Lines Matching defs:softn
125 #define NBUMP(x) softn->(x)++
127 softn->x.y++; \
130 #define NBUMPSIDE(y,x) softn->ipf_nat_stats.ns_side[y].x++
131 #define NBUMPSIDED(y,x) do { softn->ipf_nat_stats.ns_side[y].x++; \
134 do { softn->ipf_nat_stats.ns_side[y].x++; \
136 #define NBUMPSIDEDF(y,x)do { softn->ipf_nat_stats.ns_side[y].x++; \
313 ipf_nat_softc_t *softn;
315 KMALLOC(softn, ipf_nat_softc_t *);
316 if (softn == NULL)
319 bzero((char *)softn, sizeof(*softn));
321 softn->ipf_nat_tune = ipf_tune_array_copy(softn,
324 if (softn->ipf_nat_tune == NULL) {
325 ipf_nat_soft_destroy(softc, softn);
328 if (ipf_tune_array_link(softc, softn->ipf_nat_tune) == -1) {
329 ipf_nat_soft_destroy(softc, softn);
333 softn->ipf_nat_list_tail = &softn->ipf_nat_list;
335 softn->ipf_nat_table_max = NAT_TABLE_MAX;
336 softn->ipf_nat_table_sz = NAT_TABLE_SZ;
337 softn->ipf_nat_maprules_sz = NAT_SIZE;
338 softn->ipf_nat_rdrrules_sz = RDR_SIZE;
339 softn->ipf_nat_hostmap_sz = HOSTMAP_SIZE;
340 softn->ipf_nat_doflush = 0;
342 softn->ipf_nat_logging = 1;
344 softn->ipf_nat_logging = 0;
347 softn->ipf_nat_defage = DEF_NAT_AGE;
348 softn->ipf_nat_defipage = IPF_TTLVAL(60);
349 softn->ipf_nat_deficmpage = IPF_TTLVAL(3);
350 softn->ipf_nat_table_wm_high = 99;
351 softn->ipf_nat_table_wm_low = 90;
353 return softn;
365 ipf_nat_softc_t *softn = arg;
367 if (softn->ipf_nat_tune != NULL) {
368 ipf_tune_array_unlink(softc, softn->ipf_nat_tune);
369 KFREES(softn->ipf_nat_tune, sizeof(ipf_nat_tuneables));
370 softn->ipf_nat_tune = NULL;
373 KFREE(softn);
387 ipf_nat_softc_t *softn = arg;
391 KMALLOCS(softn->ipf_nat_table[0], nat_t **, \
392 sizeof(nat_t *) * softn->ipf_nat_table_sz);
394 if (softn->ipf_nat_table[0] != NULL) {
395 bzero((char *)softn->ipf_nat_table[0],
396 softn->ipf_nat_table_sz * sizeof(nat_t *));
401 KMALLOCS(softn->ipf_nat_table[1], nat_t **, \
402 sizeof(nat_t *) * softn->ipf_nat_table_sz);
404 if (softn->ipf_nat_table[1] != NULL) {
405 bzero((char *)softn->ipf_nat_table[1],
406 softn->ipf_nat_table_sz * sizeof(nat_t *));
411 KMALLOCS(softn->ipf_nat_map_rules, ipnat_t **, \
412 sizeof(ipnat_t *) * softn->ipf_nat_maprules_sz);
414 if (softn->ipf_nat_map_rules != NULL) {
415 bzero((char *)softn->ipf_nat_map_rules,
416 softn->ipf_nat_maprules_sz * sizeof(ipnat_t *));
421 KMALLOCS(softn->ipf_nat_rdr_rules, ipnat_t **, \
422 sizeof(ipnat_t *) * softn->ipf_nat_rdrrules_sz);
424 if (softn->ipf_nat_rdr_rules != NULL) {
425 bzero((char *)softn->ipf_nat_rdr_rules,
426 softn->ipf_nat_rdrrules_sz * sizeof(ipnat_t *));
431 KMALLOCS(softn->ipf_hm_maptable, hostmap_t **, \
432 sizeof(hostmap_t *) * softn->ipf_nat_hostmap_sz);
434 if (softn->ipf_hm_maptable != NULL) {
435 bzero((char *)softn->ipf_hm_maptable,
436 sizeof(hostmap_t *) * softn->ipf_nat_hostmap_sz);
440 softn->ipf_hm_maplist = NULL;
442 KMALLOCS(softn->ipf_nat_stats.ns_side[0].ns_bucketlen, u_int *,
443 softn->ipf_nat_table_sz * sizeof(u_int));
445 if (softn->ipf_nat_stats.ns_side[0].ns_bucketlen == NULL) {
448 bzero((char *)softn->ipf_nat_stats.ns_side[0].ns_bucketlen,
449 softn->ipf_nat_table_sz * sizeof(u_int));
451 KMALLOCS(softn->ipf_nat_stats.ns_side[1].ns_bucketlen, u_int *,
452 softn->ipf_nat_table_sz * sizeof(u_int));
454 if (softn->ipf_nat_stats.ns_side[1].ns_bucketlen == NULL) {
458 bzero((char *)softn->ipf_nat_stats.ns_side[1].ns_bucketlen,
459 softn->ipf_nat_table_sz * sizeof(u_int));
461 if (softn->ipf_nat_maxbucket == 0) {
462 for (i = softn->ipf_nat_table_sz; i > 0; i >>= 1)
463 softn->ipf_nat_maxbucket++;
464 softn->ipf_nat_maxbucket *= 2;
467 ipf_sttab_init(softc, softn->ipf_nat_tcptq);
472 softn->ipf_nat_tcptq[IPF_TCPS_CLOSED].ifq_ttl = softc->ipf_tcplastack;
473 softn->ipf_nat_tcptq[IPF_TCP_NSTATES - 1].ifq_next =
474 &softn->ipf_nat_udptq;
476 IPFTQ_INIT(&softn->ipf_nat_udptq, softn->ipf_nat_defage,
478 softn->ipf_nat_udptq.ifq_next = &softn->ipf_nat_udpacktq;
480 IPFTQ_INIT(&softn->ipf_nat_udpacktq, softn->ipf_nat_defage,
482 softn->ipf_nat_udpacktq.ifq_next = &softn->ipf_nat_icmptq;
484 IPFTQ_INIT(&softn->ipf_nat_icmptq, softn->ipf_nat_deficmpage,
486 softn->ipf_nat_icmptq.ifq_next = &softn->ipf_nat_icmpacktq;
488 IPFTQ_INIT(&softn->ipf_nat_icmpacktq, softn->ipf_nat_defage,
490 softn->ipf_nat_icmpacktq.ifq_next = &softn->ipf_nat_iptq;
492 IPFTQ_INIT(&softn->ipf_nat_iptq, softn->ipf_nat_defipage,
494 softn->ipf_nat_iptq.ifq_next = &softn->ipf_nat_pending;
496 IPFTQ_INIT(&softn->ipf_nat_pending, 1, "nat pending ipftq tab");
497 softn->ipf_nat_pending.ifq_next = NULL;
499 for (i = 0, tq = softn->ipf_nat_tcptq; i < IPF_TCP_NSTATES; i++, tq++) {
500 if (tq->ifq_ttl < softn->ipf_nat_deficmpage)
501 tq->ifq_ttl = softn->ipf_nat_deficmpage;
503 else if (tq->ifq_ttl > softn->ipf_nat_defage)
504 tq->ifq_ttl = softn->ipf_nat_defage;
513 softn->ipf_nat_tcptq[IPF_TCPS_CLOSED].ifq_ttl = softc->ipf_tcplastack;
515 MUTEX_INIT(&softn->ipf_nat_new, "ipf nat new mutex");
516 MUTEX_INIT(&softn->ipf_nat_io, "ipf nat io mutex");
518 softn->ipf_nat_inited = 1;
534 ipf_nat_softc_t *softn = arg;
537 (void) ipf_nat_clearlist(softc, softn);
538 (void) ipf_nat_flushtable(softc, softn);
547 for (ifq = softn->ipf_nat_utqe; ifq != NULL; ifq = ifqnext) {
553 if (softn->ipf_nat_table[0] != NULL) {
554 KFREES(softn->ipf_nat_table[0],
555 sizeof(nat_t *) * softn->ipf_nat_table_sz);
556 softn->ipf_nat_table[0] = NULL;
558 if (softn->ipf_nat_table[1] != NULL) {
559 KFREES(softn->ipf_nat_table[1],
560 sizeof(nat_t *) * softn->ipf_nat_table_sz);
561 softn->ipf_nat_table[1] = NULL;
563 if (softn->ipf_nat_map_rules != NULL) {
564 KFREES(softn->ipf_nat_map_rules,
565 sizeof(ipnat_t *) * softn->ipf_nat_maprules_sz);
566 softn->ipf_nat_map_rules = NULL;
568 if (softn->ipf_nat_rdr_rules != NULL) {
569 KFREES(softn->ipf_nat_rdr_rules,
570 sizeof(ipnat_t *) * softn->ipf_nat_rdrrules_sz);
571 softn->ipf_nat_rdr_rules = NULL;
573 if (softn->ipf_hm_maptable != NULL) {
574 KFREES(softn->ipf_hm_maptable,
575 sizeof(hostmap_t *) * softn->ipf_nat_hostmap_sz);
576 softn->ipf_hm_maptable = NULL;
578 if (softn->ipf_nat_stats.ns_side[0].ns_bucketlen != NULL) {
579 KFREES(softn->ipf_nat_stats.ns_side[0].ns_bucketlen,
580 sizeof(u_int) * softn->ipf_nat_table_sz);
581 softn->ipf_nat_stats.ns_side[0].ns_bucketlen = NULL;
583 if (softn->ipf_nat_stats.ns_side[1].ns_bucketlen != NULL) {
584 KFREES(softn->ipf_nat_stats.ns_side[1].ns_bucketlen,
585 sizeof(u_int) * softn->ipf_nat_table_sz);
586 softn->ipf_nat_stats.ns_side[1].ns_bucketlen = NULL;
589 if (softn->ipf_nat_inited == 1) {
590 softn->ipf_nat_inited = 0;
591 ipf_sttab_destroy(softn->ipf_nat_tcptq);
593 MUTEX_DESTROY(&softn->ipf_nat_new);
594 MUTEX_DESTROY(&softn->ipf_nat_io);
596 MUTEX_DESTROY(&softn->ipf_nat_udptq.ifq_lock);
597 MUTEX_DESTROY(&softn->ipf_nat_udpacktq.ifq_lock);
598 MUTEX_DESTROY(&softn->ipf_nat_icmptq.ifq_lock);
599 MUTEX_DESTROY(&softn->ipf_nat_icmpacktq.ifq_lock);
600 MUTEX_DESTROY(&softn->ipf_nat_iptq.ifq_lock);
601 MUTEX_DESTROY(&softn->ipf_nat_pending.ifq_lock);
619 ipf_nat_softc_t *softn = arg;
621 softn->ipf_nat_lock = tmp;
635 ipf_nat_addrdr(ipf_nat_softc_t *softn, ipnat_t *n)
645 ipf_inet_mask_add(k, &softn->ipf_nat_rdr_mask);
649 ipf_inet_mask_add(0, &softn->ipf_nat_rdr_mask);
653 hv = rhv % softn->ipf_nat_rdrrules_sz;
654 np = softn->ipf_nat_rdr_rules + hv;
675 ipf_nat_addmap(ipf_nat_softc_t *softn, ipnat_t *n)
685 ipf_inet_mask_add(k, &softn->ipf_nat_map_mask);
689 ipf_inet_mask_add(0, &softn->ipf_nat_map_mask);
693 hv = rhv % softn->ipf_nat_maprules_sz;
694 np = softn->ipf_nat_map_rules + hv;
713 ipf_nat_delrdr(ipf_nat_softc_t *softn, ipnat_t *n)
717 ipf_inet_mask_del(k, &softn->ipf_nat_rdr_mask);
719 ipf_inet_mask_del(0, &softn->ipf_nat_rdr_mask);
736 ipf_nat_delmap(ipf_nat_softc_t *softn, ipnat_t *n)
740 ipf_inet_mask_del(k, &softn->ipf_nat_map_mask);
742 ipf_inet_mask_del(0, &softn->ipf_nat_map_mask);
766 ipf_nat_hostmap(ipf_nat_softc_t *softn, ipnat_t *np, struct in_addr src,
776 hv %= softn->ipf_nat_hostmap_sz;
777 for (hm = softn->ipf_hm_maptable[hv]; hm; hm = hm->hm_hnext)
782 softn->ipf_nat_stats.ns_hm_addref++;
788 softn->ipf_nat_stats.ns_hm_nullnp++;
794 hm->hm_next = softn->ipf_hm_maplist;
795 hm->hm_pnext = &softn->ipf_hm_maplist;
796 if (softn->ipf_hm_maplist != NULL)
797 softn->ipf_hm_maplist->hm_pnext = &hm->hm_next;
798 softn->ipf_hm_maplist = hm;
799 hm->hm_hnext = softn->ipf_hm_maptable[hv];
800 hm->hm_phnext = softn->ipf_hm_maptable + hv;
801 if (softn->ipf_hm_maptable[hv] != NULL)
802 softn->ipf_hm_maptable[hv]->hm_phnext = &hm->hm_hnext;
803 softn->ipf_hm_maptable[hv] = hm;
814 softn->ipf_nat_stats.ns_hm_new++;
816 softn->ipf_nat_stats.ns_hm_newfail++;
983 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
1073 error = ipf_nat_rule_init(softc, softn, nat);
1077 MUTEX_ENTER(&softn->ipf_nat_io);
1078 for (n = softn->ipf_nat_list; n != NULL; n = n->in_next)
1109 error = BCOPYIN(data, &softn->ipf_nat_logging,
1110 sizeof(softn->ipf_nat_logging));
1117 error = BCOPYOUT(&softn->ipf_nat_logging, data,
1118 sizeof(softn->ipf_nat_logging));
1154 MUTEX_EXIT(&softn->ipf_nat_io);
1159 error = ipf_nat_siocaddnat(softc, softn, nt, getlock);
1160 MUTEX_EXIT(&softn->ipf_nat_io);
1179 MUTEX_EXIT(&softn->ipf_nat_io);
1186 MUTEX_EXIT(&softn->ipf_nat_io);
1191 ipf_nat_siocdelnat(softc, softn, n, getlock);
1193 MUTEX_EXIT(&softn->ipf_nat_io);
1199 natstat_t *nsp = &softn->ipf_nat_stats;
1201 nsp->ns_side[0].ns_table = softn->ipf_nat_table[0];
1202 nsp->ns_side[1].ns_table = softn->ipf_nat_table[1];
1203 nsp->ns_list = softn->ipf_nat_list;
1204 nsp->ns_maptable = softn->ipf_hm_maptable;
1205 nsp->ns_maplist = softn->ipf_hm_maplist;
1206 nsp->ns_nattab_sz = softn->ipf_nat_table_sz;
1207 nsp->ns_nattab_max = softn->ipf_nat_table_max;
1208 nsp->ns_rultab_sz = softn->ipf_nat_maprules_sz;
1209 nsp->ns_rdrtab_sz = softn->ipf_nat_rdrrules_sz;
1210 nsp->ns_hostmap_sz = softn->ipf_nat_hostmap_sz;
1211 nsp->ns_instances = softn->ipf_nat_instances;
1281 ret = ipf_nat_flushtable(softc, softn);
1283 ret = ipf_nat_clearlist(softc, softn);
1285 ret = ipf_nat_extraflush(softc, softn, arg);
1307 error = ipf_nat_matchflush(softc, softn, data);
1323 error = ipf_lock(data, &softn->ipf_nat_lock);
1337 if (softn->ipf_nat_lock) {
1346 if (softn->ipf_nat_lock) {
1389 error = ipf_outobj(softc, data, softn->ipf_nat_tcptq,
1394 error = ipf_nat_gettable(softc, softn, data);
1417 /* softn(I) - pointer to NAT context structure */
1428 ipf_nat_siocaddnat(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, ipnat_t *n,
1457 n->in_pnext = softn->ipf_nat_list_tail;
1459 softn->ipf_nat_list_tail = &n->in_next;
1467 ipf_nat_addrdr(softn, n);
1471 ipf_nat6_addrdr(softn, n);
1477 ATOMIC_INC32(softn->ipf_nat_stats.ns_rules_rdr);
1485 ipf_nat_addmap(softn, n);
1489 ipf_nat6_addmap(softn, n);
1495 ATOMIC_INC32(softn->ipf_nat_stats.ns_rules_map);
1500 &softn->ipf_nat_utqe,
1505 &softn->ipf_nat_utqe,
1511 ATOMIC_INC32(softn->ipf_nat_stats.ns_rules);
1526 /* softn(I) - pointer to NAT context structure */
1532 ipf_nat_ruleaddrinit(ipf_main_softc_t *softc, ipf_nat_softc_t *softn,
1584 ipf_nat_builddivertmp(softn, n);
1638 /* softn(I) - pointer to NAT context structure */
1648 ipf_nat_siocdelnat(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, ipnat_t *n,
1659 ipf_nat_delrule(softc, softn, n, 1);
1684 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
1702 nat = softn->ipf_nat_instances;
1724 for (n = softn->ipf_nat_instances; n; n = n->nat_next)
1775 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
1803 nat = softn->ipf_nat_instances;
1805 if (softn->ipf_nat_instances == NULL) {
1817 for (n = softn->ipf_nat_instances; n; n = n->nat_next)
1911 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
2013 ATOMIC_INC32(softn->ipf_nat_stats.ns_rules);
2175 for (n = softn->ipf_nat_instances; n; n = n->nat_next)
2266 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
2272 if (logtype != 0 && softn->ipf_nat_logging != 0)
2273 ipf_nat_log(softc, softn, nat, logtype);
2282 bkt = nat->nat_hv[0] % softn->ipf_nat_table_sz;
2283 nss = &softn->ipf_nat_stats.ns_side[0];
2290 bkt = nat->nat_hv[1] % softn->ipf_nat_table_sz;
2291 nss = &softn->ipf_nat_stats.ns_side[1];
2320 ATOMIC_DEC32(softn->ipf_nat_stats.ns_wilds);
2346 softn->ipf_nat_stats.ns_expire++;
2359 softn->ipf_nat_stats.ns_orphans++;
2366 softn->ipf_nat_stats.ns_orphans++;
2375 softn->ipf_nat_stats.ns_orphans--;
2380 softn->ipf_nat_stats.ns_proto[nat->nat_pr[0]]--;
2410 softn->ipf_nat_stats.ns_active--;
2427 /* softn(I) - pointer to NAT context structure */
2438 ipf_nat_flushtable(ipf_main_softc_t *softc, ipf_nat_softc_t *softn)
2447 if (softn->ipf_nat_table[0] != NULL)
2448 bzero((char *)softn->ipf_nat_table[0],
2449 sizeof(softn->ipf_nat_table[0]) *
2450 softn->ipf_nat_table_sz);
2451 if (softn->ipf_nat_table[1] != NULL)
2452 bzero((char *)softn->ipf_nat_table[1],
2453 sizeof(softn->ipf_nat_table[1]) *
2454 softn->ipf_nat_table_sz);
2456 while ((nat = softn->ipf_nat_instances) != NULL) {
2469 /* softn(I) - pointer to NAT context structure */
2476 ipf_nat_clearlist(ipf_main_softc_t *softc, ipf_nat_softc_t *softn)
2481 if (softn->ipf_nat_map_rules != NULL) {
2482 bzero((char *)softn->ipf_nat_map_rules,
2483 sizeof(*softn->ipf_nat_map_rules) *
2484 softn->ipf_nat_maprules_sz);
2486 if (softn->ipf_nat_rdr_rules != NULL) {
2487 bzero((char *)softn->ipf_nat_rdr_rules,
2488 sizeof(*softn->ipf_nat_rdr_rules) *
2489 softn->ipf_nat_rdrrules_sz);
2492 while ((n = softn->ipf_nat_list) != NULL) {
2493 ipf_nat_delrule(softc, softn, n, 0);
2507 /* softn(I) - pointer to NAT context structure */
2518 ipf_nat_delrule(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, ipnat_t *np,
2526 if (softn->ipf_nat_list_tail == &np->in_next)
2527 softn->ipf_nat_list_tail = np->in_pnext;
2534 for (next = softn->ipf_nat_instances; (nat = next) != NULL;) {
2546 ipf_nat_delrdr(softn, np);
2550 ipf_nat6_delrdr(softn, np);
2559 ipf_nat_delmap(softn, np);
2563 ipf_nat6_delmap(softn, np);
2592 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
2634 hm = ipf_nat_hostmap(softn, np, fin->fin_src,
2818 nat->nat_hm = ipf_nat_hostmap(softn, np, fin->fin_src,
2853 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
2889 hm = ipf_nat_hostmap(softn, NULL, fin->fin_src, fin->fin_dst,
2911 hm = ipf_nat_hostmap(softn, NULL, fin->fin_src,
3018 nat->nat_hm = ipf_nat_hostmap(softn, np, fin->fin_src,
3063 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
3072 nsp = &softn->ipf_nat_stats;
3074 if ((nsp->ns_active * 100 / softn->ipf_nat_table_max) >
3075 softn->ipf_nat_table_wm_high) {
3076 softn->ipf_nat_doflush = 1;
3079 if (nsp->ns_active >= softn->ipf_nat_table_max) {
3102 if ((softn->ipf_nat_table_max > softn->ipf_nat_table_sz) &&
3104 softn->ipf_nat_table_max = nsp->ns_active - 100;
3106 softn->ipf_nat_table_max);
3212 ipf_nat_delrdr(softn, np);
3213 ipf_nat_addrdr(softn, np);
3215 ipf_nat_delmap(softn, np);
3216 ipf_nat_addmap(softn, np);
3256 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
3329 if (ipf_nat_insert(softc, softn, nat) == 0) {
3330 if (softn->ipf_nat_logging)
3331 ipf_nat_log(softc, softn, nat, NL_NEW);
3355 /* softn(I) - pointer to NAT context structure */
3363 ipf_nat_insert(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, nat_t *nat)
3456 ret = ipf_nat_hashtab_add(softc, softn, nat);
3467 /* softn(I) - pointer to NAT context structure */
3474 ipf_nat_hashtab_add(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, nat_t *nat)
3480 hv0 = nat->nat_hv[0] % softn->ipf_nat_table_sz;
3481 hv1 = nat->nat_hv[1] % softn->ipf_nat_table_sz;
3483 if (softn->ipf_nat_stats.ns_side[0].ns_bucketlen[hv0] >=
3484 softn->ipf_nat_maxbucket) {
3486 softn->ipf_nat_stats.ns_side[0].ns_bucketlen[hv0]);
3491 if (softn->ipf_nat_stats.ns_side[1].ns_bucketlen[hv1] >=
3492 softn->ipf_nat_maxbucket) {
3494 softn->ipf_nat_stats.ns_side[1].ns_bucketlen[hv1]);
3508 nat->nat_next = softn->ipf_nat_instances;
3509 nat->nat_pnext = &softn->ipf_nat_instances;
3510 if (softn->ipf_nat_instances)
3511 softn->ipf_nat_instances->nat_pnext = &nat->nat_next;
3512 softn->ipf_nat_instances = nat;
3517 natp = &softn->ipf_nat_table[0][hv0];
3531 natp = &softn->ipf_nat_table[1][hv1];
3542 ipf_nat_setqueue(softc, softn, nat);
3549 softn->ipf_nat_stats.ns_active++;
3568 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
3578 nside = &softn->ipf_nat_stats.ns_side[fin->fin_out];
3721 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
4026 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
4061 hv = rhv % softn->ipf_nat_table_sz;
4062 nat = softn->ipf_nat_table[1][hv];
4149 if (softn->ipf_nat_stats.ns_wilds == 0 || (fin->fin_flx & FI_NOWILD)) {
4157 hv = NAT_HASH_FN(src.s_addr, hv, softn->ipf_nat_table_sz);
4160 nat = softn->ipf_nat_table[1][hv];
4202 MUTEX_ENTER(&softn->ipf_nat_new);
4203 softn->ipf_nat_stats.ns_wilds--;
4204 MUTEX_EXIT(&softn->ipf_nat_new);
4231 ipf_nat_tabmove(softn, nat);
4248 /* Parameters: softn(I) - pointer to NAT context structure */
4257 ipf_nat_tabmove(ipf_nat_softc_t *softn, nat_t *nat)
4266 nsp = &softn->ipf_nat_stats;
4273 hv0 = nat->nat_hv[0] % softn->ipf_nat_table_sz;
4274 hv1 = nat->nat_hv[1] % softn->ipf_nat_table_sz;
4303 hv0 = nat->nat_hv[0] % softn->ipf_nat_table_sz;
4304 hv1 = nat->nat_hv[1] % softn->ipf_nat_table_sz;
4309 natp = &softn->ipf_nat_table[0][hv0];
4317 natp = &softn->ipf_nat_table[1][hv1];
4355 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
4385 hv = NAT_HASH_FN(dst.s_addr, hv + dport, softn->ipf_nat_table_sz);
4386 nat = softn->ipf_nat_table[0][hv];
4467 if (softn->ipf_nat_stats.ns_wilds == 0 || (fin->fin_flx & FI_NOWILD)) {
4475 hv = NAT_HASH_FN(dst.s_addr, hv, softn->ipf_nat_table_sz);
4479 nat = softn->ipf_nat_table[0][hv];
4519 MUTEX_ENTER(&softn->ipf_nat_new);
4520 softn->ipf_nat_stats.ns_wilds--;
4521 MUTEX_EXIT(&softn->ipf_nat_new);
4548 ipf_nat_tabmove(softn, nat);
4720 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
4741 (void) ipf_tcp_age(&nat->nat_tqe, fin, softn->ipf_nat_tcptq,
4746 ifq2 = fin->fin_rev ? &softn->ipf_nat_udpacktq :
4747 &softn->ipf_nat_udptq;
4750 ifq2 = fin->fin_rev ? &softn->ipf_nat_icmpacktq:
4751 &softn->ipf_nat_icmptq;
4753 ifq2 = &softn->ipf_nat_iptq;
4782 ipf_nat_softc_t *softn;
4800 softn = softc->ipf_nat_soft;
4802 if (softn->ipf_nat_lock != 0)
4804 if (softn->ipf_nat_stats.ns_rules == 0 &&
4805 softn->ipf_nat_instances == NULL)
4864 msk = softn->ipf_nat_map_active_masks[nmsk];
4866 hv = NAT_HASH_FN(iph, 0, softn->ipf_nat_maprules_sz);
4868 for (np = softn->ipf_nat_map_rules[hv]; np; np = npnext) {
4910 MUTEX_ENTER(&softn->ipf_nat_new);
4918 MUTEX_EXIT(&softn->ipf_nat_new);
4925 MUTEX_EXIT(&softn->ipf_nat_new);
4932 if ((np == NULL) && (nmsk < softn->ipf_nat_map_max)) {
4991 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
5273 ipf_nat_softc_t *softn;
5286 softn = softc->ipf_nat_soft;
5288 if (softn->ipf_nat_lock != 0)
5290 if (softn->ipf_nat_stats.ns_rules == 0 &&
5291 softn->ipf_nat_instances == NULL)
5353 msk = softn->ipf_nat_rdr_active_masks[rmsk];
5355 hv = NAT_HASH_FN(iph, 0, softn->ipf_nat_rdrrules_sz);
5357 /* TRACE (iph,msk,rmsk,hv,softn->ipf_nat_rdrrules_sz) */
5358 for (np = softn->ipf_nat_rdr_rules[hv]; np; np = npnext) {
5401 MUTEX_ENTER(&softn->ipf_nat_new);
5409 MUTEX_EXIT(&softn->ipf_nat_new);
5416 MUTEX_EXIT(&softn->ipf_nat_new);
5423 if ((np == NULL) && (rmsk < softn->ipf_nat_rdr_max)) {
5483 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
5800 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
5808 for (ifq = softn->ipf_nat_tcptq, i = 0; ifq != NULL;
5818 for (ifq = softn->ipf_nat_utqe; ifq != NULL; ifq = ifq->ifq_next) {
5827 for (ifq = softn->ipf_nat_utqe; ifq != NULL; ifq = ifqnext) {
5836 if (softn->ipf_nat_doflush != 0) {
5837 ipf_nat_extraflush(softc, softn, 2);
5838 softn->ipf_nat_doflush = 0;
5858 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
5884 for (nat = softn->ipf_nat_instances; nat; nat = nat->nat_next) {
5966 for (n = softn->ipf_nat_list; (n != NULL); n = n->in_next) {
6046 /* softn(I) - pointer to NAT context structure */
6053 ipf_nat_log(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, struct nat *nat,
6098 for (rulen = 0, np = softn->ipf_nat_list; np != NULL;
6153 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
6169 ATOMIC_DEC32(softn->ipf_nat_stats.ns_rules_rdr);
6174 ATOMIC_DEC32(softn->ipf_nat_stats.ns_rules_map);
6191 ATOMIC_DEC32(softn->ipf_nat_stats.ns_rules);
6199 if (softn->ipf_nat_stats.ns_rules == 0)
6259 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
6289 if (ipf_nat_insert(softc, softn, clone) == -1) {
6297 if (softn->ipf_nat_logging)
6298 ipf_nat_log(softc, softn, clone, NL_CLONE);
6315 (void) ipf_tcp_age(&clone->nat_tqe, fin, softn->ipf_nat_tcptq,
6319 if (softn->ipf_nat_logging)
6320 ipf_nat_log(softc, softn, clone, NL_CLONE);
6454 /* softn(I) - pointer to NAT context structure */
6462 ipf_nat_setqueue(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, nat_t *nat)
6476 nifq = &softn->ipf_nat_udptq;
6479 nifq = &softn->ipf_nat_icmptq;
6482 nifq = softn->ipf_nat_tcptq +
6486 nifq = &softn->ipf_nat_iptq;
6519 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
6538 nexthm = softn->ipf_hm_maplist;
6556 nextipnat = softn->ipf_nat_list;
6574 nextnat = softn->ipf_nat_instances;
6648 /* softn(I) - pointer to NAT context structure */
6664 ipf_nat_extraflush(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, int which)
6678 softn->ipf_nat_stats.ns_flush_all++;
6682 for (natp = &softn->ipf_nat_instances;
6690 softn->ipf_nat_stats.ns_flush_closing++;
6695 for (ifq = softn->ipf_nat_tcptq + IPF_TCPS_CLOSE_WAIT;
6712 for (ifq = softn->ipf_nat_utqe; ifq != NULL;
6743 softn->ipf_nat_stats.ns_flush_state++;
6744 tqn = softn->ipf_nat_tcptq[which].ifq_head;
6757 softn->ipf_nat_stats.ns_flush_timeout++;
6764 for (natp = &softn->ipf_nat_instances;
6780 softn->ipf_nat_stats.ns_flush_queue++;
6789 if (softc->ipf_ticks - softn->ipf_nat_last_force_flush >
6791 softn->ipf_nat_last_force_flush = softc->ipf_ticks;
6794 softn->ipf_nat_tcptq,
6795 softn->ipf_nat_utqe,
6796 &softn->ipf_nat_stats.ns_active,
6797 softn->ipf_nat_table_sz,
6798 softn->ipf_nat_table_wm_low);
6887 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
6893 &softn->ipf_nat_pending);
6896 &softn->ipf_nat_pending, nat);
7149 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
7218 /* Parameters: softn(I) - pointer to NAT context structure */
7228 ipf_nat_builddivertmp(ipf_nat_softc_t *softn, ipnat_t *np)
7298 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
7404 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
7583 /* softn(I) - pointer to NAT context structure */
7588 ipf_nat_matchflush(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, void *data)
7600 for (nat = softn->ipf_nat_instances; nat != NULL; nat = natnext) {
7811 /* softn(I) - pointer to NAT context structure */
7818 ipf_nat_gettable(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, char *data)
7830 error = COPYOUT(softn->ipf_nat_stats.ns_side[0].ns_bucketlen,
7832 softn->ipf_nat_table_sz * sizeof(u_int));
7836 error = COPYOUT(softn->ipf_nat_stats.ns_side[1].ns_bucketlen,
7838 softn->ipf_nat_table_sz * sizeof(u_int));
7867 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
7870 return ipf_settimeout_tcp(t, p, softn->ipf_nat_tcptq);
7873 ipf_apply_timeout(&softn->ipf_nat_udptq, p->ipftu_int);
7875 ipf_apply_timeout(&softn->ipf_nat_udpacktq, p->ipftu_int);
7877 ipf_apply_timeout(&softn->ipf_nat_icmptq, p->ipftu_int);
7879 ipf_apply_timeout(&softn->ipf_nat_icmpacktq, p->ipftu_int);
7881 ipf_apply_timeout(&softn->ipf_nat_iptq, p->ipftu_int);
7906 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
7919 if (newsize == softn->ipf_nat_table_sz)
7968 if (softn->ipf_nat_table[0] != NULL) {
7969 KFREES(softn->ipf_nat_table[0],
7970 softn->ipf_nat_table_sz *
7971 sizeof(*softn->ipf_nat_table[0]));
7973 softn->ipf_nat_table[0] = newtab[0];
7975 if (softn->ipf_nat_table[1] != NULL) {
7976 KFREES(softn->ipf_nat_table[1],
7977 softn->ipf_nat_table_sz *
7978 sizeof(*softn->ipf_nat_table[1]));
7980 softn->ipf_nat_table[1] = newtab[1];
7982 if (softn->ipf_nat_stats.ns_side[0].ns_bucketlen != NULL) {
7983 KFREES(softn->ipf_nat_stats.ns_side[0].ns_bucketlen,
7984 softn->ipf_nat_table_sz * sizeof(u_int));
7986 softn->ipf_nat_stats.ns_side[0].ns_bucketlen = bucketlens[0];
7988 if (softn->ipf_nat_stats.ns_side[1].ns_bucketlen != NULL) {
7989 KFREES(softn->ipf_nat_stats.ns_side[1].ns_bucketlen,
7990 softn->ipf_nat_table_sz * sizeof(u_int));
7992 softn->ipf_nat_stats.ns_side[1].ns_bucketlen = bucketlens[1];
7994 softn->ipf_nat_maxbucket = maxbucket;
7995 softn->ipf_nat_table_sz = newsize;
8001 softn->ipf_nat_stats.ns_side[0].ns_inuse = 0;
8002 softn->ipf_nat_stats.ns_side[1].ns_inuse = 0;
8004 for (nat = softn->ipf_nat_instances; nat != NULL; nat = nat->nat_next) {
8007 hv = nat->nat_hv[0] % softn->ipf_nat_table_sz;
8009 natp = &softn->ipf_nat_table[0][hv];
8022 hv = nat->nat_hv[1] % softn->ipf_nat_table_sz;
8024 natp = &softn->ipf_nat_table[1][hv];
8072 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
8091 if (t->ipft_pint == &softn->ipf_nat_rdrrules_sz) {
8092 old = &softn->ipf_nat_rdr_rules;
8095 old = &softn->ipf_nat_map_rules;
8115 for (np = softn->ipf_nat_list; np != NULL; np = np->in_next) {
8157 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
8178 if (softn->ipf_hm_maptable != NULL) {
8179 KFREES(softn->ipf_hm_maptable,
8180 softn->ipf_nat_hostmap_sz * sizeof(hostmap_t *));
8182 softn->ipf_hm_maptable = newtab;
8183 softn->ipf_nat_hostmap_sz = newsize;
8185 for (hm = softn->ipf_hm_maplist; hm != NULL; hm = hm->hm_next) {
8186 hv = hm->hm_hv % softn->ipf_nat_hostmap_sz;
8187 hm->hm_hnext = softn->ipf_hm_maptable[hv];
8188 hm->hm_phnext = softn->ipf_hm_maptable + hv;
8189 if (softn->ipf_hm_maptable[hv] != NULL)
8190 softn->ipf_hm_maptable[hv]->hm_phnext = &hm->hm_hnext;
8191 softn->ipf_hm_maptable[hv] = hm;
8229 ipf_nat_softc_t *softn = softc->ipf_nat_soft;
8328 /* softn(I) - pointer to NAT context structure */
8333 ipf_nat_rule_init(ipf_main_softc_t *softc, ipf_nat_softc_t *softn, ipnat_t *n)
8360 error = ipf_nat_ruleaddrinit(softc, softn, n);
8366 error = ipf_nat6_ruleaddrinit(softc, softn, n);