1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2015-2019 Yandex LLC 5 * Copyright (c) 2015-2019 Andrey V. Elsukov <ae@FreeBSD.org> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #ifndef _IP_FW_NAT64_H_ 30 #define _IP_FW_NAT64_H_ 31 32 #define DPRINTF(mask, fmt, ...) \ 33 if (V_nat64_debug & (mask)) \ 34 printf("NAT64: %s: " fmt "\n", __func__, ## __VA_ARGS__) 35 #define DP_GENERIC 0x0001 36 #define DP_OBJ 0x0002 37 #define DP_JQUEUE 0x0004 38 #define DP_STATE 0x0008 39 #define DP_DROPS 0x0010 40 #define DP_ALL 0xFFFF 41 42 VNET_DECLARE(int, nat64_debug); 43 #define V_nat64_debug VNET(nat64_debug) 44 45 #if 0 46 #define NAT64NOINLINE __noinline 47 #else 48 #define NAT64NOINLINE 49 #endif 50 51 int nat64stl_init(struct ip_fw_chain *ch, int first); 52 void nat64stl_uninit(struct ip_fw_chain *ch, int last); 53 int nat64lsn_init(struct ip_fw_chain *ch, int first); 54 void nat64lsn_uninit(struct ip_fw_chain *ch, int last); 55 int nat64clat_init(struct ip_fw_chain *ch, int first); 56 void nat64clat_uninit(struct ip_fw_chain *ch, int last); 57 58 #define NAT64_DEFINE_OPCODE_REWRITER(mod, name, ops) \ 59 static int \ 60 mod ## _classify(ipfw_insn *cmd0, uint32_t *puidx, uint8_t *ptype) \ 61 { \ 62 ipfw_insn *icmd; \ 63 icmd = cmd0 - F_LEN(cmd0); \ 64 if (icmd->opcode != O_EXTERNAL_ACTION || \ 65 insntod(icmd, kidx)->kidx != V_ ## mod ## _eid) \ 66 return (1); \ 67 *puidx = insntod(cmd0, kidx)->kidx; \ 68 *ptype = 0; \ 69 return (0); \ 70 } \ 71 static void \ 72 mod ## _update_kidx(ipfw_insn *cmd0, uint32_t idx) \ 73 { \ 74 insntod(cmd0, kidx)->kidx = idx; \ 75 } \ 76 static int \ 77 mod ## _findbyname(struct ip_fw_chain *ch, struct tid_info *ti, \ 78 struct named_object **pno) \ 79 { \ 80 return (ipfw_objhash_find_type(CHAIN_TO_SRV(ch), ti, \ 81 IPFW_TLV_## name ## _NAME, pno)); \ 82 } \ 83 static struct named_object * \ 84 mod ## _findbykidx(struct ip_fw_chain *ch, uint32_t idx) \ 85 { \ 86 struct namedobj_instance *ni; \ 87 struct named_object *no; \ 88 IPFW_UH_WLOCK_ASSERT(ch); \ 89 ni = CHAIN_TO_SRV(ch); \ 90 no = ipfw_objhash_lookup_kidx(ni, idx); \ 91 KASSERT(no != NULL, ("NAT with index %u not found", idx)); \ 92 return (no); \ 93 } \ 94 static struct opcode_obj_rewrite ops[] = { \ 95 { \ 96 .opcode = O_EXTERNAL_INSTANCE, \ 97 .etlv = IPFW_TLV_EACTION /* just show it isn't table */,\ 98 .classifier = mod ## _classify, \ 99 .update = mod ## _update_kidx, \ 100 .find_byname = mod ## _findbyname, \ 101 .find_bykidx = mod ## _findbykidx, \ 102 .manage_sets = mod ## _manage_sets, \ 103 }, \ 104 } 105 106 #endif /* _IP_FW_NAT64_H_ */ 107