Home
last modified time | relevance | path

Searched full:nat (Results 1 – 25 of 164) sorted by relevance

1234567

/Linux-v5.10/tools/testing/selftests/tc-testing/tc-tests/actions/
Dnat.json4 "name": "Add nat action on ingress with default control action",
7 "nat"
11 "$TC actions flush action nat",
17 "cmdUnderTest": "$TC actions add action nat ingress 192.168.1.1 200.200.200.1",
19 "verifyCmd": "$TC actions ls action nat",
20 "matchPattern": "action order [0-9]+: nat ingress 192.168.1.1/32 200.200.200.1 pass",
23 "$TC actions flush action nat"
28 "name": "Add nat action on ingress with pipe control action",
31 "nat"
35 "$TC actions flush action nat",
[all …]
Dct.json172 "name": "Try ct with zone, commit, mark, nat",
185 …"cmdUnderTest": "$TC actions add action ct zone 404 commit mark 0x42 nat src addr 5.5.5.7 index 42…
188 …"matchPattern": "action order [0-9]*: ct commit mark 66 zone 404 nat src addr 5.5.5.7 pipe.*index …
196 "name": "Try ct with full nat ipv4 range syntax",
209 …"cmdUnderTest": "$TC actions add action ct commit nat src addr 5.5.5.7-5.5.6.0 port 1000-2000 inde…
212 …"matchPattern": "action order [0-9]*: ct commit zone 0 nat src addr 5.5.5.7-5.5.6.0 port 1000-2000…
220 "name": "Try ct with full nat ipv6 syntax",
233 … "cmdUnderTest": "$TC actions add action ct commit nat src addr 2001::1 port 1000-2000 index 44",
236 …"matchPattern": "action order [0-9]*: ct commit zone 0 nat src addr 2001::1 port 1000-2000 pipe.*i…
244 "name": "Try ct with full nat ipv6 range syntax",
[all …]
/Linux-v5.10/net/ipv4/netfilter/
Dnf_nat_pptp.c5 * NAT support for PPTP (Point to Point Tunneling Protocol).
19 * TODO: - NAT to a unique tuple, not to TCP source port
40 MODULE_DESCRIPTION("Netfilter NAT helper module for PPTP");
53 struct nf_conn_nat *nat; in pptp_nat_expected() local
55 nat = nf_ct_nat_ext_add(ct); in pptp_nat_expected()
56 if (WARN_ON_ONCE(!nat)) in pptp_nat_expected()
59 nat_pptp_info = &nat->help.nat_pptp_info; in pptp_nat_expected()
129 struct nf_conn_nat *nat = nfct_nat(ct); in pptp_outbound_pkt() local
135 if (WARN_ON_ONCE(!nat)) in pptp_outbound_pkt()
138 nat_pptp_info = &nat->help.nat_pptp_info; in pptp_outbound_pkt()
[all …]
DKconfig100 SNMP payloads. In conjunction with NAT, it allows a network
103 inside SNMP payloads to match IP-layer NAT mapping.
122 tristate "IP tables support (required for filtering/masq/NAT)"
127 The packet filtering and full NAT (masquerading, port forwarding,
210 # NAT + specific targets: nf_conntrack
212 tristate "iptables NAT support"
218 This enables the `nat' table in iptables. This allows masquerading,
/Linux-v5.10/fs/f2fs/
Dnode.h11 /* node block offset on the NAT area dedicated to the given start node id */
34 /* vector size for gang look-up from nat cache that consists of radix tree */
46 IS_DIRTY, /* this nat entry is dirty? */
47 IS_PREALLOC, /* nat entry is preallocated */
62 struct list_head list; /* for clean or dirty nat list */
66 #define nat_get_nid(nat) ((nat)->ni.nid) argument
67 #define nat_set_nid(nat, n) ((nat)->ni.nid = (n)) argument
68 #define nat_get_blkaddr(nat) ((nat)->ni.blk_addr) argument
69 #define nat_set_blkaddr(nat, b) ((nat)->ni.blk_addr = (b)) argument
70 #define nat_get_ino(nat) ((nat)->ni.ino) argument
[all …]
/Linux-v5.10/net/openvswitch/
Dconntrack.c51 OVS_CT_NAT = 1 << 0, /* NAT for committed connections only. */
52 OVS_CT_SRC_NAT = 1 << 1, /* Source NAT for NEW connections. */
53 OVS_CT_DST_NAT = 1 << 2, /* Destination NAT for NEW connections. */
62 u8 nat : 3; /* enum ovs_ct_nat */ member
72 struct nf_nat_range2 range; /* Only present for SRC NAT and DST NAT. */
230 * 'keep_nat_flags' is true, the existing NAT flags retained, else they are
483 * FTP with NAT) adusting the TCP payload size when mangling IP in ovs_ct_helper()
621 /* Must invert the tuple if skb has been transformed by NAT. */ in ovs_ct_find_existing()
734 * range is only used for new, uninitialized NAT state.
749 hooknum = NF_INET_LOCAL_IN; /* Source NAT */ in ovs_ct_nat_execute()
[all …]
/Linux-v5.10/net/netfilter/
Dnf_nat_masquerade.c21 struct nf_conn_nat *nat; in nf_nat_masquerade_ipv4() local
48 nat = nf_ct_nat_ext_add(ct); in nf_nat_masquerade_ipv4()
49 if (nat) in nf_nat_masquerade_ipv4()
50 nat->masq_index = out->ifindex; in nf_nat_masquerade_ipv4()
68 const struct nf_conn_nat *nat = nfct_nat(i); in device_cmp() local
70 if (!nat) in device_cmp()
72 return nat->masq_index == (int)(long)ifindex; in device_cmp()
163 struct nf_conn_nat *nat; in nf_nat_masquerade_ipv6() local
176 nat = nf_ct_nat_ext_add(ct); in nf_nat_masquerade_ipv6()
177 if (nat) in nf_nat_masquerade_ipv6()
[all …]
Dnft_chain_nat.c37 .name = "nat",
58 .name = "nat",
89 .name = "nat",
141 MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat");
144 MODULE_ALIAS_NFT_CHAIN(AF_INET6, "nat");
147 MODULE_ALIAS_NFT_CHAIN(1, "nat"); /* NFPROTO_INET */
Dnf_conntrack_helper.c153 struct nf_conntrack_nat_helper *nat; in nf_nat_helper_try_module_get() local
164 nat = nf_conntrack_nat_helper_find(h->nat_mod_name); in nf_nat_helper_try_module_get()
165 if (!nat) { in nf_nat_helper_try_module_get()
171 nat = nf_conntrack_nat_helper_find(mod_name); in nf_nat_helper_try_module_get()
172 if (!nat) { in nf_nat_helper_try_module_get()
178 if (!try_module_get(nat->module)) in nf_nat_helper_try_module_get()
188 struct nf_conntrack_nat_helper *nat; in nf_nat_helper_put() local
190 nat = nf_conntrack_nat_helper_find(helper->nat_mod_name); in nf_nat_helper_put()
191 if (WARN_ON_ONCE(!nat)) in nf_nat_helper_put()
194 module_put(nat->module); in nf_nat_helper_put()
[all …]
Dxt_nat.c159 .table = "nat",
172 .table = "nat",
184 .table = "nat",
196 .table = "nat",
208 .table = "nat",
220 .table = "nat",
Dnf_nat_core.c209 * incoming ones. NAT means they don't have a fixed mapping, in nf_nat_used_tuple()
539 * This is only required for source (ie. NAT/masq) mappings. in get_unique_tuple()
588 struct nf_conn_nat *nat = nfct_nat(ct); in nf_ct_nat_ext_add() local
589 if (nat) in nf_ct_nat_ext_add()
590 return nat; in nf_ct_nat_ext_add()
593 nat = nf_ct_ext_add(ct, NF_CT_EXT_NAT, GFP_ATOMIC); in nf_ct_nat_ext_add()
595 return nat; in nf_ct_nat_ext_add()
607 /* Can't setup nat info for confirmed ct. */ in nf_nat_setup_info()
728 struct nf_conn_nat *nat; in nf_nat_inet_fn() local
735 * packet filter it out, or implement conntrack/NAT for that in nf_nat_inet_fn()
[all …]
/Linux-v5.10/include/net/netfilter/
Dnf_nat.h22 /* per conntrack: nat application helper private data */
24 /* insert nat helper private data here */
59 struct nf_conn_nat *nat, in nf_nat_oif_changed() argument
63 return nat && nat->masq_index && hooknum == NF_INET_POST_ROUTING && in nf_nat_oif_changed()
65 nat->masq_index != out->ifindex; in nf_nat_oif_changed()
/Linux-v5.10/tools/testing/selftests/netfilter/
Dnft_nat.sh3 # This test is for basic NAT functionality: snat, dnat, redirect, masquerade.
185 table $family nat {
187 type nat hook output priority 0; policy accept;
244 ip netns exec "$ns0" nft flush chain ip6 nat output
260 table $family nat {
262 type nat hook output priority 0; policy accept;
269 echo "SKIP: inet nat tests"
325 ip netns exec "$ns0" nft flush chain $family nat output
372 test $lret -eq 0 && echo "PASS: ping to $ns1 OK after $family nat output chain flush"
412 table $family nat {
[all …]
Dconntrack_icmp_related.sh15 # nat of "established" icmp-echo "connection".
185 # make sure NAT core rewrites adress of icmp error if nat is used according to
186 # conntrack nat information (icmp error will be directed at nsrouter1 address,
189 table ip nat {
191 type nat hook postrouting priority 0; policy accept;
195 table ip6 nat {
197 type nat hook postrouting priority 0; policy accept;
Dnft_flowtable.sh332 # Same, but with NAT enabled.
334 table ip nat {
336 type nat hook prerouting priority 0; policy accept;
341 type nat hook postrouting priority 0; policy accept;
348 echo "PASS: flow offloaded for ns1/ns2 with NAT"
350 echo "FAIL: flow offload for ns1/ns2 with NAT" 1>&2
368 echo "PASS: flow offloaded for ns1/ns2 with NAT and pmtu discovery"
370 echo "FAIL: flow offload for ns1/ns2 with NAT and pmtu discovery" 1>&2
406 ip netns exec nsr1 nft delete table ip nat
/Linux-v5.10/arch/ia64/kernel/
Dunwind_i.h119 UNW_NAT_NONE, /* NaT not represented */
120 UNW_NAT_VAL, /* NaT represented by NaT value (fp reg) */
121 UNW_NAT_MEMSTK, /* NaT value is in unat word at offset OFF */
122 UNW_NAT_REGSTK /* NaT is in rnat */
132 UNW_INSN_SETNAT_MEMSTK, /* s[dst+1].nat.type = MEMSTK;
133 s[dst+1].nat.off = *s.pri_unat - s[dst] */
134 UNW_INSN_SETNAT_TYPE, /* s[dst+1].nat.type = val */
Dunaligned.c119 * ld8.fill, st8.fill must be aligned because the Nat register are based on
308 set_rse_reg (struct pt_regs *regs, unsigned long r1, unsigned long val, int nat) in set_rse_reg() argument
342 if (nat) in set_rse_reg()
366 DPRINT("rnat @%p = 0x%lx nat=%d old nat=%ld\n", in set_rse_reg()
367 (void *) rnat_addr, rnats, nat, (rnats >> ia64_rse_slot_num(addr)) & 1); in set_rse_reg()
370 if (nat) in set_rse_reg()
381 get_rse_reg (struct pt_regs *regs, unsigned long r1, unsigned long *val, int *nat) in get_rse_reg() argument
410 if (nat) { in get_rse_reg()
415 *nat = (*rnat_addr & nat_mask) != 0; in get_rse_reg()
434 if (nat) { in get_rse_reg()
[all …]
Dptrace.c69 * Collect the NaT bits for r1-r31 from scratch_unat and return a NaT
70 * bitset where bit i is set iff the NaT bit of register i is set.
107 * Set the NaT bits for the scratch registers according to NAT and
112 ia64_put_scratch_nat_bits (struct pt_regs *pt, unsigned long nat) in ia64_put_scratch_nat_bits() argument
114 # define PUT_BITS(first, last, nat) \ in ia64_put_scratch_nat_bits() argument
124 ia64_rotl(nat & mask, dist); \ in ia64_put_scratch_nat_bits()
133 scratch_unat = PUT_BITS( 1, 1, nat); in ia64_put_scratch_nat_bits()
134 scratch_unat |= PUT_BITS( 2, 3, nat); in ia64_put_scratch_nat_bits()
135 scratch_unat |= PUT_BITS(12, 13, nat); in ia64_put_scratch_nat_bits()
136 scratch_unat |= PUT_BITS(14, 14, nat); in ia64_put_scratch_nat_bits()
[all …]
Dmca.c858 u64 fslot, tslot, nat; in copy_reg() local
863 nat = (fnat >> fslot) & 1; in copy_reg()
864 *tnat |= (nat << tslot); in copy_reg()
895 unsigned long *nat) in finish_pt_regs() argument
919 copy_reg(&ms->pmsa_gr[1-1], ms->pmsa_nat_bits, &regs->r1, nat); in finish_pt_regs()
920 copy_reg(&ms->pmsa_gr[2-1], ms->pmsa_nat_bits, &regs->r2, nat); in finish_pt_regs()
921 copy_reg(&ms->pmsa_gr[3-1], ms->pmsa_nat_bits, &regs->r3, nat); in finish_pt_regs()
922 copy_reg(&ms->pmsa_gr[8-1], ms->pmsa_nat_bits, &regs->r8, nat); in finish_pt_regs()
923 copy_reg(&ms->pmsa_gr[9-1], ms->pmsa_nat_bits, &regs->r9, nat); in finish_pt_regs()
924 copy_reg(&ms->pmsa_gr[10-1], ms->pmsa_nat_bits, &regs->r10, nat); in finish_pt_regs()
[all …]
/Linux-v5.10/arch/ia64/lib/
Dstrlen.S46 // a NaT bit will be set if the translation is not present. The normal
62 // - after the loop we must test for Nat values because neither the
63 // czx nor cmp instruction raise a NaT consumption fault. We must be
64 // careful not to look too far for a Nat for which we don't care.
65 // For instance we don't need to look at a NaT in val2 if the zero byte
131 tnat.nz p6,p7=val1 // test NaT on val1
132 (p6) br.cond.spnt .recover // jump to recovery if val1 is NaT
138 tnat.nz.and p7,p0=val2 // test NaT if val2
139 (p7) br.cond.spnt .recover // jump to recovery if val2 is NaT
/Linux-v5.10/arch/ia64/include/asm/
Dunwind.h86 signed long off : 61; /* NaT word is at loc+nat.off */
87 } nat; member
199 unw_set_gr (struct unw_frame_info *i, int n, unsigned long v, char nat) in unw_set_gr() argument
201 return unw_access_gr(i, n, &v, &nat, 1); in unw_set_gr()
228 #define unw_get_gr(i,n,v,nat) unw_access_gr(i,n,v,nat,0) argument
Dptrace.h129 /* get nat bits for scratch registers such that bit N==1 iff scratch register rN is a NaT */
131 /* put nat bits for scratch registers such that scratch register rN is a NaT iff bit N==1 */
132 extern unsigned long ia64_put_scratch_nat_bits (struct pt_regs *pt, unsigned long nat);
/Linux-v5.10/net/netfilter/ipvs/
Dip_vs_nfct.c20 * - support for all forwarding methods, not only NAT
21 * - FTP support (NAT), ability to support other NAT apps with expectations
22 * - to correctly create expectations for related NAT connections the proper
25 * NAT rules are needed)
26 * - alter reply for NAT when forwarding packet in original direction:
30 * PASV response can not be NAT-ed) but Active FTP should work
81 /* Never alter conntrack for non-NAT conns */ in ip_vs_update_conntrack()
198 /* Never alter conntrack for non-NAT conns */ in ip_vs_nfct_expect_callback()
/Linux-v5.10/drivers/net/ethernet/broadcom/bnxt/
Dbnxt_tc.c211 actions->nat.l3_is_ipv4 = true; in bnxt_tc_parse_pedit()
213 actions->nat.src_xlate = true; in bnxt_tc_parse_pedit()
214 actions->nat.l3.ipv4.saddr.s_addr = htonl(val); in bnxt_tc_parse_pedit()
216 actions->nat.src_xlate = false; in bnxt_tc_parse_pedit()
217 actions->nat.l3.ipv4.daddr.s_addr = htonl(val); in bnxt_tc_parse_pedit()
225 netdev_dbg(bp->dev, "nat.src_xlate = %d src IP: %pI4 dst ip : %pI4\n", in bnxt_tc_parse_pedit()
226 actions->nat.src_xlate, &actions->nat.l3.ipv4.saddr, in bnxt_tc_parse_pedit()
227 &actions->nat.l3.ipv4.daddr); in bnxt_tc_parse_pedit()
232 actions->nat.l3_is_ipv4 = false; in bnxt_tc_parse_pedit()
238 actions->nat.src_xlate = true; in bnxt_tc_parse_pedit()
[all …]
/Linux-v5.10/drivers/net/ethernet/intel/ice/
Dice_lan_tx_rx.h659 /* IPv4 --> GRE/NAT */
662 /* IPv4 --> GRE/NAT --> IPv4 */
671 /* IPv4 --> GRE/NAT --> IPv6 */
680 /* IPv4 --> GRE/NAT --> MAC */
683 /* IPv4 --> GRE/NAT --> MAC --> IPv4 */
692 /* IPv4 --> GRE/NAT -> MAC --> IPv6 */
701 /* IPv4 --> GRE/NAT --> MAC/VLAN */
704 /* IPv4 ---> GRE/NAT -> MAC/VLAN --> IPv4 */
713 /* IPv4 -> GRE/NAT -> MAC/VLAN --> IPv6 */
749 /* IPv6 --> GRE/NAT */
[all …]

1234567