freebsd-skq/sys/conf
Andrey V. Elsukov d8caf56e9e Add ipfw_nat64 module that implements stateless and stateful NAT64.
The module works together with ipfw(4) and implemented as its external
action module.

Stateless NAT64 registers external action with name nat64stl. This
keyword should be used to create NAT64 instance and to address this
instance in rules. Stateless NAT64 uses two lookup tables with mapped
IPv4->IPv6 and IPv6->IPv4 addresses to perform translation.

A configuration of instance should looks like this:
 1. Create lookup tables:
 # ipfw table T46 create type addr valtype ipv6
 # ipfw table T64 create type addr valtype ipv4
 2. Fill T46 and T64 tables.
 3. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 4. Create NAT64 instance:
 # ipfw nat64stl NAT create table4 T46 table6 T64
 5. Add rules that matches the traffic:
 # ipfw add nat64stl NAT ip from any to table(T46)
 # ipfw add nat64stl NAT ip from table(T64) to 64:ff9b::/96
 6. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Stateful NAT64 registers external action with name nat64lsn. The only
one option required to create nat64lsn instance - prefix4. It defines
the pool of IPv4 addresses used for translation.

A configuration of instance should looks like this:
 1. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 2. Create NAT64 instance:
 # ipfw nat64lsn NAT create prefix4 A.B.C.D/28
 3. Add rules that matches the traffic:
 # ipfw add nat64lsn NAT ip from any to A.B.C.D/28
 # ipfw add nat64lsn NAT ip6 from any to 64:ff9b::/96
 4. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6434
2016-08-13 16:09:49 +00:00
..
config.mk Don't run find(1) for __MPATH with NO_MODULES set. 2016-07-22 17:31:14 +00:00
dtb.mk Add missed updates for r301079 and r301084. 2016-05-31 23:12:43 +00:00
files Add ipfw_nat64 module that implements stateless and stateful NAT64. 2016-08-13 16:09:49 +00:00
files.amd64 hyperv/vmbus: Add APIs for various types of transactions. 2016-08-11 05:49:49 +00:00
files.arm Split out the FDT parts of the GICv2 interrupt controller driver. This will 2016-08-01 16:29:04 +00:00
files.arm64 Provide the CloudABI vDSO to its executables. 2016-08-10 21:02:41 +00:00
files.i386 hyperv/vmbus: Add APIs for various types of transactions. 2016-08-11 05:49:49 +00:00
files.mips [nvram2env] split implementation into generic & MIPS-based code 2016-07-24 08:35:45 +00:00
files.pc98 Merge i386 and amd64 variants of mp_watchdog.c into x86/, there is no 2016-08-03 13:51:53 +00:00
files.powerpc Merge MPC85XX and QorIQ config options 2016-08-03 01:22:11 +00:00
files.riscv o Remove operation in machine mode. 2016-08-10 12:41:36 +00:00
files.sparc64 simplify compile-time default keyboard map generation 2016-03-28 19:51:45 +00:00
kern.mk Normalise the CWARNFLAGS inter-word spacing: remove all leading 2016-07-28 17:18:02 +00:00
kern.opts.mk Change the default build behavior so we don't compile extra TCP modules by 2016-06-10 19:06:11 +00:00
kern.post.mk PORTS_MODULES: Don't leak in CC/CXX/CPP. 2016-08-12 11:06:54 +00:00
kern.pre.mk Don't run find(1) for __MPATH with NO_MODULES set. 2016-07-22 17:31:14 +00:00
kmod_syms.awk
kmod.mk Revert r301079. 2016-06-03 19:25:36 +00:00
ldscript.amd64 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.arm remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.arm64 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.i386 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.mips remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.mips.cfe remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.mips.mips64 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.mips.octeon1 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.powerpc remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.powerpc64 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
ldscript.riscv o Remove operation in machine mode. 2016-08-10 12:41:36 +00:00
ldscript.sparc64 remove CONSTRUCTORS from kernel linker scripts 2016-07-28 13:54:46 +00:00
Makefile.amd64
Makefile.arm
Makefile.arm64
Makefile.i386
Makefile.mips [mips] Improve MIPS trampoline code 2016-05-16 23:56:31 +00:00
Makefile.pc98
Makefile.powerpc
Makefile.riscv Set dependencies for genassym.c. 2016-05-24 16:30:05 +00:00
Makefile.sparc64
makeLINT.mk
makeLINT.sed
newvers.sh Reflect head is now 12.0-CURRENT. 2016-07-08 00:12:29 +00:00
NOTES Add ipfw_nat64 module that implements stateless and stateful NAT64. 2016-08-13 16:09:49 +00:00
options Add ipfw_nat64 module that implements stateless and stateful NAT64. 2016-08-13 16:09:49 +00:00
options.amd64 hyperv: Deprecate HYPERV option by moving Hyper-V IDT vector into vmbus 2016-04-15 02:20:18 +00:00
options.arm Add support for Allwinner A13. 2016-07-08 23:38:25 +00:00
options.arm64 Add SOC_ALLWINNER_A64 option for Allwinner A64 (sun50i) SoCs. 2016-07-11 20:05:03 +00:00
options.i386 hyperv: Deprecate HYPERV option by moving Hyper-V IDT vector into vmbus 2016-04-15 02:20:18 +00:00
options.mips Rename ARM_INTRNG and MIPS_INTRNG to INTRNG. This will help with machine 2016-04-15 16:05:41 +00:00
options.pc98
options.powerpc Merge MPC85XX and QorIQ config options 2016-08-03 01:22:11 +00:00
options.riscv Revert r298477 ("Clear the DDR memory"). 2016-04-25 13:20:57 +00:00
options.sparc64
systags.sh
WITHOUT_SOURCELESS
WITHOUT_SOURCELESS_HOST
WITHOUT_SOURCELESS_UCODE