Lines Matching refs:fin
280 static INLINE int nat6_newmap(fin, nat, ni) in nat6_newmap() argument
281 fr_info_t *fin; in nat6_newmap()
292 ipf_stack_t *ifs = fin->fin_ifs;
320 hm = nat6_hostmap(np, &fin->fin_src6, &fin->fin_dst6,
341 temp.i6[0] = fin->fin_src6.i6[0] &
343 temp.i6[1] = fin->fin_src6.i6[1] &
345 temp.i6[2] = fin->fin_src6.i6[2] &
347 temp.i6[3] = fin->fin_src6.i6[3] &
360 IP6_MASK(&in, &fin->fin_src6, &np->in_in[1]);
386 fr_ifpaddr(6, FRI_NORMAL, fin->fin_ifp,
387 (void *)&in, NULL, fin->fin_ifs) == -1)
397 in = fin->fin_src6;
427 (ntohl(fin->fin_src6) %
485 sp = fin->fin_data[0];
486 dp = fin->fin_data[1];
487 fin->fin_data[0] = fin->fin_data[1];
488 fin->fin_data[1] = htons(port);
489 natl = nat6_inlookup(fin, flags & ~(SI_WILDP|NAT_SEARCH),
490 (u_int)fin->fin_p, &fin->fin_dst6.in6, &in.in6);
491 fin->fin_data[0] = sp;
492 fin->fin_data[1] = dp;
510 nat->nat_inip6 = fin->fin_src6;
512 nat->nat_oip6 = fin->fin_dst6;
514 nat->nat_hm = nat6_hostmap(np, &fin->fin_src6, &fin->fin_dst6,
521 ((tcphdr_t *)fin->fin_dp)->th_sport = port;
523 ((struct icmp6_hdr *)fin->fin_dp)->icmp6_id = port;
546 static INLINE int nat6_newrdr(fin, nat, ni) in nat6_newrdr() argument
547 fr_info_t *fin; in nat6_newrdr()
559 ipf_stack_t *ifs = fin->fin_ifs;
581 hm = nat6_hostmap(NULL, &fin->fin_src6, &fin->fin_dst6, &in,
601 hm = nat6_hostmap(np, &fin->fin_src6, &fin->fin_dst6,
623 if (fr_ifpaddr(6, FRI_NORMAL, fin->fin_ifp, (void *)&in, NULL,
624 fin->fin_ifs) == -1)
632 in = fin->fin_dst6;
640 temp.i6[0] = fin->fin_dst6.i6[0] & ~np->in_in[1].i6[0];
641 temp.i6[1] = fin->fin_dst6.i6[1] & ~np->in_in[1].i6[1];
642 temp.i6[2] = fin->fin_dst6.i6[2] & ~np->in_in[1].i6[2];
643 temp.i6[3] = fin->fin_dst6.i6[3] & ~np->in_in[1].i6[3];
674 in = fin->fin_dst6;
682 sp = fin->fin_data[0];
683 dp = fin->fin_data[1];
684 fin->fin_data[1] = fin->fin_data[0];
685 fin->fin_data[0] = ntohs(nport);
686 natl = nat6_outlookup(fin, flags & ~(SI_WILDP|NAT_SEARCH),
687 (u_int)fin->fin_p, &in.in6, &fin->fin_src6.in6);
688 fin->fin_data[0] = sp;
689 fin->fin_data[1] = dp;
694 nat->nat_outip6 = fin->fin_dst6;
695 nat->nat_oip6 = fin->fin_src6;
697 nat->nat_hm = nat6_hostmap(np, &fin->fin_src6,
698 &fin->fin_dst6, &in, (u_32_t)dport, ifs);
707 ((tcphdr_t *)fin->fin_dp)->th_dport = nport;
709 ((struct icmp6_hdr *)fin->fin_dp)->icmp6_id = nport;
736 nat_t *nat6_new(fin, np, natsave, flags, direction) in nat6_new() argument
737 fr_info_t *fin; in nat6_new()
749 ipf_stack_t *ifs = fin->fin_ifs;
791 tcp = fin->fin_dp;
792 ni.nai_sport = htons(fin->fin_sport);
793 ni.nai_dport = htons(fin->fin_dport);
808 ni.nai_sport = ((struct icmp6_hdr *)fin->fin_dp)->icmp6_id;
829 natl = nat6_outlookup(fin, nflags, (u_int)fin->fin_p,
830 &fin->fin_src6.in6, &fin->fin_dst6.in6);
837 move = nat6_newmap(fin, nat, &ni);
846 natl = nat6_inlookup(fin, nflags, (u_int)fin->fin_p,
847 &fin->fin_src6.in6, &fin->fin_dst6.in6);
854 move = nat6_newrdr(fin, nat, &ni);
871 if (nat6_finalise(fin, nat, &ni, tcp, natsave, direction) == -1) {
907 static INLINE int nat6_finalise(fin, nat, ni, tcp, natsave, direction) in nat6_finalise() argument
908 fr_info_t *fin; in nat6_finalise()
917 ipf_stack_t *ifs = fin->fin_ifs;
921 COPYIFNAME(fin->fin_ifp, nat->nat_ifnames[0], fin->fin_v);
925 nat->nat_sync = ipfsync_new(SMC_NAT, fin, nat);
933 nat->nat_p = fin->fin_p;
934 nat->nat_v = fin->fin_v;
936 fr = fin->fin_fr;
942 if (appr_new(fin, nat) == -1)
946 if (nat6_insert(nat, fin->fin_rev, ifs) == 0) {
1077 nat_t *nat6_icmperrorlookup(fin, dir) in nat6_icmperrorlookup() argument
1078 fr_info_t *fin; in nat6_icmperrorlookup()
1095 if (!(fin->fin_flx & FI_ICMPERR))
1101 if (fin->fin_plen < ICMP6ERR_IPICMPHLEN)
1103 oip6 = (ip6_t *)((char *)fin->fin_dp + 8);
1118 m = fin->fin_m;
1120 if ((char *)oip6 + fin->fin_dlen - ICMPERR_ICMPHLEN > (char *)m->b_wptr)
1123 if ((char *)oip6 + fin->fin_dlen - ICMPERR_ICMPHLEN >
1124 (char *)fin->fin_ip + M_LEN(m))
1130 if (IP6_NEQ(&fin->fin_dst6, &oip6->ip6_src))
1143 data[0] = fin->fin_data[0];
1144 data[1] = fin->fin_data[1];
1145 fin->fin_data[0] = 0;
1146 fin->fin_data[1] = orgicmp->icmp6_id;
1155 nat = nat6_inlookup(fin, flags, p,
1158 nat = nat6_outlookup(fin, flags, p,
1160 fin->fin_data[0] = data[0];
1161 fin->fin_data[1] = data[1];
1168 if (fin->fin_plen < ICMPERR_ICMPHLEN + minlen)
1171 data[0] = fin->fin_data[0];
1172 data[1] = fin->fin_data[1];
1174 fin->fin_data[0] = ntohs(tcp->th_dport);
1175 fin->fin_data[1] = ntohs(tcp->th_sport);
1178 nat = nat6_inlookup(fin, flags, p,
1181 nat = nat6_outlookup(fin, flags, p,
1184 fin->fin_data[0] = data[0];
1185 fin->fin_data[1] = data[1];
1189 return nat6_inlookup(fin, 0, p, &oip6->ip6_dst, &oip6->ip6_src);
1191 return nat6_outlookup(fin, 0, p, &oip6->ip6_dst,
1209 nat_t *nat6_icmperror(fin, nflags, dir) in nat6_icmperror() argument
1210 fr_info_t *fin; in nat6_icmperror()
1222 if ((fin->fin_flx & (FI_SHORT|FI_FRAGBODY)))
1231 if ((fin->fin_v != 6) || !(nat = nat6_icmperrorlookup(fin, dir)))
1236 icmp6 = fin->fin_dp;
1240 dlen = fin->fin_plen - ((char *)udp - (char *)fin->fin_ip);
1476 nat_t *nat6_inlookup(fin, flags, p, src, mapdst) in nat6_inlookup() argument
1477 fr_info_t *fin; in nat6_inlookup()
1488 ipf_stack_t *ifs = fin->fin_ifs;
1490 if (fin != NULL)
1491 ifp = fin->fin_ifp;
1503 sport = htons(fin->fin_data[0]);
1504 dport = htons(fin->fin_data[1]);
1508 sport = fin->fin_data[1];
1510 dport = fin->fin_data[1];
1544 if (nat->nat_call[1] != fin->fin_data[0])
1571 if (appr_match(fin, nat) != 0)
1609 if (nat->nat_p != fin->fin_p)
1621 if ((fin->fin_flx & FI_IGNORE) != 0)
1624 nat = fr_natclone(fin, nat);
1731 nat_t *nat6_outlookup(fin, flags, p, src, dst) in nat6_outlookup() argument
1732 fr_info_t *fin; in nat6_outlookup()
1742 ipf_stack_t *ifs = fin->fin_ifs;
1744 ifp = fin->fin_ifp;
1754 sport = htons(fin->fin_data[0]);
1755 dport = htons(fin->fin_data[1]);
1759 sport = fin->fin_data[1];
1761 dport = fin->fin_data[1];
1793 if (nat->nat_call[1] != fin->fin_data[0])
1811 if (appr_match(fin, nat) != 0)
1849 if (nat->nat_p != fin->fin_p)
1861 if ((fin->fin_flx & FI_IGNORE) != 0)
1864 nat = fr_natclone(fin, nat);
1939 fr_info_t fin; local
1940 bzero((char *)&fin, sizeof (fin));
1941 fin.fin_p = nat->nat_p;
1942 fin.fin_data[0] = ntohs(nat->nat_outport);
1943 fin.fin_data[1] = ntohs(nat->nat_oport);
1944 fin.fin_ifs = ifs;
1945 if (nat6_inlookup(&fin, np->nl_flags, fin.fin_p,
1970 static int nat6_match(fin, np) in nat6_match() argument
1971 fr_info_t *fin; in nat6_match()
1976 if (fin->fin_v != 6)
1979 if (np->in_p && fin->fin_p != np->in_p)
1982 if (fin->fin_out) {
1985 if (IP6_MASKNEQ(&fin->fin_src6, &np->in_in[1], &np->in_in[0])
1988 if (IP6_MASKNEQ(&fin->fin_dst6, &np->in_src[1], &np->in_src[0])
1994 if (IP6_MASKNEQ(&fin->fin_src6, &np->in_src[1], &np->in_src[0])
1997 if (IP6_MASKNEQ(&fin->fin_dst6, &np->in_out[1], &np->in_out[0])
2003 if (!(fin->fin_flx & FI_TCPUDP) ||
2004 (fin->fin_flx & (FI_SHORT|FI_FRAGBODY))) {
2010 return fr_tcpudpchk(fin, ft);
2029 int fr_checknat6out(fin, passp) in fr_checknat6out() argument
2030 fr_info_t *fin; in fr_checknat6out()
2041 ipf_stack_t *ifs = fin->fin_ifs;
2047 fr = fin->fin_fr;
2048 sifp = fin->fin_ifp;
2050 fr->fr_tifs[fin->fin_rev].fd_ifp &&
2051 fr->fr_tifs[fin->fin_rev].fd_ifp != (void *)-1)
2052 fin->fin_ifp = fr->fr_tifs[fin->fin_rev].fd_ifp;
2053 ifp = fin->fin_ifp;
2055 if (!(fin->fin_flx & FI_SHORT) && (fin->fin_off == 0)) {
2056 switch (fin->fin_p)
2069 if ((fin->fin_flx & FI_ICMPQUERY) != 0)
2078 tcp = fin->fin_dp;
2082 ipa = fin->fin_src6;
2086 if ((fin->fin_p == IPPROTO_ICMPV6) && !(nflags & IPN_ICMPQUERY) &&
2087 (nat = nat6_icmperror(fin, &nflags, NAT_OUTBOUND)))
2089 else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin)))
2091 else if ((nat = nat6_outlookup(fin, nflags|NAT_SEARCH,
2092 (u_int)fin->fin_p, &fin->fin_src6.in6,
2093 &fin->fin_dst6.in6))) {
2121 if (np->in_p && (np->in_p != fin->fin_p))
2126 if (!nat6_match(fin, np))
2141 if (appr_ok(fin, tcp, np) == 0)
2146 if (nat = nat6_new(fin, np, NULL, nflags,
2175 rval = fr_nat6out(fin, nat, natadd, nflags);
2184 fin->fin_flx |= FI_BADNAT;
2186 fin->fin_ifp = sifp;
2201 int fr_nat6out(fin, nat, natadd, nflags) in fr_nat6out() argument
2202 fr_info_t *fin; in fr_nat6out()
2212 ipf_stack_t *ifs = fin->fin_ifs;
2223 if ((natadd != 0) && (fin->fin_flx & FI_FRAG))
2224 (void) fr_nat_newfrag(fin, 0, nat);
2227 nat->nat_bytes[1] += fin->fin_plen;
2231 if (!(fin->fin_flx & FI_SHORT) && (fin->fin_off == 0)) {
2233 tcp = fin->fin_dp;
2236 fin->fin_data[0] = ntohs(nat->nat_outport);
2240 icmp6 = fin->fin_dp;
2244 csump = nat_proto(fin, nat, nflags);
2247 fin->fin_ip6->ip6_src = nat->nat_outip6.in6;
2248 fin->fin_src6 = nat->nat_outip6;
2250 nat_update(fin, nat, np);
2256 !NET_IS_HCK_L4_FULL(net_data_p, fin->fin_m))) {
2258 NET_IS_HCK_L4_PART(net_data_p, fin->fin_m)) {
2271 ipfsync_update(SMC_NAT, fin, nat->nat_sync);
2284 i = appr_check(fin, nat);
2290 fin->fin_flx |= FI_NATED;
2310 int fr_checknat6in(fin, passp) in fr_checknat6in() argument
2311 fr_info_t *fin; in fr_checknat6in()
2323 ipf_stack_t *ifs = fin->fin_ifs;
2334 ifp = fin->fin_ifp;
2336 if (!(fin->fin_flx & FI_SHORT) && (fin->fin_off == 0)) {
2337 switch (fin->fin_p)
2346 icmp6 = fin->fin_dp;
2352 if ((fin->fin_flx & FI_ICMPQUERY) != 0) {
2361 tcp = fin->fin_dp;
2366 ipa = fin->fin_dst6;
2370 if ((fin->fin_p == IPPROTO_ICMPV6) && !(nflags & IPN_ICMPQUERY) &&
2371 (nat = nat6_icmperror(fin, &nflags, NAT_INBOUND)))
2373 else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin)))
2375 else if ((nat = nat6_inlookup(fin, nflags|NAT_SEARCH, (u_int)fin->fin_p,
2376 &fin->fin_src6.in6, &ipa.in6))) {
2401 if (np->in_v != fin->fin_v)
2403 if (np->in_p && (np->in_p != fin->fin_p))
2408 if (!nat6_match(fin, np))
2422 if (!appr_ok(fin, tcp, np)) {
2428 nat = nat6_new(fin, np, NULL, nflags, NAT_INBOUND);
2457 rval = fr_nat6in(fin, nat, natadd, nflags);
2466 fin->fin_flx |= FI_BADNAT;
2484 int fr_nat6in(fin, nat, natadd, nflags) in fr_nat6in() argument
2485 fr_info_t *fin; in fr_nat6in()
2494 ipf_stack_t *ifs = fin->fin_ifs;
2503 fin->fin_fr = nat->nat_fr;
2505 if ((natadd != 0) && (fin->fin_flx & FI_FRAG))
2506 (void) fr_nat_newfrag(fin, 0, nat);
2522 i = appr_check(fin, nat);
2531 ipfsync_update(SMC_NAT, fin, nat->nat_sync);
2535 nat->nat_bytes[0] += fin->fin_plen;
2539 fin->fin_ip6->ip6_dst = nat->nat_inip6.in6;
2540 fin->fin_dst6 = nat->nat_inip6;
2543 tcp = fin->fin_dp;
2545 if (!(fin->fin_flx & FI_SHORT) && (fin->fin_off == 0)) {
2548 fin->fin_data[1] = ntohs(nat->nat_inport);
2553 icmp6 = fin->fin_dp;
2558 csump = nat_proto(fin, nat, nflags);
2561 nat_update(fin, nat, np);
2576 NET_IS_HCK_L4_PART(net_data_p, fin->fin_m)) {
2585 csump = &fin->fin_m->b_datap->db_cksum16;
2594 fin->fin_flx |= FI_NATED;
2596 fin->fin_nattag = &np->in_tag;