasIn
+.Fn LibAliasIn
 returns
 .Dv PKT_ALIAS_FOUND_HEADER_FRAGMENT .
 Once a fragment pointer is retrieved, it becomes the calling program's
 responsibility to free the dynamically allocated memory for the fragment.
 .Pp
 The
-.Fn PacketAliasGetFragment
+.Fn LibAliasGetFragment
 function can be called sequentially until there are no more fragments
 available, at which time it returns
 .Dv NULL .
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasFragmentIn "char *header" "char *fragment"
+.Fn LibAliasFragmentIn "struct libalias *" "char *header" "char *fragment"
 .Bd -ragged -offset indent
 When a fragment is retrieved with
-.Fn PacketAliasGetFragment ,
+.Fn LibAliasGetFragment ,
 it can then be de-aliased with a call to
-.Fn PacketAliasFragmentIn .
+.Fn LibAliasFragmentIn .
 The
 .Fa header
 argument is the pointer to a header fragment used as a template, and
@ -808,17 +813,17 @@ is the pointer to the packet to be de-aliased.
 .Ed
 .Sh MISCELLANEOUS FUNCTIONS
 .Ft void
-.Fn PacketAliasSetTarget "struct in_addr addr"
+.Fn LibAliasSetTarget "struct libalias *" "struct in_addr addr"
 .Bd -ragged -offset indent
 When an incoming packet not associated with any pre-existing aliasing link
 arrives at the host machine, it will be sent to the address indicated by a
 call to
-.Fn PacketAliasSetTarget .
+.Fn LibAliasSetTarget .
 .Pp
 If this function is called with an
 .Dv INADDR_NONE
 address argument, then all new incoming packets go to the address set by
-.Fn PacketAliasSetAddress .
+.Fn LibAliasSetAddress .
 .Pp
 If this function is not called, or is called with an
 .Dv INADDR_ANY
@ -829,17 +834,17 @@ can route packets to the machine in question.
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasCheckNewLink void
+.Fn LibAliasCheckNewLink void
 .Bd -ragged -offset indent
 This function returns a non-zero value when a new aliasing link is created.
 In circumstances where incoming traffic is being sequentially sent to
 different local servers, this function can be used to trigger when
-.Fn PacketAliasSetTarget
+.Fn LibAliasSetTarget
 is called to change the default target address.
 .Ed
 .Pp
 .Ft u_short
-.Fn PacketAliasInternetChecksum "u_short *buffer" "int nbytes"
+.Fn LibAliasInternetChecksum "struct libalias *" "u_short *buffer" "int nbytes"
 .Bd -ragged -offset indent
 This is a utility function that does not seem to be available elsewhere and
 is included as a convenience.
@ -856,12 +861,12 @@ The 16-bit checksum field should be zeroed before computing the checksum.
 Checksums can also be verified by operating on a block of data including
 its checksum.
 If the checksum is valid,
-.Fn PacketAliasInternetChecksum
+.Fn LibAliasInternetChecksum
 will return zero.
 .Ed
 .Pp
 .Ft int
-.Fn PacketUnaliasOut "char *buffer" "int maxpacketsize"
+.Fn LibAliasUnaliasOut "struct libalias *" "char *buffer" "int maxpacketsize"
 .Bd -ragged -offset indent
 An outgoing packet, which has already been aliased,
 has its private address/port information restored by this function.
--- a/sys/netinet/libalias/Makefile
+++ b/sys/netinet/libalias/Makefile
@ -6,7 +6,7 @@ SHLIB_MAJOR=	4
 MAN=	libalias.3
 SRCS=	alias.c alias_cuseeme.c alias_db.c alias_ftp.c alias_irc.c \
 	alias_nbt.c alias_pptp.c alias_proxy.c alias_skinny.c alias_smedia.c \
-	alias_util.c
+	alias_util.c alias_old.c
 INCS=	alias.h
 .include <bsd.lib.mk>
--- a/sys/netinet/libalias/alias.c
+++ b/sys/netinet/libalias/alias.c
@ -247,26 +247,26 @@ the gateway machine or other machines on a local area network.
 /* Local prototypes */
-static int IcmpAliasIn1(struct ip *);
+static int IcmpAliasIn1(struct libalias *, struct ip *);
-static int IcmpAliasIn2(struct ip *);
+static int IcmpAliasIn2(struct libalias *, struct ip *);
-static int IcmpAliasIn (struct ip *);
+static int IcmpAliasIn (struct libalias *, struct ip *);
-static int IcmpAliasOut1(struct ip *);
+static int IcmpAliasOut1(struct libalias *, struct ip *);
-static int IcmpAliasOut2(struct ip *);
+static int IcmpAliasOut2(struct libalias *, struct ip *);
-static int IcmpAliasOut (struct ip *);
+static int IcmpAliasOut (struct libalias *, struct ip *);
-static int ProtoAliasIn(struct ip *);
+static int ProtoAliasIn(struct libalias *, struct ip *);
-static int ProtoAliasOut(struct ip *);
+static int ProtoAliasOut(struct libalias *, struct ip *);
-static int UdpAliasOut(struct ip *);
+static int UdpAliasOut(struct libalias *, struct ip *);
-static int UdpAliasIn (struct ip *);
+static int UdpAliasIn (struct libalias *, struct ip *);
-static int TcpAliasOut(struct ip *, int);
+static int TcpAliasOut(struct libalias *, struct ip *, int);
-static int TcpAliasIn (struct ip *);
+static int TcpAliasIn (struct libalias *, struct ip *);
 static int
-IcmpAliasIn1(struct ip *pip)
+IcmpAliasIn1(struct libalias *la, struct ip *pip)
 {
 /*
    De-alias incoming echo and timestamp replies.
@ -278,7 +278,7 @@ IcmpAliasIn1(struct ip *pip)
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
 /* Get source address from ICMP data field and restore original data */
-    link = FindIcmpIn(pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
+    link = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
    if (link != NULL)
    {
        u_short original_id;
@ -312,7 +312,7 @@ IcmpAliasIn1(struct ip *pip)
 }
 static int
-IcmpAliasIn2(struct ip *pip)
+IcmpAliasIn2(struct libalias *la, struct ip *pip)
 {
 /*
    Alias incoming ICMP error messages containing
@ -332,16 +332,16 @@ IcmpAliasIn2(struct ip *pip)
    ic2 = (struct icmp *) ud;
    if (ip->ip_p == IPPROTO_UDP)
-        link = FindUdpTcpIn(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
                            ud->uh_dport, ud->uh_sport,
                            IPPROTO_UDP, 0);
    else if (ip->ip_p == IPPROTO_TCP)
-        link = FindUdpTcpIn(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
                            tc->th_dport, tc->th_sport,
                            IPPROTO_TCP, 0);
    else if (ip->ip_p == IPPROTO_ICMP) {
        if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
-            link = FindIcmpIn(ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+            link = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
        else
            link = NULL;
    } else
@ -430,13 +430,13 @@ fragment contained in ICMP data section */
 static int
-IcmpAliasIn(struct ip *pip)
+IcmpAliasIn(struct libalias *la, struct ip *pip)
 {
    int iresult;
    struct icmp *ic;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
@ -448,18 +448,18 @@ IcmpAliasIn(struct ip *pip)
        case ICMP_TSTAMPREPLY:
            if (ic->icmp_code == 0)
            {
-                iresult = IcmpAliasIn1(pip);
+                iresult = IcmpAliasIn1(la, pip);
            }
            break;
        case ICMP_UNREACH:
        case ICMP_SOURCEQUENCH:
        case ICMP_TIMXCEED:
        case ICMP_PARAMPROB:
-            iresult = IcmpAliasIn2(pip);
+            iresult = IcmpAliasIn2(la, pip);
            break;
        case ICMP_ECHO:
        case ICMP_TSTAMP:
-            iresult = IcmpAliasIn1(pip);
+            iresult = IcmpAliasIn1(la, pip);
            break;
    }
    return(iresult);
@ -467,7 +467,7 @@ IcmpAliasIn(struct ip *pip)
 static int
-IcmpAliasOut1(struct ip *pip)
+IcmpAliasOut1(struct libalias *la, struct ip *pip)
 {
 /*
    Alias outgoing echo and timestamp requests.
@ -479,7 +479,7 @@ IcmpAliasOut1(struct ip *pip)
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
 /* Save overwritten data for when echo packet returns */
-    link = FindIcmpOut(pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
+    link = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
    if (link != NULL)
    {
        u_short alias_id;
@ -514,7 +514,7 @@ IcmpAliasOut1(struct ip *pip)
 static int
-IcmpAliasOut2(struct ip *pip)
+IcmpAliasOut2(struct libalias *la, struct ip *pip)
 {
 /*
    Alias outgoing ICMP error messages containing
@ -534,16 +534,16 @@ IcmpAliasOut2(struct ip *pip)
    ic2 = (struct icmp *) ud;
    if (ip->ip_p == IPPROTO_UDP)
-        link = FindUdpTcpOut(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
                            ud->uh_dport, ud->uh_sport,
                            IPPROTO_UDP, 0);
    else if (ip->ip_p == IPPROTO_TCP)
-        link = FindUdpTcpOut(ip->ip_dst, ip->ip_src,
+        link = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
                            tc->th_dport, tc->th_sport,
                            IPPROTO_TCP, 0);
    else if (ip->ip_p == IPPROTO_ICMP) {
        if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
-            link = FindIcmpOut(ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
+            link = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
        else
            link = NULL;
    } else
@ -634,13 +634,13 @@ fragment contained in ICMP data section */
 static int
-IcmpAliasOut(struct ip *pip)
+IcmpAliasOut(struct libalias *la, struct ip *pip)
 {
    int iresult;
    struct icmp *ic;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ic = (struct icmp *) ((char *) pip + (pip->ip_hl << 2));
@ -652,18 +652,18 @@ IcmpAliasOut(struct ip *pip)
        case ICMP_TSTAMP:
            if (ic->icmp_code == 0)
            {
-                iresult = IcmpAliasOut1(pip);
+                iresult = IcmpAliasOut1(la, pip);
            }
            break;
        case ICMP_UNREACH:
        case ICMP_SOURCEQUENCH:
        case ICMP_TIMXCEED:
        case ICMP_PARAMPROB:
-            iresult = IcmpAliasOut2(pip);
+            iresult = IcmpAliasOut2(la, pip);
            break;
        case ICMP_ECHOREPLY:
        case ICMP_TSTAMPREPLY:
-            iresult = IcmpAliasOut1(pip);
+            iresult = IcmpAliasOut1(la, pip);
    }
    return(iresult);
 }
@ -671,7 +671,7 @@ IcmpAliasOut(struct ip *pip)
 static int
-ProtoAliasIn(struct ip *pip)
+ProtoAliasIn(struct libalias *la, struct ip *pip)
 {
 /*
  Handle incoming IP packets. The
@ -682,10 +682,10 @@ ProtoAliasIn(struct ip *pip)
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
-    link = FindProtoIn(pip->ip_src, pip->ip_dst, pip->ip_p);
+    link = FindProtoIn(la, pip->ip_src, pip->ip_dst, pip->ip_p);
    if (link != NULL)
    {
        struct in_addr original_address;
@ -706,7 +706,7 @@ ProtoAliasIn(struct ip *pip)
 static int
-ProtoAliasOut(struct ip *pip)
+ProtoAliasOut(struct libalias *la, struct ip *pip)
 {
 /*
  Handle outgoing IP packets. The
@ -716,10 +716,10 @@ ProtoAliasOut(struct ip *pip)
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
-    link = FindProtoOut(pip->ip_src, pip->ip_dst, pip->ip_p);
+    link = FindProtoOut(la, pip->ip_src, pip->ip_dst, pip->ip_p);
    if (link != NULL)
    {
        struct in_addr alias_address;
@ -740,18 +740,18 @@ ProtoAliasOut(struct ip *pip)
 static int
-UdpAliasIn(struct ip *pip)
+UdpAliasIn(struct libalias *la, struct ip *pip)
 {
    struct udphdr *ud;
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
-    link = FindUdpTcpIn(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
                        ud->uh_sport, ud->uh_dport,
                        IPPROTO_UDP, 1);
    if (link != NULL)
@ -770,14 +770,14 @@ UdpAliasIn(struct ip *pip)
 /* Special processing for IP encoding protocols */
 	if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
-	    AliasHandleCUSeeMeIn(pip, original_address);
+	    AliasHandleCUSeeMeIn(la, pip, original_address);
 /* If NETBIOS Datagram, It should be alias address in UDP Data, too */
 	else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
-	    r = AliasHandleUdpNbt(pip, link, &original_address, ud->uh_dport);
+	    r = AliasHandleUdpNbt(la, pip, link, &original_address, ud->uh_dport);
 	else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
-	    r = AliasHandleUdpNbtNS(pip, link, &alias_address, &alias_port,
+	    r = AliasHandleUdpNbtNS(la, pip, link, &alias_address, &alias_port,
 				    &original_address, &ud->uh_dport);
 /* If UDP checksum is not zero, then adjust since destination port */
@ -814,18 +814,18 @@ UdpAliasIn(struct ip *pip)
 }
 static int
-UdpAliasOut(struct ip *pip)
+UdpAliasOut(struct libalias *la, struct ip *pip)
 {
    struct udphdr *ud;
    struct alias_link *link;
 /* Return if proxy-only mode is enabled */
-    if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
        return PKT_ALIAS_OK;
    ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2));
-    link = FindUdpTcpOut(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
                         ud->uh_sport, ud->uh_dport,
                         IPPROTO_UDP, 1);
    if (link != NULL)
@ -838,14 +838,14 @@ UdpAliasOut(struct ip *pip)
 /* Special processing for IP encoding protocols */
 	if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER)
-	    AliasHandleCUSeeMeOut(pip, link);
+	    AliasHandleCUSeeMeOut(la, pip, link);
 /* If NETBIOS Datagram, It should be alias address in UDP Data, too */
 	else if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER)
-	    AliasHandleUdpNbt(pip, link, &alias_address, alias_port);
+	    AliasHandleUdpNbt(la, pip, link, &alias_address, alias_port);
 	else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER
 	      || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER)
-	    AliasHandleUdpNbtNS(pip, link, &pip->ip_src, &ud->uh_sport,
+	    AliasHandleUdpNbtNS(la, pip, link, &pip->ip_src, &ud->uh_sport,
 				&alias_address, &alias_port);
 /*
 * We don't know in advance what TID the TFTP server will choose,
@ -853,7 +853,7 @@ UdpAliasOut(struct ip *pip)
 * that will match any TID from a given destination.
 */
 	else if (ntohs(ud->uh_dport) == TFTP_PORT_NUMBER)
-	    FindRtspOut(pip->ip_src, pip->ip_dst,
+	    FindRtspOut(la, pip->ip_src, pip->ip_dst,
 			ud->uh_sport, alias_port, IPPROTO_UDP);
 /* If UDP checksum is not zero, adjust since source port is */
@ -892,17 +892,17 @@ UdpAliasOut(struct ip *pip)
 static int
-TcpAliasIn(struct ip *pip)
+TcpAliasIn(struct libalias *la, struct ip *pip)
 {
    struct tcphdr *tc;
    struct alias_link *link;
    tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-    link = FindUdpTcpIn(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
                        tc->th_sport, tc->th_dport,
                        IPPROTO_TCP,
-                        !(packetAliasMode & PKT_ALIAS_PROXY_ONLY));
+                        !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
    if (link != NULL)
    {
        struct in_addr alias_address;
@ -916,10 +916,10 @@ TcpAliasIn(struct ip *pip)
 /* Special processing for IP encoding protocols */
        if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
         || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
-            AliasHandlePptpIn(pip, link);
+            AliasHandlePptpIn(la, pip, link);
-        else if (skinnyPort != 0 && (ntohs(tc->th_dport) == skinnyPort
+        else if (la->skinnyPort != 0 && (ntohs(tc->th_dport) == la->skinnyPort
-         || ntohs(tc->th_sport) == skinnyPort))
+         || ntohs(tc->th_sport) == la->skinnyPort))
-            AliasHandleSkinny(pip, link);
+            AliasHandleSkinny(la, pip, link);
        alias_address = GetAliasAddress(link);
        original_address = GetOriginalAddress(link);
@ -1008,7 +1008,7 @@ TcpAliasIn(struct ip *pip)
 }
 static int
-TcpAliasOut(struct ip *pip, int maxpacketsize)
+TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize)
 {
    int proxy_type;
    u_short dest_port;
@ -1020,9 +1020,9 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
    tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
-    proxy_type = ProxyCheck(pip, &proxy_server_address, &proxy_server_port);
+    proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port);
-    if (proxy_type == 0 && (packetAliasMode & PKT_ALIAS_PROXY_ONLY))
+    if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
        return PKT_ALIAS_OK;
 /* If this is a transparent proxy, save original destination,
@ -1058,7 +1058,7 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
        ADJUST_CHECKSUM(accumulate, pip->ip_sum);
    }
-    link = FindUdpTcpOut(pip->ip_src, pip->ip_dst,
+    link = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
                         tc->th_sport, tc->th_dport,
                         IPPROTO_TCP, 1);
    if (link !=NULL)
@ -1075,7 +1075,7 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
        {
            SetProxyPort(link, dest_port);
            SetProxyAddress(link, dest_address);
-            ProxyModify(link, pip, maxpacketsize, proxy_type);
+            ProxyModify(la, link, pip, maxpacketsize, proxy_type);
            tc = (struct tcphdr *) ((char *) pip + (pip->ip_hl << 2));
        }
@ -1089,21 +1089,21 @@ TcpAliasOut(struct ip *pip, int maxpacketsize)
 /* Special processing for IP encoding protocols */
        if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER
         || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER)
-            AliasHandleFtpOut(pip, link, maxpacketsize);
+            AliasHandleFtpOut(la, pip, link, maxpacketsize);
        else if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1
         || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2)
-            AliasHandleIrcOut(pip, link, maxpacketsize);
+            AliasHandleIrcOut(la, pip, link, maxpacketsize);
        else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1
         || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1
         || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2
         || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2)
-            AliasHandleRtspOut(pip, link, maxpacketsize);
+            AliasHandleRtspOut(la, pip, link, maxpacketsize);
        else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER
         || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER)
-            AliasHandlePptpOut(pip, link);
+            AliasHandlePptpOut(la, pip, link);
-        else if (skinnyPort != 0 && (ntohs(tc->th_sport) == skinnyPort
+        else if (la->skinnyPort != 0 && (ntohs(tc->th_sport) == la->skinnyPort
-         || ntohs(tc->th_dport) == skinnyPort))
+         || ntohs(tc->th_dport) == la->skinnyPort))
-            AliasHandleSkinny(pip, link);
+            AliasHandleSkinny(la, pip, link);
 /* Adjust TCP checksum since source port is being aliased */
 /* and source address is being altered                    */
@ -1171,16 +1171,16 @@ saved and recalled when a header fragment is seen.
 */
 /* Local prototypes */
-static int FragmentIn(struct ip *);
+static int FragmentIn(struct libalias *, struct ip *);
-static int FragmentOut(struct ip *);
+static int FragmentOut(struct libalias *, struct ip *);
 static int
-FragmentIn(struct ip *pip)
+FragmentIn(struct libalias *la, struct ip *pip)
 {
    struct alias_link *link;
-    link = FindFragmentIn2(pip->ip_src, pip->ip_dst, pip->ip_id);
+    link = FindFragmentIn2(la, pip->ip_src, pip->ip_dst, pip->ip_id);
    if (link != NULL)
    {
        struct in_addr original_address;
@ -1199,11 +1199,11 @@ FragmentIn(struct ip *pip)
 static int
-FragmentOut(struct ip *pip)
+FragmentOut(struct libalias *la, struct ip *pip)
 {
    struct in_addr alias_address;
-    alias_address = FindAliasAddress(pip->ip_src);
+    alias_address = FindAliasAddress(la, pip->ip_src);
    DifferentialChecksum(&pip->ip_sum,
                         (u_short *) &alias_address,
                         (u_short *) &pip->ip_src,
@ -1232,14 +1232,14 @@ FragmentOut(struct ip *pip)
 int
-PacketAliasSaveFragment(char *ptr)
+LibAliasSaveFragment(struct libalias *la, char *ptr)
 {
    int iresult;
    struct alias_link *link;
    struct ip *pip;
    pip = (struct ip *) ptr;
-    link = AddFragmentPtrLink(pip->ip_src, pip->ip_id);
+    link = AddFragmentPtrLink(la, pip->ip_src, pip->ip_id);
    iresult = PKT_ALIAS_ERROR;
    if (link != NULL)
    {
@ -1251,14 +1251,14 @@ PacketAliasSaveFragment(char *ptr)
 char *
-PacketAliasGetFragment(char *ptr)
+LibAliasGetFragment(struct libalias *la, char *ptr)
 {
    struct alias_link *link;
    char *fptr;
    struct ip *pip;
    pip = (struct ip *) ptr;
-    link = FindFragmentPtr(pip->ip_src, pip->ip_id);
+    link = FindFragmentPtr(la, pip->ip_src, pip->ip_id);
    if (link != NULL)
    {
        GetFragmentPtr(link, &fptr);
@ -1275,7 +1275,7 @@ PacketAliasGetFragment(char *ptr)
 void
-PacketAliasFragmentIn(char *ptr,          /* Points to correctly de-aliased
+LibAliasFragmentIn(struct libalias *la, char *ptr,          /* Points to correctly de-aliased
                                             header fragment */
                      char *ptr_fragment  /* Points to fragment which must
                                             be de-aliased   */
@ -1296,21 +1296,21 @@ PacketAliasFragmentIn(char *ptr,          /* Points to correctly de-aliased
 int
-PacketAliasIn(char *ptr, int maxpacketsize)
+LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize)
 {
    struct in_addr alias_addr;
    struct ip *pip;
    int iresult;
-    if (packetAliasMode & PKT_ALIAS_REVERSE) {
+    if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
-        packetAliasMode &= ~PKT_ALIAS_REVERSE;
+        la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
        iresult = PacketAliasOut(ptr, maxpacketsize);
-        packetAliasMode |= PKT_ALIAS_REVERSE;
+        la->packetAliasMode |= PKT_ALIAS_REVERSE;
        return iresult;
    }
-    HouseKeeping();
+    HouseKeeping(la);
-    ClearCheckNewLink();
+    ClearCheckNewLink(la);
    pip = (struct ip *) ptr;
    alias_addr = pip->ip_dst;
@ -1325,23 +1325,23 @@ PacketAliasIn(char *ptr, int maxpacketsize)
        switch (pip->ip_p)
        {
            case IPPROTO_ICMP:
-                iresult = IcmpAliasIn(pip);
+                iresult = IcmpAliasIn(la, pip);
                break;
            case IPPROTO_UDP:
-                iresult = UdpAliasIn(pip);
+                iresult = UdpAliasIn(la, pip);
                break;
            case IPPROTO_TCP:
-                iresult = TcpAliasIn(pip);
+                iresult = TcpAliasIn(la, pip);
                break;
            case IPPROTO_GRE:
-		if (packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
+		if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY ||
-		    AliasHandlePptpGreIn(pip) == 0)
+		    AliasHandlePptpGreIn(la, pip) == 0)
 		    iresult = PKT_ALIAS_OK;
 		else
-		    iresult = ProtoAliasIn(pip);
+		    iresult = ProtoAliasIn(la, pip);
 		break;
 	    default:
-		iresult = ProtoAliasIn(pip);
+		iresult = ProtoAliasIn(la, pip);
                break;
        }
@ -1349,7 +1349,7 @@ PacketAliasIn(char *ptr, int maxpacketsize)
        {
            struct alias_link *link;
-            link = FindFragmentIn1(pip->ip_src, alias_addr, pip->ip_id);
+            link = FindFragmentIn1(la, pip->ip_src, alias_addr, pip->ip_id);
            if (link != NULL)
            {
                iresult = PKT_ALIAS_FOUND_HEADER_FRAGMENT;
@ -1363,7 +1363,7 @@ PacketAliasIn(char *ptr, int maxpacketsize)
    }
    else
    {
-        iresult = FragmentIn(pip);
+        iresult = FragmentIn(la, pip);
    }
    return(iresult);
@ -1386,7 +1386,7 @@ PacketAliasIn(char *ptr, int maxpacketsize)
 #define UNREG_ADDR_C_UPPER 0xc0a8ffff
 int
-PacketAliasOut(char *ptr,           /* valid IP packet */
+LibAliasOut(struct libalias *la, char *ptr,           /* valid IP packet */
               int  maxpacketsize   /* How much the packet data may grow
                                       (FTP and IRC inline changes) */
              )
@ -1395,15 +1395,15 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
    struct in_addr addr_save;
    struct ip *pip;
-    if (packetAliasMode & PKT_ALIAS_REVERSE) {
+    if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
-        packetAliasMode &= ~PKT_ALIAS_REVERSE;
+        la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
        iresult = PacketAliasIn(ptr, maxpacketsize);
-        packetAliasMode |= PKT_ALIAS_REVERSE;
+        la->packetAliasMode |= PKT_ALIAS_REVERSE;
        return iresult;
    }
-    HouseKeeping();
+    HouseKeeping(la);
-    ClearCheckNewLink();
+    ClearCheckNewLink(la);
    pip = (struct ip *) ptr;
    /* Defense against mangled packets */
@ -1411,8 +1411,8 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
     || (pip->ip_hl<<2) > maxpacketsize)
        return PKT_ALIAS_IGNORED;
-    addr_save = GetDefaultAliasAddress();
+    addr_save = GetDefaultAliasAddress(la);
-    if (packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY)
+    if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY)
    {
        u_long addr;
        int iclass;
@ -1428,12 +1428,12 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
        if (iclass == 0)
        {
-            SetDefaultAliasAddress(pip->ip_src);
+            SetDefaultAliasAddress(la, pip->ip_src);
        }
    }
-    else if (packetAliasMode & PKT_ALIAS_PROXY_ONLY)
+    else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
    {
-        SetDefaultAliasAddress(pip->ip_src);
+        SetDefaultAliasAddress(la, pip->ip_src);
    }
    iresult = PKT_ALIAS_IGNORED;
@ -1442,36 +1442,36 @@ PacketAliasOut(char *ptr,           /* valid IP packet */
        switch (pip->ip_p)
        {
            case IPPROTO_ICMP:
-                iresult = IcmpAliasOut(pip);
+                iresult = IcmpAliasOut(la, pip);
                break;
            case IPPROTO_UDP:
-                iresult = UdpAliasOut(pip);
+                iresult = UdpAliasOut(la, pip);
                break;
            case IPPROTO_TCP:
-                iresult = TcpAliasOut(pip, maxpacketsize);
+                iresult = TcpAliasOut(la, pip, maxpacketsize);
                break;
 	    case IPPROTO_GRE:
-		if (AliasHandlePptpGreOut(pip) == 0)
+		if (AliasHandlePptpGreOut(la, pip) == 0)
 		    iresult = PKT_ALIAS_OK;
 		else
-		    iresult = ProtoAliasOut(pip);
+		    iresult = ProtoAliasOut(la, pip);
 		break;
 	    default:
-		iresult = ProtoAliasOut(pip);
+		iresult = ProtoAliasOut(la, pip);
                break;
        }
    }
    else
    {
-        iresult = FragmentOut(pip);
+        iresult = FragmentOut(la, pip);
    }
-    SetDefaultAliasAddress(addr_save);
+    SetDefaultAliasAddress(la, addr_save);
    return(iresult);
 }
 int
-PacketUnaliasOut(char *ptr,           /* valid IP packet */
+LibAliasUnaliasOut(struct libalias *la, char *ptr,           /* valid IP packet */
                 int  maxpacketsize   /* for error checking */
                )
 {
@ -1495,15 +1495,15 @@ PacketUnaliasOut(char *ptr,           /* valid IP packet */
    /* Find a link */
    if (pip->ip_p == IPPROTO_UDP)
-        link = FindUdpTcpIn(pip->ip_dst, pip->ip_src,
+        link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
                            ud->uh_dport, ud->uh_sport,
                            IPPROTO_UDP, 0);
    else if (pip->ip_p == IPPROTO_TCP)
-        link = FindUdpTcpIn(pip->ip_dst, pip->ip_src,
+        link = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
                            tc->th_dport, tc->th_sport,
                            IPPROTO_TCP, 0);
    else if (pip->ip_p == IPPROTO_ICMP)
-        link = FindIcmpIn(pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
+        link = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
    else
        link = NULL;
--- a/sys/netinet/libalias/alias.h
+++ b/sys/netinet/libalias/alias.h
@ -39,7 +39,37 @@
 #ifndef _ALIAS_H_
 #define	_ALIAS_H_
-/* The external interface to libalias, the packet aliasing engine. */
+/*
 * The external interface to libalias, the packet aliasing engine.
 *
 * There are two sets of functions:
 *
 * PacketAlias*() the old API which doesn't take an instance pointer
 * and therefore can only have one packet engine at a time.
 *
 * LibAlias*() the new API which takes as first argument a pointer to 
 * the instance of the packet aliasing engine.
 *
 * The functions otherwise correspond to each other one for one, except
 * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were 
 * were misnamed in the old API.
 */
 /*
 * The instance structure
 */
 struct libalias;
 /*
 * An anonymous structure, a pointer to which is returned from
 * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
 * PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
 * and freed by PacketAliasRedirectDelete().
 */
 struct	alias_link;
 /* OLD API */
 /* Initialization and control functions. */
 void	 PacketAliasInit(void);
@ -57,13 +87,6 @@ int	 PacketUnaliasOut(char *_ptr, int _maxpacketsize);
 /* Port and address redirection functions. */
 /*
 * An anonymous structure, a pointer to which is returned from
 * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
 * PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
 * and freed by PacketAliasRedirectDelete().
 */
 struct	alias_link;
 int	 PacketAliasAddServer(struct alias_link *_link,
 	    struct in_addr _addr, unsigned short _port);
@ -96,6 +119,61 @@ void	 PacketAliasSetTarget(struct in_addr _target_addr);
 /* Transparent proxying routines. */
 int	 PacketAliasProxyRule(const char *_cmd);
 /* NEW API */
 /* Initialization and control functions. */
 struct libalias	*LibAliasInit(struct libalias *);
 void	 LibAliasSetAddress(struct libalias *, struct in_addr _addr);
 void	 LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
 void	 LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
 unsigned int
 	 LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
 void	 LibAliasUninit(struct libalias *);
 /* Packet Handling functions. */
 int	 LibAliasIn(struct libalias *, char *_ptr, int _maxpacketsize);
 int	 LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
 int	 LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
 /* Port and address redirection functions. */
 int	 LibAliasAddServer(struct libalias *, struct alias_link *_link,
 	    struct in_addr _addr, unsigned short _port);
 struct alias_link *
 	 LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
 	    struct in_addr _alias_addr);
 int	 LibAliasRedirectDynamic(struct libalias *, struct alias_link *_link);
 void	 LibAliasRedirectDelete(struct libalias *, struct alias_link *_link);
 struct alias_link *
 	 LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
 	    unsigned short _src_port, struct in_addr _dst_addr,
 	    unsigned short _dst_port, struct in_addr _alias_addr,
 	    unsigned short _alias_port, unsigned char _proto);
 struct alias_link *
 	 LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
 	    struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    unsigned char _proto);
 /* Fragment Handling functions. */
 void	 LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
 char	*LibAliasGetFragment(struct libalias *, char *_ptr);
 int	 LibAliasSaveFragment(struct libalias *, char *_ptr);
 /* Miscellaneous functions. */
 int	 LibAliasCheckNewLink(struct libalias *);
 unsigned short
 	 LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
 void	 LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
 /* Transparent proxying routines. */
 int	 LibAliasProxyRule(struct libalias *, const char *_cmd);
 /*
 * Mode flags and other constants.
 */
 /* Mode flags, set using PacketAliasSetMode() */
 /*
--- a/sys/netinet/libalias/alias_cuseeme.c
+++ b/sys/netinet/libalias/alias_cuseeme.c
@ -29,6 +29,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 #include <stdio.h>
 #include <sys/types.h>
 #include <netinet/in_systm.h>
 #include <netinet/in.h>
@ -66,7 +67,7 @@ struct client_info {
 };
 void
-AliasHandleCUSeeMeOut(struct ip *pip, struct alias_link *link)
+AliasHandleCUSeeMeOut(struct libalias *la, struct ip *pip, struct alias_link *link)
 {
  struct udphdr *ud;
@ -79,7 +80,7 @@ AliasHandleCUSeeMeOut(struct ip *pip, struct alias_link *link)
    if (cu->addr)
      cu->addr = (u_int32_t)GetAliasAddress(link).s_addr;
-    cu_link = FindUdpTcpOut(pip->ip_src, GetDestAddress(link),
+    cu_link = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
                            ud->uh_dport, 0, IPPROTO_UDP, 1);
 #ifndef NO_FW_PUNCH
@ -90,7 +91,7 @@ AliasHandleCUSeeMeOut(struct ip *pip, struct alias_link *link)
 }
 void
-AliasHandleCUSeeMeIn(struct ip *pip, struct in_addr original_addr)
+AliasHandleCUSeeMeIn(struct libalias *la, struct ip *pip, struct in_addr original_addr)
 {
  struct in_addr alias_addr;
  struct udphdr *ud;
--- a/sys/netinet/libalias/alias_db.c
+++ b/sys/netinet/libalias/alias_db.c
--- a/sys/netinet/libalias/alias_ftp.c
+++ b/sys/netinet/libalias/alias_ftp.c
@ -94,17 +94,15 @@ enum ftp_message_type {
    FTP_UNKNOWN_MESSAGE
 };
-static int ParseFtpPortCommand(char *, int);
+static int ParseFtpPortCommand(struct libalias *la, char *, int);
-static int ParseFtpEprtCommand(char *, int);
+static int ParseFtpEprtCommand(struct libalias *la, char *, int);
-static int ParseFtp227Reply(char *, int);
+static int ParseFtp227Reply(struct libalias *la, char *, int);
-static int ParseFtp229Reply(char *, int);
+static int ParseFtp229Reply(struct libalias *la, char *, int);
-static void NewFtpMessage(struct ip *, struct alias_link *, int, int);
+static void NewFtpMessage(struct libalias *la, struct ip *, struct alias_link *, int, int);
 static struct in_addr true_addr;	/* in network byte order. */
 static u_short true_port;		/* in host byte order. */
 void
 AliasHandleFtpOut(
 struct libalias *la,
 struct ip *pip,	  /* IP packet to examine/patch */
 struct alias_link *link, /* The link to go through (aliased port) */
 int maxpacketsize  /* The maximum size this packet can grow to (including headers) */)
@ -136,24 +134,24 @@ int maxpacketsize  /* The maximum size this packet can grow to (including header
 /*
 * When aliasing a client, check for the PORT/EPRT command.
 */
-	    if (ParseFtpPortCommand(sptr, dlen))
+	    if (ParseFtpPortCommand(la, sptr, dlen))
 		ftp_message_type = FTP_PORT_COMMAND;
-	    else if (ParseFtpEprtCommand(sptr, dlen))
+	    else if (ParseFtpEprtCommand(la, sptr, dlen))
 		ftp_message_type = FTP_EPRT_COMMAND;
 	} else {
 /*
 * When aliasing a server, check for the 227/229 reply.
 */
-	    if (ParseFtp227Reply(sptr, dlen))
+	    if (ParseFtp227Reply(la, sptr, dlen))
 		ftp_message_type = FTP_227_REPLY;
-	    else if (ParseFtp229Reply(sptr, dlen)) {
+	    else if (ParseFtp229Reply(la, sptr, dlen)) {
 		ftp_message_type = FTP_229_REPLY;
-		true_addr.s_addr = pip->ip_src.s_addr;
+		la->true_addr.s_addr = pip->ip_src.s_addr;
 	    }
 	}
 	if (ftp_message_type != FTP_UNKNOWN_MESSAGE)
-	    NewFtpMessage(pip, link, maxpacketsize, ftp_message_type);
+	    NewFtpMessage(la, pip, link, maxpacketsize, ftp_message_type);
    }
 /* Track the msgs which are CRLF term'd for PORT/PASV FW breach */
@ -170,7 +168,7 @@ int maxpacketsize  /* The maximum size this packet can grow to (including header
 }
 static int
-ParseFtpPortCommand(char *sptr, int dlen)
+ParseFtpPortCommand(struct libalias *la, char *sptr, int dlen)
 {
    char ch;
    int i, state;
@ -228,15 +226,15 @@ ParseFtpPortCommand(char *sptr, int dlen)
    }
    if (state == 13) {
-	true_addr.s_addr = htonl(addr);
+	la->true_addr.s_addr = htonl(addr);
-	true_port = port;
+	la->true_port = port;
 	return 1;
    } else
 	return 0;
 }
 static int
-ParseFtpEprtCommand(char *sptr, int dlen)
+ParseFtpEprtCommand(struct libalias *la, char *sptr, int dlen)
 {
    char ch, delim;
    int i, state;
@ -315,15 +313,15 @@ ParseFtpEprtCommand(char *sptr, int dlen)
    }
    if (state == 13) {
-	true_addr.s_addr = htonl(addr);
+	la->true_addr.s_addr = htonl(addr);
-	true_port = port;
+	la->true_port = port;
 	return 1;
    } else
 	return 0;
 }
 static int
-ParseFtp227Reply(char *sptr, int dlen)
+ParseFtp227Reply(struct libalias *la, char *sptr, int dlen)
 {
    char ch;
    int i, state;
@ -381,15 +379,15 @@ ParseFtp227Reply(char *sptr, int dlen)
    }
    if (state == 13) {
-        true_port = port;
+        la->true_port = port;
-        true_addr.s_addr = htonl(addr);
+        la->true_addr.s_addr = htonl(addr);
 	return 1;
    } else
 	return 0;
 }
 static int
-ParseFtp229Reply(char *sptr, int dlen)
+ParseFtp229Reply(struct libalias *la, char *sptr, int dlen)
 {
    char ch, delim;
    int i, state;
@ -452,14 +450,14 @@ ParseFtp229Reply(char *sptr, int dlen)
    }
    if (state == 7) {
-	true_port = port;
+	la->true_port = port;
 	return 1;
    } else
 	return 0;
 }
 static void
-NewFtpMessage(struct ip *pip,
+NewFtpMessage(struct libalias *la, struct ip *pip,
              struct alias_link *link,
              int maxpacketsize,
              int ftp_message_type)
@ -467,15 +465,15 @@ NewFtpMessage(struct ip *pip,
    struct alias_link *ftp_link;
 /* Security checks. */
-    if (pip->ip_src.s_addr != true_addr.s_addr)
+    if (pip->ip_src.s_addr != la->true_addr.s_addr)
 	return;
-    if (true_port < IPPORT_RESERVED)
+    if (la->true_port < IPPORT_RESERVED)
 	return;
 /* Establish link to address and port found in FTP control message. */
-    ftp_link = FindUdpTcpOut(true_addr, GetDestAddress(link),
+    ftp_link = FindUdpTcpOut(la, la->true_addr, GetDestAddress(link),
-                             htons(true_port), 0, IPPROTO_TCP, 1);
+                             htons(la->true_port), 0, IPPROTO_TCP, 1);
    if (ftp_link != NULL)
    {
--- a/sys/netinet/libalias/alias_irc.c
+++ b/sys/netinet/libalias/alias_irc.c
@ -65,7 +65,8 @@ __FBSDID("$FreeBSD$");
 void
-AliasHandleIrcOut(struct ip *pip, /* IP packet to examine */
+AliasHandleIrcOut(struct libalias *la, 
 				 struct ip *pip, /* IP packet to examine */
 				 struct alias_link *link,		  /* Which link are we on? */
 				 int maxsize		  /* Maximum size of IP packet including headers */
 				 )
@ -246,7 +247,7 @@ lFOUND_CTCP:
 			 /* Steal the FTP_DATA_PORT - it doesn't really matter, and this
 				 would probably allow it through at least _some_
 				 firewalls. */
-			 dcc_link = FindUdpTcpOut(true_addr, destaddr,
+			 dcc_link = FindUdpTcpOut(la, true_addr, destaddr,
 						  true_port, 0,
 						  IPPROTO_TCP, 1);
 			 DBprintf(("Got a DCC link\n"));
--- a/sys/netinet/libalias/alias_local.h
+++ b/sys/netinet/libalias/alias_local.h
@ -46,6 +46,92 @@
 #ifndef _ALIAS_LOCAL_H_
 #define	_ALIAS_LOCAL_H_
 #include <sys/queue.h>
 /* Sizes of input and output link tables */
 #define LINK_TABLE_OUT_SIZE         101
 #define LINK_TABLE_IN_SIZE         4001
 struct proxy_entry;
 struct libalias {
 	LIST_ENTRY(libalias)	instancelist;
 	int packetAliasMode;		/* Mode flags                      */
 					/*        - documented in alias.h  */
 	struct in_addr aliasAddress;	/* Address written onto source     */
 					/*   field of IP packet.           */
 	struct in_addr targetAddress;	/* IP address incoming packets     */
 					/*   are sent to if no aliasing    */
 					/*   link already exists           */
 	struct in_addr nullAddress;	/* Used as a dummy parameter for   */
 					/*   some function calls           */
 	LIST_HEAD(, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE];
 					/* Lookup table of pointers to     */
 					/*   chains of link records. Each  */
 	LIST_HEAD(, alias_link) linkTableIn[LINK_TABLE_IN_SIZE];
 					/*   link record is doubly indexed */
 					/*   into input and output lookup  */
 					/*   tables.                       */
 					/* Link statistics                 */
 	int icmpLinkCount;
 	int udpLinkCount;
 	int tcpLinkCount;
 	int pptpLinkCount;
 	int protoLinkCount;
 	int fragmentIdLinkCount;
 	int fragmentPtrLinkCount;
 	int sockCount;
 	int cleanupIndex;		/* Index to chain of link table    */
 					/* being inspected for old links   */
 	int timeStamp;			/* System time in seconds for      */
 					/* current packet                  */
 	int lastCleanupTime;		/* Last time IncrementalCleanup()  */
 					/* was called                      */
 	int houseKeepingResidual;	/* used by HouseKeeping()          */
 	int deleteAllLinks;		/* If equal to zero, DeleteLink()  */
 					/* will not remove permanent links */
 	FILE *monitorFile;		/* File descriptor for link        */
 					/* statistics monitoring file      */
 	int newDefaultLink;		/* Indicates if a new aliasing     */
 					/* link has been created after a   */
 					/* call to PacketAliasIn/Out().    */
 #ifndef NO_FW_PUNCH
 	int fireWallFD;			/* File descriptor to be able to   */
 					/* control firewall.  Opened by    */
 					/* PacketAliasSetMode on first     */
 					/* setting the PKT_ALIAS_PUNCH_FW  */
 					/* flag.                           */
 	int fireWallBaseNum;     /* The first firewall entry free for our use */
 	int fireWallNumNums;     /* How many entries can we use? */
 	int fireWallActiveNum;   /* Which entry did we last use? */
 	char *fireWallField;     /* bool array for entries */
 #endif
 	unsigned int skinnyPort;	/* TCP port used by the Skinny     */
 					/* protocol.                       */
 	struct proxy_entry *proxyList;
 	struct in_addr true_addr;	/* in network byte order. */
 	u_short true_port;		/* in host byte order. */
 };
 /* Macros */
 /*
@ -71,10 +157,6 @@
 		} \
 	} while (0)
 /* Globals */
 extern int packetAliasMode;
 extern unsigned int skinnyPort;
 /* Prototypes */
@ -86,58 +168,58 @@ void	 DifferentialChecksum(u_short *_cksum, u_short *_new, u_short *_old,
 /* Internal data access */
 struct alias_link *
-	 FindIcmpIn(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _id_alias, int _create);
 struct alias_link *
-	 FindIcmpOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_short _id, int _create);
 struct alias_link *
-	 FindFragmentIn1(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _ip_id);
 struct alias_link *
-	 FindFragmentIn2(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _ip_id);
 struct alias_link *
-	 AddFragmentPtrLink(struct in_addr _dst_addr, u_short _ip_id);
+	 AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
 struct alias_link *
-	 FindFragmentPtr(struct in_addr _dst_addr, u_short _ip_id);
+	 FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
 struct alias_link *
-	 FindProtoIn(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_char _proto);
 struct alias_link *
-	 FindProtoOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_char _proto);
 struct alias_link *
-	 FindUdpTcpIn(struct in_addr _dst_addr, struct in_addr _alias_addr,
+	 FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
 	    u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
 struct alias_link *
-	 FindUdpTcpOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_short _src_port, u_short _dst_port, u_char _proto, int _create);
 struct alias_link *
-	 AddPptp(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    struct in_addr _alias_addr, u_int16_t _src_call_id);
 struct alias_link *
-	 FindPptpOutByCallId(struct in_addr _src_addr,
+	 FindPptpOutByCallId(struct libalias *la, struct in_addr _src_addr,
 	    struct in_addr _dst_addr, u_int16_t _src_call_id);
 struct alias_link *
-	 FindPptpInByCallId(struct in_addr _dst_addr,
+	 FindPptpInByCallId(struct libalias *la, struct in_addr _dst_addr,
 	    struct in_addr _alias_addr, u_int16_t _dst_call_id);
 struct alias_link *
-	 FindPptpOutByPeerCallId(struct in_addr _src_addr,
+	 FindPptpOutByPeerCallId(struct libalias *la, struct in_addr _src_addr,
 	    struct in_addr _dst_addr, u_int16_t _dst_call_id);
 struct alias_link *
-	 FindPptpInByPeerCallId(struct in_addr _dst_addr,
+	 FindPptpInByPeerCallId(struct libalias *la, struct in_addr _dst_addr,
 	    struct in_addr _alias_addr, u_int16_t _alias_call_id);
 struct alias_link *
-	 FindRtspOut(struct in_addr _src_addr, struct in_addr _dst_addr,
+	 FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
 	    u_short _src_port, u_short _alias_port, u_char _proto);
 struct in_addr
-	 FindOriginalAddress(struct in_addr _alias_addr);
+	 FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr);
 struct in_addr
-	 FindAliasAddress(struct in_addr _original_addr);
+	 FindAliasAddress(struct libalias *la, struct in_addr _original_addr);
 /* External data access/modification */
-int	 FindNewPortGroup(struct in_addr _dst_addr, struct in_addr _alias_addr,
+int	 FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
                     u_short _src_port, u_short _dst_port, u_short _port_count,
 		     u_char _proto, u_char _align);
 void	 GetFragmentAddr(struct alias_link *_link, struct in_addr *_src_addr);
@ -155,8 +237,8 @@ struct in_addr
 struct in_addr
 	 GetAliasAddress(struct alias_link *_link);
 struct in_addr
-	 GetDefaultAliasAddress(void);
+	 GetDefaultAliasAddress(struct libalias *la);
-void	 SetDefaultAliasAddress(struct in_addr _alias_addr);
+void	 SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr);
 u_short	 GetOriginalPort(struct alias_link *_link);
 u_short	 GetAliasPort(struct alias_link *_link);
 struct in_addr
@ -170,7 +252,7 @@ int	 GetDeltaAckIn(struct ip *_pip, struct alias_link *_link);
 int	 GetDeltaSeqOut(struct ip *_pip, struct alias_link *_link);
 void	 AddSeq(struct ip *_pip, struct alias_link *_link, int _delta);
 void	 SetExpire(struct alias_link *_link, int _expire);
-void	 ClearCheckNewLink(void);
+void	 ClearCheckNewLink(struct libalias *la);
 void	 SetProtocolFlags(struct alias_link *_link, int _pflags);
 int	 GetProtocolFlags(struct alias_link *_link);
 void	 SetDestCallId(struct alias_link *_link, u_int16_t _cid);
@ -179,47 +261,47 @@ void	 PunchFWHole(struct alias_link *_link);
 #endif
 /* Housekeeping function */
-void	 HouseKeeping(void);
+void	 HouseKeeping(struct libalias *);
 /* Tcp specfic routines */
 /* lint -save -library Suppress flexelint warnings */
 /* FTP routines */
-void	 AliasHandleFtpOut(struct ip *_pip, struct alias_link *_link,
+void	 AliasHandleFtpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    int _maxpacketsize);
 /* IRC routines */
-void	 AliasHandleIrcOut(struct ip *_pip, struct alias_link *_link,
+void	 AliasHandleIrcOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    int _maxsize);
 /* RTSP routines */
-void	 AliasHandleRtspOut(struct ip *_pip, struct alias_link *_link,
+void	 AliasHandleRtspOut(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    int _maxpacketsize);
 /* PPTP routines */
-void	 AliasHandlePptpOut(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandlePptpOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-void	 AliasHandlePptpIn(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandlePptpIn(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-int	 AliasHandlePptpGreOut(struct ip *_pip);
+int	 AliasHandlePptpGreOut(struct libalias *la, struct ip *_pip);
-int	 AliasHandlePptpGreIn(struct ip *_pip);
+int	 AliasHandlePptpGreIn(struct libalias *la, struct ip *_pip);
 /* NetBIOS routines */
-int	 AliasHandleUdpNbt(struct ip *_pip, struct alias_link *_link,
+int	 AliasHandleUdpNbt(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    struct in_addr *_alias_address, u_short _alias_port);
-int	 AliasHandleUdpNbtNS(struct ip *_pip, struct alias_link *_link,
+int	 AliasHandleUdpNbtNS(struct libalias *la, struct ip *_pip, struct alias_link *_link,
 	    struct in_addr *_alias_address, u_short *_alias_port,
 	    struct in_addr *_original_address, u_short *_original_port);
 /* CUSeeMe routines */
-void	 AliasHandleCUSeeMeOut(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandleCUSeeMeOut(struct libalias *la, struct ip *_pip, struct alias_link *_link);
-void	 AliasHandleCUSeeMeIn(struct ip *_pip, struct in_addr _original_addr);
+void	 AliasHandleCUSeeMeIn(struct libalias *la, struct ip *_pip, struct in_addr _original_addr);
 /* Skinny routines */
-void	 AliasHandleSkinny(struct ip *_pip, struct alias_link *_link);
+void	 AliasHandleSkinny(struct libalias *la, struct ip *_pip, struct alias_link *_link);
 /* Transparent proxy routines */
-int	 ProxyCheck(struct ip *_pip, struct in_addr *_proxy_server_addr,
+int	 ProxyCheck(struct libalias *la, struct ip *_pip, struct in_addr *_proxy_server_addr,
 	    u_short *_proxy_server_port);
-void	 ProxyModify(struct alias_link *_link, struct ip *_pip,
+void	 ProxyModify(struct libalias *la, struct alias_link *_link, struct ip *_pip,
 	    int _maxpacketsize, int _proxy_type);
 enum alias_tcp_state {
--- a/sys/netinet/libalias/alias_nbt.c
+++ b/sys/netinet/libalias/alias_nbt.c
@ -196,6 +196,7 @@ static u_char *AliasHandleName ( u_char *p, char *pmax ) {
 #define DGM_NEGATIVE_RES	0x16
 int AliasHandleUdpNbt(
 	struct libalias *la,
 	struct ip 		  	*pip,	 /* IP packet to examine/patch */
 	struct alias_link 	*link,
 	struct in_addr		*alias_address,
@ -612,6 +613,7 @@ AliasHandleResource(
 }
 int AliasHandleUdpNbtNS(
 	struct libalias *la,
 	struct ip 		  	*pip,	 /* IP packet to examine/patch */
 	struct alias_link 	*link,
 	struct in_addr		*alias_address,
--- a/sys/netinet/libalias/alias_old.c
+++ b/sys/netinet/libalias/alias_old.c
@ -0,0 +1,205 @@
 /*-
 * Copyright (c) 2004 Poul-Henning Kamp <phk@FreeBSD.org>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 #include <stdlib.h>
 #include <sys/types.h>
 #include <netinet/in.h>
 #include <alias.h>
 /*
 * These functions are for backwards compatibility and because apps may
 * be linked against shlib versions, they have to be actual functions,
 * we cannot inline them.
 */
 static struct libalias *la;
 void
 PacketAliasInit(void)
 {
 	la = LibAliasInit(la);
 }
 void
 PacketAliasSetAddress(struct in_addr _addr)
 {
 	LibAliasSetAddress(la, _addr);
 }
 void
 PacketAliasSetFWBase(unsigned int _base, unsigned int _num)
 {
 	LibAliasSetFWBase(la, _base, _num);
 }
 void
 PacketAliasSetSkinnyPort(unsigned int _port)
 {
 	LibAliasSetSkinnyPort(la, _port);
 }
 unsigned int
 PacketAliasSetMode(unsigned int _flags, unsigned int _mask)
 {
 	return LibAliasSetMode(la, _flags, _mask);
 }
 void
 PacketAliasUninit(void)
 {
 	LibAliasUninit(la);
 	la = NULL;
 }
 int
 PacketAliasIn(char *_ptr, int _maxpacketsize)
 {
 	return LibAliasIn(la, _ptr, _maxpacketsize);
 }
 int
 PacketAliasOut(char *_ptr, int _maxpacketsize)
 {
 	return LibAliasOut(la, _ptr, _maxpacketsize);
 }
 int
 PacketUnaliasOut(char *_ptr, int _maxpacketsize)
 {
 	return LibAliasUnaliasOut(la, _ptr, _maxpacketsize);
 }
 int
 PacketAliasAddServer(struct alias_link *_link,
    struct in_addr _addr, unsigned short _port)
 {
 	return LibAliasAddServer(la, _link, _addr, _port);
 }
 struct alias_link *
 PacketAliasRedirectAddr(struct in_addr _src_addr,
 	    struct in_addr _alias_addr)
 {
 	return LibAliasRedirectAddr(la, _src_addr, _alias_addr);
 }
 int
 PacketAliasRedirectDynamic(struct alias_link *_link)
 {
 	return LibAliasRedirectDynamic(la, _link);
 }
 void
 PacketAliasRedirectDelete(struct alias_link *_link)
 {
 	LibAliasRedirectDelete(la, _link);
 }
 struct alias_link *
 PacketAliasRedirectPort(struct in_addr _src_addr,
    unsigned short _src_port, struct in_addr _dst_addr,
    unsigned short _dst_port, struct in_addr _alias_addr,
    unsigned short _alias_port, unsigned char _proto)
 {
 	return LibAliasRedirectPort(la, _src_addr, _src_port, _dst_addr,
 	    _dst_port, _alias_addr, _alias_port, _proto);
 }
 struct alias_link *
 PacketAliasRedirectProto(struct in_addr _src_addr,
    struct in_addr _dst_addr, struct in_addr _alias_addr,
    unsigned char _proto)
 {
 	return LibAliasRedirectProto(la, _src_addr, _dst_addr, _alias_addr,
 	     _proto);
 }
 void
 PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment)
 {
 	LibAliasFragmentIn(la, _ptr, _ptr_fragment);
 }
 char *
 PacketAliasGetFragment(char *_ptr)
 {
 	return LibAliasGetFragment(la, _ptr);
 }
 int
 PacketAliasSaveFragment(char *_ptr)
 {
 	return LibAliasSaveFragment(la, _ptr);
 }
 int
 PacketAliasCheckNewLink(void)
 {
 	return LibAliasCheckNewLink(la);
 }
 unsigned short
 PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes)
 {
 	return LibAliasInternetChecksum(la, _ptr, _nbytes);
 }
 void
 PacketAliasSetTarget(struct in_addr _target_addr)
 {
 	LibAliasSetTarget(la, _target_addr);
 }
 /* Transparent proxying routines. */
 int
 PacketAliasProxyRule(const char *_cmd)
 {
 	return LibAliasProxyRule(la, _cmd);
 }
--- a/sys/netinet/libalias/alias_pptp.c
+++ b/sys/netinet/libalias/alias_pptp.c
@ -145,7 +145,8 @@ static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *);
 void
-AliasHandlePptpOut(struct ip *pip,	    /* IP packet to examine/patch */
+AliasHandlePptpOut(struct libalias *la,
 		   struct ip *pip,	    /* IP packet to examine/patch */
                   struct alias_link *link) /* The PPTP control link */
 {
    struct alias_link   *pptp_link;
@ -165,13 +166,13 @@ AliasHandlePptpOut(struct ip *pip,	    /* IP packet to examine/patch */
    case PPTP_InCallRequest:
    case PPTP_InCallReply:
 	/* Establish PPTP link for address and Call ID found in control message. */
-	pptp_link = AddPptp(GetOriginalAddress(link), GetDestAddress(link),
+	pptp_link = AddPptp(la, GetOriginalAddress(link), GetDestAddress(link),
 			    GetAliasAddress(link), cptr->cid1);
 	break;
    case PPTP_CallClearRequest:
    case PPTP_CallDiscNotify:
 	/* Find PPTP link for address and Call ID found in control message. */
-	pptp_link = FindPptpOutByCallId(GetOriginalAddress(link),
+	pptp_link = FindPptpOutByCallId(la, GetOriginalAddress(link),
 					GetDestAddress(link),
 					cptr->cid1);
 	break;
@ -208,7 +209,8 @@ AliasHandlePptpOut(struct ip *pip,	    /* IP packet to examine/patch */
 }
 void
-AliasHandlePptpIn(struct ip *pip,	   /* IP packet to examine/patch */
+AliasHandlePptpIn(struct libalias *la, 
 		  struct ip *pip,	   /* IP packet to examine/patch */
                  struct alias_link *link) /* The PPTP control link */
 {
    struct alias_link   *pptp_link;
@ -234,7 +236,7 @@ AliasHandlePptpIn(struct ip *pip,	   /* IP packet to examine/patch */
      pcall_id = &cptr->cid2;
      break;
    case PPTP_CallDiscNotify:			/* Connection closed. */
-      pptp_link = FindPptpInByCallId(GetDestAddress(link),
+      pptp_link = FindPptpInByCallId(la, GetDestAddress(link),
 				     GetAliasAddress(link),
 				     cptr->cid1);
      if (pptp_link != NULL)
@ -245,7 +247,7 @@ AliasHandlePptpIn(struct ip *pip,	   /* IP packet to examine/patch */
    }
    /* Find PPTP link for address and Call ID found in PPTP Control Msg */
-    pptp_link = FindPptpInByPeerCallId(GetDestAddress(link),
+    pptp_link = FindPptpInByPeerCallId(la, GetDestAddress(link),
 				       GetAliasAddress(link),
 				       *pcall_id);
@ -311,7 +313,7 @@ AliasVerifyPptp(struct ip *pip, u_int16_t *ptype) /* IP packet to examine/patch
 int
-AliasHandlePptpGreOut(struct ip *pip)
+AliasHandlePptpGreOut(struct libalias *la, struct ip *pip)
 {
    GreHdr		*gr;
    struct alias_link	*link;
@ -322,7 +324,7 @@ AliasHandlePptpGreOut(struct ip *pip)
    if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
 	return (-1);
-    link = FindPptpOutByPeerCallId(pip->ip_src, pip->ip_dst, gr->gh_call_id);
+    link = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
    if (link != NULL) {
 	struct in_addr alias_addr = GetAliasAddress(link);
@ -339,7 +341,7 @@ AliasHandlePptpGreOut(struct ip *pip)
 int
-AliasHandlePptpGreIn(struct ip *pip)
+AliasHandlePptpGreIn(struct libalias *la, struct ip *pip)
 {
    GreHdr		*gr;
    struct alias_link	*link;
@ -350,7 +352,7 @@ AliasHandlePptpGreIn(struct ip *pip)
    if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE)
 	return (-1);
-    link = FindPptpInByPeerCallId(pip->ip_src, pip->ip_dst, gr->gh_call_id);
+    link = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id);
    if (link != NULL) {
 	struct in_addr src_addr = GetOriginalAddress(link);
--- a/sys/netinet/libalias/alias_proxy.c
+++ b/sys/netinet/libalias/alias_proxy.c
@ -86,6 +86,7 @@ __FBSDID("$FreeBSD$");
 */
 struct proxy_entry
 {
    struct libalias *la;
 #define PROXY_TYPE_ENCODE_NONE      1
 #define PROXY_TYPE_ENCODE_TCPSTREAM 2
 #define PROXY_TYPE_ENCODE_IPHDR     3
@ -113,8 +114,6 @@ struct proxy_entry
    File scope variables
 */
 static struct proxy_entry *proxyList;
 /* Local (static) functions:
@ -138,9 +137,9 @@ static struct proxy_entry *proxyList;
 static int IpMask(int, struct in_addr *);
 static int IpAddr(char *, struct in_addr *);
 static int IpPort(char *, int, int *);
-static void RuleAdd(struct proxy_entry *);
+static void RuleAdd(struct libalias *la, struct proxy_entry *);
 static void RuleDelete(struct proxy_entry *);
-static int RuleNumberDelete(int);
+static int RuleNumberDelete(struct libalias *la, int);
 static void ProxyEncodeTcpStream(struct alias_link *, struct ip *, int);
 static void ProxyEncodeIpHeader(struct ip *, int);
@ -197,22 +196,23 @@ IpPort(char *s, int proto, int *port)
 }
 void
-RuleAdd(struct proxy_entry *entry)
+RuleAdd(struct libalias *la, struct proxy_entry *entry)
 {
    int rule_index;
    struct proxy_entry *ptr;
    struct proxy_entry *ptr_last;
-    if (proxyList == NULL)
+    if (la->proxyList == NULL)
    {
-        proxyList = entry;
+        la->proxyList = entry;
        entry->last = NULL;
        entry->next = NULL;
        return;
    }
    entry->la = la;
    rule_index = entry->rule_index;
-    ptr = proxyList;
+    ptr = la->proxyList;
    ptr_last = NULL;
    while (ptr != NULL)
    {
@ -220,10 +220,10 @@ RuleAdd(struct proxy_entry *entry)
        {
            if (ptr_last == NULL)
            {
-                entry->next = proxyList;
+                entry->next = la->proxyList;
                entry->last = NULL;
-                proxyList->last = entry;
+                la->proxyList->last = entry;
-                proxyList = entry;
+                la->proxyList = entry;
                return;
            }
@ -245,10 +245,13 @@ RuleAdd(struct proxy_entry *entry)
 static void
 RuleDelete(struct proxy_entry *entry)
 {
    struct libalias *la;
    la = entry->la;
    if (entry->last != NULL)
        entry->last->next = entry->next;
    else
-        proxyList = entry->next;
+        la->proxyList = entry->next;
    if (entry->next != NULL)
        entry->next->last = entry->last;
@ -257,13 +260,13 @@ RuleDelete(struct proxy_entry *entry)
 }
 static int
-RuleNumberDelete(int rule_index)
+RuleNumberDelete(struct libalias *la, int rule_index)
 {
    int err;
    struct proxy_entry *ptr;
    err = -1;
-    ptr = proxyList;
+    ptr = la->proxyList;
    while (ptr != NULL)
    {
        struct proxy_entry *ptr_next;
@ -447,7 +450,7 @@ ProxyEncodeIpHeader(struct ip *pip,
 */
 int
-ProxyCheck(struct ip *pip,
+ProxyCheck(struct libalias *la, struct ip *pip,
           struct in_addr *proxy_server_addr,
           u_short *proxy_server_port)
 {
@ -461,7 +464,7 @@ ProxyCheck(struct ip *pip,
    dst_port = ((struct tcphdr *) ((char *) pip + (pip->ip_hl << 2)))
        ->th_dport;
-    ptr = proxyList;
+    ptr = la->proxyList;
    while (ptr != NULL)
    {
        u_short proxy_port;
@ -493,7 +496,7 @@ ProxyCheck(struct ip *pip,
 }
 void
-ProxyModify(struct alias_link *link,
+ProxyModify(struct libalias *la, struct alias_link *link,
            struct ip *pip,
            int maxpacketsize,
            int proxy_type)
@ -516,7 +519,7 @@ ProxyModify(struct alias_link *link,
 */
 int
-PacketAliasProxyRule(const char *cmd)
+LibAliasProxyRule(struct libalias *la, const char *cmd)
 {
 /*
 * This function takes command strings of the form:
@ -694,7 +697,7 @@ PacketAliasProxyRule(const char *cmd)
                n = sscanf(token, "%d", &rule_to_delete);
                if (n != 1)
                    return -1;
-                err = RuleNumberDelete(rule_to_delete);
+                err = RuleNumberDelete(la, rule_to_delete);
                if (err)
                    return -1;
                return 0;
@ -831,7 +834,7 @@ PacketAliasProxyRule(const char *cmd)
    proxy_entry->src_mask = src_mask;
    proxy_entry->dst_mask = dst_mask;
-    RuleAdd(proxy_entry);
+    RuleAdd(la, proxy_entry);
    return 0;
 }
--- a/sys/netinet/libalias/alias_skinny.c
+++ b/sys/netinet/libalias/alias_skinny.c
@ -173,7 +173,7 @@ alias_skinny_port_msg(struct IpPortMessage *port_msg, struct ip *pip,
 }
 static int
-alias_skinny_opnrcvch_ack(struct OpenReceiveChannelAck *opnrcvch_ack,
+alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opnrcvch_ack,
                          struct ip * pip, struct tcphdr *tc,
                          struct alias_link *link, u_int32_t *localIpAddr,
                          ConvDirection direction)
@ -186,7 +186,7 @@ alias_skinny_opnrcvch_ack(struct OpenReceiveChannelAck *opnrcvch_ack,
  localPort = opnrcvch_ack->port;
  null_addr.s_addr = INADDR_ANY;
-  opnrcv_link = FindUdpTcpOut(pip->ip_src, null_addr,
+  opnrcv_link = FindUdpTcpOut(la, pip->ip_src, null_addr,
                              htons((u_short) opnrcvch_ack->port), 0,
                              IPPROTO_UDP, 1);
  opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_link).s_addr;
@ -199,7 +199,7 @@ alias_skinny_opnrcvch_ack(struct OpenReceiveChannelAck *opnrcvch_ack,
 }
 void
-AliasHandleSkinny(struct ip *pip, struct alias_link *link)
+AliasHandleSkinny(struct libalias *la, struct ip *pip, struct alias_link *link)
 {
  int             hlen, tlen, dlen;
  struct tcphdr  *tc;
@ -220,9 +220,9 @@ AliasHandleSkinny(struct ip *pip, struct alias_link *link)
   * handle the scenario where the call manager is on the inside, and
   * the calling phone is on the global outside.
   */
-  if (ntohs(tc->th_dport) == skinnyPort) {
+  if (ntohs(tc->th_dport) == la->skinnyPort) {
    direction = ClientToServer;
-  } else if (ntohs(tc->th_sport) == skinnyPort) {
+  } else if (ntohs(tc->th_sport) == la->skinnyPort) {
    direction = ServerToClient;
  } else {
 #ifdef DEBUG
@ -306,7 +306,7 @@ AliasHandleSkinny(struct ip *pip, struct alias_link *link)
                  "PacketAlias/Skinny: Received open rcv channel msg\n");
 #endif
          opnrcvchn_ack = (struct OpenReceiveChannelAck *) & sd->msgId;
-          alias_skinny_opnrcvch_ack(opnrcvchn_ack, pip, tc, link, &lip, direction);
+          alias_skinny_opnrcvch_ack(la, opnrcvchn_ack, pip, tc, link, &lip, direction);
        }
        break;
      case START_MEDIATX:
--- a/sys/netinet/libalias/alias_smedia.c
+++ b/sys/netinet/libalias/alias_smedia.c
@ -137,7 +137,7 @@ search_string(char *data, int dlen, const char *search_str)
 }
 static int
-alias_rtsp_out(struct ip *pip,
+alias_rtsp_out(struct libalias *la, struct ip *pip,
 		   struct alias_link *link,
 		   char *data,
 		   const char *port_str)
@ -221,8 +221,8 @@ alias_rtsp_out(struct ip *pip,
 		  /* Find an even numbered port number base that
 		     satisfies the contiguous number of ports we need  */
 		  null_addr.s_addr = 0;
-		  if (0 == (salias = FindNewPortGroup(null_addr,
+		  if (0 == (salias = FindNewPortGroup(la, null_addr,
-	       			    FindAliasAddress(pip->ip_src),
+	       			    FindAliasAddress(la, pip->ip_src),
 				    sport, 0,
 				    RTSP_PORT_GROUP,
 				    IPPROTO_UDP, 1))) {
@ -235,7 +235,7 @@ alias_rtsp_out(struct ip *pip,
  		    base_alias = ntohs(salias);
 		    for (j = 0; j < RTSP_PORT_GROUP; j++) {
 		      /* Establish link to port found in RTSP packet */
-		      rtsp_link = FindRtspOut(GetOriginalAddress(link), null_addr,
+		      rtsp_link = FindRtspOut(la, GetOriginalAddress(link), null_addr,
                                htons(base_port + j), htons(base_alias + j),
                                IPPROTO_UDP);
 		      if (rtsp_link != NULL) {
@ -319,7 +319,7 @@ alias_rtsp_out(struct ip *pip,
 /* Support the protocol used by early versions of RealPlayer */
 static int
-alias_pna_out(struct ip *pip,
+alias_pna_out(struct libalias *la, struct ip *pip,
 		  struct alias_link *link,
 		  char *data,
 		  int dlen)
@ -343,7 +343,7 @@ alias_pna_out(struct ip *pip,
 	}
 	if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
 	    memcpy(&port, work, 2);
-	    pna_links = FindUdpTcpOut(pip->ip_src, GetDestAddress(link),
+	    pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(link),
 				      port, 0, IPPROTO_UDP, 1);
 	    if (pna_links != NULL) {
 #ifndef NO_FW_PUNCH
@ -366,7 +366,7 @@ alias_pna_out(struct ip *pip,
 }
 void
-AliasHandleRtspOut(struct ip *pip, struct alias_link *link, int maxpacketsize)
+AliasHandleRtspOut(struct libalias *la, struct ip *pip, struct alias_link *link, int maxpacketsize)
 {
    int    hlen, tlen, dlen;
    struct tcphdr *tc;
@ -390,13 +390,13 @@ AliasHandleRtspOut(struct ip *pip, struct alias_link *link, int maxpacketsize)
      if (dlen >= strlen(setup)) {
        if (memcmp(data, setup, strlen(setup)) == 0) {
-	    alias_rtsp_out(pip, link, data, client_port_str);
+	    alias_rtsp_out(la, pip, link, data, client_port_str);
 	    return;
 	}
      }
      if (dlen >= strlen(pna)) {
 	if (memcmp(data, pna, strlen(pna)) == 0) {
-	    alias_pna_out(pip, link, data, dlen);
+	    alias_pna_out(la, pip, link, data, dlen);
 	}
      }
@ -424,7 +424,7 @@ AliasHandleRtspOut(struct ip *pip, struct alias_link *link, int maxpacketsize)
          if ((dlen - i) >= strlen(okstr)) {
            if (memcmp(&data[i], okstr, strlen(okstr)) == 0)
-              alias_rtsp_out(pip, link, data, server_port_str);
+              alias_rtsp_out(la, pip, link, data, server_port_str);
          }
        }
--- a/sys/netinet/libalias/alias_util.c
+++ b/sys/netinet/libalias/alias_util.c
@ -50,6 +50,7 @@ then these routines will give a result of zero (useful for testing
 purposes);
 */
 #include <stdio.h>
 #include <sys/types.h>
 #include <netinet/in_systm.h>
 #include <netinet/in.h>
@ -60,7 +61,7 @@ purposes);
 #include "alias_local.h"
 u_short
-PacketAliasInternetChecksum(u_short *ptr, int nbytes)
+LibAliasInternetChecksum(struct libalias *la, u_short *ptr, int nbytes)
 {
    int sum, oddbyte;
--- a/sys/netinet/libalias/libalias.3
+++ b/sys/netinet/libalias/libalias.3
@ -67,24 +67,26 @@ of the kernel, without any access to private kernel data structure, but
 the source code can also be ported to a kernel environment.
 .Sh INITIALIZATION AND CONTROL
 One special function,
-.Fn PacketAliasInit ,
+.Fn LibAliasInit ,
-must always be called before any packet handling may be performed.
+must always be called before any packet handling may be performed and
 the returned instance pointer passed to all the other functions.
 Normally, the
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 function is called afterwards, to set the default aliasing address.
 In addition, the operating mode of the packet aliasing engine can be
 customized by calling
-.Fn PacketAliasSetMode .
+.Fn LibAliasSetMode .
 .Pp
-.Ft void
+.Ft "struct libalias *"
-.Fn PacketAliasInit void
+.Fn LibAliasInit "struct libalias *"
 .Bd -ragged -offset indent
-This function has no arguments or return value and is used to initialize
+This function is used to initialize
 internal data structures.
 When called first time a NULL pointer should be passed as argument.
 The following mode bits are always set after calling
-.Fn PacketAliasInit .
+.Fn LibAliasInit .
 See the description of
-.Fn PacketAliasSetMode
+.Fn LibAliasSetMode
 below for the meaning of these mode bits.
 .Pp
 .Bl -item -offset indent -compact
@ -99,19 +101,19 @@ below for the meaning of these mode bits.
 This function will always return the packet aliasing engine to the same
 initial state.
 The
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 function is normally called afterwards, and any desired changes from the
 default mode bits listed above require a call to
-.Fn PacketAliasSetMode .
+.Fn LibAliasSetMode .
 .Pp
 It is mandatory that this function be called at the beginning of a program
 prior to any packet handling.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasUninit void
+.Fn LibAliasUninit "struct libalias *"
 .Bd -ragged -offset indent
-This function has no arguments or return value and is used to clear any
+This function has no return value and is used to clear any
 resources attached to internal data structures.
 .Pp
 This functions should be called when a program stops using the aliasing
@ -120,18 +122,17 @@ To provide backwards compatibility and extra security, it is added to
 the
 .Xr atexit 3
 chain by
-.Fn PacketAliasInit .
+.Fn LibAliasInit .
 Calling it multiple times is harmless.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasSetAddress "struct in_addr addr"
+.Fn LibAliasSetAddress "struct libalias *" "struct in_addr addr"
 .Bd -ragged -offset indent
 This function sets the source address to which outgoing packets from the
 local area network are aliased.
 All outgoing packets are re-mapped to this address unless overridden by a
 static address mapping established by
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 If this function is not called, and no static rules match, an outgoing
 packet retains its source address.
 .Pp
@ -153,7 +154,7 @@ It is mandatory that this function be called prior to any packet handling.
 .Ed
 .Pp
 .Ft unsigned int
-.Fn PacketAliasSetMode "unsigned int flags" "unsigned int mask"
+.Fn LibAliasSetMode "struct libalias *" "unsigned int flags" "unsigned int mask"
 .Bd -ragged -offset indent
 This function sets or clears mode bits
 according to the value of
@ -174,7 +175,7 @@ Mainly useful for debugging when the log file is viewed continuously with
 .It Dv PKT_ALIAS_DENY_INCOMING
 If this mode bit is set, all incoming packets associated with new TCP
 connections or new UDP transactions will be marked for being ignored
-.Fn ( PacketAliasIn
+.Fn ( LibAliasIn
 returns
 .Dv PKT_ALIAS_IGNORED
 code)
@ -214,7 +215,7 @@ The registered subnet is fully accessible to the outside world, so traffic
 from it does not need to be passed through the packet aliasing engine.
 .It Dv PKT_ALIAS_RESET_ON_ADDR_CHANGE
 When this mode bit is set and
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the aliasing address, the internal link table of the
 packet aliasing engine will be cleared.
 This operating mode is useful for
@ -238,7 +239,7 @@ To cater to unexpected death of a program using
 changing the state of the flag will clear the entire firewall range
 allocated for holes.
 This will also happen on the initial call to
-.Fn PacketAliasSetFWBase .
+.Fn LibAliasSetFWBase .
 This call must happen prior to setting this flag.
 .It Dv PKT_ALIAS_REVERSE
 This option makes
@ -252,13 +253,13 @@ This option tells
 to obey transparent proxy rules only.
 Normal packet aliasing is not performed.
 See
-.Fn PacketAliasProxyRule
+.Fn LibAliasProxyRule
 below for details.
 .El
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasSetFWBase "unsigned int base" "unsigned int num"
+.Fn LibAliasSetFWBase "struct libalias *" "unsigned int base" "unsigned int num"
 .Bd -ragged -offset indent
 Set firewall range allocated for punching firewall holes (with the
 .Dv PKT_ALIAS_PUNCH_FW
@ -267,7 +268,7 @@ The range will be cleared for all rules on initialization.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasSkinnyPort "unsigned int port"
+.Fn LibAliasSkinnyPort "struct libalias *" "unsigned int port"
 .Bd -ragged -offset indent
 Set the TCP port used by the Skinny Station protocol.
 Skinny is used by Cisco IP phones to communicate with
@ -282,18 +283,18 @@ The calling program is responsible for receiving and sending packets via
 network interfaces.
 .Pp
 Along with
-.Fn PacketAliasInit
+.Fn LibAliasInit
 and
-.Fn PacketAliasSetAddress ,
+.Fn LibAliasSetAddress ,
 the two packet handling functions,
-.Fn PacketAliasIn
+.Fn LibAliasIn
 and
-.Fn PacketAliasOut ,
+.Fn LibAliasOut ,
 comprise minimal set of functions needed for a basic IP masquerading
 implementation.
 .Pp
 .Ft int
-.Fn PacketAliasIn "char *buffer" "int maxpacketsize"
+.Fn LibAliasIn "struct libalias *" "char *buffer" "int maxpacketsize"
 .Bd -ragged -offset indent
 An incoming packet coming from a remote machine to the local network is
 de-aliased by this function.
@ -315,26 +316,26 @@ type is not handled or if incoming packets for new connections are being
 ignored (if
 .Dv PKT_ALIAS_DENY_INCOMING
 mode bit was set by
-.Fn PacketAliasSetMode ) .
+.Fn LibAliasSetMode ) .
 .It Dv PKT_ALIAS_UNRESOLVED_FRAGMENT
 This is returned when a fragment cannot be resolved because the header
 fragment has not been sent yet.
 In this situation, fragments must be saved with
-.Fn PacketAliasSaveFragment
+.Fn LibAliasSaveFragment
 until a header fragment is found.
 .It Dv PKT_ALIAS_FOUND_HEADER_FRAGMENT
 The packet aliasing process was successful, and a header fragment was found.
 This is a signal to retrieve any unresolved fragments with
-.Fn PacketAliasGetFragment
+.Fn LibAliasGetFragment
 and de-alias them with
-.Fn PacketAliasFragmentIn .
+.Fn LibAliasFragmentIn .
 .It Dv PKT_ALIAS_ERROR
 An internal error within the packet aliasing engine occurred.
 .El
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasOut "char *buffer" "int maxpacketsize"
+.Fn LibAliasOut "struct libalias *" "char *buffer" "int maxpacketsize"
 .Bd -ragged -offset indent
 An outgoing packet coming from the local network to a remote machine is
 aliased by this function.
@ -369,7 +370,8 @@ Individual ports can be re-mapped or static network address translations can
 be designated.
 .Pp
 .Ft struct alias_link *
-.Fo PacketAliasRedirectPort
+.Fo LibAliasRedirectPort
 .Fa "struct libalias *"
 .Fa "struct in_addr local_addr"
 .Fa "u_short local_port"
 .Fa "struct in_addr remote_addr"
@ -396,12 +398,12 @@ or
 .Fa alias_addr
 is zero, this indicates that the packet aliasing address as established
 by
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is to be used.
 Even if
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the address after
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 is called, a zero reference will track this change.
 .Pp
 If the link is further set up to operate for a load sharing, then
@ -409,7 +411,7 @@ If the link is further set up to operate for a load sharing, then
 and
 .Fa local_port
 are ignored, and are selected dynamically from the server pool, as described in
-.Fn PacketAliasAddServer
+.Fn LibAliasAddServer
 below.
 .Pp
 If
@ -422,12 +424,12 @@ port number.
 Almost always, the remote port specification will be zero, but non-zero
 remote addresses can sometimes be useful for firewalling.
 If two calls to
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 overlap in their address/port specifications, then the most recent call
 will have precedence.
 .Pp
 This function returns a pointer which can subsequently be used by
-.Fn PacketAliasRedirectDelete .
+.Fn LibAliasRedirectDelete .
 If
 .Dv NULL
 is returned, then the function call did not complete successfully.
@ -443,7 +445,8 @@ data type.
 .Ed
 .Pp
 .Ft struct alias_link *
-.Fo PacketAliasRedirectAddr
+.Fo LibAliasRedirectAddr
 .Fa "struct libalias *"
 .Fa "struct in_addr local_addr"
 .Fa "struct in_addr alias_addr"
 .Fc
@ -462,22 +465,22 @@ If
 or
 .Fa alias_addr
 is zero, this indicates that the packet aliasing address as established by
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is to be used.
 Even if
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the address after
-.Fn PacketAliasRedirectAddr
+.Fn LibAliasRedirectAddr
 is called, a zero reference will track this change.
 .Pp
 If the link is further set up to operate for a load sharing, then
 .Fa local_addr
 is ignored, and is selected dynamically from the server pool, as described in
-.Fn PacketAliasAddServer
+.Fn LibAliasAddServer
 below.
 .Pp
 If subsequent calls to
-.Fn PacketAliasRedirectAddr
+.Fn LibAliasRedirectAddr
 use the same aliasing address, all new incoming traffic to this aliasing
 address will be redirected to the local address made in the last function
 call.
@ -485,11 +488,11 @@ New traffic generated by any of the local machines, designated in the
 several function calls, will be aliased to the same address.
 Consider the following example:
 .Bd -literal -offset indent
-PacketAliasRedirectAddr(inet_aton("192.168.0.2"),
+LibAliasRedirectAddr(inet_aton("192.168.0.2"),
                        inet_aton("141.221.254.101"));
-PacketAliasRedirectAddr(inet_aton("192.168.0.3"),
+LibAliasRedirectAddr(inet_aton("192.168.0.3"),
                        inet_aton("141.221.254.101"));
-PacketAliasRedirectAddr(inet_aton("192.168.0.4"),
+LibAliasRedirectAddr(inet_aton("192.168.0.4"),
                        inet_aton("141.221.254.101"));
 .Ed
 .Pp
@ -502,19 +505,20 @@ from 192.168.0.2, 192.168.0.3 and 192.168.0.4 will appear to come from
 Any incoming connections to 141.221.254.101 will be directed to 192.168.0.4.
 .Pp
 Any calls to
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 will have precedence over address mappings designated by
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 .Pp
 This function returns a pointer which can subsequently be used by
-.Fn PacketAliasRedirectDelete .
+.Fn LibAliasRedirectDelete .
 If
 .Dv NULL
 is returned, then the function call did not complete successfully.
 .Ed
 .Pp
 .Ft int
-.Fo PacketAliasAddServer
+.Fo LibAliasAddServer
 .Fa "struct libalias *"
 .Fa "struct alias_link *link"
 .Fa "struct in_addr addr"
 .Fa "u_short port"
@ -541,17 +545,17 @@ the host.
 First, the
 .Fa link
 is created by either
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 or
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 Then,
-.Fn PacketAliasAddServer
+.Fn LibAliasAddServer
 is called multiple times to add entries to the
 .Fa link Ns 's
 server pool.
 .Pp
 For links created with
-.Fn PacketAliasRedirectAddr ,
+.Fn LibAliasRedirectAddr ,
 the
 .Fa port
 argument is ignored and could have any value, e.g. htons(~0).
@ -560,10 +564,10 @@ This function returns 0 on success, \-1 otherwise.
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasRedirectDynamic "struct alias_link *link"
+.Fn LibAliasRedirectDynamic "struct libalias *" "struct alias_link *link"
 .Bd -ragged -offset indent
 This function marks the specified static redirect rule entered by
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 as dynamic.
 This can be used to e.g. dynamically redirect a single TCP connection,
 after which the rule is removed.
@ -579,23 +583,23 @@ This function returns 0 on success, \-1 otherwise.
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasRedirectDelete "struct alias_link *link"
+.Fn LibAliasRedirectDelete "struct libalias *" "struct alias_link *link"
 .Bd -ragged -offset indent
 This function will delete a specific static redirect rule entered by
-.Fn PacketAliasRedirectPort
+.Fn LibAliasRedirectPort
 or
-.Fn PacketAliasRedirectAddr .
+.Fn LibAliasRedirectAddr .
 The parameter
 .Fa link
 is the pointer returned by either of the redirection functions.
 If an invalid pointer is passed to
-.Fn PacketAliasRedirectDelete ,
+.Fn LibAliasRedirectDelete ,
 then a program crash or unpredictable operation could result, so it is
 necessary to be careful using this function.
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasProxyRule "const char *cmd"
+.Fn LibAliasProxyRule "struct libalias *" "const char *cmd"
 .Bd -ragged -offset indent
 The passed
 .Fa cmd
@ -640,14 +644,14 @@ specification is mandatory unless the
 command is being used.
 .It Cm rule Ar index
 Normally, each call to
-.Fn PacketAliasProxyRule
+.Fn LibAliasProxyRule
 inserts the next rule at the start of a linear list of rules.
 If an
 .Ar index
 is specified, the new rule will be checked after all rules with lower
 indices.
 Calls to
-.Fn PacketAliasProxyRule
+.Fn LibAliasProxyRule
 that do not specify a rule are assigned rule 0.
 .It Cm delete Ar index
 This token and its argument MUST NOT be used with any other tokens.
@ -688,7 +692,8 @@ access, or to restrict access to certain external machines.
 .Ed
 .Pp
 .Ft struct alias_link *
-.Fo PacketAliasRedirectProto
+.Fo LibAliasRedirectProto
 .Fa "struct libalias *"
 .Fa "struct in_addr local_addr"
 .Fa "struct in_addr remote_addr"
 .Fa "struct in_addr alias_addr"
@ -706,12 +711,12 @@ or
 .Fa alias_addr
 is zero, this indicates that the packet aliasing address as established
 by
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is to be used.
 Even if
-.Fn PacketAliasSetAddress
+.Fn LibAliasSetAddress
 is called to change the address after
-.Fn PacketAliasRedirectProto
+.Fn LibAliasRedirectProto
 is called, a zero reference will track this change.
 .Pp
 If
@ -720,12 +725,12 @@ is zero, this indicates to redirect packets from any remote address.
 Non-zero remote addresses can sometimes be useful for firewalling.
 .Pp
 If two calls to
-.Fn PacketAliasRedirectProto
+.Fn LibAliasRedirectProto
 overlap in their address specifications, then the most recent call
 will have precedence.
 .Pp
 This function returns a pointer which can subsequently be used by
-.Fn PacketAliasRedirectDelete .
+.Fn LibAliasRedirectDelete .
 If
 .Dv NULL
 is returned, then the function call did not complete successfully.
@ -734,11 +739,11 @@ is returned, then the function call did not complete successfully.
 The functions in this section are used to deal with incoming fragments.
 .Pp
 Outgoing fragments are handled within
-.Fn PacketAliasOut
+.Fn LibAliasOut
 by changing the address according to any applicable mapping set by
-.Fn PacketAliasRedirectAddr ,
+.Fn LibAliasRedirectAddr ,
 or the default aliasing address set by
-.Fn PacketAliasSetAddress .
+.Fn LibAliasSetAddress .
 .Pp
 Incoming fragments are handled in one of two ways.
 If the header of a fragmented IP packet has already been seen, then all
@ -748,10 +753,10 @@ Fragments which arrive before the header are saved and then retrieved
 once the header fragment has been resolved.
 .Pp
 .Ft int
-.Fn PacketAliasSaveFragment "char *ptr"
+.Fn LibAliasSaveFragment "struct libalias *" "char *ptr"
 .Bd -ragged -offset indent
 When
-.Fn PacketAliasIn
+.Fn LibAliasIn
 returns
 .Dv PKT_ALIAS_UNRESOLVED_FRAGMENT ,
 this function can be used to save the pointer to the unresolved fragment.
@ -773,33 +778,33 @@ if there was an error.
 .Ed
 .Pp
 .Ft char *
-.Fn PacketAliasGetFragment "char *buffer"
+.Fn LibAliasGetFragment "struct libalias *" "char *buffer"
 .Bd -ragged -offset indent
 This function can be used to retrieve fragment pointers saved by
-.Fn PacketAliasSaveFragment .
+.Fn LibAliasSaveFragment .
 The IP header fragment pointed to by
 .Fa buffer
 is the header fragment indicated when
-.Fn PacketAliasIn
+.Fn LibAliasIn
 returns
 .Dv PKT_ALIAS_FOUND_HEADER_FRAGMENT .
 Once a fragment pointer is retrieved, it becomes the calling program's
 responsibility to free the dynamically allocated memory for the fragment.
 .Pp
 The
-.Fn PacketAliasGetFragment
+.Fn LibAliasGetFragment
 function can be called sequentially until there are no more fragments
 available, at which time it returns
 .Dv NULL .
 .Ed
 .Pp
 .Ft void
-.Fn PacketAliasFragmentIn "char *header" "char *fragment"
+.Fn LibAliasFragmentIn "struct libalias *" "char *header" "char *fragment"
 .Bd -ragged -offset indent
 When a fragment is retrieved with
-.Fn PacketAliasGetFragment ,
+.Fn LibAliasGetFragment ,
 it can then be de-aliased with a call to
-.Fn PacketAliasFragmentIn .
+.Fn LibAliasFragmentIn .
 The
 .Fa header
 argument is the pointer to a header fragment used as a template, and
@ -808,17 +813,17 @@ is the pointer to the packet to be de-aliased.
 .Ed
 .Sh MISCELLANEOUS FUNCTIONS
 .Ft void
-.Fn PacketAliasSetTarget "struct in_addr addr"
+.Fn LibAliasSetTarget "struct libalias *" "struct in_addr addr"
 .Bd -ragged -offset indent
 When an incoming packet not associated with any pre-existing aliasing link
 arrives at the host machine, it will be sent to the address indicated by a
 call to
-.Fn PacketAliasSetTarget .
+.Fn LibAliasSetTarget .
 .Pp
 If this function is called with an
 .Dv INADDR_NONE
 address argument, then all new incoming packets go to the address set by
-.Fn PacketAliasSetAddress .
+.Fn LibAliasSetAddress .
 .Pp
 If this function is not called, or is called with an
 .Dv INADDR_ANY
@ -829,17 +834,17 @@ can route packets to the machine in question.
 .Ed
 .Pp
 .Ft int
-.Fn PacketAliasCheckNewLink void
+.Fn LibAliasCheckNewLink void
 .Bd -ragged -offset indent
 This function returns a non-zero value when a new aliasing link is created.
 In circumstances where incoming traffic is being sequentially sent to
 different local servers, this function can be used to trigger when
-.Fn PacketAliasSetTarget
+.Fn LibAliasSetTarget
 is called to change the default target address.
 .Ed
 .Pp
 .Ft u_short
-.Fn PacketAliasInternetChecksum "u_short *buffer" "int nbytes"
+.Fn LibAliasInternetChecksum "struct libalias *" "u_short *buffer" "int nbytes"
 .Bd -ragged -offset indent
 This is a utility function that does not seem to be available elsewhere and
 is included as a convenience.
@ -856,12 +861,12 @@ The 16-bit checksum field should be zeroed before computing the checksum.
 Checksums can also be verified by operating on a block of data including
 its checksum.
 If the checksum is valid,
-.Fn PacketAliasInternetChecksum
+.Fn LibAliasInternetChecksum
 will return zero.
 .Ed
 .Pp
 .Ft int
-.Fn PacketUnaliasOut "char *buffer" "int maxpacketsize"
+.Fn LibAliasUnaliasOut "struct libalias *" "char *buffer" "int maxpacketsize"
 .Bd -ragged -offset indent
 An outgoing packet, which has already been aliased,
 has its private address/port information restored by this function.