d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ff2f6fe80f
freebsd-skq/sys/netinet
History
Paolo Pisati ff2f6fe80f Summer of Code 2005: improve libalias - part 2 of 2 
With the second (and last) part of my previous Summer of Code work, we get:

-ipfw's in kernel nat

-redirect_* and LSNAT support

General information about nat syntax and some examples are available
in the ipfw (8) man page. The redirect and LSNAT syntax are identical
to natd, so please refer to natd (8) man page.

To enable in kernel nat in rc.conf, two options were added:

o firewall_nat_enable: equivalent to natd_enable

o firewall_nat_interface: equivalent to natd_interface

Remember to set net.inet.ip.fw.one_pass to 0, if you want the packet
to continue being checked by the firewall ruleset after being
(de)aliased.

NOTA BENE: due to some problems with libalias architecture, in kernel
nat won't work with TSO enabled nic, thus you have to disable TSO via
ifconfig (ifconfig foo0 -tso).

Approved by: glebius (mentor)
2006-12-29 21:59:17 +00:00
..
libalias o made in kernel libalias mpsafe 2006-12-15 12:50:06 +00:00
accf_data.c
accf_http.c
icmp6.h sync with KAME regarding NDP 2005-10-21 16:23:01 +00:00
icmp_var.h
if_atm.c Add newline to debuging printf. 2005-08-26 15:27:18 +00:00
if_atm.h
if_ether.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
if_ether.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
igmp_var.h
igmp.c Improve style(9) conformance of igmp.c. 2006-12-04 00:41:48 +00:00
igmp.h
in_cksum.c
in_gif.c With exception of the if_name() macro, all definitions in net_osdep.h 2006-08-04 21:27:40 +00:00
in_gif.h
in_pcb.c Some whitespace nits and remove a few casts. 2006-12-29 14:58:18 +00:00
in_pcb.h Fix race conditions on enumerating pcb lists by moving the initialization 2006-07-18 22:34:27 +00:00
in_proto.c Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
in_rmx.c Complete timebase (time_second -> time_uptime) conversion. 2006-07-05 23:37:21 +00:00
in_systm.h
in_var.h The IPv4 code should clean up multicast group state when an interface 2006-09-28 10:04:07 +00:00
in.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
in.h Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip6.h move RFC3542 related definitions into ip6.h. 2005-07-20 10:30:52 +00:00
ip_carp.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
ip_carp.h Make sure that carp_header is 36 bytes long 2006-12-01 18:37:41 +00:00
ip_divert.c Some whitespace nits and remove a few casts. 2006-12-29 14:58:18 +00:00
ip_divert.h
ip_dummynet.c - Use non-recursive mutex. MTX_RECURSE is unnecessary since rev. 1.70 2006-10-29 12:09:24 +00:00
ip_dummynet.h When sending a packet from dummynet, indicate that we're forwarding 2006-02-14 06:36:39 +00:00
ip_ecn.c
ip_ecn.h
ip_encap.c With exception of the if_name() macro, all definitions in net_osdep.h 2006-08-04 21:27:40 +00:00
ip_encap.h
ip_fastfwd.c Remove the IPFIREWALL_FORWARD_EXTENDED option and make it on by default as it always was 2006-08-17 00:37:03 +00:00
ip_fw2.c Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip_fw_pfil.c Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip_fw.h Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
ip_gre.c Fix the following bpf(4) race condition which can result in a panic: 2006-06-02 19:59:33 +00:00
ip_gre.h Fix stack corruptions on amd64. 2006-01-21 10:44:34 +00:00
ip_icmp.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ip_icmp.h Pass icmp_error() the MTU argument directly instead of 2005-05-04 13:09:19 +00:00
ip_id.c
ip_input.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ip_ipsec.c Remove unneeded mac.h include. 2006-07-06 13:25:01 +00:00
ip_ipsec.h Move the IPSEC related code blocks to their own file to unclutter 2006-02-01 13:55:03 +00:00
ip_mroute.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
ip_mroute.h Nits. 2006-09-29 16:16:41 +00:00
ip_options.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ip_options.h Move MAX_IPOPTLEN and struct ipoption back into ip_var.h as 2005-11-19 14:01:32 +00:00
ip_output.c Back out revision 1.264. 2006-12-10 13:44:00 +00:00
ip_var.h Fix a long-standing limitation in IPv4 multicast group membership. 2006-05-14 14:22:49 +00:00
ip.h
ipprotosw.h
pim_var.h Remove public declarations of variables that were forgotten when they were 2005-08-10 07:10:02 +00:00
pim.h
raw_ip.c Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
sctp_asconf.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_asconf.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_auth.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_auth.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_bsd_addr.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_bsd_addr.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_constants.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_crc32.c Revert previous commit, and instead make the expression in rev. 1.2 2006-11-05 14:36:59 +00:00
sctp_crc32.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_header.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_indata.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_indata.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_input.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_input.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_lock_bsd.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_os_bsd.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_os.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_output.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_output.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_pcb.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_pcb.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_peeloff.c 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_peeloff.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_structs.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_timer.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_timer.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctp_uio.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
sctp_usrreq.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp_var.h a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctp.h Ok, here it is, we finally add SCTP to current. Note that this 2006-11-03 15:23:16 +00:00
sctputil.c a) macro-ization of all mbuf and random number 2006-12-29 20:21:42 +00:00
sctputil.h 1) Fixes on a number of different collision case LOR's. 2006-12-14 17:02:55 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c MFp4: 92972, 98913 + one more change 2006-12-12 12:17:58 +00:00
tcp_input.c MFp4: 92972, 98913 + one more change 2006-12-12 12:17:58 +00:00
tcp_output.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
tcp_reass.c MFp4: 92972, 98913 + one more change 2006-12-12 12:17:58 +00:00
tcp_sack.c Eliminate debug code that catches bugs in the hinting of sack variables 2006-04-06 17:21:16 +00:00
tcp_seq.h Remove T/TCP RFC1644 Connection Count comparison macros. They are no longer 2006-06-18 14:24:12 +00:00
tcp_subr.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
tcp_syncache.c Fix LOR between the syncache and inpcb locks when MAC is present in the 2006-12-13 06:00:57 +00:00
tcp_timer.c Back when we had T/TCP support, we used to apply different 2006-09-07 13:06:00 +00:00
tcp_timer.h if min is greater than max, prefer max over min... I managed to get a 2006-09-25 07:22:39 +00:00
tcp_timewait.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
tcp_usrreq.c Change error codes returned by protocol operations when an inpcb is 2006-11-22 17:16:54 +00:00
tcp_var.h Rewrite of TCP syncookies to remove locking requirements and to enhance 2006-09-13 13:08:27 +00:00
tcp.h Add missing TH_PUSH to the TH_FLAGS enumeration. 2006-02-18 16:50:08 +00:00
tcpip.h
udp_usrreq.c Some whitespace nits and remove a few casts. 2006-12-29 14:58:18 +00:00
udp_var.h
udp.h