diff options
author | sos <sos@FreeBSD.org> | 1996-08-21 21:37:07 +0000 |
---|---|---|
committer | sos <sos@FreeBSD.org> | 1996-08-21 21:37:07 +0000 |
commit | 6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3 (patch) | |
tree | 1a5729bda0705ded4c0ab671ff54ccd91014adb1 /sys/netinet/ip_input.c | |
parent | 4eedb7433af834c9187bfa17388837c82bd98be1 (diff) | |
download | FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.zip FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.tar.gz |
Add hooks for an IP NAT module, much like the firewall stuff...
Move the sockopt definitions for the firewall code from
ip_fw.h to in.h where it belongs.
Diffstat (limited to 'sys/netinet/ip_input.c')
-rw-r--r-- | sys/netinet/ip_input.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 2a17342..375a0f4 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 - * $Id: ip_input.c,v 1.44 1996/06/12 19:34:33 gpalmer Exp $ + * $Id: ip_input.c,v 1.45 1996/07/10 19:44:25 julian Exp $ */ #include "opt_ipfw.h" @@ -114,6 +114,10 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW, ip_fw_chk_t *ip_fw_chk_ptr; ip_fw_ctl_t *ip_fw_ctl_ptr; +/* IP Network Address Translation (NAT) hooks */ +ip_nat_t *ip_nat_ptr; +ip_nat_ctl_t *ip_nat_ctl_ptr; + /* * We need to save the IP options in case a protocol wants to respond * to an incoming packet over the same route if the packet got here @@ -175,6 +179,10 @@ ip_init() #ifdef IPFIREWALL ip_fw_init(); #endif +#ifdef IPNAT + ip_nat_init(); +#endif + } static struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; @@ -265,6 +273,7 @@ ip_input(struct mbuf *m) * and it is still fresh out of network we do our black * deals with it. * - Firewall: deny/allow/divert + * - Xlate: translate packet's addr/port (NAT). * - Wrap: fake packet's addr/port <unimpl.> * - Encapsulate: put it in another IP and send out. <unimp.> */ @@ -290,6 +299,9 @@ ip_input(struct mbuf *m) } } + if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, IP_NAT_IN)) + return; + /* * Process options and, if not destined for us, * ship it on. ip_dooptions returns 1 when an |