Lines Matching refs:nat
607 ipnat_t *nat, *nt, *n = NULL, **np = NULL; local
622 nat = NULL; /* XXX gcc -Wuninitialized */
646 nat = &natd;
647 if (nat->in_v == 0) /* For backward compat. */
648 nat->in_v = 4;
649 nat->in_flags &= IPN_USERFLAGS;
650 if ((nat->in_redir & NAT_MAPBLK) == 0) {
651 if ((nat->in_flags & IPN_SPLIT) == 0)
652 nat->in_inip &= nat->in_inmsk;
653 if ((nat->in_flags & IPN_IPRANGE) == 0)
654 nat->in_outip &= nat->in_outmsk;
659 if (bcmp((char *)&nat->in_flags, (char *)&n->in_flags,
661 if (nat->in_redir == NAT_REDIRECT &&
662 nat->in_pnext != n->in_pnext)
739 bcopy((char *)nat, (char *)nt, sizeof(*n));
1194 nat_t *nat, *n; local
1202 nat = ng.ng_ptr;
1203 if (!nat) {
1204 nat = ifs->ifs_nat_instances;
1209 if (nat == NULL) {
1224 if (n == nat)
1234 aps = nat->nat_aps;
1265 nat_t *n, *nat; local
1279 nat = ipns.ipn_next;
1280 if (nat == NULL) {
1281 nat = ifs->ifs_nat_instances;
1282 if (nat == NULL) {
1294 if (n == nat)
1301 ipn->ipn_next = nat->nat_next;
1306 bcopy((char *)nat, &ipn->ipn_nat, sizeof(*nat));
1311 if (nat->nat_ptr != NULL)
1312 bcopy((char *)nat->nat_ptr, (char *)&ipn->ipn_ipnat,
1319 if (nat->nat_fr != NULL)
1320 bcopy((char *)nat->nat_fr, (char *)&ipn->ipn_fr,
1328 aps = nat->nat_aps;
1401 void nat_calc_chksum_diffs(nat) in nat_calc_chksum_diffs() argument
1402 nat_t *nat; in nat_calc_chksum_diffs()
1410 if (nat->nat_v != 4 && nat->nat_v != 6)
1417 switch (nat->nat_dir)
1424 if (nat->nat_v == 4) {
1425 sum_changed = LONG_SUM(ntohl(nat->nat_inip.s_addr));
1426 sum_orig = LONG_SUM(ntohl(nat->nat_outip.s_addr));
1428 sum_changed = LONG_SUM6(&nat->nat_inip6);
1429 sum_orig = LONG_SUM6(&nat->nat_outip6);
1437 if (nat->nat_v == 4) {
1438 sum_changed = LONG_SUM(ntohl(nat->nat_outip.s_addr));
1439 sum_orig = LONG_SUM(ntohl(nat->nat_inip.s_addr));
1441 sum_changed = LONG_SUM6(&nat->nat_outip6);
1442 sum_orig = LONG_SUM6(&nat->nat_inip6);
1460 nat->nat_sumd[1] = (sumd & 0xffff) + (sumd >> 16);
1462 if (nat->nat_flags & (IPN_TCPUDP | IPN_ICMPQUERY)) {
1468 switch (nat->nat_dir)
1471 if (nat->nat_v == 4) {
1473 ntohl(nat->nat_inip.s_addr) +
1474 ntohs(nat->nat_inport));
1476 ntohl(nat->nat_outip.s_addr) +
1477 ntohs(nat->nat_outport));
1479 sum_changed = LONG_SUM6(&nat->nat_inip6) +
1480 ntohs(nat->nat_inport);
1481 sum_orig = LONG_SUM6(&nat->nat_outip6) +
1482 ntohs(nat->nat_outport);
1486 if (nat->nat_v == 4) {
1488 ntohl(nat->nat_outip.s_addr) +
1489 ntohs(nat->nat_outport));
1491 ntohl(nat->nat_inip.s_addr) +
1492 ntohs(nat->nat_inport));
1494 sum_changed = LONG_SUM6(&nat->nat_outip6) +
1495 ntohs(nat->nat_outport);
1496 sum_orig = LONG_SUM6(&nat->nat_inip6) +
1497 ntohs(nat->nat_inport);
1505 nat->nat_sumd[0] = (sumd & 0xffff) + (sumd >> 16);
1507 if (!(nat->nat_flags & IPN_TCPUDP)) {
1512 nat->nat_sumd[1] = nat->nat_sumd[0];
1516 nat->nat_sumd[0] = nat->nat_sumd[1];
1522 if (nat->nat_v == 4) {
1523 if (NAT_HAS_L4_CHANGED(nat)) {
1529 nat->nat_ipsumd = (sumd & 0xffff) + (sumd >> 16);
1535 nat->nat_ipsumd = nat->nat_sumd[0];
1540 if (!(nat->nat_flags & IPN_TCPUDP)) {
1541 nat->nat_sumd[0] = 0;
1542 nat->nat_sumd[1] = 0;
1570 nat_t *n, *nat; local
1601 nat = NULL;
1627 KMALLOC(nat, nat_t *);
1628 if (nat == NULL) {
1633 bcopy((char *)&ipnn->ipn_nat, (char *)nat, sizeof(*nat));
1637 bzero((char *)nat, offsetof(struct nat, nat_tqe));
1638 nat->nat_tqe.tqe_pnext = NULL;
1639 nat->nat_tqe.tqe_next = NULL;
1640 nat->nat_tqe.tqe_ifq = NULL;
1641 nat->nat_tqe.tqe_parent = nat;
1649 nat->nat_ptr = in;
1670 if (nat->nat_v != 6)
1671 nat->nat_v = 4;
1673 fin.fin_p = nat->nat_p;
1675 if (nat->nat_dir == NAT_OUTBOUND) {
1676 fin.fin_data[0] = ntohs(nat->nat_oport);
1677 fin.fin_data[1] = ntohs(nat->nat_outport);
1678 fin.fin_ifp = nat->nat_ifps[0];
1683 switch (nat->nat_v)
1686 fin.fin_v = nat->nat_v;
1687 n = nat_inlookup(&fin, nat->nat_flags, fin.fin_p,
1688 nat->nat_oip, nat->nat_outip);
1692 n = nat6_inlookup(&fin, nat->nat_flags, fin.fin_p,
1693 &nat->nat_oip6.in6, &nat->nat_outip6.in6);
1708 } else if (nat->nat_dir == NAT_INBOUND) {
1709 fin.fin_data[0] = ntohs(nat->nat_inport);
1710 fin.fin_data[1] = ntohs(nat->nat_oport);
1711 fin.fin_ifp = nat->nat_ifps[1];
1716 switch (nat->nat_v)
1719 n = nat_outlookup(&fin, nat->nat_flags, fin.fin_p,
1720 nat->nat_inip, nat->nat_oip);
1724 n = nat6_outlookup(&fin, nat->nat_flags, fin.fin_p,
1725 &nat->nat_inip6.in6, &nat->nat_oip6.in6);
1749 aps = nat->nat_aps;
1752 nat->nat_aps = aps;
1784 fr = nat->nat_fr;
1786 if ((nat->nat_flags & SI_NEWFR) != 0) {
1788 nat->nat_fr = fr;
1832 nat_calc_chksum_diffs(nat);
1838 nat_calc_chksum_diffs(nat);
1840 switch (nat->nat_v)
1843 error = nat_insert(nat, nat->nat_rev, ifs);
1847 error = nat6_insert(nat, nat->nat_rev, ifs);
1874 if (nat != NULL) {
1886 KFREE(nat);
1903 int nat_delete(nat, logtype, ifs) in nat_delete() argument
1904 struct nat *nat; in nat_delete()
1912 nat_log(nat, logtype, ifs);
1921 if ((nat->nat_phnext[0] != NULL) && (nat->nat_phnext[1] != NULL)) {
1924 ifs->ifs_nat_stats.ns_bucketlen[0][nat->nat_hv[0]]--;
1925 ifs->ifs_nat_stats.ns_bucketlen[1][nat->nat_hv[1]]--;
1927 *nat->nat_phnext[0] = nat->nat_hnext[0];
1928 if (nat->nat_hnext[0] != NULL) {
1929 nat->nat_hnext[0]->nat_phnext[0] = nat->nat_phnext[0];
1930 nat->nat_hnext[0] = NULL;
1932 nat->nat_phnext[0] = NULL;
1934 *nat->nat_phnext[1] = nat->nat_hnext[1];
1935 if (nat->nat_hnext[1] != NULL) {
1936 nat->nat_hnext[1]->nat_phnext[1] = nat->nat_phnext[1];
1937 nat->nat_hnext[1] = NULL;
1939 nat->nat_phnext[1] = NULL;
1941 if ((nat->nat_flags & SI_WILDP) != 0)
1948 fr_deletequeueentry(&nat->nat_tqe);
1950 if (nat->nat_me != NULL) {
1951 *nat->nat_me = NULL;
1952 nat->nat_me = NULL;
1955 MUTEX_ENTER(&nat->nat_lock);
1956 if (nat->nat_ref > 1) {
1957 nat->nat_ref--;
1958 MUTEX_EXIT(&nat->nat_lock);
1961 return (nat->nat_ref);
1963 MUTEX_EXIT(&nat->nat_lock);
1965 nat->nat_ref = 0;
1975 if (nat->nat_sync)
1976 ipfsync_del(nat->nat_sync);
1982 if (nat->nat_pnext != NULL) {
1983 *nat->nat_pnext = nat->nat_next;
1984 if (nat->nat_next != NULL) {
1985 nat->nat_next->nat_pnext = nat->nat_pnext;
1986 nat->nat_next = NULL;
1988 nat->nat_pnext = NULL;
1991 if (nat->nat_fr != NULL)
1992 (void)fr_derefrule(&nat->nat_fr, ifs);
1994 if (nat->nat_hm != NULL)
1995 fr_hostmapdel(&nat->nat_hm);
2002 ipn = nat->nat_ptr;
2014 MUTEX_DESTROY(&nat->nat_lock);
2016 aps_free(nat->nat_aps, ifs);
2024 fr_forgetnat((void *)nat, ifs);
2026 KFREE(nat);
2090 static INLINE int nat_newmap(fin, nat, ni) in nat_newmap() argument
2092 nat_t *nat;
2140 nat->nat_hm = hm;
2301 nat->nat_inip = fin->fin_src;
2302 nat->nat_outip.s_addr = htonl(in.s_addr);
2303 nat->nat_oip = fin->fin_dst;
2304 if (nat->nat_hm == NULL)
2305 nat->nat_hm = nat_hostmap(np, fin->fin_src, fin->fin_dst,
2306 nat->nat_outip, 0, ifs);
2309 nat->nat_inport = sport;
2310 nat->nat_outport = port; /* sport */
2311 nat->nat_oport = dport;
2315 nat->nat_inport = port;
2316 nat->nat_outport = port;
2338 static INLINE int nat_newrdr(fin, nat, ni) in nat_newrdr() argument
2340 nat_t *nat;
2478 nat->nat_inip.s_addr = htonl(in.s_addr);
2479 nat->nat_outip = fin->fin_dst;
2480 nat->nat_oip = fin->fin_src;
2487 nat->nat_inport = nport;
2488 nat->nat_outport = dport;
2489 nat->nat_oport = sport;
2493 nat->nat_inport = nport;
2494 nat->nat_outport = nport;
2528 nat_t *nat, *natl; local
2559 KMALLOC(nat, nat_t *);
2560 if (nat == NULL) {
2598 bzero((char *)nat, sizeof(*nat));
2599 nat->nat_flags = flags;
2600 nat->nat_redir = np->in_redir;
2618 KFREE(nat);
2619 nat = natl;
2623 move = nat_newmap(fin, nat, &ni);
2635 KFREE(nat);
2636 nat = natl;
2640 move = nat_newrdr(fin, nat, &ni);
2657 if (nat_finalise(fin, nat, &ni, tcp, natsave, direction) == -1) {
2661 nat_calc_chksum_diffs(nat);
2669 if ((hm = nat->nat_hm) != NULL)
2671 KFREE(nat);
2672 nat = NULL;
2677 return nat;
2694 static INLINE int nat_finalise(fin, nat, ni, tcp, natsave, direction) in nat_finalise() argument
2696 nat_t *nat;
2708 COPYIFNAME(fin->fin_ifp, nat->nat_ifnames[0], fin->fin_v);
2711 if ((nat->nat_flags & SI_CLONE) == 0)
2712 nat->nat_sync = ipfsync_new(SMC_NAT, fin, nat);
2715 nat->nat_me = natsave;
2716 nat->nat_dir = direction;
2717 nat->nat_ifps[0] = np->in_ifps[0];
2718 nat->nat_ifps[1] = np->in_ifps[1];
2719 nat->nat_ptr = np;
2720 nat->nat_p = fin->fin_p;
2721 nat->nat_v = fin->fin_v;
2722 nat->nat_mssclamp = np->in_mssclamp;
2724 nat->nat_fr = fr;
2727 if (appr_new(fin, nat) == -1)
2730 if (nat_insert(nat, fin->fin_rev, ifs) == 0) {
2732 nat_log(nat, (u_int)np->in_redir, ifs);
2759 int nat_insert(nat, rev, ifs) in nat_insert() argument
2760 nat_t *nat; in nat_insert()
2771 if ((nat->nat_flags & (SI_W_SPORT|SI_W_DPORT)) == 0) {
2772 hv1 = NAT_HASH_FN(nat->nat_inip.s_addr, nat->nat_inport,
2774 hv1 = NAT_HASH_FN(nat->nat_oip.s_addr, hv1 + nat->nat_oport,
2776 hv2 = NAT_HASH_FN(nat->nat_outip.s_addr, nat->nat_outport,
2778 hv2 = NAT_HASH_FN(nat->nat_oip.s_addr, hv2 + nat->nat_oport,
2781 hv1 = NAT_HASH_FN(nat->nat_inip.s_addr, 0, 0xffffffff);
2782 hv1 = NAT_HASH_FN(nat->nat_oip.s_addr, hv1,
2784 hv2 = NAT_HASH_FN(nat->nat_outip.s_addr, 0, 0xffffffff);
2785 hv2 = NAT_HASH_FN(nat->nat_oip.s_addr, hv2,
2794 nat->nat_hv[0] = hv1;
2795 nat->nat_hv[1] = hv2;
2797 MUTEX_INIT(&nat->nat_lock, "nat entry lock");
2799 nat->nat_rev = rev;
2800 nat->nat_ref = 1;
2801 nat->nat_bytes[0] = 0;
2802 nat->nat_pkts[0] = 0;
2803 nat->nat_bytes[1] = 0;
2804 nat->nat_pkts[1] = 0;
2806 nat->nat_ifnames[0][LIFNAMSIZ - 1] = '\0';
2807 nat->nat_ifps[0] = fr_resolvenic(nat->nat_ifnames[0], 4, ifs);
2809 if (nat->nat_ifnames[1][0] !='\0') {
2810 nat->nat_ifnames[1][LIFNAMSIZ - 1] = '\0';
2811 nat->nat_ifps[1] = fr_resolvenic(nat->nat_ifnames[1], 4, ifs);
2813 (void) strncpy(nat->nat_ifnames[1], nat->nat_ifnames[0],
2815 nat->nat_ifnames[1][LIFNAMSIZ - 1] = '\0';
2816 nat->nat_ifps[1] = nat->nat_ifps[0];
2819 nat->nat_next = ifs->ifs_nat_instances;
2820 nat->nat_pnext = &ifs->ifs_nat_instances;
2822 ifs->ifs_nat_instances->nat_pnext = &nat->nat_next;
2823 ifs->ifs_nat_instances = nat;
2827 (*natp)->nat_phnext[0] = &nat->nat_hnext[0];
2828 nat->nat_phnext[0] = natp;
2829 nat->nat_hnext[0] = *natp;
2830 *natp = nat;
2835 (*natp)->nat_phnext[1] = &nat->nat_hnext[1];
2836 nat->nat_phnext[1] = natp;
2837 nat->nat_hnext[1] = *natp;
2838 *natp = nat;
2841 fr_setnatqueue(nat, rev, ifs);
2867 nat_t *nat; local
2937 nat = nat_inlookup(fin, flags, p, oip->ip_dst,
2940 nat = nat_outlookup(fin, flags, p, oip->ip_dst,
2944 return nat;
2960 nat = nat_inlookup(fin, flags, p, oip->ip_dst,
2963 nat = nat_outlookup(fin, flags, p, oip->ip_dst,
2968 return nat;
3001 nat_t *nat; local
3012 if ((fin->fin_v != 4) || !(nat = nat_icmperrorlookup(fin, dir)))
3038 if (oip->ip_dst.s_addr == nat->nat_oip.s_addr) {
3040 in = nat->nat_inip;
3044 in = nat->nat_outip;
3097 if ((tcp->th_dport == nat->nat_oport) &&
3098 (tcp->th_sport != nat->nat_inport)) {
3105 psum2 = ntohs(nat->nat_inport);
3106 tcp->th_sport = nat->nat_inport;
3108 } else if ((tcp->th_sport == nat->nat_oport) &&
3109 (tcp->th_dport != nat->nat_outport)) {
3116 psum2 = ntohs(nat->nat_outport);
3117 tcp->th_dport = nat->nat_outport;
3190 if ((nat->nat_dir == NAT_OUTBOUND) &&
3191 (orgicmp->icmp_id != nat->nat_inport) &&
3208 sum2 = ntohs(nat->nat_inport);
3210 orgicmp->icmp_id = nat->nat_inport;
3233 return nat;
3272 nat_t *nat; local
3311 nat = ifs->ifs_nat_table[1][hv];
3312 for (; nat; nat = nat->nat_hnext[1]) {
3313 if (nat->nat_v != 4)
3316 if (nat->nat_ifps[0] != NULL) {
3317 if ((ifp != NULL) && (ifp != nat->nat_ifps[0]))
3320 nat->nat_ifps[0] = ifp;
3322 nflags = nat->nat_flags;
3324 if (nat->nat_oip.s_addr == src.s_addr &&
3325 nat->nat_outip.s_addr == dst &&
3327 (sflags == (nat->nat_flags & IPN_TCPUDPICMP)))
3328 || (p == nat->nat_p))) {
3333 if (nat->nat_call[1] != fin->fin_data[0])
3339 if (nat->nat_outport != sport)
3342 if (nat->nat_outport != dport)
3348 if (nat->nat_oport != sport)
3350 if (nat->nat_outport != dport)
3357 ipn = nat->nat_ptr;
3358 if ((ipn != NULL) && (nat->nat_aps != NULL))
3359 if (appr_match(fin, nat) != 0)
3361 return nat;
3385 nat = ifs->ifs_nat_table[1][hv];
3386 for (; nat; nat = nat->nat_hnext[1]) {
3387 if (nat->nat_v != 4)
3390 if (nat->nat_ifps[0] != NULL) {
3391 if ((ifp != NULL) && (ifp != nat->nat_ifps[0]))
3394 nat->nat_ifps[0] = ifp;
3396 if (nat->nat_p != fin->fin_p)
3398 if (nat->nat_oip.s_addr != src.s_addr ||
3399 nat->nat_outip.s_addr != dst)
3402 nflags = nat->nat_flags;
3406 if (nat_wildok(nat, (int)sport, (int)dport, nflags,
3411 nat = fr_natclone(fin, nat);
3412 if (nat == NULL)
3419 nat->nat_oport = sport;
3420 nat->nat_outport = dport;
3421 nat->nat_flags &= ~(SI_W_DPORT|SI_W_SPORT);
3422 nat_tabmove(nat, ifs);
3429 return nat;
3443 static void nat_tabmove(nat, ifs) in nat_tabmove() argument
3444 nat_t *nat; in nat_tabmove()
3450 if (nat->nat_flags & SI_CLONE)
3456 if (nat->nat_hnext[0])
3457 nat->nat_hnext[0]->nat_phnext[0] = nat->nat_phnext[0];
3458 *nat->nat_phnext[0] = nat->nat_hnext[0];
3459 ifs->ifs_nat_stats.ns_bucketlen[0][nat->nat_hv[0]]--;
3461 if (nat->nat_hnext[1])
3462 nat->nat_hnext[1]->nat_phnext[1] = nat->nat_phnext[1];
3463 *nat->nat_phnext[1] = nat->nat_hnext[1];
3464 ifs->ifs_nat_stats.ns_bucketlen[1][nat->nat_hv[1]]--;
3469 hv = NAT_HASH_FN(nat->nat_inip.s_addr, nat->nat_inport, 0xffffffff);
3470 hv = NAT_HASH_FN(nat->nat_oip.s_addr, hv + nat->nat_oport,
3472 nat->nat_hv[0] = hv;
3475 (*natp)->nat_phnext[0] = &nat->nat_hnext[0];
3476 nat->nat_phnext[0] = natp;
3477 nat->nat_hnext[0] = *natp;
3478 *natp = nat;
3481 hv = NAT_HASH_FN(nat->nat_outip.s_addr, nat->nat_outport, 0xffffffff);
3482 hv = NAT_HASH_FN(nat->nat_oip.s_addr, hv + nat->nat_oport,
3484 nat->nat_hv[1] = hv;
3487 (*natp)->nat_phnext[1] = &nat->nat_hnext[1];
3488 nat->nat_phnext[1] = natp;
3489 nat->nat_hnext[1] = *natp;
3490 *natp = nat;
3527 nat_t *nat; local
3562 nat = ifs->ifs_nat_table[0][hv];
3563 for (; nat; nat = nat->nat_hnext[0]) {
3564 if (nat->nat_v != 4)
3567 if (nat->nat_ifps[1] != NULL) {
3568 if ((ifp != NULL) && (ifp != nat->nat_ifps[1]))
3571 nat->nat_ifps[1] = ifp;
3573 nflags = nat->nat_flags;
3575 if (nat->nat_inip.s_addr == srcip &&
3576 nat->nat_oip.s_addr == dst.s_addr &&
3578 || (p == nat->nat_p))) {
3583 if (nat->nat_call[1] != fin->fin_data[0])
3589 if (nat->nat_oport != dport)
3591 if (nat->nat_inport != sport)
3598 ipn = nat->nat_ptr;
3599 if ((ipn != NULL) && (nat->nat_aps != NULL))
3600 if (appr_match(fin, nat) != 0)
3602 return nat;
3626 nat = ifs->ifs_nat_table[0][hv];
3627 for (; nat; nat = nat->nat_hnext[0]) {
3628 if (nat->nat_v != 4)
3631 if (nat->nat_ifps[1] != NULL) {
3632 if ((ifp != NULL) && (ifp != nat->nat_ifps[1]))
3635 nat->nat_ifps[1] = ifp;
3637 if (nat->nat_p != fin->fin_p)
3639 if ((nat->nat_inip.s_addr != srcip) ||
3640 (nat->nat_oip.s_addr != dst.s_addr))
3643 nflags = nat->nat_flags;
3647 if (nat_wildok(nat, (int)sport, (int)dport, nflags,
3652 nat = fr_natclone(fin, nat);
3653 if (nat == NULL)
3660 nat->nat_inport = sport;
3661 nat->nat_oport = dport;
3662 if (nat->nat_outport == 0)
3663 nat->nat_outport = sport;
3664 nat->nat_flags &= ~(SI_W_DPORT|SI_W_SPORT);
3665 nat_tabmove(nat, ifs);
3672 return nat;
3690 nat_t *nat; local
3714 if ((nat = nat_inlookup(&fi, np->nl_flags, fi.fin_p,
3716 np->nl_inip = nat->nat_inip;
3717 np->nl_inport = nat->nat_inport;
3724 if ((nat = nat_outlookup(&fi, np->nl_flags, fi.fin_p,
3730 fin.fin_p = nat->nat_p;
3731 fin.fin_data[0] = ntohs(nat->nat_outport);
3732 fin.fin_data[1] = ntohs(nat->nat_oport);
3735 nat->nat_outip,
3736 nat->nat_oip) != NULL) {
3741 np->nl_realip = nat->nat_outip;
3742 np->nl_realport = nat->nat_outport;
3746 return nat;
3814 void nat_update(fin, nat, np) in nat_update() argument
3816 nat_t *nat;
3823 tqe = &nat->nat_tqe;
3836 if (nat->nat_p == IPPROTO_TCP && ifq2 == NULL) {
3837 (void) fr_tcp_age(&nat->nat_tqe, fin, ifs->ifs_nat_tqb, 0);
3840 if (nat->nat_p == IPPROTO_UDP)
3842 else if (nat->nat_p == IPPROTO_ICMP)
3881 nat_t *nat; local
3930 (nat = nat_icmperror(fin, &nflags, NAT_OUTBOUND)))
3932 else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin)))
3934 else if ((nat = nat_outlookup(fin, nflags|NAT_SEARCH, (u_int)fin->fin_p,
3936 nflags = nat->nat_flags;
3986 nat = nat_new(fin, np, NULL, nflags, NAT_OUTBOUND);
3987 if (nat != NULL) {
4013 if (nat != NULL) {
4014 rval = fr_natout(fin, nat, natadd, nflags);
4016 MUTEX_ENTER(&nat->nat_lock);
4017 nat_update(fin, nat, nat->nat_ptr);
4018 nat->nat_bytes[1] += fin->fin_plen;
4019 nat->nat_pkts[1]++;
4020 fin->fin_pktnum = nat->nat_pkts[1];
4021 MUTEX_EXIT(&nat->nat_lock);
4047 int fr_natout(fin, nat, natadd, nflags) in fr_natout() argument
4049 nat_t *nat;
4063 return fr_nat6out(fin, nat, natadd, nflags);
4076 np = nat->nat_ptr;
4079 (void) fr_nat_newfrag(fin, 0, nat);
4095 s2 = LONG_SUM(ntohl(nat->nat_outip.s_addr));
4109 if (nat->nat_dir == NAT_OUTBOUND)
4111 nat->nat_ipsumd);
4114 nat->nat_ipsumd);
4120 if ((nat->nat_outport != 0) && (nflags & IPN_TCPUDP)) {
4123 tcp->th_sport = nat->nat_outport;
4124 fin->fin_data[0] = ntohs(nat->nat_outport);
4127 if ((nat->nat_outport != 0) && (nflags & IPN_ICMPQUERY)) {
4129 icmp->icmp_id = nat->nat_outport;
4132 csump = nat_proto(fin, nat, nflags);
4135 fin->fin_ip->ip_src = nat->nat_outip;
4143 sumd = nat->nat_sumd[1];
4145 sumd = nat->nat_sumd[0];
4147 if (nat->nat_dir == NAT_OUTBOUND)
4153 ipfsync_update(SMC_NAT, fin, nat->nat_sync);
4166 i = appr_check(fin, nat);
4204 nat_t *nat; local
4256 (nat = nat_icmperror(fin, &nflags, NAT_INBOUND)))
4258 else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin)))
4260 else if ((nat = nat_inlookup(fin, nflags|NAT_SEARCH, (u_int)fin->fin_p,
4262 nflags = nat->nat_flags;
4312 nat = nat_new(fin, np, NULL, nflags, NAT_INBOUND);
4313 if (nat != NULL) {
4340 if (nat != NULL) {
4341 rval = fr_natin(fin, nat, natadd, nflags);
4343 MUTEX_ENTER(&nat->nat_lock);
4344 nat_update(fin, nat, nat->nat_ptr);
4345 nat->nat_bytes[0] += fin->fin_plen;
4346 nat->nat_pkts[0]++;
4347 fin->fin_pktnum = nat->nat_pkts[0];
4348 MUTEX_EXIT(&nat->nat_lock);
4375 int fr_natin(fin, nat, natadd, nflags) in fr_natin() argument
4377 nat_t *nat;
4390 return fr_nat6in(fin, nat, natadd, nflags);
4402 np = nat->nat_ptr;
4403 fin->fin_fr = nat->nat_fr;
4406 (void) fr_nat_newfrag(fin, 0, nat);
4421 i = appr_check(fin, nat);
4429 ipfsync_update(SMC_NAT, fin, nat->nat_sync);
4432 fin->fin_ip->ip_dst = nat->nat_inip;
4433 fin->fin_fi.fi_daddr = nat->nat_inip.s_addr;
4449 if (nat->nat_dir == NAT_OUTBOUND)
4450 fix_incksum(&fin->fin_ip->ip_sum, nat->nat_ipsumd);
4452 fix_outcksum(&fin->fin_ip->ip_sum, nat->nat_ipsumd);
4456 if ((nat->nat_inport != 0) && (nflags & IPN_TCPUDP)) {
4457 tcp->th_dport = nat->nat_inport;
4458 fin->fin_data[1] = ntohs(nat->nat_inport);
4462 if ((nat->nat_inport != 0) && (nflags & IPN_ICMPQUERY)) {
4465 icmp->icmp_id = nat->nat_inport;
4468 csump = nat_proto(fin, nat, nflags);
4476 if (nat->nat_dir == NAT_OUTBOUND)
4477 fix_incksum(csump, nat->nat_sumd[0]);
4479 fix_outcksum(csump, nat->nat_sumd[0]);
4494 if (nat->nat_dir == NAT_OUTBOUND)
4495 fix_outcksum(csump, nat->nat_sumd[1]);
4497 fix_incksum(csump, nat->nat_sumd[1]);
4523 u_short *nat_proto(fin, nat, nflags) in nat_proto() argument
4525 nat_t *nat;
4536 fin->fin_rev = (nat->nat_dir == NAT_OUTBOUND);
4538 fin->fin_rev = (nat->nat_dir == NAT_INBOUND);
4552 if ((nat->nat_mssclamp != 0) && (tcp->th_flags & TH_SYN) != 0)
4553 nat_mssclamp(tcp, nat->nat_mssclamp, csump);
4746 nat_t *nat; local
4769 for (nat = ifs->ifs_nat_instances; nat; nat = nat->nat_next) {
4771 if (((ifp != NULL) && ifp != (nat->nat_ifps[0])) ||
4772 ((nat->nat_flags & IPN_TCP) != 0))
4774 if ((np = nat->nat_ptr) == NULL)
4783 sum1 = nat->nat_outip.s_addr;
4784 nat->nat_outip = *(struct in_addr *)addr;
4785 sum2 = nat->nat_outip.s_addr;
4794 nat->nat_outip6.in6 = *(struct in6_addr *)addr;
4798 } else if (((ifp == NULL) || (ifp == nat->nat_ifps[0])) &&
4799 !(nat->nat_flags & IPN_TCP) && (np = nat->nat_ptr)) {
4808 sum1 = nat->nat_outip.s_addr;
4809 if (fr_ifpaddr(4, FRI_NORMAL, nat->nat_ifps[0],
4811 nat->nat_outip = in;
4812 sum2 = nat->nat_outip.s_addr;
4822 if (fr_ifpaddr(6, FRI_NORMAL, nat->nat_ifps[0],
4824 nat->nat_outip6.in6 = in6;
4841 sumd += nat->nat_sumd[0];
4842 nat->nat_sumd[0] = (sumd & 0xffff) + (sumd >> 16);
4843 nat->nat_sumd[1] = nat->nat_sumd[0];
4874 nat_t *nat; local
4892 for (nat = ifs->ifs_nat_instances; nat; nat = nat->nat_next) {
4893 nv = (v == 0) ? nat->nat_v : v;
4894 if (nat->nat_v != nv)
4896 if ((ifp == nat->nat_ifps[0]) ||
4897 (nat->nat_ifps[0] == (void *)-1)) {
4898 nat->nat_ifps[0] =
4899 fr_resolvenic(nat->nat_ifnames[0], nv, ifs);
4902 if ((ifp == nat->nat_ifps[1]) ||
4903 (nat->nat_ifps[1] == (void *)-1)) {
4904 nat->nat_ifps[1] =
4905 fr_resolvenic(nat->nat_ifnames[1], nv, ifs);
4926 for (nat = ifs->ifs_nat_instances; nat; nat = nat->nat_next) {
4927 if (nat->nat_v != v)
4929 if (!strncmp(name, nat->nat_ifnames[0],
4930 sizeof(nat->nat_ifnames[0])))
4931 nat->nat_ifps[0] = ifp;
4932 if (!strncmp(name, nat->nat_ifnames[1],
4933 sizeof(nat->nat_ifnames[1])))
4934 nat->nat_ifps[1] = ifp;
4948 for (nat = ifs->ifs_nat_instances; nat; nat = nat->nat_next) {
4949 if (nat->nat_v != v)
4951 if (ifp == nat->nat_ifps[0])
4952 nat->nat_ifps[0] = (void *)-1;
4953 if (ifp == nat->nat_ifps[1])
4954 nat->nat_ifps[1] = (void *)-1;
4988 nat_t *nat; local
4993 for (nat = ifs->ifs_nat_instances; nat != NULL; nat = nat->nat_next) {
4994 if (ifp == nat->nat_ifps[0])
4995 nat->nat_ifps[0] = newifp;
4997 if (ifp == nat->nat_ifps[1])
4998 nat->nat_ifps[1] = newifp;
5063 void nat_log(nat, type, ifs) in nat_log() argument
5064 struct nat *nat; in nat_log()
5078 natl.nlg_inip = nat->nat_inip6;
5079 natl.nlg_outip = nat->nat_outip6;
5080 natl.nlg_origip = nat->nat_oip6;
5081 natl.nlg_bytes[0] = nat->nat_bytes[0];
5082 natl.nlg_bytes[1] = nat->nat_bytes[1];
5083 natl.nlg_pkts[0] = nat->nat_pkts[0];
5084 natl.nlg_pkts[1] = nat->nat_pkts[1];
5085 natl.nlg_origport = nat->nat_oport;
5086 natl.nlg_inport = nat->nat_inport;
5087 natl.nlg_outport = nat->nat_outport;
5088 natl.nlg_p = nat->nat_p;
5091 natl.nlg_v = nat->nat_v;
5093 if (nat->nat_ptr != NULL) {
5096 if (np == nat->nat_ptr) {
5182 nat_t *nat; local
5184 nat = *natp;
5187 MUTEX_ENTER(&nat->nat_lock);
5188 if (nat->nat_ref > 1) {
5189 nat->nat_ref--;
5190 MUTEX_EXIT(&nat->nat_lock);
5193 MUTEX_EXIT(&nat->nat_lock);
5196 (void) nat_delete(nat, NL_EXPIRE, ifs);
5211 nat_t *fr_natclone(fin, nat) in fr_natclone() argument
5213 nat_t *nat;
5239 bcopy((char *)nat, (char *)clone, sizeof(*clone));
5306 int nat_wildok(nat, sport, dport, flags, dir) in nat_wildok() argument
5307 nat_t *nat; in nat_wildok()
5323 switch ((dir << 1) | nat->nat_dir)
5326 if (((nat->nat_inport == sport) ||
5328 ((nat->nat_oport == dport) ||
5333 if (((nat->nat_outport == sport) ||
5335 ((nat->nat_oport == dport) ||
5340 if (((nat->nat_oport == sport) ||
5342 ((nat->nat_outport == dport) ||
5347 if (((nat->nat_oport == sport) ||
5349 ((nat->nat_outport == dport) ||
5434 void fr_setnatqueue(nat, rev, ifs) in fr_setnatqueue() argument
5435 nat_t *nat; in fr_setnatqueue()
5441 if (nat->nat_ptr != NULL)
5442 nifq = nat->nat_ptr->in_tqehead[rev];
5447 switch (nat->nat_p)
5456 nifq = ifs->ifs_nat_tqb + nat->nat_tqe.tqe_state[rev];
5464 oifq = nat->nat_tqe.tqe_ifq;
5470 fr_movequeue(&nat->nat_tqe, oifq, nifq, ifs);
5472 fr_queueappend(&nat->nat_tqe, nifq, nat, ifs);
5494 nat_t *nat, *nextnat = NULL, zeronat; local
5527 nat = t->ipt_data;
5528 if (nat == NULL) {
5531 nextnat = nat->nat_next;
5661 if (nat != NULL)
5662 fr_natderef(&nat, ifs);
5669 nat = nextnat;
5755 nat_t *nat, *natn; local
5766 while ((nat = natn) != NULL) {
5767 natn = nat->nat_next;
5768 if (nat_delete(nat, NL_FLUSH, ifs) == 0)
5828 nat_t *nat; local
5846 nat = nat_outlookup(fin, nflags, (u_int)fin->fin_p,
5849 nat = nat_inlookup(fin, nflags, (u_int)fin->fin_p,
5853 if (nat != NULL) {
5855 (void) nat_delete(nat, NL_DESTROY, ifs);