Lines Matching +full:sig +full:- +full:dir +full:- +full:cmd
1 .\"-
41 library is a collection of functions for aliasing and de-aliasing of IP
48 Incoming packets are then de-aliased so that they are sent to the correct
52 In the simplest mode of operation, a many-to-one address mapping takes
55 In addition, one-to-one mappings between local and public addresses can
59 many-to-one mappings.
76 .Bd -ragged -offset indent
88 .Bl -item -offset indent -compact
111 .Bd -ragged -offset indent
126 .Bd -ragged -offset indent
129 All outgoing packets are re-mapped to this address unless overridden by a
142 address may or may not change on successive dial-up attempts.
147 the aliasing address on a packet-to-packet basis (it is a low overhead call).
154 .Bd -ragged -offset indent
163 .Bl -tag -width indent
183 This mode bit is useful for implementing a one-way firewall.
185 If this mode bit is set, the packet-aliasing engine will attempt to leave
205 10.0.0.0 -> 10.255.255.255 (Class A subnet)
206 172.16.0.0 -> 172.31.255.255 (Class B subnets)
207 192.168.0.0 -> 192.168.255.255 (Class C subnets)
217 100.64.0.0 -> 100.127.255.255 (RFC 6598 subnet)
226 between dial-up attempts.
234 .Xr ipfirewall 4 -
241 (e.g.\& kill -9),
278 .Bd -ragged -offset indent
287 .Bd -ragged -offset indent
313 .Bd -ragged -offset indent
315 de-aliased by this function.
324 .Bl -tag -width indent
328 The packet was ignored and not de-aliased.
345 and de-alias them with
354 .Bd -ragged -offset indent
369 .Bl -tag -width indent
384 Individual ports can be re-mapped or static network address translations can
398 .Bd -ragged -offset indent
439 The remote port specification will almost always be zero, but non-zero
468 .Bd -ragged -offset indent
541 .Bd -ragged -offset indent
548 in the server pool, using a real-time load sharing algorithm.
557 host is selected on a round-robin basis only, without regard to load on
578 This function returns 0 on success, \-1 otherwise.
583 .Bd -ragged -offset indent
597 This function returns 0 on success, \-1 otherwise.
602 .Bd -ragged -offset indent
617 .Fn LibAliasProxyRule "struct libalias *" "const char *cmd"
618 .Bd -ragged -offset indent
620 .Fa cmd
625 .Bl -tag -width indent
717 .Bd -ragged -offset indent
740 Non-zero remote addresses can sometimes be useful for firewalling.
765 subsequent fragments will be re-mapped in the same manner the header
772 .Bd -ragged -offset indent
797 .Bd -ragged -offset indent
818 .Bd -ragged -offset indent
821 it can then be de-aliased with a call to
827 is the pointer to the packet to be de-aliased.
834 .Bd -ragged -offset indent
840 for inbound (ext -> int) traffic.
845 .Bd -ragged -offset indent
846 When an incoming packet not associated with any pre-existing aliasing link
866 .Bd -ragged -offset indent
870 protocol-specific headers (TCP, UDP, ICMP).
877 The 16-bit checksum field should be zeroed before computing the checksum.
888 .Bd -ragged -offset indent
896 This function can be used if an already-aliased packet needs to have its
914 which is a 7-tuple describing a specific translation:
915 .Bd -literal -offset indent
963 .Bd -literal -offset indent
976 .Bd -literal -offset indent
1004 the ability to load/unload support for new protocols at run-time.
1041 .Bd -literal -offset indent
1067 .Dl "kill -HUP <process_pid>"
1075 .Bd -literal
1091 .Bd -literal
1094 int16_t dir;
1105 .Bl -inset
1109 .It Va dir
1151 .Bd -literal -offset indent
1157 &ud->uh_sport, /* original source port */
1158 &ud->uh_dport, /* original dest port */
1177 .Bl -tag -width indent
1223 .Bd -literal
1229 * dlopen() - use this ptr to get access
1237 .Bl -inset
1258 .Bd -literal
1262 .dir = IN|OUT,
1296 .Bd -literal
1325 .Bd -literal
1352 .Bl -enum
1378 .Bd -literal -offset indent
1380 signal_handler(int sig)
1398 .Fn RefreshAddr "int sig __unused" :
1411 .Bd -literal
1418 * ptr to an auto-malloced
1447 versions 1.0 - 1.8, 2.0 - 2.4.
1466 .Bd -ragged -offset indent
1467 .An -split