|
Revision tags: v6.2.1, v6.2.0, v6.3.0, v6.0.1, v6.0.0, v6.0.0rc1, v6.1.0, v5.8.3, v5.8.2, v5.8.1, v5.8.0, v5.9.0, v5.8.0rc1, v5.6.3, v5.6.2, v5.6.1, v5.6.0, v5.6.0rc1, v5.7.0, v5.4.3, v5.4.2, v5.4.1, v5.4.0, v5.5.0, v5.4.0rc1, v5.2.2, v5.2.1 |
|
| #
4408d548 |
| 12-May-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3_nat: highspeed lockless in-kernel NAT
RB-Tree to stored the state for the outgoing packets, and multidimentional
array of pointers to keep the state for the incoming packets.
|
| #
ca9d3a28 |
| 13-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: move the implementation back to *.c file
|
| #
936e3df8 |
| 13-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: kernel NAT without libalias
More than just one address can be configured in each NAT
configuraton and each coming packet will be translated to
one of these addresses randomly.
e.g.
ip
ipfw3nat: kernel NAT without libalias
More than just one address can be configured in each NAT
configuraton and each coming packet will be translated to
one of these addresses randomly.
e.g.
ipfw3 nat 1 config ip 192.168.1.1 192.168.1.2
A schedule will automatically purge the expired translations.
and its interval can be configure via below sysctl variables.
net.inet.ip.fw3_nat.udp_timeout
net.inet.ip.fw3_nat.tcp_timeout
net.inet.ip.fw3_nat.icmp_timeout
show more ...
|
| #
8e040fac |
| 13-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: show translations
same as 'show ip nat translations'
|
| #
cea1826c |
| 13-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: release the nat context during fini
|
| #
df0c223e |
| 09-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: add conf in kernel
|
| #
c8ac7327 |
| 08-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: move implimentation back to *.c file
|
| #
4bff2121 |
| 08-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: cleanup for LINT64 build
|
| #
71194d7a |
| 08-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: standardize the function names
prefix:
ip_fw3_ - function in kernel space
ipfw_ - function in userland.
|
| #
c42f8166 |
| 08-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: RB_tree to keep the translation records
|
| #
825a5d27 |
| 08-Apr-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3nat: cleanup 2
|
|
Revision tags: v5.2.0, v5.3.0, v5.2.0rc |
|
| #
93234d8a |
| 21-Jan-2018 |
zrj <rimvydas.jasinskas@gmail.com> |
ipfw3_nat: Reindent switch cases.
No functional change.
While there, make add_redir_spool_cfg() and del_redir_spool_cfg() static.
|
|
Revision tags: v5.0.2, v5.0.1, v5.0.0, v5.0.0rc2, v5.1.0, v5.0.0rc1, v4.8.1 |
|
| #
981dc56d |
| 26-Jun-2017 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3_nat: move func prototype into header
|
|
Revision tags: v4.8.0, v4.6.2, v4.9.0, v4.8.0rc, v4.6.1, v4.6.0, v4.6.0rc2, v4.6.0rc, v4.7.0 |
|
| #
9187b359 |
| 21-Jun-2016 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3: lockless in-kernel NAT
The libalias is used in kernel space for in-kernel NAT, and its alias_link
entries are stored with LIST. so all the packets which need to be NAT will scan
against the L
ipfw3: lockless in-kernel NAT
The libalias is used in kernel space for in-kernel NAT, and its alias_link
entries are stored with LIST. so all the packets which need to be NAT will scan
against the LIST and trying to find the matched alias_link. by seperating the
libalias into context of different CPUs, the lock can be removed. and due to the
nature of NAT, the outgoing and incoming packets are possible to be handled by
different CPUs, to ensure the returning packet can be translated properly, the
newly created alias_link is required to be duplicated and inserted into contexts
of both CPUs.
e.g.
ipfw3 nat 1 config if em0
ipfw3 nat 1 all via em0
ipfw3 nat 1 show state
show more ...
|
|
Revision tags: v4.4.3, v4.4.2, v4.4.1, v4.4.0, v4.5.0, v4.4.0rc, v4.2.4, v4.3.1, v4.2.3, v4.2.1, v4.2.0 |
|
| #
0fe3a974 |
| 21-Jun-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: show NAT records
show all 'NAT records' which relate to the 'NAT config 1'
which is same as 'ip show nat translation' in CISCO routers.
usage:
ipfw3 nat 1 show state
|
|
Revision tags: v4.0.6, v4.3.0, v4.2.0rc, v4.0.5 |
|
| #
6a03354e |
| 12-Mar-2015 |
Matthew Dillon <dillon@apollo.backplane.com> |
ipfw2 - Rename FreeBSD ipfw port to ipfw3
* Rename all elements of the port to ipfw3 to reduce confusion.
|