Page MenuHomeFreeBSD
Differential D23461

netgraph: Add RFC 6598/Carrier Grade NAT support to ng_nat
ClosedPublic
Actions

Authored by nc on Feb 2 2020, 12:18 AM.
Tags
Referenced Files
Unknown Object (File)
Wed, Jan 8, 12:09 PM
Unknown Object (File)
Fri, Dec 20, 4:15 AM
Unknown Object (File)
Fri, Dec 13, 12:12 AM
Unknown Object (File)
Nov 29 2024, 11:14 PM
Unknown Object (File)
Nov 21 2024, 9:06 AM
Unknown Object (File)
Nov 18 2024, 4:29 PM
Unknown Object (File)
Nov 18 2024, 3:50 PM
Unknown Object (File)
Sep 17 2024, 2:12 AM
View All 68 Files
Subscribers
bcr
donner
imp
kp
network

Details

Reviewers
ae
melifaro
donner
rgrimes
adrian
kp
Group Reviewers
manpages
Commits
rGd65b86dd9325: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support
rGe600af01eeba: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support
rG8790393123f1: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support
rG5fe433a6e4d8: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support
Summary

netgraph: Add RFC 6598/Carrier Grade NAT support to ng_nat.

This extends upon the RFC 6598 support to libalias/ipfw in r357092.

Submitted by: Neel Chauhan <neel AT neelc DOT org>

Test Plan

Load the kernel module

kldunload ng_ipfw

Replace WAN_IP with the WAN IPv4, and WAN_IF with the WAN interface.

Set the netgraph rules.

ngctl mkpeer ipfw: nat 60 out
ngctl name ipfw:60 nat
ngctl connect ipfw: nat: 61 in
ngctl msg nat: setaliasaddr WAN_IP
ngctl msg nat: setmode "{flags=0x100}"

Set the ipfw rules.

ipfw add 300 netgraph 61 all from any to any in via WAN_IF
ipfw add 400 netgraph 60 all from any to any out via WAN_IF

Set the sysctl:

sysctl net.inet.ip.fw.one_pass=0

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

nc created this revision.Feb 2 2020, 12:18 AM
Herald added a reviewer: manpages. · View Herald TranscriptFeb 2 2020, 12:18 AM
Herald added subscribers: donner, imp. · View Herald Transcript
donner added a comment.Feb 3 2020, 7:23 AM

Of course, the change is straight forward, but can we please have some words in the man page explaining how the names of the flags match the correspondent names in libalias.

nc updated this revision to Diff 68239.Feb 13 2020, 4:09 AM

I added the explanation in the man page.

donner accepted this revision.Feb 13 2020, 8:05 AM
This revision is now accepted and ready to land.Feb 13 2020, 8:05 AM
bcr accepted this revision as: manpages.Feb 13 2020, 8:10 AM
bcr added a subscriber: bcr.

Manpages is also good with this change. Thanks for the implementation.

melifaro added a comment.Jul 4 2020, 8:36 AM

Can you please add "TESTING" section?

nc edited the test plan for this revision. (Show Details)Jul 4 2020, 2:46 PM

Here, added the testing section.

rgrimes added a reviewer: rgrimes.Jul 4 2020, 4:09 PM
nc added a project: network.Jul 4 2020, 6:29 PM
nc added a subscriber: network.
adrian accepted this revision.Jul 5 2020, 5:26 PM
kp accepted this revision.Jan 24 2021, 4:33 PM
kp added a subscriber: kp.

Approved by: kp (mentor)

Don't forget to update the man page date before you commit.

Closed by commit rG5fe433a6e4d8: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support (authored by nc, committed by donner). · Explain WhyJan 24 2021, 7:41 PM
This revision was automatically updated to reflect the committed changes.
Lutz Donnerhacke <donner@FreeBSD.org> added a commit: rG5fe433a6e4d8: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support.
donner added a commit: rG8790393123f1: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support.Feb 25 2021, 10:08 AM
donner added a commit: rGe600af01eeba: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support.
donner added a commit: rGd65b86dd9325: netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support.Feb 25 2021, 10:22 AM

Revision Contents
Changeset List

PathSize
share/
man/
man4/
8 lines
sys/
netgraph/
1 line
2 lines

Diff 82827

View Options

share/man/man4/ng_nat.4

Loading...
View Options

sys/netgraph/ng_nat.h

Loading...
View Options

sys/netgraph/ng_nat.c

Loading...