aboutsummaryrefslogtreecommitdiffstats
path: root/sys/netinet/ip_nat.c
diff options
context:
space:
mode:
authorPeter Wemm <peter@FreeBSD.org>1998-03-21 10:11:54 +0000
committerPeter Wemm <peter@FreeBSD.org>1998-03-21 10:11:54 +0000
commit27064bb1595ba86624494176675c7c36450d121f (patch)
tree456b6f9d1dc026b74410390d2d40f4e7a007558f /sys/netinet/ip_nat.c
parent52aef1787c0595837b11765452444e18c4687baa (diff)
downloadsrc-27064bb1595ba86624494176675c7c36450d121f.tar.gz
src-27064bb1595ba86624494176675c7c36450d121f.zip
Import kernel parts of ipfilter v3.2.3
Notes
Notes: svn path=/vendor-sys/ipfilter/dist-old/; revision=34742
Diffstat (limited to 'sys/netinet/ip_nat.c')
-rw-r--r--sys/netinet/ip_nat.c29
1 files changed, 19 insertions, 10 deletions
diff --git a/sys/netinet/ip_nat.c b/sys/netinet/ip_nat.c
index e1774b34bb05..0b6c07fc9b4f 100644
--- a/sys/netinet/ip_nat.c
+++ b/sys/netinet/ip_nat.c
@@ -9,7 +9,7 @@
*/
#if !defined(lint)
static const char sccsid[] = "@(#)ip_nat.c 1.11 6/5/96 (C) 1995 Darren Reed";
-static const char rcsid[] = "@(#)$Id: ip_nat.c,v 2.0.2.44.2.3 1997/11/12 10:53:29 darrenr Exp $";
+static const char rcsid[] = "@(#)$Id: ip_nat.c,v 2.0.2.44.2.7 1997/12/02 13:54:27 darrenr Exp $";
#endif
#if defined(__FreeBSD__) && defined(KERNEL) && !defined(_KERNEL)
@@ -317,6 +317,7 @@ int mode;
break;
}
ret = nat_flushtable();
+ (void) ap_unload();
IWCOPY((caddr_t)&ret, data, sizeof(ret));
break;
case SIOCCNATL :
@@ -513,18 +514,14 @@ struct in_addr *inp;
/*
* Create a new NAT table entry.
*/
-#ifdef __STDC__
-nat_t *nat_new(ipnat_t *np, ip_t *ip, fr_info_t *fin, u_short flags, int direction)
-#else
nat_t *nat_new(np, ip, fin, flags, direction)
ipnat_t *np;
ip_t *ip;
fr_info_t *fin;
u_short flags;
int direction;
-#endif
{
- register u_long sum1, sum2, sumd;
+ register u_long sum1, sum2, sumd, l;
u_short port = 0, sport = 0, dport = 0, nport = 0;
struct in_addr in;
tcphdr_t *tcp = NULL;
@@ -554,13 +551,22 @@ int direction;
* If it's an outbound packet which doesn't match any existing
* record, then create a new port
*/
+ l = 0;
do {
+ l++;
port = 0;
in.s_addr = np->in_nip;
if (!in.s_addr && (np->in_outmsk == 0xffffffff)) {
- if (nat_ifpaddr(nat, fin->fin_ifp, &in) == -1)
+ if ((l > 1) ||
+ nat_ifpaddr(nat, fin->fin_ifp, &in) == -1) {
+ KFREE(nat);
return NULL;
+ }
} else if (!in.s_addr && !np->in_outmsk) {
+ if (l > 1) {
+ KFREE(nat);
+ return NULL;
+ }
in.s_addr = ntohl(ip->ip_src.s_addr);
if (nflags & IPN_TCPUDP)
port = sport;
@@ -609,7 +615,7 @@ int direction;
* internal port.
*/
in.s_addr = ntohl(np->in_inip);
- if (!(nport = htons(np->in_pnext)))
+ if (!(nport = np->in_pnext))
nport = dport;
nat->nat_inip.s_addr = htonl(in.s_addr);
@@ -1083,7 +1089,7 @@ fr_info_t *fin;
(void) ap_check(ip, tcp, fin, nat);
nat_stats.ns_mapped[1]++;
MUTEX_EXIT(&ipf_nat);
- return 1;
+ return -2;
}
MUTEX_EXIT(&ipf_nat);
return 0;
@@ -1212,7 +1218,7 @@ fr_info_t *fin;
}
nat_stats.ns_mapped[0]++;
MUTEX_EXIT(&ipf_nat);
- return 1;
+ return -2;
}
MUTEX_EXIT(&ipf_nat);
return 0;
@@ -1257,6 +1263,9 @@ void ip_natexpire()
nat_delete(nat);
nat_stats.ns_expire++;
}
+
+ ap_expire();
+
MUTEX_EXIT(&ipf_nat);
SPL_X(s);
}