Lines Matching refs:nat
60 static ipnat_t *nat = NULL; variable
117 line: xx rule { while ((nat = nattop) != NULL) {
118 if (nat->in_v == 0)
119 nat->in_v = 4;
120 nattop = nat->in_next;
121 (*nataddfunc)(natfd, natioctlfunc, nat);
122 free(nat);
154 bcopy(&$3.a, &nat->in_in[0], sizeof($3.a));
155 bcopy(&$3.m, &nat->in_in[1], sizeof($3.a));
156 bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
157 bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
158 if (nat->in_ifnames[1][0] == '\0')
159 strncpy(nat->in_ifnames[1],
160 nat->in_ifnames[0],
161 sizeof(nat->in_ifnames[0]));
162 if ((nat->in_flags & IPN_TCPUDP) == 0)
163 setnatproto(nat->in_p);
164 if (((nat->in_redir & NAT_MAPBLK) != 0) ||
165 ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
166 nat_setgroupmap(nat);
171 bcopy(&$3.a, &nat->in_in[0], sizeof($3.a));
172 bcopy(&$3.m, &nat->in_in[1], sizeof($3.a));
173 bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
174 bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
175 if (nat->in_ifnames[1][0] == '\0')
176 strncpy(nat->in_ifnames[1],
177 nat->in_ifnames[0],
178 sizeof(nat->in_ifnames[0]));
179 if ((nat->in_flags & IPN_TCPUDPICMPQ) == 0)
180 setnatproto(nat->in_p);
181 if (((nat->in_redir & NAT_MAPBLK) != 0) ||
182 ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
183 nat_setgroupmap(nat);
188 bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
189 bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
190 if (nat->in_ifnames[1][0] == '\0')
191 strncpy(nat->in_ifnames[1],
192 nat->in_ifnames[0],
193 sizeof(nat->in_ifnames[0]));
194 if ((nat->in_flags & IPN_TCPUDP) == 0)
195 setnatproto(nat->in_p);
196 if (((nat->in_redir & NAT_MAPBLK) != 0) ||
197 ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
198 nat_setgroupmap(nat);
203 bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
204 bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
205 if (nat->in_ifnames[1][0] == '\0')
206 strncpy(nat->in_ifnames[1],
207 nat->in_ifnames[0],
208 sizeof(nat->in_ifnames[0]));
209 if ((nat->in_flags & IPN_TCPUDPICMPQ) == 0)
210 setnatproto(nat->in_p);
211 if (((nat->in_redir & NAT_MAPBLK) != 0) ||
212 ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
213 nat_setgroupmap(nat);
221 bcopy(&$3.a, &nat->in_in[0], sizeof($3.a));
222 bcopy(&$3.m, &nat->in_in[1], sizeof($3.a));
223 bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
224 bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
225 if (nat->in_ifnames[1][0] == '\0')
226 strncpy(nat->in_ifnames[1],
227 nat->in_ifnames[0],
228 sizeof(nat->in_ifnames[0]));
229 if ((nat->in_flags & IPN_TCPUDP) == 0)
230 setnatproto(nat->in_p);
231 if (((nat->in_redir & NAT_MAPBLK) != 0) ||
232 ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
233 nat_setgroupmap(nat);
240 bcopy(&$3.a, &nat->in_out[0], sizeof($3.a));
241 bcopy(&$3.m, &nat->in_out[1], sizeof($3.a));
242 if (nat->in_ifnames[1][0] == '\0')
243 strncpy(nat->in_ifnames[1],
244 nat->in_ifnames[0],
245 sizeof(nat->in_ifnames[0]));
246 if ((nat->in_p == 0) &&
247 ((nat->in_flags & IPN_TCPUDP) == 0) &&
248 (nat->in_pmin != 0 ||
249 nat->in_pmax != 0 ||
250 nat->in_pnext != 0))
256 if ((nat->in_p == 0) &&
257 ((nat->in_flags & IPN_TCPUDP) == 0) &&
258 (nat->in_pmin != 0 ||
259 nat->in_pmax != 0 ||
260 nat->in_pnext != 0))
262 if (nat->in_ifnames[1][0] == '\0')
263 strncpy(nat->in_ifnames[1],
264 nat->in_ifnames[0],
265 sizeof(nat->in_ifnames[0]));
270 bcopy(&$3.a, &nat->in_out[0], sizeof($3.a));
271 bcopy(&$3.m, &nat->in_out[1], sizeof($3.a));
272 if (nat->in_ifnames[1][0] == '\0')
273 strncpy(nat->in_ifnames[1],
274 nat->in_ifnames[0],
275 sizeof(nat->in_ifnames[0]));
280 { strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel));
281 if (nat->in_dcmp == 0) {
282 nat->in_dport = htons($3);
283 } else if ($3 != nat->in_dport) {
291 strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel));
295 nat->in_dport = pnum;
303 | proto { if (nat->in_p != 0 ||
304 nat->in_flags & IPN_TCPUDP)
308 | IPNY_TCPUDP { if (nat->in_p != 0 ||
309 nat->in_flags & IPN_TCPUDP)
311 nat->in_flags |= IPN_TCPUDP;
312 nat->in_p = 0;
314 | IPNY_TCP '/' IPNY_UDP { if (nat->in_p != 0 ||
315 nat->in_flags & IPN_TCPUDP)
317 nat->in_flags |= IPN_TCPUDP;
318 nat->in_p = 0;
326 $$.v = nat->in_v;
335 nat->in_flags |= IPN_IPRANGE;
340 hostname { bcopy(&$1.a, &nat->in_in[0],
343 $1.v = nat->in_v;
345 nat->in_inmsk = 0xffffffff;
347 nat->in_in[1].i6[0] = 0xffffffff;
348 nat->in_in[1].i6[1] = 0xffffffff;
349 nat->in_in[1].i6[2] = 0xffffffff;
350 nat->in_in[1].i6[3] = 0xffffffff;
355 $1.v = nat->in_v;
371 bcopy(&$1.a, &nat->in_in[0],
374 (u_32_t *)&nat->in_in[1]);
375 nat->in_in[0].i6[0] &= nat->in_in[1].i6[0];
376 nat->in_in[0].i6[0] &= nat->in_in[1].i6[1];
377 nat->in_in[0].i6[0] &= nat->in_in[1].i6[2];
378 nat->in_in[0].i6[0] &= nat->in_in[1].i6[3];
379 nat->in_v = $1.v;
387 nat->in_flags |= IPN_SPLIT;
388 bcopy(&$1.a, &nat->in_in[0],
390 bcopy(&$4.a, &nat->in_in[1],
407 dport: | IPNY_PORT portspec { nat->in_pmin = htons($2);
408 nat->in_pmax = htons($2); }
409 | IPNY_PORT portspec '-' portspec { nat->in_pmin = htons($2);
410 nat->in_pmax = htons($4); }
411 | IPNY_PORT portspec ':' portspec { nat->in_pmin = htons($2);
412 nat->in_pmax = htons($4); }
415 nport: IPNY_PORT portspec { nat->in_pnext = htons($2); }
416 | IPNY_PORT '=' portspec { nat->in_pnext = htons($3);
417 nat->in_flags |= IPN_FIXEDDPORT;
421 ports: | IPNY_PORTS YY_NUMBER { nat->in_pmin = $2; }
422 | IPNY_PORTS IPNY_AUTO { nat->in_flags |= IPN_AUTOPORTMAP; }
425 mapit: IPNY_MAP { nat->in_redir = NAT_MAP; }
426 | IPNY_BIMAP { nat->in_redir = NAT_BIMAP; }
429 rdrit: IPNY_RDR { nat->in_redir = NAT_REDIRECT; }
433 IPNY_MAPBLOCK { nat->in_redir = NAT_MAPBLK; }
446 nat->in_flags |= IPN_NOTDST;
461 nat->in_flags |= IPN_NOTSRC;
466 from: IPNY_FROM { nat->in_flags |= IPN_FILTER;
475 ifname: YY_STR { strncpy(nat->in_ifnames[0], $1,
476 sizeof(nat->in_ifnames[0]));
477 nat->in_ifnames[0][LIFNAMSIZ - 1] = '\0';
483 YY_STR { strncpy(nat->in_ifnames[1], $1,
484 sizeof(nat->in_ifnames[1]));
485 nat->in_ifnames[1][LIFNAMSIZ - 1] = '\0';
492 { nat->in_pmin = htons($3);
493 nat->in_pmax = htons($5);
496 { nat->in_flags |= IPN_AUTOPORTMAP;
497 nat->in_pmin = htons(1024);
498 nat->in_pmax = htons(65535);
509 nat->in_flags = IPN_ICMPQUERY;
510 nat->in_pmin = htons($3);
511 nat->in_pmax = htons($5);
516 | IPNY_SEQUENTIAL { nat->in_flags |= IPN_SEQUENTIAL; }
521 | saddr IPNY_PORT portstuff { nat->in_sport = $3.p1;
522 nat->in_stop = $3.p2;
523 nat->in_scmp = $3.pc;
528 saddr: addr { if (nat->in_redir == NAT_REDIRECT) {
529 bcopy(&$1.a, &nat->in_src[0],
531 bcopy(&$1.m, &nat->in_src[1],
534 bcopy(&$1.a, &nat->in_in[0],
536 bcopy(&$1.m, &nat->in_in[1],
545 | daddr IPNY_PORT portstuff { nat->in_dport = $3.p1;
546 nat->in_dtop = $3.p2;
547 nat->in_dcmp = $3.pc;
548 if (nat->in_redir == NAT_REDIRECT)
549 nat->in_pmin = htons($3.p1);
553 daddr: addr { if (nat->in_redir == NAT_REDIRECT) {
554 bcopy(&$1.a, &nat->in_out[0],
556 bcopy(&$1.m, &nat->in_out[1],
559 bcopy(&$1.a, &nat->in_src[0],
561 bcopy(&$1.m, &nat->in_src[1],
571 $$.v = nat->in_v;
595 nat->in_v = $1.v;
656 nattag: | IPNY_TAG YY_STR { strncpy(nat->in_tag.ipt_tag, $2,
657 sizeof(nat->in_tag.ipt_tag));
660 rr: | IPNY_ROUNDROBIN { nat->in_flags |= IPN_ROUNDR; }
663 frag: | IPNY_FRAG { nat->in_flags |= IPN_FRAG; }
666 age: | IPNY_AGE YY_NUMBER { nat->in_age[0] = $2;
667 nat->in_age[1] = $2; }
668 | IPNY_AGE YY_NUMBER '/' YY_NUMBER { nat->in_age[0] = $2;
669 nat->in_age[1] = $4; }
672 sticky: | IPNY_STICKY { if (!(nat->in_flags & IPN_ROUNDR) &&
673 !(nat->in_flags & IPN_SPLIT)) {
677 nat->in_flags |= IPN_STICKY;
682 | IPNY_MSSCLAMP YY_NUMBER { nat->in_mssclamp = $2; }
687 | IPNY_TCPUDP { nat->in_flags |= IPN_TCPUDP;
688 nat->in_p = 0;
690 | IPNY_TCP '/' IPNY_UDP { nat->in_flags |= IPN_TCPUDP;
691 nat->in_p = 0;
697 { strncpy(nat->in_plabel, $2,
698 sizeof(nat->in_plabel));
699 nat->in_dport = nat->in_pnext;
700 nat->in_dport = htons(nat->in_dport);
703 | proxy { if (nat->in_plabel[0] != '\0') {
704 nat->in_pmin = nat->in_dport;
705 nat->in_pmax = nat->in_pmin;
706 nat->in_pnext = nat->in_pmin;
734 nat->in_v = $$.v;
742 $$.v = nat->in_v;
744 nat->in_v = $$.v;
747 nat->in_v = 4;
751 nat->in_v = 6;
910 if (nat == NULL) in newnatrule()
911 nattop = nat = n; in newnatrule()
913 nat->in_next = n; in newnatrule()
914 nat = n; in newnatrule()
922 nat->in_p = p;
927 nat->in_flags |= IPN_TCP;
928 nat->in_flags &= ~IPN_UDP;
931 nat->in_flags |= IPN_UDP;
932 nat->in_flags &= ~IPN_TCP;
935 nat->in_flags &= ~IPN_TCPUDP;
936 if (!(nat->in_flags & IPN_ICMPQUERY)) {
937 nat->in_dcmp = 0;
938 nat->in_scmp = 0;
939 nat->in_pmin = 0;
940 nat->in_pmax = 0;
941 nat->in_pnext = 0;
945 if ((nat->in_redir & NAT_MAPBLK) == 0) {
947 if (0 == nat->in_tuc.ftu_dport)
948 nat->in_dcmp = 0;
949 if (0 == nat->in_tuc.ftu_sport)
950 nat->in_scmp = 0;
951 nat->in_pmin = 0;
952 nat->in_pmax = 0;
953 nat->in_pnext = 0;
954 nat->in_flags &= ~IPN_TCPUDP;
959 if ((nat->in_flags & (IPN_TCPUDP|IPN_FIXEDDPORT)) == IPN_FIXEDDPORT)
960 nat->in_flags &= ~IPN_FIXEDDPORT;