Home
last modified time | relevance | path

Searched full:nat (Results 1 – 25 of 359) sorted by relevance

12345678910>>...15

/kernel/linux/linux-6.6/tools/testing/selftests/tc-testing/tc-tests/actions/
Dnat.json4 "name": "Add nat action on ingress with default control action",
7 "nat"
11 "$TC actions flush action nat",
17 "cmdUnderTest": "$TC actions add action nat ingress 192.168.1.1 200.200.200.1",
19 "verifyCmd": "$TC actions ls action nat",
20 "matchPattern": "action order [0-9]+: nat ingress 192.168.1.1/32 200.200.200.1 pass",
23 "$TC actions flush action nat"
28 "name": "Add nat action on ingress with pipe control action",
31 "nat"
35 "$TC actions flush action nat",
[all …]
Dct.json172 "name": "Try ct with zone, commit, mark, nat",
185 …"cmdUnderTest": "$TC actions add action ct zone 404 commit mark 0x42 nat src addr 5.5.5.7 index 42…
188 …"matchPattern": "action order [0-9]*: ct commit mark 66 zone 404 nat src addr 5.5.5.7 pipe.*index …
196 "name": "Try ct with full nat ipv4 range syntax",
209 …"cmdUnderTest": "$TC actions add action ct commit nat src addr 5.5.5.7-5.5.6.0 port 1000-2000 inde…
212 …"matchPattern": "action order [0-9]*: ct commit zone 0 nat src addr 5.5.5.7-5.5.6.0 port 1000-2000…
220 "name": "Try ct with full nat ipv6 syntax",
233 … "cmdUnderTest": "$TC actions add action ct commit nat src addr 2001::1 port 1000-2000 index 44",
236 …"matchPattern": "action order [0-9]*: ct commit zone 0 nat src addr 2001::1 port 1000-2000 pipe.*i…
244 "name": "Try ct with full nat ipv6 range syntax",
[all …]
/kernel/linux/linux-5.10/tools/testing/selftests/tc-testing/tc-tests/actions/
Dnat.json4 "name": "Add nat action on ingress with default control action",
7 "nat"
11 "$TC actions flush action nat",
17 "cmdUnderTest": "$TC actions add action nat ingress 192.168.1.1 200.200.200.1",
19 "verifyCmd": "$TC actions ls action nat",
20 "matchPattern": "action order [0-9]+: nat ingress 192.168.1.1/32 200.200.200.1 pass",
23 "$TC actions flush action nat"
28 "name": "Add nat action on ingress with pipe control action",
31 "nat"
35 "$TC actions flush action nat",
[all …]
Dct.json172 "name": "Try ct with zone, commit, mark, nat",
185 …"cmdUnderTest": "$TC actions add action ct zone 404 commit mark 0x42 nat src addr 5.5.5.7 index 42…
188 …"matchPattern": "action order [0-9]*: ct commit mark 66 zone 404 nat src addr 5.5.5.7 pipe.*index …
196 "name": "Try ct with full nat ipv4 range syntax",
209 …"cmdUnderTest": "$TC actions add action ct commit nat src addr 5.5.5.7-5.5.6.0 port 1000-2000 inde…
212 …"matchPattern": "action order [0-9]*: ct commit zone 0 nat src addr 5.5.5.7-5.5.6.0 port 1000-2000…
220 "name": "Try ct with full nat ipv6 syntax",
233 … "cmdUnderTest": "$TC actions add action ct commit nat src addr 2001::1 port 1000-2000 index 44",
236 …"matchPattern": "action order [0-9]*: ct commit zone 0 nat src addr 2001::1 port 1000-2000 pipe.*i…
244 "name": "Try ct with full nat ipv6 range syntax",
[all …]
/kernel/linux/linux-6.6/net/ipv4/netfilter/
Dnf_nat_pptp.c5 * NAT support for PPTP (Point to Point Tunneling Protocol).
19 * TODO: - NAT to a unique tuple, not to TCP source port
40 MODULE_DESCRIPTION("Netfilter NAT helper module for PPTP");
53 struct nf_conn_nat *nat; in pptp_nat_expected() local
55 nat = nf_ct_nat_ext_add(ct); in pptp_nat_expected()
56 if (WARN_ON_ONCE(!nat)) in pptp_nat_expected()
59 nat_pptp_info = &nat->help.nat_pptp_info; in pptp_nat_expected()
129 struct nf_conn_nat *nat = nfct_nat(ct); in pptp_outbound_pkt() local
135 if (WARN_ON_ONCE(!nat)) in pptp_outbound_pkt()
138 nat_pptp_info = &nat->help.nat_pptp_info; in pptp_outbound_pkt()
[all …]
/kernel/linux/linux-5.10/net/ipv4/netfilter/
Dnf_nat_pptp.c5 * NAT support for PPTP (Point to Point Tunneling Protocol).
19 * TODO: - NAT to a unique tuple, not to TCP source port
40 MODULE_DESCRIPTION("Netfilter NAT helper module for PPTP");
53 struct nf_conn_nat *nat; in pptp_nat_expected() local
55 nat = nf_ct_nat_ext_add(ct); in pptp_nat_expected()
56 if (WARN_ON_ONCE(!nat)) in pptp_nat_expected()
59 nat_pptp_info = &nat->help.nat_pptp_info; in pptp_nat_expected()
129 struct nf_conn_nat *nat = nfct_nat(ct); in pptp_outbound_pkt() local
135 if (WARN_ON_ONCE(!nat)) in pptp_outbound_pkt()
138 nat_pptp_info = &nat->help.nat_pptp_info; in pptp_outbound_pkt()
[all …]
/kernel/linux/linux-6.6/fs/f2fs/
Dnode.h11 /* node block offset on the NAT area dedicated to the given start node id */
37 /* vector size for gang look-up from nat cache that consists of radix tree */
51 IS_DIRTY, /* this nat entry is dirty? */
52 IS_PREALLOC, /* nat entry is preallocated */
67 struct list_head list; /* for clean or dirty nat list */
71 #define nat_get_nid(nat) ((nat)->ni.nid) argument
72 #define nat_set_nid(nat, n) ((nat)->ni.nid = (n)) argument
73 #define nat_get_blkaddr(nat) ((nat)->ni.blk_addr) argument
74 #define nat_set_blkaddr(nat, b) ((nat)->ni.blk_addr = (b)) argument
75 #define nat_get_ino(nat) ((nat)->ni.ino) argument
[all …]
/kernel/linux/linux-5.10/fs/f2fs/
Dnode.h11 /* node block offset on the NAT area dedicated to the given start node id */
34 /* vector size for gang look-up from nat cache that consists of radix tree */
46 IS_DIRTY, /* this nat entry is dirty? */
47 IS_PREALLOC, /* nat entry is preallocated */
62 struct list_head list; /* for clean or dirty nat list */
66 #define nat_get_nid(nat) ((nat)->ni.nid) argument
67 #define nat_set_nid(nat, n) ((nat)->ni.nid = (n)) argument
68 #define nat_get_blkaddr(nat) ((nat)->ni.blk_addr) argument
69 #define nat_set_blkaddr(nat, b) ((nat)->ni.blk_addr = (b)) argument
70 #define nat_get_ino(nat) ((nat)->ni.ino) argument
[all …]
/kernel/linux/linux-6.6/net/netfilter/
Dnf_nat_ovs.c2 /* Support nat functions for openvswitch and used by OVS and TC conntrack. */
7 * range is only used for new, uninitialized NAT state.
20 hooknum = NF_INET_LOCAL_IN; /* Source NAT */ in nf_ct_nat_execute()
22 hooknum = NF_INET_LOCAL_OUT; /* Destination NAT */ in nf_ct_nat_execute()
56 /* Initialize according to the NAT action. */ in nf_ct_nat_execute()
94 /* Add NAT extension if not confirmed yet. */ in nf_ct_nat()
96 return NF_DROP; /* Can't NAT. */ in nf_ct_nat()
100 /* NAT an established or related connection like before. */ in nf_ct_nat()
103 * for which NAT was applied in the forward in nf_ct_nat()
104 * direction. Do the reverse NAT. in nf_ct_nat()
Dnf_conntrack_helper.c132 struct nf_conntrack_nat_helper *nat; in nf_nat_helper_try_module_get() local
143 nat = nf_conntrack_nat_helper_find(h->nat_mod_name); in nf_nat_helper_try_module_get()
144 if (!nat) { in nf_nat_helper_try_module_get()
150 nat = nf_conntrack_nat_helper_find(mod_name); in nf_nat_helper_try_module_get()
151 if (!nat) { in nf_nat_helper_try_module_get()
157 if (!try_module_get(nat->module)) in nf_nat_helper_try_module_get()
167 struct nf_conntrack_nat_helper *nat; in nf_nat_helper_put() local
169 nat = nf_conntrack_nat_helper_find(helper->nat_mod_name); in nf_nat_helper_put()
170 if (WARN_ON_ONCE(!nat)) in nf_nat_helper_put()
173 module_put(nat->module); in nf_nat_helper_put()
[all …]
Dnf_nat_masquerade.c33 struct nf_conn_nat *nat; in nf_nat_masquerade_ipv4() local
60 nat = nf_ct_nat_ext_add(ct); in nf_nat_masquerade_ipv4()
61 if (nat) in nf_nat_masquerade_ipv4()
62 nat->masq_index = out->ifindex; in nf_nat_masquerade_ipv4()
141 const struct nf_conn_nat *nat = nfct_nat(i); in device_cmp() local
144 if (!nat) in device_cmp()
146 return nat->masq_index == w->ifindex; in device_cmp()
245 struct nf_conn_nat *nat; in nf_nat_masquerade_ipv6() local
258 nat = nf_ct_nat_ext_add(ct); in nf_nat_masquerade_ipv6()
259 if (nat) in nf_nat_masquerade_ipv6()
[all …]
Dnft_chain_nat.c37 .name = "nat",
58 .name = "nat",
89 .name = "nat",
141 MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat");
144 MODULE_ALIAS_NFT_CHAIN(AF_INET6, "nat");
147 MODULE_ALIAS_NFT_CHAIN(1, "nat"); /* NFPROTO_INET */
Dnf_nat_bpf.c2 /* Unstable NAT Helpers for XDP and TC-BPF hook
19 /* bpf_ct_set_nat_info - Set source or destination nat address
21 * Set source or destination nat address of the newly allocated
28 * @addr - Nat source/destination address
29 * @port - Nat source/destination port. Non-positive values are
/kernel/linux/linux-6.6/tools/testing/selftests/netfilter/
Dnft_nat.sh3 # This test is for basic NAT functionality: snat, dnat, redirect, masquerade.
185 table $family nat {
187 type nat hook output priority 0; policy accept;
244 ip netns exec "$ns0" nft flush chain ip6 nat output
260 table $family nat {
262 type nat hook output priority 0; policy accept;
269 echo "SKIP: inet nat tests"
325 ip netns exec "$ns0" nft flush chain $family nat output
372 test $lret -eq 0 && echo "PASS: ping to $ns1 OK after $family nat output chain flush"
386 table $family nat {
[all …]
Dconntrack_vrf.sh163 table ip nat {
175 type nat hook postrouting priority 0;
189 # must also check that nat table was evaluated on second (lower device) iteration.
190 ip netns exec $ns0 nft list table ip nat |grep -q 'counter packets 2' &&
191 ip netns exec $ns0 nft list table ip nat |grep -q 'untracked counter packets [1-9]'
212 table ip nat {
214 type nat hook postrouting priority 0;
226 # must also check that nat table was evaluated on second (lower device) iteration.
227 ip netns exec $ns0 nft list table ip nat |grep -q 'counter packets 2'
/kernel/linux/linux-5.10/tools/testing/selftests/netfilter/
Dnft_nat.sh3 # This test is for basic NAT functionality: snat, dnat, redirect, masquerade.
185 table $family nat {
187 type nat hook output priority 0; policy accept;
244 ip netns exec "$ns0" nft flush chain ip6 nat output
260 table $family nat {
262 type nat hook output priority 0; policy accept;
269 echo "SKIP: inet nat tests"
325 ip netns exec "$ns0" nft flush chain $family nat output
372 test $lret -eq 0 && echo "PASS: ping to $ns1 OK after $family nat output chain flush"
386 table $family nat {
[all …]
Dconntrack_vrf.sh163 table ip nat {
175 type nat hook postrouting priority 0;
189 # must also check that nat table was evaluated on second (lower device) iteration.
190 ip netns exec $ns0 nft list table ip nat |grep -q 'counter packets 2' &&
191 ip netns exec $ns0 nft list table ip nat |grep -q 'untracked counter packets [1-9]'
212 table ip nat {
214 type nat hook postrouting priority 0;
226 # must also check that nat table was evaluated on second (lower device) iteration.
227 ip netns exec $ns0 nft list table ip nat |grep -q 'counter packets 2'
/kernel/linux/linux-5.10/net/openvswitch/
Dconntrack.c51 OVS_CT_NAT = 1 << 0, /* NAT for committed connections only. */
52 OVS_CT_SRC_NAT = 1 << 1, /* Source NAT for NEW connections. */
53 OVS_CT_DST_NAT = 1 << 2, /* Destination NAT for NEW connections. */
62 u8 nat : 3; /* enum ovs_ct_nat */ member
72 struct nf_nat_range2 range; /* Only present for SRC NAT and DST NAT. */
230 * 'keep_nat_flags' is true, the existing NAT flags retained, else they are
483 * FTP with NAT) adusting the TCP payload size when mangling IP in ovs_ct_helper()
621 /* Must invert the tuple if skb has been transformed by NAT. */ in ovs_ct_find_existing()
785 * range is only used for new, uninitialized NAT state.
800 hooknum = NF_INET_LOCAL_IN; /* Source NAT */ in ovs_ct_nat_execute()
[all …]
/kernel/linux/linux-5.10/net/netfilter/
Dnf_nat_masquerade.c32 struct nf_conn_nat *nat; in nf_nat_masquerade_ipv4() local
59 nat = nf_ct_nat_ext_add(ct); in nf_nat_masquerade_ipv4()
60 if (nat) in nf_nat_masquerade_ipv4()
61 nat->masq_index = out->ifindex; in nf_nat_masquerade_ipv4()
136 const struct nf_conn_nat *nat = nfct_nat(i); in device_cmp() local
139 if (!nat) in device_cmp()
141 return nat->masq_index == w->ifindex; in device_cmp()
240 struct nf_conn_nat *nat; in nf_nat_masquerade_ipv6() local
253 nat = nf_ct_nat_ext_add(ct); in nf_nat_masquerade_ipv6()
254 if (nat) in nf_nat_masquerade_ipv6()
[all …]
Dnft_chain_nat.c37 .name = "nat",
58 .name = "nat",
89 .name = "nat",
141 MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat");
144 MODULE_ALIAS_NFT_CHAIN(AF_INET6, "nat");
147 MODULE_ALIAS_NFT_CHAIN(1, "nat"); /* NFPROTO_INET */
Dnf_conntrack_helper.c153 struct nf_conntrack_nat_helper *nat; in nf_nat_helper_try_module_get() local
164 nat = nf_conntrack_nat_helper_find(h->nat_mod_name); in nf_nat_helper_try_module_get()
165 if (!nat) { in nf_nat_helper_try_module_get()
171 nat = nf_conntrack_nat_helper_find(mod_name); in nf_nat_helper_try_module_get()
172 if (!nat) { in nf_nat_helper_try_module_get()
178 if (!try_module_get(nat->module)) in nf_nat_helper_try_module_get()
188 struct nf_conntrack_nat_helper *nat; in nf_nat_helper_put() local
190 nat = nf_conntrack_nat_helper_find(helper->nat_mod_name); in nf_nat_helper_put()
191 if (WARN_ON_ONCE(!nat)) in nf_nat_helper_put()
194 module_put(nat->module); in nf_nat_helper_put()
[all …]
/kernel/linux/linux-5.10/include/net/netfilter/
Dnf_nat.h22 /* per conntrack: nat application helper private data */
24 /* insert nat helper private data here */
59 struct nf_conn_nat *nat, in nf_nat_oif_changed() argument
63 return nat && nat->masq_index && hooknum == NF_INET_POST_ROUTING && in nf_nat_oif_changed()
65 nat->masq_index != out->ifindex; in nf_nat_oif_changed()
/kernel/linux/linux-6.6/include/net/netfilter/
Dnf_nat.h22 /* per conntrack: nat application helper private data */
24 /* insert nat helper private data here */
59 struct nf_conn_nat *nat, in nf_nat_oif_changed() argument
63 return nat && nat->masq_index && hooknum == NF_INET_POST_ROUTING && in nf_nat_oif_changed()
65 nat->masq_index != out->ifindex; in nf_nat_oif_changed()
/kernel/linux/linux-6.6/arch/ia64/kernel/
Dunwind_i.h119 UNW_NAT_NONE, /* NaT not represented */
120 UNW_NAT_VAL, /* NaT represented by NaT value (fp reg) */
121 UNW_NAT_MEMSTK, /* NaT value is in unat word at offset OFF */
122 UNW_NAT_REGSTK /* NaT is in rnat */
132 UNW_INSN_SETNAT_MEMSTK, /* s[dst+1].nat.type = MEMSTK;
133 s[dst+1].nat.off = *s.pri_unat - s[dst] */
134 UNW_INSN_SETNAT_TYPE, /* s[dst+1].nat.type = val */
/kernel/linux/linux-5.10/arch/ia64/kernel/
Dunwind_i.h119 UNW_NAT_NONE, /* NaT not represented */
120 UNW_NAT_VAL, /* NaT represented by NaT value (fp reg) */
121 UNW_NAT_MEMSTK, /* NaT value is in unat word at offset OFF */
122 UNW_NAT_REGSTK /* NaT is in rnat */
132 UNW_INSN_SETNAT_MEMSTK, /* s[dst+1].nat.type = MEMSTK;
133 s[dst+1].nat.off = *s.pri_unat - s[dst] */
134 UNW_INSN_SETNAT_TYPE, /* s[dst+1].nat.type = val */

12345678910>>...15