Lines Matching refs:np
216 ipnat_t **np;
239 np = softn->ipf_nat_rdr_rules + hv;
240 while (*np != NULL)
241 np = &(*np)->in_rnext;
243 n->in_prnext = np;
246 *np = n;
263 ipnat_t **np;
280 np = softn->ipf_nat_map_rules + hv;
281 while (*np != NULL)
282 np = &(*np)->in_mnext;
284 n->in_pmnext = np;
287 *np = n;
356 /* Parameters: np(I) - pointer to NAT rule */
367 ipf_nat6_hostmap(ipf_nat_softc_t *softn, ipnat_t *np, i6addr_t *src,
389 ((np == NULL) || (np == hm->hm_ipnat)) &&
396 if (np == NULL) {
413 hm->hm_ipnat = np;
414 np->in_use++;
456 ipnat_t *np;
466 np = ni->nai_np;
467 st_ip = np->in_snip6;
468 st_port = np->in_spnext;
486 in = np->in_nsrc.na_nextaddr;
492 hm = ipf_nat6_hostmap(softn, np, &fin->fin_src6,
502 if (IP6_ISONES(&np->in_nsrcmsk6) && (np->in_spnext == 0)) {
509 if ((np->in_redir == NAT_BIMAP) &&
510 IP6_EQ(&np->in_osrcmsk6, &np->in_nsrcmsk6)) {
516 ~np->in_osrcmsk6.i6[0];
518 ~np->in_osrcmsk6.i6[1];
520 ~np->in_osrcmsk6.i6[0];
522 ~np->in_osrcmsk6.i6[3];
523 in = np->in_nsrcip6;
524 IP6_MERGE(&in, &temp, &np->in_osrc);
527 } else if (np->in_redir & NAT_MAPBLK) {
528 if ((l >= np->in_ppip) || ((l > 0) &&
536 IP6_MASK(&in, &fin->fin_src6, &np->in_osrcmsk6);
539 in.s_addr /= np->in_ippip;
540 in.s_addr &= ntohl(~np->in_nsrcmsk6);
541 in.s_addr += ntohl(np->in_nsrcaddr6);
546 (np->in_ppip != 0)) {
548 port %= np->in_ppip;
549 port += np->in_ppip *
550 (inb.s_addr % np->in_ippip);
556 } else if (IP6_ISZERO(&np->in_nsrcaddr) &&
557 IP6_ISONES(&np->in_nsrcmsk)) {
569 } else if (IP6_ISZERO(&np->in_nsrcip6) &&
570 IP6_ISZERO(&np->in_nsrcmsk6)) {
580 } else if (!IP6_ISONES(&np->in_nsrcmsk6) &&
581 (np->in_spnext == 0) && ((l > 0) || (hm == NULL))) {
582 IP6_INC(&np->in_snip6);
588 ((np->in_redir & NAT_MAPBLK) == 0) &&
589 (np->in_flags & IPN_AUTOPORTMAP)) {
594 if ((l > 0) && (l % np->in_ppip == 0)) {
595 if ((l > np->in_ppip) &&
596 !IP6_ISONES(&np->in_nsrcmsk)) {
597 IP6_INC(&np->in_snip6)
600 if (np->in_ppip != 0) {
602 port += (l % np->in_ppip);
603 port %= np->in_ppip;
604 port += np->in_ppip *
606 np->in_ippip);
612 } else if (((np->in_redir & NAT_MAPBLK) == 0) &&
613 (flags & IPN_TCPUDPICMP) && (np->in_spnext != 0)) {
617 if (np->in_flags & IPN_SEQUENTIAL) {
618 port = np->in_spnext;
620 port = ipf_random() % (np->in_spmax -
621 np->in_spmin + 1);
622 port += np->in_spmin;
625 np->in_spnext++;
627 if (np->in_spnext > np->in_spmax) {
628 np->in_spnext = np->in_spmin;
629 if (!IP6_ISONES(&np->in_nsrcmsk6)) {
630 IP6_INC(&np->in_snip6);
635 if (np->in_flags & IPN_SIPRANGE) {
636 if (IP6_GT(&np->in_snip, &np->in_nsrcmsk))
637 np->in_snip6 = np->in_nsrcip6;
641 a1 = np->in_snip6;
643 IP6_AND(&a1, &np->in_nsrcmsk6, &a2);
645 if (!IP6_ISONES(&np->in_nsrcmsk6) &&
646 IP6_GT(&a2, &np->in_nsrcip6)) {
647 IP6_ADD(&np->in_nsrcip6, 1, &np->in_snip6);
679 (np->in_spnext != 0) && (st_port == np->in_spnext) &&
680 (!IP6_ISZERO(&np->in_snip6) &&
681 IP6_EQ(&st_ip, &np->in_snip6))) {
694 nat->nat_hm = ipf_nat6_hostmap(softn, np, &fin->fin_src6,
735 ipnat_t *np;
745 np = ni->nai_np;
766 if (((np->in_flags & (IPN_ROUNDR|IPN_SPLIT)) != 0) &&
767 ((np->in_flags & IPN_STICKY) != 0)) {
772 np = hm->hm_ipnat;
773 ni->nai_np = np;
784 if (np->in_flags & IPN_SPLIT) {
785 in = np->in_dnip6;
787 if ((np->in_flags & (IPN_ROUNDR|IPN_STICKY)) == IPN_STICKY) {
798 if (IP6_EQ(&np->in_ndstip6, &in)) {
799 np->in_dnip6 = np->in_ndstmsk6;
802 np->in_dnip6 = np->in_ndstip6;
806 } else if (IP6_ISZERO(&np->in_ndstaddr) &&
807 IP6_ISONES(&np->in_ndstmsk)) {
817 } else if (IP6_ISZERO(&np->in_ndstip6) &&
818 IP6_ISZERO(&np->in_ndstmsk6)) {
824 } else if (np->in_redir == NAT_BIMAP &&
825 IP6_EQ(&np->in_ndstmsk6, &np->in_odstmsk6)) {
830 temp.i6[0] = fin->fin_dst6.i6[0] & ~np->in_osrcmsk6.i6[0];
831 temp.i6[1] = fin->fin_dst6.i6[1] & ~np->in_osrcmsk6.i6[1];
832 temp.i6[2] = fin->fin_dst6.i6[2] & ~np->in_osrcmsk6.i6[0];
833 temp.i6[3] = fin->fin_dst6.i6[3] & ~np->in_osrcmsk6.i6[3];
834 in = np->in_ndstip6;
835 IP6_MERGE(&in, &temp, &np->in_ndstmsk6);
837 in = np->in_ndstip6;
840 if ((np->in_dpnext == 0) || ((flags & NAT_NOTRULEPORT) != 0))
847 if (((np->in_flags & IPN_FIXEDDPORT) == 0) &&
848 (np->in_odport != np->in_dtop)) {
849 nport = ntohs(dport) - np->in_odport + np->in_dpmax;
852 nport = htons(np->in_dpnext);
853 np->in_dpnext++;
854 if (np->in_dpnext > np->in_dpmax)
855 np->in_dpnext = np->in_dpmin;
895 if ((nat->nat_hm == NULL) && ((np->in_flags & IPN_STICKY) != 0))
896 nat->nat_hm = ipf_nat6_hostmap(softn, np, &fin->fin_src6,
920 /* np(I) - pointer to NAT rule */
938 ipf_nat6_add(fr_info_t *fin, ipnat_t *np, nat_t **natsave, u_int flags,
966 nflags = np->in_flags & flags;
969 ni.nai_np = np;
1012 nat->nat_redir = np->in_redir;
1021 if (np->in_redir & NAT_DIVERTUDP) {
1024 } else if (np->in_redir & NAT_REWRITE) {
1061 np = ni.nai_np;
1063 nat->nat_mssclamp = np->in_mssclamp;
1067 nat->nat_ptr = np;
1068 nat->nat_dlocal = np->in_dlocal;
1070 if ((np->in_apr != NULL) && ((nat->nat_flags & NAT_SLAVE) == 0)) {
1077 nat->nat_ifps[0] = np->in_ifps[0];
1078 if (np->in_ifps[0] != NULL) {
1079 COPYIFNAME(np->in_v[0], np->in_ifps[0], nat->nat_ifnames[0]);
1082 nat->nat_ifps[1] = np->in_ifps[1];
1083 if (np->in_ifps[1] != NULL) {
1084 COPYIFNAME(np->in_v[1], np->in_ifps[1], nat->nat_ifnames[1]);
1091 np->in_use++;
1093 if ((move == 1) && (np->in_flags & IPN_ROUNDR)) {
1094 if ((np->in_redir & (NAT_REDIRECT|NAT_MAP)) == NAT_REDIRECT) {
1095 ipf_nat6_delrdr(softn, np);
1096 ipf_nat6_addrdr(softn, np);
1097 } else if ((np->in_redir & (NAT_REDIRECT|NAT_MAP)) == NAT_MAP) {
1098 ipf_nat6_delmap(softn, np);
1099 ipf_nat6_addmap(softn, np);
1115 if (nat != NULL && np != NULL)
1116 np->in_hits++;
2401 /* np(I) - pointer to description of packet to find NAT */
2417 ipf_nat6_lookupredir(ipf_main_softc_t *softc, natlookup_t *np)
2424 if (np->nl_flags & IPN_IN) {
2425 fi.fin_data[0] = ntohs(np->nl_realport);
2426 fi.fin_data[1] = ntohs(np->nl_outport);
2428 fi.fin_data[0] = ntohs(np->nl_inport);
2429 fi.fin_data[1] = ntohs(np->nl_outport);
2431 if (np->nl_flags & IPN_TCP)
2433 else if (np->nl_flags & IPN_UDP)
2435 else if (np->nl_flags & (IPN_ICMPERR|IPN_ICMPQUERY))
2443 if (np->nl_flags & IPN_IN) {
2444 if ((nat = ipf_nat6_inlookup(&fi, np->nl_flags, fi.fin_p,
2445 &np->nl_realip6,
2446 &np->nl_outip6))) {
2447 np->nl_inip6 = nat->nat_odst6.in6;
2448 np->nl_inport = nat->nat_odport;
2455 if ((nat = ipf_nat6_outlookup(&fi, np->nl_flags, fi.fin_p,
2456 &np->nl_inip6, &np->nl_outip6))) {
2458 if ((np->nl_flags & IPN_FINDFORWARD) != 0) {
2464 if (ipf_nat6_inlookup(&fin, np->nl_flags,
2469 np->nl_flags &= ~IPN_FINDFORWARD;
2473 np->nl_realip6 = nat->nat_odst6.in6;
2474 np->nl_realport = nat->nat_odport;
2486 /* np(I) - pointer to NAT rule */
2493 ipf_nat6_match(fr_info_t *fin, ipnat_t *np)
2499 switch (np->in_osrcatype)
2502 match = IP6_MASKNEQ(&fin->fin_src6, &np->in_osrcmsk6,
2503 &np->in_osrcip6);
2506 match = (*np->in_osrcfunc)(fin->fin_main_soft, np->in_osrcptr,
2510 match ^= ((np->in_flags & IPN_NOTSRC) != 0);
2515 switch (np->in_odstatype)
2518 match = IP6_MASKNEQ(&fin->fin_dst6, &np->in_odstmsk6,
2519 &np->in_odstip6);
2522 match = (*np->in_odstfunc)(fin->fin_main_soft, np->in_odstptr,
2527 match ^= ((np->in_flags & IPN_NOTDST) != 0);
2531 ft = &np->in_tuc;
2569 ipnat_t *np = NULL;
2653 for (np = softn->ipf_nat_map_rules[hv]; np; np = np->in_mnext) {
2654 if ((np->in_ifps[1] && (np->in_ifps[1] != ifp)))
2656 if (np->in_v[0] != 6)
2658 if (np->in_pr[1] && (np->in_pr[1] != fin->fin_p))
2660 if ((np->in_flags & IPN_RF) &&
2661 !(np->in_flags & nflags))
2663 if (np->in_flags & IPN_FILTER) {
2664 switch (ipf_nat6_match(fin, np))
2675 } else if (!IP6_MASKEQ(&ipa, &np->in_osrcmsk,
2676 &np->in_osrcip6))
2680 !ipf_matchtag(&np->in_tag, &fr->fr_nattag))
2684 if (np->in_plabel != -1) {
2685 if (((np->in_flags & IPN_FILTER) == 0) &&
2686 (np->in_odport != fin->fin_data[1]))
2688 if (appr_ok(fin, tcp, np) == 0)
2693 if (np->in_flags & IPN_NO) {
2694 np->in_hits++;
2699 nat = ipf_nat6_add(fin, np, NULL, nflags, NAT_OUTBOUND);
2702 np->in_hits++;
2707 if ((np == NULL) && (nmsk < softn->ipf_nat6_map_max)) {
2767 ipnat_t *np;
2773 np = nat->nat_ptr;
2775 if ((natadd != 0) && (fin->fin_flx & FI_FRAG) && (np != NULL))
2828 if (np != NULL && np->in_tag.ipt_num[0] != 0)
2829 fin->fin_nattag = &np->in_tag;
2840 m = M_DUP(np->in_divmp);
2928 if ((np != NULL) && (np->in_apr != NULL)) {
2972 ipnat_t *np;
3053 for (np = softn->ipf_nat_rdr_rules[hv]; np; np = np->in_rnext) {
3054 if (np->in_ifps[0] && (np->in_ifps[0] != ifp))
3056 if (np->in_v[0] != 6)
3058 if (np->in_pr[0] && (np->in_pr[0] != fin->fin_p))
3060 if ((np->in_flags & IPN_RF) && !(np->in_flags & nflags))
3062 if (np->in_flags & IPN_FILTER) {
3063 switch (ipf_nat6_match(fin, np))
3075 if (!IP6_MASKEQ(&ipa, &np->in_odstmsk6,
3076 &np->in_odstip6)) {
3079 if (np->in_odport &&
3080 ((np->in_dtop < dport) ||
3081 (dport < np->in_odport)))
3086 if (np->in_plabel != -1) {
3087 if (!appr_ok(fin, tcp, np)) {
3093 if (np->in_flags & IPN_NO) {
3094 np->in_hits++;
3099 nat = ipf_nat6_add(fin, np, NULL, nflags, NAT_INBOUND);
3102 np->in_hits++;
3108 if ((np == NULL) && (rmsk < softn->ipf_nat6_rdr_max)) {
3169 ipnat_t *np;
3175 np = nat->nat_ptr;
3178 if (np != NULL) {
3192 if (np->in_apr != NULL) {
3240 m = M_DUP(np->in_divmp);
3289 if (np != NULL && np->in_tag.ipt_num[0] != 0)
3290 fin->fin_nattag = &np->in_tag;
3338 if (np != NULL && np->in_tag.ipt_num[0] != 0)
3339 fin->fin_nattag = &np->in_tag;
3370 ipnat_t *np;
3377 np = nai->nai_np;
3385 /* TRACE (l, src_search, dst_search, np) */
3387 if ((src_search == 0) && (np->in_spnext == 0) &&
3388 (dst_search == 0) && (np->in_dpnext == 0)) {
3396 if (ipf_nat6_nextaddr(fin, &np->in_nsrc, &frnat.fin_src6,
3401 if (IP6_ISZERO(&np->in_nsrcip6) &&
3402 IP6_ISONES(&np->in_nsrcmsk6)) {
3404 if (np->in_stepnext == 0)
3405 np->in_stepnext = 1;
3407 } else if (IP6_ISZERO(&np->in_nsrcip6) &&
3408 IP6_ISZERO(&np->in_nsrcmsk6)) {
3410 if (np->in_stepnext == 0)
3411 np->in_stepnext = 1;
3413 } else if (IP6_ISONES(&np->in_nsrcmsk)) {
3415 if (np->in_stepnext == 0)
3416 np->in_stepnext = 1;
3418 } else if (!IP6_ISONES(&np->in_nsrcmsk6)) {
3419 if (np->in_stepnext == 0 && changed == -1) {
3420 IP6_INC(&np->in_snip);
3421 np->in_stepnext++;
3427 if (np->in_spnext != 0)
3428 frnat.fin_data[0] = np->in_spnext;
3434 np->in_stepnext = 2;
3435 } else if ((np->in_stepnext == 1) &&
3437 np->in_spnext++;
3438 np->in_stepnext++;
3440 if (np->in_spnext > np->in_spmax)
3441 np->in_spnext = np->in_spmin;
3444 np->in_stepnext = 2;
3446 np->in_stepnext &= 0x3;
3451 /* TRACE (fin, np, l, frnat) */
3453 if (ipf_nat6_nextaddr(fin, &np->in_ndst, &frnat.fin_dst6,
3457 if (IP6_ISZERO(&np->in_ndstip6) &&
3458 IP6_ISONES(&np->in_ndstmsk6)) {
3460 if (np->in_stepnext == 2)
3461 np->in_stepnext = 3;
3463 } else if (IP6_ISZERO(&np->in_ndstip6) &&
3464 IP6_ISZERO(&np->in_ndstmsk6)) {
3466 if (np->in_stepnext == 2)
3467 np->in_stepnext = 3;
3469 } else if (IP6_ISONES(&np->in_ndstmsk6)) {
3471 if (np->in_stepnext == 2)
3472 np->in_stepnext = 3;
3474 } else if (!IP6_ISONES(&np->in_ndstmsk6)) {
3475 if ((np->in_stepnext == 2) && (changed == -1) &&
3478 np->in_stepnext++;
3479 IP6_INC(&np->in_dnip6);
3484 if (np->in_dpnext != 0)
3485 frnat.fin_data[1] = np->in_dpnext;
3491 np->in_stepnext = 0;
3492 } else if (np->in_stepnext == 3 && changed == -1) {
3493 np->in_dpnext++;
3494 np->in_stepnext++;
3496 if (np->in_dpnext > np->in_dpmax)
3497 np->in_dpnext = np->in_dpmin;
3500 if (np->in_stepnext == 3)
3501 np->in_stepnext = 0;
3550 np->in_stepnext &= 0x3;
3594 ipnat_t *np;
3598 np = nai->nai_np;
3606 frnat.fin_src6 = np->in_snip6;
3607 frnat.fin_dst6 = np->in_dnip6;
3609 if (np->in_redir & NAT_DIVERTUDP) {
3610 frnat.fin_data[0] = np->in_spnext;
3611 frnat.fin_data[1] = np->in_dpnext;
3635 if (np->in_redir & NAT_DIVERTUDP) {
3642 if (np->in_redir & NAT_REDIRECT)
3654 /* Parameters: np(I) - pointer to a NAT rule */
3663 ipf_nat6_builddivertmp(ipf_nat_softc_t *softn, ipnat_t *np)
3669 if ((np->in_redir & NAT_DIVERTUDP) != 0)
3674 ALLOC_MB_T(np->in_divmp, len);
3675 if (np->in_divmp == NULL) {
3683 ip6 = MTOD(np->in_divmp, ip6_t *);
3685 if ((np->in_redir & NAT_DIVERTUDP) != 0)
3691 ip6->ip6_src = np->in_snip6.in6;
3692 ip6->ip6_dst = np->in_dnip6.in6;
3694 if (np->in_redir & NAT_DIVERTUDP) {
3698 uh->uh_sport = htons(np->in_spnext);
3699 uh->uh_dport = htons(np->in_dpnext);
Indexes created Thu Oct 23 22:10:10 GMT 2025