1/*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright 2005, Gleb Smirnoff <glebius@FreeBSD.org>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#define NG_NAT_NODE_TYPE    "nat"
30#define NGM_NAT_COOKIE      1107718711
31
32#define	NG_NAT_HOOK_IN	"in"
33#define	NG_NAT_HOOK_OUT	"out"
34
35/* Arguments for NGM_NAT_SET_MODE message */
36struct ng_nat_mode {
37	uint32_t	flags;
38	uint32_t	mask;
39};
40
41/* Keep this in sync with the above structure definition */
42#define NG_NAT_MODE_INFO {				\
43	  { "flags",	&ng_parse_uint32_type	},	\
44	  { "mask",	&ng_parse_uint32_type	},	\
45	  { NULL }					\
46}
47
48#define NG_NAT_LOG			0x01
49#define NG_NAT_DENY_INCOMING		0x02
50#define NG_NAT_SAME_PORTS		0x04
51#define NG_NAT_UNREGISTERED_ONLY	0x10
52#define NG_NAT_RESET_ON_ADDR_CHANGE	0x20
53#define NG_NAT_PROXY_ONLY		0x40
54#define NG_NAT_REVERSE			0x80
55#define NG_NAT_UNREGISTERED_CGN		0x100
56
57#define NG_NAT_DESC_LENGTH	64
58#define NG_NAT_REDIRPROTO_ADDR	(IPPROTO_MAX + 3) 	/* LibAlias' LINK_ADDR, also unused in in.h */
59
60/* Arguments for NGM_NAT_REDIRECT_PORT message */
61struct ng_nat_redirect_port {
62	struct in_addr	local_addr;
63	struct in_addr	alias_addr;
64	struct in_addr	remote_addr;
65	uint16_t	local_port;
66	uint16_t	alias_port;
67	uint16_t	remote_port;
68	uint8_t		proto;
69	char		description[NG_NAT_DESC_LENGTH];
70};
71
72/* Keep this in sync with the above structure definition */
73#define NG_NAT_REDIRECT_PORT_TYPE_INFO(desctype) {		\
74	  { "local_addr",	&ng_parse_ipaddr_type	},	\
75	  { "alias_addr",	&ng_parse_ipaddr_type	},	\
76	  { "remote_addr",	&ng_parse_ipaddr_type	},	\
77	  { "local_port",	&ng_parse_uint16_type	},	\
78	  { "alias_port",	&ng_parse_uint16_type	},	\
79	  { "remote_port",	&ng_parse_uint16_type	},	\
80	  { "proto",		&ng_parse_uint8_type	},	\
81	  { "description",	(desctype)		},	\
82	  { NULL }						\
83}
84
85/* Arguments for NGM_NAT_REDIRECT_ADDR message */
86struct ng_nat_redirect_addr {
87	struct in_addr	local_addr;
88	struct in_addr	alias_addr;
89	char		description[NG_NAT_DESC_LENGTH];
90};
91
92/* Keep this in sync with the above structure definition */
93#define NG_NAT_REDIRECT_ADDR_TYPE_INFO(desctype) {		\
94	  { "local_addr",	&ng_parse_ipaddr_type	},	\
95	  { "alias_addr",	&ng_parse_ipaddr_type	},	\
96	  { "description",	(desctype)		},	\
97	  { NULL }						\
98}
99
100/* Arguments for NGM_NAT_REDIRECT_PROTO message */
101struct ng_nat_redirect_proto {
102	struct in_addr	local_addr;
103	struct in_addr	alias_addr;
104	struct in_addr	remote_addr;
105	uint8_t		proto;
106	char		description[NG_NAT_DESC_LENGTH];
107};
108
109/* Keep this in sync with the above structure definition */
110#define NG_NAT_REDIRECT_PROTO_TYPE_INFO(desctype) {		\
111	  { "local_addr",	&ng_parse_ipaddr_type	},	\
112	  { "alias_addr",	&ng_parse_ipaddr_type	},	\
113	  { "remote_addr",	&ng_parse_ipaddr_type	},	\
114	  { "proto",		&ng_parse_uint8_type	},	\
115	  { "description",	(desctype)		},	\
116	  { NULL }						\
117}
118
119/* Arguments for NGM_NAT_ADD_SERVER message */
120struct ng_nat_add_server {
121	uint32_t	id;
122	struct in_addr	addr;
123	uint16_t	port;
124};
125
126/* Keep this in sync with the above structure definition */
127#define NG_NAT_ADD_SERVER_TYPE_INFO {				\
128	  { "id",		&ng_parse_uint32_type	},	\
129	  { "addr",		&ng_parse_ipaddr_type	},	\
130	  { "port",		&ng_parse_uint16_type	},	\
131	  { NULL }						\
132}
133
134/* List entry of array returned in NGM_NAT_LIST_REDIRECTS message */
135struct ng_nat_listrdrs_entry {
136	uint32_t	id;		/* Anything except zero */
137	struct in_addr	local_addr;
138	struct in_addr	alias_addr;
139	struct in_addr	remote_addr;
140	uint16_t	local_port;
141	uint16_t	alias_port;
142	uint16_t	remote_port;
143	uint16_t	proto;		/* Valid proto or NG_NAT_REDIRPROTO_ADDR */
144	uint16_t	lsnat;		/* LSNAT servers count */
145	char		description[NG_NAT_DESC_LENGTH];
146};
147
148/* Keep this in sync with the above structure definition */
149#define NG_NAT_LISTRDRS_ENTRY_TYPE_INFO(desctype) {			\
150	  { "id",		&ng_parse_uint32_type	},	\
151	  { "local_addr",	&ng_parse_ipaddr_type	},	\
152	  { "alias_addr",	&ng_parse_ipaddr_type	},	\
153	  { "remote_addr",	&ng_parse_ipaddr_type	},	\
154	  { "local_port",	&ng_parse_uint16_type	},	\
155	  { "alias_port",	&ng_parse_uint16_type	},	\
156	  { "remote_port",	&ng_parse_uint16_type	},	\
157	  { "proto",		&ng_parse_uint16_type	},	\
158	  { "lsnat",		&ng_parse_uint16_type	},	\
159	  { "description",	(desctype)		},	\
160	  { NULL }						\
161}
162
163/* Structure returned by NGM_NAT_LIST_REDIRECTS */
164struct ng_nat_list_redirects {
165	uint32_t		total_count;
166	struct ng_nat_listrdrs_entry redirects[];
167};
168
169/* Keep this in sync with the above structure definition */
170#define NG_NAT_LIST_REDIRECTS_TYPE_INFO(redirtype) {		\
171	  { "total_count",	&ng_parse_uint32_type	},	\
172	  { "redirects",	(redirtype)		},	\
173	  { NULL }						\
174}
175
176/* Structure returned by NGM_NAT_LIBALIAS_INFO */
177struct ng_nat_libalias_info {
178	uint32_t	icmpLinkCount;
179	uint32_t	udpLinkCount;
180	uint32_t	tcpLinkCount;
181	uint32_t	sctpLinkCount;
182	uint32_t	pptpLinkCount;
183	uint32_t	protoLinkCount;
184	uint32_t	fragmentIdLinkCount;
185	uint32_t	fragmentPtrLinkCount;
186	uint32_t	sockCount;
187};
188
189/* Keep this in sync with the above structure definition */
190#define NG_NAT_LIBALIAS_INFO {					\
191	  { "icmpLinkCount",	&ng_parse_uint32_type	},	\
192	  { "udpLinkCount",	&ng_parse_uint32_type	},	\
193	  { "tcpLinkCount",	&ng_parse_uint32_type	},	\
194	  { "sctpLinkCount",	&ng_parse_uint32_type	},	\
195	  { "pptpLinkCount",	&ng_parse_uint32_type	},	\
196	  { "protoLinkCount",	&ng_parse_uint32_type	},	\
197	  { "fragmentIdLinkCount", &ng_parse_uint32_type },	\
198	  { "fragmentPtrLinkCount", &ng_parse_uint32_type },	\
199	  { "sockCount",	&ng_parse_uint32_type	},	\
200	  { NULL }						\
201}
202
203enum {
204	NGM_NAT_SET_IPADDR = 1,
205	NGM_NAT_SET_MODE,
206	NGM_NAT_SET_TARGET,
207	NGM_NAT_REDIRECT_PORT,
208	NGM_NAT_REDIRECT_ADDR,
209	NGM_NAT_REDIRECT_PROTO,
210	NGM_NAT_REDIRECT_DYNAMIC,
211	NGM_NAT_REDIRECT_DELETE,
212	NGM_NAT_ADD_SERVER,
213	NGM_NAT_LIST_REDIRECTS,
214	NGM_NAT_PROXY_RULE,
215	NGM_NAT_LIBALIAS_INFO,
216	NGM_NAT_SET_DLT,
217	NGM_NAT_GET_DLT,
218};
219