Lines Matching refs:np
182 npf_natpolicy_t *np;
186 np = kmem_zalloc(sizeof(npf_natpolicy_t), KM_SLEEP);
187 atomic_store_relaxed(&np->n_refcnt, 1);
188 np->n_npfctx = npf;
191 np->n_type = dnvlist_get_number(nat, "type", 0);
192 np->n_flags = dnvlist_get_number(nat, "flags", 0) & ~NPF_NAT_PRIVMASK;
193 np->n_id = dnvlist_get_number(nat, "nat-policy", 0);
196 if (((np->n_type == NPF_NATIN) ^ (np->n_type == NPF_NATOUT)) == 0) {
199 mutex_init(&np->n_lock, MUTEX_DEFAULT, IPL_SOFTNET);
200 LIST_INIT(&np->n_nat_list);
208 if (np->n_flags & NPF_NAT_STATIC) {
211 np->n_tid = nvlist_get_number(nat, "nat-table-id");
212 np->n_tmask = NPF_NO_NETMASK;
213 np->n_flags |= NPF_NAT_USETABLE;
219 memcpy(&np->n_taddr, addr, len);
220 np->n_alen = len;
221 np->n_tmask = dnvlist_get_number(nat, "nat-mask", NPF_NO_NETMASK);
222 if (npf_netmask_check(np->n_alen, np->n_tmask)) {
226 np->n_tport = dnvlist_get_number(nat, "nat-port", 0);
231 np->n_algo = dnvlist_get_number(nat, "nat-algo", 0);
232 switch (np->n_algo) {
234 np->n_npt66_adj = dnvlist_get_number(nat, "npt66-adj", 0);
241 if (np->n_tmask != NPF_NO_NETMASK) {
246 return np;
248 mutex_destroy(&np->n_lock);
249 kmem_free(np, sizeof(npf_natpolicy_t));
254 npf_natpolicy_export(const npf_natpolicy_t *np, nvlist_t *nat)
256 nvlist_add_number(nat, "nat-policy", np->n_id);
257 nvlist_add_number(nat, "type", np->n_type);
258 nvlist_add_number(nat, "flags", np->n_flags);
260 if (np->n_flags & NPF_NAT_USETABLE) {
261 nvlist_add_number(nat, "nat-table-id", np->n_tid);
263 nvlist_add_binary(nat, "nat-addr", &np->n_taddr, np->n_alen);
264 nvlist_add_number(nat, "nat-mask", np->n_tmask);
266 nvlist_add_number(nat, "nat-port", np->n_tport);
267 nvlist_add_number(nat, "nat-algo", np->n_algo);
269 switch (np->n_algo) {
271 nvlist_add_number(nat, "npt66-adj", np->n_npt66_adj);
278 npf_natpolicy_release(npf_natpolicy_t *np)
280 KASSERT(atomic_load_relaxed(&np->n_refcnt) > 0);
283 if (atomic_dec_uint_nv(&np->n_refcnt) != 0) {
287 KASSERT(LIST_EMPTY(&np->n_nat_list));
288 mutex_destroy(&np->n_lock);
289 kmem_free(np, sizeof(npf_natpolicy_t));
299 npf_natpolicy_destroy(npf_natpolicy_t *np)
305 if (atomic_load_relaxed(&np->n_refcnt) > 1) {
308 mutex_enter(&np->n_lock);
309 LIST_FOREACH(nt, &np->n_nat_list, nt_entry) {
314 mutex_exit(&np->n_lock);
315 npf_worker_signal(np->n_npfctx);
317 KASSERT(atomic_load_relaxed(&np->n_refcnt) >= 1);
325 npf_natpolicy_release(np);
329 npf_nat_freealg(npf_natpolicy_t *np, npf_alg_t *alg)
333 mutex_enter(&np->n_lock);
334 LIST_FOREACH(nt, &np->n_nat_list, nt_entry) {
336 npf_alg_destroy(np->n_npfctx, alg, nt, nt->nt_conn);
340 mutex_exit(&np->n_lock);
349 npf_natpolicy_cmp(npf_natpolicy_t *np, npf_natpolicy_t *mnp)
357 KASSERT(np && mnp && np != mnp);
358 np_raw = (const uint8_t *)np + NPF_NP_CMP_START;
364 npf_nat_setid(npf_natpolicy_t *np, uint64_t id)
366 np->n_id = id;
370 npf_nat_getid(const npf_natpolicy_t *np)
372 return np->n_id;
418 npf_natpolicy_t *np;
426 np = npf_rule_getnat(rl);
427 atomic_inc_uint(&np->n_refcnt);
429 return np;
433 npf_nat_algo_netmap(const npf_cache_t *npc, const npf_natpolicy_t *np,
443 npf_addr_mask(&np->n_taddr, np->n_tmask, npc->npc_alen, addr);
444 npf_addr_bitor(orig_addr, np->n_tmask, npc->npc_alen, addr);
448 npf_nat_getaddr(npf_cache_t *npc, npf_natpolicy_t *np, const unsigned alen)
450 npf_tableset_t *ts = npf_config_tableset(np->n_npfctx);
451 npf_table_t *t = npf_tableset_getbyid(ts, np->n_tid);
457 switch (np->n_algo) {
459 idx = atomic_inc_uint_nv(&np->n_rr_idx);
477 npf_nat_create(npf_cache_t *npc, npf_natpolicy_t *np, npf_conn_t *con)
495 nt->nt_natpolicy = np;
512 if (np->n_flags & NPF_NAT_USETABLE) {
514 taddr = npf_nat_getaddr(npc, np, alen);
523 } else if (np->n_algo == NPF_ALGO_NETMAP) {
524 const unsigned which = npf_nat_which(np->n_type, NPF_FLOW_FORW);
525 npf_nat_algo_netmap(npc, np, which, &nt->nt_taddr);
529 taddr = &np->n_taddr;
535 if (np->n_type == NPF_NATOUT) {
540 KASSERT(np->n_type == NPF_NATIN);
547 if ((np->n_flags & NPF_NAT_PORTS) == 0 ||
557 nt->nt_oport = (np->n_type == NPF_NATOUT) ?
561 nt->nt_oport = (np->n_type == NPF_NATOUT) ?
566 if ((np->n_flags & NPF_NAT_PORTMAP) != 0) {
567 npf_portmap_t *pm = np->n_npfctx->portmap;
570 nt->nt_tport = np->n_tport;
573 mutex_enter(&np->n_lock);
574 LIST_INSERT_HEAD(&np->n_nat_list, nt, nt_entry);
576 mutex_exit(&np->n_lock);
586 const npf_natpolicy_t *np = nt->nt_natpolicy;
587 const unsigned which = npf_nat_which(np->n_type, flow);
603 KASSERT((np
621 npf_snat_translate(npf_cache_t *npc, const npf_natpolicy_t *np, npf_flow_t flow)
623 const unsigned which = npf_nat_which(np->n_type, flow);
627 KASSERT(np->n_flags & NPF_NAT_STATIC);
629 switch (np->n_algo) {
631 npf_nat_algo_netmap(npc, np, which, &addr);
635 return npf_npt66_rwr(npc, which, &np->n_taddr,
636 np->n_tmask, np->n_npt66_adj);
638 taddr = &np->n_taddr;
641 return npf_napt_rwr(npc, which, taddr, np->n_tport);
650 npf_natpolicy_t *np = src_nt->nt_natpolicy;
655 nt = npf_nat_create(npc, np, con);
659 atomic_inc_uint(&np->n_refcnt);
662 ret = npf_conn_setnat(npc, con, nt, np->n_type);
682 const npf_natpolicy_t *np;
692 np = nt->nt_natpolicy;
693 KASSERT(atomic_load_relaxed(&np->n_refcnt) > 0);
699 *flow = (np->n_type == di) ? NPF_FLOW_FORW : NPF_FLOW_BACK;
720 npf_natpolicy_t *np;
737 np = nt->nt_natpolicy;
745 np = npf_nat_inspect(npc, di);
746 if (np == NULL) {
753 if (np->n_flags & NPF_NAT_STATIC) {
757 error = npf_snat_translate(npc, np, flow);
758 npf_natpolicy_release(np);
771 npf_natpolicy_release(np);
781 nt = npf_nat_create(npc, np, con);
783 npf_natpolicy_release(np);
794 error = npf_conn_setnat(npc, con, nt, np->n_type);
868 npf_natpolicy_t *np = nt->nt_natpolicy;
869 npf_t *npf = np->n_npfctx;
879 if ((np->n_flags & NPF_NAT_PORTMAP) != 0 && nt->nt_tport) {
883 npf_stats_inc(np->n_npfctx, NPF_STAT_NAT_DESTROY);
889 mutex_enter(&np->n_lock);
891 mutex_exit(&np->n_lock);
892 npf_natpolicy_release(np);
903 npf_natpolicy_t *np = nt->nt_natpolicy;
921 nvlist_add_number(nat_nv, "nat-policy", np->n_id);
932 npf_natpolicy_t *np;
940 if ((np = npf_ruleset_findnat(natlist, np_id)) == NULL) {
972 if ((np->n_flags & NPF_NAT_PORTMAP) != 0 && nt->nt_tport) {
986 nt->nt_natpolicy = np;
988 atomic_store_relaxed(&np->n_refcnt,
989 atomic_load_relaxed(&np->n_refcnt) + 1);
990 LIST_INSERT_HEAD(&np->n_nat_list, nt, nt_entry);
1002 const npf_natpolicy_t *np;
1005 np = nt->nt_natpolicy;
1007 printf("\tNATP(%p): type %u flags 0x%x taddr %s tport %d\n", np,
1008 np->n_type, np->n_flags, inet_ntoa(ip), ntohs(np->n_tport));
Indexes created Wed Oct 22 06:10:02 GMT 2025