Manual page for ng_nat node.

1 files changed, 118 insertions, 0 deletions

diff --git a/share/man/man4/ng_nat.4 b/share/man/man4/ng_nat.4
new file mode 100644
index 0000000..73b7827
--- /dev/null
+++ b/share/man/man4/ng_nat.4
@@ -0,0 +1,118 @@
+.\" Copyright (c) 2005 Gleb Smirnoff <glebius@FreeBSD.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd May 6, 2005
+.Dt NG_NAT 4
+.Os
+.Sh NAME
+.Nm ng_nat
+.Nd NAT netgraph node type
+.Sh SYNOPSIS
+.In netgraph/ng_nat.h
+.Sh DESCRIPTION
+An
+.Nm
+node performs network address translation (NAT) of packets
+passing through it.
+An
+.Nm
+node uses
+.Xr libalias 3
+engine for packet aliasing.
+At this moment it supports the basic functionality of the library.
+.Sh HOOKS
+This node type has two hooks:
+.Pp
+.Bl -tag -width foobar
+.It Dv out
+Packets received on this hook are considered outgoing and would be
+masqueraded to configured address.
+.It Dv in
+Packets coming on this hook are considered incoming and would be
+dealiased.
+.El
+.Sh CONTROL MESSAGES
+This node type supports the generic control messages, plus the following:
+.Bl -tag -width foo
+.It Dv NGM_NAT_SET_IPADDR Pq Li setaliasaddr
+Configure aliasing address for node.
+After both hooks are connected and aliasing address configured,
+node is ready for aliasing operation.
+.El
+.Sh SHUTDOWN
+This node shuts down upon receipt of a
+.Dv NGM_SHUTDOWN
+control message, or when both hooks are disconnected.
+.Sh EXAMPLES
+In the following example packets are injected into
+.Nm
+node with help of
+.Xr ng_ipfw 4
+node.
+.Bd -literal -offset indent
+# Create NAT node
+ngctl mkpeer ipfw: nat 60 out
+ngctl name ipfw:60 nat
+ngctl connect ipfw: nat: 61 in
+ngctl msg nat: setaliasaddr x.y.35.8
+
+# Divert traffic into NAT node
+ipfw add 300 netgraph 61 all from any to any in via fxp0
+ipfw add 400 netgraph 60 all from any to any out via fxp0
+
+# Let packets continue with after being (de)aliased
+sysctl net.inet.ip.fw.one_pass=0
+.Ed
+.Pp
+.Nm
+node can simply be inserted right after
+.Xr ng_iface
+node.
+In the following example we perform masquerading on a
+serial line with HDLC encapsulation.
+.Bd -literal -offset indent
+/usr/sbin/ngctl -f- <<-SEQ
+	mkpeer cp0: cisco rawdata downstream
+	name cp0:rawdata hdlc
+	mkpeer hdlc: nat inet in
+	name hdlc:inet nat
+	mkpeer nat: iface out inet
+	msg nat: setaliasaddr x.y.8.35
+SEQ
+ifconfig ng0 x.y.8.35 x.y.8.1
+.Ed
+.Sh SEE ALSO
+.Xr libalias 3 ,
+.Xr natd 8 ,
+.Xr ng_ipfw 4 ,
+.Xr ngctl 8
+.Sh HISTORY
+The
+.Nm
+node type was implemented in
+.Fx 6.0 .
+.Sh AUTHORS
+.An Gleb Smirnoff Aq glebius@FreeBSD.org