1 /* 2 * Copyright (c) 2014 The DragonFly Project. All rights reserved. 3 * 4 * This code is derived from software contributed to The DragonFly Project 5 * by Bill Yuan <bycn82@gmail.com> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in 15 * the documentation and/or other materials provided with the 16 * distribution. 17 * 3. Neither the name of The DragonFly Project nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific, prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #ifndef _IP_FW_NAT_H 36 #define _IP_FW_NAT_H 37 38 #define MODULE_NAT_ID 4 39 #define MODULE_NAT_NAME "nat" 40 41 #ifdef _KERNEL 42 MALLOC_DEFINE(M_IPFW_NAT, "IPFW3/NAT", "IPFW3/NAT 's"); 43 #endif 44 45 enum ipfw_nat_opcodes { 46 O_NAT_NAT, 47 }; 48 49 struct ipfw_ioc_nat_state { 50 struct in_addr src_addr; 51 struct in_addr dst_addr; 52 struct in_addr alias_addr; 53 int link_type; 54 int timestamp; 55 int expire_time; 56 int nat_id; 57 u_short src_port; 58 u_short dst_port; 59 u_short alias_port; 60 }; 61 62 /* Redirect modes id. */ 63 #define REDIR_ADDR 0x01 64 #define REDIR_PORT 0x02 65 #define REDIR_PROTO 0x04 66 67 /* Server pool support (LSNAT). */ 68 struct cfg_spool { 69 LIST_ENTRY(cfg_spool) _next; /* chain of spool instances */ 70 struct in_addr addr; 71 u_short port; 72 }; 73 74 struct cfg_redir { 75 LIST_ENTRY(cfg_redir) _next; /* chain of redir instances */ 76 u_int16_t mode; /* type of redirect mode */ 77 struct in_addr laddr; /* local ip address */ 78 struct in_addr paddr; /* public ip address */ 79 struct in_addr raddr; /* remote ip address */ 80 u_short lport; /* local port */ 81 u_short pport; /* public port */ 82 u_short rport; /* remote port */ 83 u_short pport_cnt; /* number of public ports */ 84 u_short rport_cnt; /* number of remote ports */ 85 int proto; /* protocol: tcp/udp */ 86 struct alias_link **alink; 87 /* num of entry in spool chain */ 88 u_int16_t spool_cnt; 89 /* chain of spool instances */ 90 LIST_HEAD(spool_chain, cfg_spool) spool_chain; 91 }; 92 93 /* Nat configuration data struct. */ 94 struct cfg_nat { 95 /* chain of nat instances */ 96 LIST_ENTRY(cfg_nat) _next; 97 int id; /* nat id */ 98 struct in_addr ip; /* nat ip address */ 99 char if_name[IF_NAMESIZE]; /* interface name */ 100 int mode; /* aliasing mode */ 101 struct libalias *lib; /* libalias instance */ 102 /* number of entry in spool chain */ 103 int redir_cnt; 104 /* chain of redir instances */ 105 LIST_HEAD(redir_chain, cfg_redir) redir_chain; 106 }; 107 108 #define SOF_NAT sizeof(struct cfg_nat) 109 #define SOF_REDIR sizeof(struct cfg_redir) 110 #define SOF_SPOOL sizeof(struct cfg_spool) 111 112 /* Nat command. */ 113 typedef struct _ipfw_insn_nat { 114 ipfw_insn o; 115 struct cfg_nat *nat; 116 } ipfw_insn_nat; 117 118 #define LOOKUP_NAT(l, i, p) do { \ 119 LIST_FOREACH((p), &(l.nat), _next){ \ 120 if((p)->id == (i)){ \ 121 break; \ 122 } \ 123 } \ 124 } while (0) 125 126 #define HOOK_NAT(b, p) do { \ 127 LIST_INSERT_HEAD(b, p, _next); \ 128 } while (0) 129 130 #define UNHOOK_NAT(p) do { \ 131 LIST_REMOVE(p, _next); \ 132 } while (0) 133 134 #define HOOK_REDIR(b, p) do { \ 135 LIST_INSERT_HEAD(b, p, _next); \ 136 } while (0) 137 138 #define HOOK_SPOOL(b, p) do { \ 139 LIST_INSERT_HEAD(b, p, _next); \ 140 } while (0) 141 142 #endif 143