Date: Mon, 04 Aug 2025 10:58:36 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 288654] netgraph ng_nat: add command to set port range mask Message-ID: <bug-288654-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288654 Bug ID: 288654 Summary: netgraph ng_nat: add command to set port range mask Product: Base System Version: Unspecified Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: tatsuki_makino@hotmail.com Created attachment 262698 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=262698&action=edit experimental patch for operation confirmation To make this patch work, the libalias patch in attachment 262482 of bug 288380 is required. In order to unleash the performance of this patch, the portrange patch in attachment 262634 of bug 288606 is required. This patch should still apply correctly even after the application of those patches. Of course, this patch was made for the Mapping of Address and Port with Encapsulation (MAP-E, RFC 7597) :) By setting it up as described below, it should already be in a state where the desired operation is achieved. In this patch, the syntax for portrangemask is the same as that presented in bug 288380 comment #2. It will be necessary to redefine the specifications and remake it :) (If pf needs to be set to map-e-portset 4/8/20 ...) ifconfig gif0 create ifconfig gif0 inet6 tunnel 2001:db8:1:100:c0:2:100:100 2001:db8:ffff::1 ifconfig ${wan_if} inet6 2001:db8:1:100:c0:2:100:100 prefixlen 128 alias kldload ng_gif ngctl mkpeer gif0: gif_demux lower gif ngctl name gif0:lower gif0_demux ngctl mkpeer gif0_demux: nat inet in ngctl name gif0_demux:inet nat_map_e ngctl msg nat_map_e: setaliasaddr 192.0.2.1 ngctl msg nat_map_e: setmode "{flags=0x00 mask=0x04}" ngctl msg nat_map_e: portrange "{alias_port_lo=4096 alias_port_hi=65535}" ngctl msg nat_map_e: portrangemask \""0xf00f^0x0140"\" ngctl mkpeer nat_map_e: iface out inet ng_if=$(ngctl msg nat_map_e:out getifname | sed -ne '/^Args:/{s/^.*"\([^"]*\)".*$/\1/;p;};') # ng_if is an interface name like ng0. ifconfig ${ng_if} inet 192.0.2.1 127.0.2.1 netmask 255.255.255.255 alias route -n add -inet default -iface ${ng_if} These commands can also be automated in the script file /etc/{start,stop}_if.gif0, maybe :) -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-288654-227>