Lines Matching defs:nat

62 static	ipnat_t		*nat = NULL;
119 line:	xx rule		{ while ((nat = nattop) != NULL) {
120 				if (nat->in_v == 0)
121 					nat->in_v = 4;
122 				nattop = nat->in_next;
123 				(*nataddfunc)(natfd, natioctlfunc, nat);
124 				free(nat);
156 				  bcopy(&$3.a, &nat->in_in[0], sizeof($3.a));
157 				  bcopy(&$3.m, &nat->in_in[1], sizeof($3.a));
158 				  bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
159 				  bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
160 				  if (nat->in_ifnames[1][0] == '\0')
161 					strncpy(nat->in_ifnames[1],
162 						nat->in_ifnames[0],
163 						sizeof(nat->in_ifnames[0]));
164 				  if ((nat->in_flags & IPN_TCPUDP) == 0)
165 					setnatproto(nat->in_p);
166 				  if (((nat->in_redir & NAT_MAPBLK) != 0) ||
167 				      ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
168 					nat_setgroupmap(nat);
173 				  bcopy(&$3.a, &nat->in_in[0], sizeof($3.a));
174 				  bcopy(&$3.m, &nat->in_in[1], sizeof($3.a));
175 				  bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
176 				  bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
177 				  if (nat->in_ifnames[1][0] == '\0')
178 					strncpy(nat->in_ifnames[1],
179 						nat->in_ifnames[0],
180 						sizeof(nat->in_ifnames[0]));
181 				  if ((nat->in_flags & IPN_TCPUDPICMPQ) == 0)
182 					setnatproto(nat->in_p);
183 				  if (((nat->in_redir & NAT_MAPBLK) != 0) ||
184 				      ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
185 					nat_setgroupmap(nat);
190 				  bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
191 				  bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
192 				  if (nat->in_ifnames[1][0] == '\0')
193 					strncpy(nat->in_ifnames[1],
194 						nat->in_ifnames[0],
195 						sizeof(nat->in_ifnames[0]));
196 				  if ((nat->in_flags & IPN_TCPUDP) == 0)
197 					setnatproto(nat->in_p);
198 				  if (((nat->in_redir & NAT_MAPBLK) != 0) ||
199 				      ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
200 					nat_setgroupmap(nat);
205 				  bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
206 				  bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
207 				  if (nat->in_ifnames[1][0] == '\0')
208 					strncpy(nat->in_ifnames[1],
209 						nat->in_ifnames[0],
210 						sizeof(nat->in_ifnames[0]));
211 				  if ((nat->in_flags & IPN_TCPUDPICMPQ) == 0)
212 					setnatproto(nat->in_p);
213 				  if (((nat->in_redir & NAT_MAPBLK) != 0) ||
214 				      ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
215 					nat_setgroupmap(nat);
223 				  bcopy(&$3.a, &nat->in_in[0], sizeof($3.a));
224 				  bcopy(&$3.m, &nat->in_in[1], sizeof($3.a));
225 				  bcopy(&$5.a, &nat->in_out[0], sizeof($5.a));
226 				  bcopy(&$5.m, &nat->in_out[1], sizeof($5.a));
227 				  if (nat->in_ifnames[1][0] == '\0')
228 					strncpy(nat->in_ifnames[1],
229 						nat->in_ifnames[0],
230 						sizeof(nat->in_ifnames[0]));
231 				  if ((nat->in_flags & IPN_TCPUDP) == 0)
232 					setnatproto(nat->in_p);
233 				  if (((nat->in_redir & NAT_MAPBLK) != 0) ||
234 				      ((nat->in_flags & IPN_AUTOPORTMAP) != 0))
235 					nat_setgroupmap(nat);
242 				  bcopy(&$3.a, &nat->in_out[0], sizeof($3.a));
243 				  bcopy(&$3.m, &nat->in_out[1], sizeof($3.a));
244 				  if (nat->in_ifnames[1][0] == '\0')
245 					strncpy(nat->in_ifnames[1],
246 						nat->in_ifnames[0],
247 						sizeof(nat->in_ifnames[0]));
248 				  if ((nat->in_p == 0) &&
249 				      ((nat->in_flags & IPN_TCPUDP) == 0) &&
250 				      (nat->in_pmin != 0 ||
251 				       nat->in_pmax != 0 ||
252 				       nat->in_pnext != 0))
258 				  if ((nat->in_p == 0) &&
259 				      ((nat->in_flags & IPN_TCPUDP) == 0) &&
260 				      (nat->in_pmin != 0 ||
261 				       nat->in_pmax != 0 ||
262 				       nat->in_pnext != 0))
264 				  if (nat->in_ifnames[1][0] == '\0')
265 					strncpy(nat->in_ifnames[1],
266 						nat->in_ifnames[0],
267 						sizeof(nat->in_ifnames[0]));
272 				  bcopy(&$3.a, &nat->in_out[0], sizeof($3.a));
273 				  bcopy(&$3.m, &nat->in_out[1], sizeof($3.a));
274 				  if (nat->in_ifnames[1][0] == '\0')
275 					strncpy(nat->in_ifnames[1],
276 						nat->in_ifnames[0],
277 						sizeof(nat->in_ifnames[0]));
282 			{ strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel));
283 			  if (nat->in_dcmp == 0) {
284 				nat->in_dport = htons($3);
285 			  } else if ($3 != nat->in_dport) {
293 			  strncpy(nat->in_plabel, $4, sizeof(nat->in_plabel));
297 			  nat->in_dport = pnum;
305 	| proto				{ if (nat->in_p != 0 ||
306 					      nat->in_flags & IPN_TCPUDP)
310 	| IPNY_TCPUDP			{ if (nat->in_p != 0 ||
311 					      nat->in_flags & IPN_TCPUDP)
313 					  nat->in_flags |= IPN_TCPUDP;
314 					  nat->in_p = 0;
316 	| IPNY_TCP '/' IPNY_UDP		{ if (nat->in_p != 0 ||
317 					      nat->in_flags & IPN_TCPUDP)
319 					  nat->in_flags |= IPN_TCPUDP;
320 					  nat->in_p = 0;
328 						$$.v = nat->in_v;
337 					  nat->in_flags |= IPN_IPRANGE;
342 	hostname			{ bcopy(&$1.a, &nat->in_in[0],
345 						$1.v = nat->in_v;
347 						nat->in_inmsk = 0xffffffff;
349 						nat->in_in[1].i6[0] = 0xffffffff;
350 						nat->in_in[1].i6[1] = 0xffffffff;
351 						nat->in_in[1].i6[2] = 0xffffffff;
352 						nat->in_in[1].i6[3] = 0xffffffff;
357 						$1.v = nat->in_v;
373 					  bcopy(&$1.a, &nat->in_in[0],
376 						(u_32_t *)&nat->in_in[1]);
377 					  nat->in_in[0].i6[0] &= nat->in_in[1].i6[0];
378 					  nat->in_in[0].i6[0] &= nat->in_in[1].i6[1];
379 					  nat->in_in[0].i6[0] &= nat->in_in[1].i6[2];
380 					  nat->in_in[0].i6[0] &= nat->in_in[1].i6[3];
381 					  nat->in_v = $1.v;
389 					  nat->in_flags |= IPN_SPLIT;
390 					  bcopy(&$1.a, &nat->in_in[0],
392 					  bcopy(&$4.a, &nat->in_in[1],
409 dport:	| IPNY_PORT portspec			{ nat->in_pmin = htons($2);
410 						  nat->in_pmax = htons($2); }
411 	| IPNY_PORT portspec '-' portspec	{ nat->in_pmin = htons($2);
412 						  nat->in_pmax = htons($4); }
413 	| IPNY_PORT portspec ':' portspec	{ nat->in_pmin = htons($2);
414 						  nat->in_pmax = htons($4); }
417 nport:	IPNY_PORT portspec		{ nat->in_pnext = htons($2); }
418 	| IPNY_PORT '=' portspec	{ nat->in_pnext = htons($3);
419 					  nat->in_flags |= IPN_FIXEDDPORT;
423 ports:	| IPNY_PORTS YY_NUMBER		{ nat->in_pmin = $2; }
424 	| IPNY_PORTS IPNY_AUTO		{ nat->in_flags |= IPN_AUTOPORTMAP; }
427 mapit:	IPNY_MAP			{ nat->in_redir = NAT_MAP; }
428 	| IPNY_BIMAP			{ nat->in_redir = NAT_BIMAP; }
431 rdrit:	IPNY_RDR			{ nat->in_redir = NAT_REDIRECT; }
435 	IPNY_MAPBLOCK			{ nat->in_redir = NAT_MAPBLK; }
448 					  nat->in_flags |= IPN_NOTDST;
463 					  nat->in_flags |= IPN_NOTSRC;
468 from:	IPNY_FROM			{ nat->in_flags |= IPN_FILTER;
477 ifname:	YY_STR			{ strncpy(nat->in_ifnames[0], $1,
478 					  sizeof(nat->in_ifnames[0]));
479 				  nat->in_ifnames[0][LIFNAMSIZ - 1] = '\0';
485 	YY_STR			{ strncpy(nat->in_ifnames[1], $1,
486 					  sizeof(nat->in_ifnames[1]));
487 				  nat->in_ifnames[1][LIFNAMSIZ - 1] = '\0';
494 			{ nat->in_pmin = htons($3);
495 			  nat->in_pmax = htons($5);
498 			{ nat->in_flags |= IPN_AUTOPORTMAP;
499 			  nat->in_pmin = htons(1024);
500 			  nat->in_pmax = htons(65535);
511 			  nat->in_flags = IPN_ICMPQUERY;
512 			  nat->in_pmin = htons($3);
513 			  nat->in_pmax = htons($5);
518 	| IPNY_SEQUENTIAL	{ nat->in_flags |= IPN_SEQUENTIAL; }
523 	| saddr IPNY_PORT portstuff	{ nat->in_sport = $3.p1;
524 					  nat->in_stop = $3.p2;
525 					  nat->in_scmp = $3.pc;
530 saddr:	addr				{ if (nat->in_redir == NAT_REDIRECT) {
531 						bcopy(&$1.a, &nat->in_src[0],
533 						bcopy(&$1.m, &nat->in_src[1],
536 						bcopy(&$1.a, &nat->in_in[0],
538 						bcopy(&$1.m, &nat->in_in[1],
547 	| daddr IPNY_PORT portstuff	{ nat->in_dport = $3.p1;
548 					  nat->in_dtop = $3.p2;
549 					  nat->in_dcmp = $3.pc;
550 					  if (nat->in_redir == NAT_REDIRECT)
551 						nat->in_pmin = htons($3.p1);
555 daddr:	addr				{ if (nat->in_redir == NAT_REDIRECT) {
556 						bcopy(&$1.a, &nat->in_out[0],
558 						bcopy(&$1.m, &nat->in_out[1],
561 						bcopy(&$1.a, &nat->in_src[0],
563 						bcopy(&$1.m, &nat->in_src[1],
573 					  $$.v = nat->in_v;
597 						nat->in_v = $1.v;
658 nattag:	| IPNY_TAG YY_STR		{ strncpy(nat->in_tag.ipt_tag, $2,
659 						  sizeof(nat->in_tag.ipt_tag));
662 rr:	| IPNY_ROUNDROBIN		{ nat->in_flags |= IPN_ROUNDR; }
665 frag:	| IPNY_FRAG			{ nat->in_flags |= IPN_FRAG; }
668 age:	| IPNY_AGE YY_NUMBER			{ nat->in_age[0] = $2;
669 						  nat->in_age[1] = $2; }
670 	| IPNY_AGE YY_NUMBER '/' YY_NUMBER	{ nat->in_age[0] = $2;
671 						  nat->in_age[1] = $4; }
674 sticky:	| IPNY_STICKY			{ if (!(nat->in_flags & IPN_ROUNDR) &&
675 					      !(nat->in_flags & IPN_SPLIT)) {
679 						nat->in_flags |= IPN_STICKY;
684 	| IPNY_MSSCLAMP YY_NUMBER		{ nat->in_mssclamp = $2; }
689 	| IPNY_TCPUDP			{ nat->in_flags |= IPN_TCPUDP;
690 					  nat->in_p = 0;
692 	| IPNY_TCP '/' IPNY_UDP		{ nat->in_flags |= IPN_TCPUDP;
693 					  nat->in_p = 0;
699 					{ strncpy(nat->in_plabel, $2,
700 						  sizeof(nat->in_plabel));
701 					  nat->in_dport = nat->in_pnext;
702 					  nat->in_dport = htons(nat->in_dport);
705 	| proxy				{ if (nat->in_plabel[0] != '\0') {
706 						  nat->in_pmin = nat->in_dport;
707 						  nat->in_pmax = nat->in_pmin;
708 						  nat->in_pnext = nat->in_pmin;
736 						nat->in_v = $$.v;
744 						$$.v = nat->in_v;
746 						nat->in_v = $$.v;
749 					  nat->in_v = 4;
753 					  nat->in_v = 6;
912 	if (nat == NULL)
913 		nattop = nat = n;
915 		nat->in_next = n;
916 		nat = n;
924 	nat->in_p = p;
929 		nat->in_flags |= IPN_TCP;
930 		nat->in_flags &= ~IPN_UDP;
933 		nat->in_flags |= IPN_UDP;
934 		nat->in_flags &= ~IPN_TCP;
937 		nat->in_flags &= ~IPN_TCPUDP;
938 		if (!(nat->in_flags & IPN_ICMPQUERY)) {
939 			nat->in_dcmp = 0;
940 			nat->in_scmp = 0;
941 			nat->in_pmin = 0;
942 			nat->in_pmax = 0;
943 			nat->in_pnext = 0;
947 		if ((nat->in_redir & NAT_MAPBLK) == 0) {
949 			if (0 == nat->in_tuc.ftu_dport)
950 				nat->in_dcmp = 0;
951 			if (0 == nat->in_tuc.ftu_sport)
952 				nat->in_scmp = 0;
953 			nat->in_pmin = 0;
954 			nat->in_pmax = 0;
955 			nat->in_pnext = 0;
956 			nat->in_flags &= ~IPN_TCPUDP;
961 	if ((nat->in_flags & (IPN_TCPUDP|IPN_FIXEDDPORT)) == IPN_FIXEDDPORT)
962 		nat->in_flags &= ~IPN_FIXEDDPORT;
1028 				perror("ioctl(delete nat rule)");
1035 				perror("ioctl(add/insert nat rule)");