Lines Matching defs:nat
271 /* nat(I) - pointer to NAT entry */
280 static INLINE int nat6_newmap(fin, nat, ni)
282 nat_t *nat;
328 nat->nat_hm = hm;
510 nat->nat_inip6 = fin->fin_src6;
511 nat->nat_outip6 = in;
512 nat->nat_oip6 = fin->fin_dst6;
513 if (nat->nat_hm == NULL)
514 nat->nat_hm = nat6_hostmap(np, &fin->fin_src6, &fin->fin_dst6,
515 &nat->nat_outip6, 0, ifs);
518 nat->nat_inport = sport;
519 nat->nat_outport = port; /* sport */
520 nat->nat_oport = dport;
524 nat->nat_inport = port;
525 nat->nat_outport = port;
539 /* nat(I) - pointer to NAT entry */
546 static INLINE int nat6_newrdr(fin, nat, ni)
548 nat_t *nat;
693 nat->nat_inip6 = in;
694 nat->nat_outip6 = fin->fin_dst6;
695 nat->nat_oip6 = fin->fin_src6;
696 if ((nat->nat_hm == NULL) && ((np->in_flags & IPN_STICKY) != 0))
697 nat->nat_hm = nat6_hostmap(np, &fin->fin_src6,
704 nat->nat_inport = nport;
705 nat->nat_outport = dport;
706 nat->nat_oport = sport;
710 nat->nat_inport = nport;
711 nat->nat_outport = nport;
745 nat_t *nat, *natl;
771 /* Give me a new nat */
772 KMALLOC(nat, nat_t *);
773 if (nat == NULL) {
812 bzero((char *)nat, sizeof (*nat));
813 nat->nat_flags = flags;
814 nat->nat_redir = np->in_redir;
832 KFREE(nat);
833 nat = natl;
837 move = nat6_newmap(fin, nat, &ni);
849 KFREE(nat);
850 nat = natl;
854 move = nat6_newrdr(fin, nat, &ni);
871 if (nat6_finalise(fin, nat, &ni, tcp, natsave, direction) == -1) {
875 nat_calc_chksum_diffs(nat);
882 if ((hm = nat->nat_hm) != NULL)
884 KFREE(nat);
885 nat = NULL;
890 return nat;
898 /* nat(I) - pointer to NAT entry */
907 static INLINE int nat6_finalise(fin, nat, ni, tcp, natsave, direction)
909 nat_t *nat;
921 COPYIFNAME(fin->fin_ifp, nat->nat_ifnames[0], fin->fin_v);
924 if ((nat->nat_flags & SI_CLONE) == 0)
925 nat->nat_sync = ipfsync_new(SMC_NAT, fin, nat);
928 nat->nat_me = natsave;
929 nat->nat_dir = direction;
930 nat->nat_ifps[0] = np->in_ifps[0];
931 nat->nat_ifps[1] = np->in_ifps[1];
932 nat->nat_ptr = np;
933 nat->nat_p = fin->fin_p;
934 nat->nat_v = fin->fin_v;
935 nat->nat_mssclamp = np->in_mssclamp;
937 nat->nat_fr = fr;
938 nat->nat_v = 6;
942 if (appr_new(fin, nat) == -1)
946 if (nat6_insert(nat, fin->fin_rev, ifs) == 0) {
948 nat_log(nat, (u_int)np->in_redir, ifs);
968 /* Parameters: nat(I) - pointer to NAT structure */
975 int nat6_insert(nat, rev, ifs)
976 nat_t *nat;
987 if ((nat->nat_flags & (SI_W_SPORT|SI_W_DPORT)) == 0) {
988 hv1 = NAT_HASH_FN6(&nat->nat_inip6, nat->nat_inport,
990 hv1 = NAT_HASH_FN6(&nat->nat_oip6, hv1 + nat->nat_oport,
992 hv2 = NAT_HASH_FN6(&nat->nat_outip6, nat->nat_outport,
994 hv2 = NAT_HASH_FN6(&nat->nat_oip6, hv2 + nat->nat_oport,
997 hv1 = NAT_HASH_FN6(&nat->nat_inip6, 0, 0xffffffff);
998 hv1 = NAT_HASH_FN6(&nat->nat_oip6, hv1,
1000 hv2 = NAT_HASH_FN6(&nat->nat_outip6, 0, 0xffffffff);
1001 hv2 = NAT_HASH_FN6(&nat->nat_oip6, hv2,
1012 nat->nat_hv[0] = hv1;
1013 nat->nat_hv[1] = hv2;
1015 MUTEX_INIT(&nat->nat_lock, "nat entry lock");
1017 nat->nat_rev = rev;
1018 nat->nat_ref = 1;
1019 nat->nat_bytes[0] = 0;
1020 nat->nat_pkts[0] = 0;
1021 nat->nat_bytes[1] = 0;
1022 nat->nat_pkts[1] = 0;
1024 nat->nat_ifnames[0][LIFNAMSIZ - 1] = '\0';
1025 nat->nat_ifps[0] = fr_resolvenic(nat->nat_ifnames[0], 6, ifs);
1027 if (nat->nat_ifnames[1][0] !='\0') {
1028 nat->nat_ifnames[1][LIFNAMSIZ - 1] = '\0';
1029 nat->nat_ifps[1] = fr_resolvenic(nat->nat_ifnames[1], 6, ifs);
1031 (void) strncpy(nat->nat_ifnames[1], nat->nat_ifnames[0],
1033 nat->nat_ifnames[1][LIFNAMSIZ - 1] = '\0';
1034 nat->nat_ifps[1] = nat->nat_ifps[0];
1037 nat->nat_next = ifs->ifs_nat_instances;
1038 nat->nat_pnext = &ifs->ifs_nat_instances;
1040 ifs->ifs_nat_instances->nat_pnext = &nat->nat_next;
1041 ifs->ifs_nat_instances = nat;
1045 (*natp)->nat_phnext[0] = &nat->nat_hnext[0];
1046 nat->nat_phnext[0] = natp;
1047 nat->nat_hnext[0] = *natp;
1048 *natp = nat;
1053 (*natp)->nat_phnext[1] = &nat->nat_hnext[1];
1054 nat->nat_phnext[1] = natp;
1055 nat->nat_hnext[1] = *natp;
1056 *natp = nat;
1059 fr_setnatqueue(nat, rev, ifs);
1074 /* ICMP query nat entry. It is assumed that the packet is already of the */
1085 nat_t *nat;
1155 nat = nat6_inlookup(fin, flags, p,
1158 nat = nat6_outlookup(fin, flags, p,
1162 return nat;
1178 nat = nat6_inlookup(fin, flags, p,
1181 nat = nat6_outlookup(fin, flags, p,
1186 return nat;
1220 nat_t *nat;
1226 * nat6_icmperrorlookup() looks up nat entry associated with the
1231 if ((fin->fin_v != 6) || !(nat = nat6_icmperrorlookup(fin, dir)))
1253 if (IP6_EQ((i6addr_t *)&oip6->ip6_dst, &nat->nat_oip6)) {
1255 in = nat->nat_inip6;
1259 in = nat->nat_outip6;
1311 if ((tcp->th_dport == nat->nat_oport) &&
1312 (tcp->th_sport != nat->nat_inport)) {
1319 psum2 = ntohs(nat->nat_inport);
1320 tcp->th_sport = nat->nat_inport;
1322 } else if ((tcp->th_sport == nat->nat_oport) &&
1323 (tcp->th_dport != nat->nat_outport)) {
1330 psum2 = ntohs(nat->nat_outport);
1331 tcp->th_dport = nat->nat_outport;
1402 if ((nat->nat_dir == NAT_OUTBOUND) &&
1403 (orgicmp->icmp6_id != nat->nat_inport) &&
1420 sum2 = ntohs(nat->nat_inport);
1422 orgicmp->icmp6_id = nat->nat_inport;
1445 return nat;
1464 /* Lookup a nat entry based on the mapped destination ip address/port and */
1483 nat_t *nat;
1522 nat = ifs->ifs_nat_table[1][hv];
1523 for (; nat; nat = nat->nat_hnext[1]) {
1524 if (nat->nat_v != 6)
1527 if (nat->nat_ifps[0] != NULL) {
1528 if ((ifp != NULL) && (ifp != nat->nat_ifps[0]))
1531 nat->nat_ifps[0] = ifp;
1533 nflags = nat->nat_flags;
1535 if (IP6_EQ(&nat->nat_oip6, src) &&
1536 IP6_EQ(&nat->nat_outip6, &dst) &&
1538 (sflags == (nat->nat_flags & IPN_TCPUDPICMP))) ||
1539 (p == nat->nat_p))) {
1544 if (nat->nat_call[1] != fin->fin_data[0])
1550 if (nat->nat_outport != sport)
1553 if (nat->nat_outport != dport)
1559 if (nat->nat_oport != sport)
1561 if (nat->nat_outport != dport)
1569 ipn = nat->nat_ptr;
1570 if ((ipn != NULL) && (nat->nat_aps != NULL))
1571 if (appr_match(fin, nat) != 0)
1574 return nat;
1598 nat = ifs->ifs_nat_table[1][hv];
1599 for (; nat; nat = nat->nat_hnext[1]) {
1600 if (nat->nat_v != 6)
1603 if (nat->nat_ifps[0] != NULL) {
1604 if ((ifp != NULL) && (ifp != nat->nat_ifps[0]))
1607 nat->nat_ifps[0] = ifp;
1609 if (nat->nat_p != fin->fin_p)
1611 if (IP6_NEQ(&nat->nat_oip6, src) ||
1612 IP6_NEQ(&nat->nat_outip6, &dst))
1615 nflags = nat->nat_flags;
1619 if (nat_wildok(nat, (int)sport, (int)dport, nflags,
1624 nat = fr_natclone(fin, nat);
1625 if (nat == NULL)
1632 nat->nat_oport = sport;
1633 nat->nat_outport = dport;
1634 nat->nat_flags &= ~(SI_W_DPORT|SI_W_SPORT);
1635 nat6_tabmove(nat, ifs);
1642 return nat;
1649 /* Parameters: nat(I) - pointer to NAT structure */
1656 static void nat6_tabmove(nat, ifs)
1657 nat_t *nat;
1663 if (nat->nat_flags & SI_CLONE)
1669 if (nat->nat_hnext[0])
1670 nat->nat_hnext[0]->nat_phnext[0] = nat->nat_phnext[0];
1671 *nat->nat_phnext[0] = nat->nat_hnext[0];
1672 ifs->ifs_nat_stats.ns_bucketlen[0][nat->nat_hv[0]]--;
1674 if (nat->nat_hnext[1])
1675 nat->nat_hnext[1]->nat_phnext[1] = nat->nat_phnext[1];
1676 *nat->nat_phnext[1] = nat->nat_hnext[1];
1677 ifs->ifs_nat_stats.ns_bucketlen[1][nat->nat_hv[1]]--;
1682 hv = NAT_HASH_FN6(&nat->nat_inip6, nat->nat_inport, 0xffffffff);
1683 hv = NAT_HASH_FN6(&nat->nat_oip6, hv + nat->nat_oport,
1685 nat->nat_hv[0] = hv;
1688 (*natp)->nat_phnext[0] = &nat->nat_hnext[0];
1689 nat->nat_phnext[0] = natp;
1690 nat->nat_hnext[0] = *natp;
1691 *natp = nat;
1694 hv = NAT_HASH_FN6(&nat->nat_outip6, nat->nat_outport, 0xffffffff);
1695 hv = NAT_HASH_FN6(&nat->nat_oip6, hv + nat->nat_oport,
1697 nat->nat_hv[1] = hv;
1700 (*natp)->nat_phnext[1] = &nat->nat_hnext[1];
1701 nat->nat_phnext[1] = natp;
1702 nat->nat_hnext[1] = *natp;
1703 *natp = nat;
1719 /* Lookup a nat entry based on the source 'real' ip address/port and */
1738 nat_t *nat;
1772 nat = ifs->ifs_nat_table[0][hv];
1773 for (; nat; nat = nat->nat_hnext[0]) {
1774 if (nat->nat_v != 6)
1777 if (nat->nat_ifps[1] != NULL) {
1778 if ((ifp != NULL) && (ifp != nat->nat_ifps[1]))
1781 nat->nat_ifps[1] = ifp;
1783 nflags = nat->nat_flags;
1785 if (IP6_EQ(&nat->nat_inip6, src) &&
1786 IP6_EQ(&nat->nat_oip6, dst) &&
1788 (p == nat->nat_p))) {
1793 if (nat->nat_call[1] != fin->fin_data[0])
1799 if (nat->nat_oport != dport)
1801 if (nat->nat_inport != sport)
1809 ipn = nat->nat_ptr;
1810 if ((ipn != NULL) && (nat->nat_aps != NULL))
1811 if (appr_match(fin, nat) != 0)
1814 return nat;
1838 nat = ifs->ifs_nat_table[0][hv];
1839 for (; nat; nat = nat->nat_hnext[0]) {
1840 if (nat->nat_v != 6)
1843 if (nat->nat_ifps[1] != NULL) {
1844 if ((ifp != NULL) && (ifp != nat->nat_ifps[1]))
1847 nat->nat_ifps[1] = ifp;
1849 if (nat->nat_p != fin->fin_p)
1851 if (IP6_NEQ(&nat->nat_inip6, src) ||
1852 IP6_NEQ(&nat->nat_oip6, dst))
1855 nflags = nat->nat_flags;
1859 if (nat_wildok(nat, (int)sport, (int)dport, nflags,
1864 nat = fr_natclone(fin, nat);
1865 if (nat == NULL)
1872 nat->nat_inport = sport;
1873 nat->nat_oport = dport;
1874 if (nat->nat_outport == 0)
1875 nat->nat_outport = sport;
1876 nat->nat_flags &= ~(SI_W_DPORT|SI_W_SPORT);
1877 nat6_tabmove(nat, ifs);
1884 return nat;
1902 nat_t *nat;
1926 if ((nat = nat6_inlookup(&fi, np->nl_flags, fi.fin_p,
1928 np->nl_inipaddr = nat->nat_inip6;
1929 np->nl_inport = nat->nat_inport;
1936 if ((nat = nat6_outlookup(&fi, np->nl_flags, fi.fin_p,
1941 fin.fin_p = nat->nat_p;
1942 fin.fin_data[0] = ntohs(nat->nat_outport);
1943 fin.fin_data[1] = ntohs(nat->nat_oport);
1946 &nat->nat_outip6.in6,
1947 &nat->nat_oip6.in6) != NULL) {
1952 np->nl_realip6 = nat->nat_outip6.in6;
1953 np->nl_realport = nat->nat_outport;
1957 return nat;
2040 nat_t *nat;
2087 (nat = nat6_icmperror(fin, &nflags, NAT_OUTBOUND)))
2089 else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin)))
2091 else if ((nat = nat6_outlookup(fin, nflags|NAT_SEARCH,
2094 nflags = nat->nat_flags;
2101 * If there is no current entry in the nat table for this IP#,
2146 if (nat = nat6_new(fin, np, NULL, nflags,
2174 if (nat != NULL) {
2175 rval = fr_nat6out(fin, nat, natadd, nflags);
2195 /* nat(I) - pointer to NAT structure */
2201 int fr_nat6out(fin, nat, natadd, nflags)
2203 nat_t *nat;
2221 np = nat->nat_ptr;
2224 (void) fr_nat_newfrag(fin, 0, nat);
2226 MUTEX_ENTER(&nat->nat_lock);
2227 nat->nat_bytes[1] += fin->fin_plen;
2228 nat->nat_pkts[1]++;
2229 MUTEX_EXIT(&nat->nat_lock);
2232 if ((nat->nat_outport != 0) && (nflags & IPN_TCPUDP)) {
2235 tcp->th_sport = nat->nat_outport;
2236 fin->fin_data[0] = ntohs(nat->nat_outport);
2239 if ((nat->nat_outport != 0) && (nflags & IPN_ICMPQUERY)) {
2241 icmp6->icmp6_id = nat->nat_outport;
2244 csump = nat_proto(fin, nat, nflags);
2247 fin->fin_ip6->ip6_src = nat->nat_outip6.in6;
2248 fin->fin_src6 = nat->nat_outip6;
2250 nat_update(fin, nat, np);
2259 if (nat->nat_dir == NAT_OUTBOUND)
2260 fix_outcksum(csump, nat->nat_sumd[1]);
2262 fix_incksum(csump, nat->nat_sumd[1]);
2264 if (nat->nat_dir == NAT_OUTBOUND)
2265 fix_outcksum(csump, nat->nat_sumd[0]);
2267 fix_incksum(csump, nat->nat_sumd[0]);
2271 ipfsync_update(SMC_NAT, fin, nat->nat_sync);
2284 i = appr_check(fin, nat);
2321 nat_t *nat;
2371 (nat = nat6_icmperror(fin, &nflags, NAT_INBOUND)))
2373 else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin)))
2375 else if ((nat = nat6_inlookup(fin, nflags|NAT_SEARCH, (u_int)fin->fin_p,
2377 nflags = nat->nat_flags;
2392 * If there is no current entry in the nat table for this IP#,
2428 nat = nat6_new(fin, np, NULL, nflags, NAT_INBOUND);
2429 if (nat != NULL) {
2456 if (nat != NULL) {
2457 rval = fr_nat6in(fin, nat, natadd, nflags);
2477 /* nat(I) - pointer to NAT structure */
2484 int fr_nat6in(fin, nat, natadd, nflags)
2486 nat_t *nat;
2502 np = nat->nat_ptr;
2503 fin->fin_fr = nat->nat_fr;
2506 (void) fr_nat_newfrag(fin, 0, nat);
2522 i = appr_check(fin, nat);
2531 ipfsync_update(SMC_NAT, fin, nat->nat_sync);
2534 MUTEX_ENTER(&nat->nat_lock);
2535 nat->nat_bytes[0] += fin->fin_plen;
2536 nat->nat_pkts[0]++;
2537 MUTEX_EXIT(&nat->nat_lock);
2539 fin->fin_ip6->ip6_dst = nat->nat_inip6.in6;
2540 fin->fin_dst6 = nat->nat_inip6;
2546 if ((nat->nat_inport != 0) && (nflags & IPN_TCPUDP)) {
2547 tcp->th_dport = nat->nat_inport;
2548 fin->fin_data[1] = ntohs(nat->nat_inport);
2552 if ((nat->nat_inport != 0) && (nflags & IPN_ICMPQUERY)) {
2555 icmp6->icmp6_id = nat->nat_inport;
2558 csump = nat_proto(fin, nat, nflags);
2561 nat_update(fin, nat, np);
2568 if (nat->nat_dir == NAT_OUTBOUND)
2569 fix_incksum(csump, nat->nat_sumd[0]);
2571 fix_outcksum(csump, nat->nat_sumd[0]);
2586 if (nat->nat_dir == NAT_OUTBOUND)
2587 fix_outcksum(csump, nat->nat_sumd[1]);
2589 fix_incksum(csump, nat->nat_sumd[1]);