ipfw3nat: show translations
[dragonfly.git] / sys / net / ipfw3_nat / ip_fw3_nat.h
blobe945c7ac593fdf0078dfbe4bd8b69c824be79ca2
1 /*
2 * Copyright (c) 2014 - 2018 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@dragonflybsd.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
35 #ifndef _IP_FW3_NAT_H
36 #define _IP_FW3_NAT_H
38 #define MODULE_NAT_ID 4
39 #define MODULE_NAT_NAME "nat"
40 #define NAT_ID_MAX 4
42 #define LEN_IN_ADDR sizeof(struct in_addr)
44 enum ipfw_nat_opcodes {
45 O_NAT_NAT,
48 struct ioc_nat_state {
49 struct in_addr src_addr;
50 struct in_addr dst_addr;
51 struct in_addr alias_addr;
52 u_short src_port;
53 u_short dst_port;
54 u_short alias_port;
55 int nat_id;
56 int cpu_id;
57 int proto;
58 int direction;
59 time_t life;
61 #define LEN_IOC_NAT_STATE sizeof(struct ioc_nat_state)
63 struct ioc_nat {
64 int id;
65 struct in_addr ip;
67 #define LEN_IOC_NAT sizeof(struct ioc_nat)
69 typedef struct _ipfw_insn_nat {
70 ipfw_insn o;
71 struct cfg_nat *nat;
72 } ipfw_insn_nat;
76 #ifdef _KERNEL
79 * Each NAT state contains the tuple (saddr,sport,daddr,dport,proto) and a pair
80 * of alias(alias_addr & alias_port).
81 * For outgoing TCP & UDP packets, the alias will be the after NAT src
82 * For incoming TCP & UDP packets, its alias will be the original src info.
83 * For ICMP packets, the icmp_id will be stored in the alias.
85 struct nat_state {
86 RB_ENTRY(nat_state) entries;
88 uint32_t saddr;
89 uint32_t daddr;
90 uint32_t alias_addr;
92 uint16_t sport;
93 uint16_t dport;
94 uint16_t alias_port;
96 uint8_t proto;
98 int timestamp;
99 int expiry;
101 #define LEN_NAT_STATE sizeof(struct nat_state)
103 int nat_state_cmp(struct nat_state *s1, struct nat_state *s2);
105 RB_HEAD(state_tree, nat_state);
107 struct cfg_nat {
108 int id;
109 struct in_addr ip;
111 struct state_tree tree_tcp_in;
112 struct state_tree tree_tcp_out;
113 struct state_tree tree_udp_in;
114 struct state_tree tree_udp_out;
115 struct state_tree tree_icmp_in;
116 struct state_tree tree_icmp_out;
118 struct nat_state tmp;
120 #define LEN_CFG_NAT sizeof(struct cfg_nat)
123 MALLOC_DEFINE(M_IP_FW3_NAT, "IP_FW3_NAT", "IP_FW3 NAT module");
127 * Place to hold the NAT context
129 struct ip_fw3_nat_context {
130 struct cfg_nat *nats[NAT_ID_MAX];
132 #define LEN_NAT_CTX sizeof(struct ip_fw3_nat_context)
134 struct netmsg_nat_del {
135 struct netmsg_base base;
136 int id;
139 struct netmsg_nat_add {
140 struct netmsg_base base;
141 struct ioc_nat ioc_nat;
144 struct netmsg_alias_link_add {
145 struct netmsg_base base;
146 int id;
147 int is_outgoing;
148 int is_tcp;
151 void check_nat(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
152 struct ip_fw **f, ipfw_insn *cmd, uint16_t ip_len);
154 int ip_fw3_nat(struct ip_fw_args *args,
155 struct cfg_nat *nat, struct mbuf *m);
156 int nat_state_get_alias(struct nat_state *s,
157 struct cfg_nat *nat, struct state_tree *tree);
159 void add_alias_link_dispatch(netmsg_t nat_del_msg);
160 void nat_add_dispatch(netmsg_t msg);
161 int ip_fw3_ctl_nat_add(struct sockopt *sopt);
162 void nat_del_dispatch(netmsg_t msg);
163 int ip_fw3_ctl_nat_del(struct sockopt *sopt);
164 int ip_fw3_ctl_nat_flush(struct sockopt *sopt);
165 void nat_init_ctx_dispatch(netmsg_t msg);
166 void nat_fnit_ctx_dispatch(netmsg_t msg);
167 int ip_fw3_ctl_nat_sockopt(struct sockopt *sopt);
168 int ip_fw3_ctl_nat_get_cfg(struct sockopt *sopt);
169 int ip_fw3_ctl_nat_get_record(struct sockopt *sopt);
171 #endif
172 #endif