Commit Graph

14 Commits

Author SHA1 Message Date
Zhe Weng f3b34c84c2 net/nat: Support IPv6 Masquerading (NAT66)
Notes:
1. This version of NAT66 is a stateful one like NAT44, corresponding to Linux's MASQUERADE target of ip6tables.  We can support stateless NAT66 & NPTv6 later by slightly modify the address & port selection logic (maybe just match the rules and skip the entry find).
2. We're using same flag `IFF_NAT` for both NAT44 & NAT66 to make control easier.  Which means, if we enable NAT, both NAT44 & NAT66 will be enabled.  If we don't want one of them, we can just disable that one in Kconfig.
3. Maybe we can accelerate the checksum adjustment by pre-calculate a difference of checksum, and apply it to each packet, instead of calling `net_chksum_adjust` each time.  Just a thought, maybe do it later.
4. IP fragment segments on NAT66 connections are not supported yet.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-11 22:23:29 +08:00
Zhe Weng f2ff5cee03 net/nat: Make some IPv4 NAT functions as common
To prepare for future IPv6 NAT functions.
- Rename common ipv4_nat_xxx to nat_xxx
- Move some common definitions into header

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-11 22:23:29 +08:00
Zhe Weng a1a09f271f net/nat: Support Symmetric NAT
The symmetric NAT limits one external port to be used with only one peer ip:port.

Note:
1. To avoid using too much #ifdef, we're always passing peer_ip and peer_port as arguments, but won't use them under full cone NAT, let the compiler optimize them.
2. We need to find port binding without peer ip:port, so don't add peer ip:port into hash key.
3. Symmetric NAT needs to *select another external port if a port is used by any other NAT entry*, this behavior is exactly same as Full Cone NAT, so we don't need to change anything related to `ipv4_nat_port_inuse`.

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-07 23:57:55 +08:00
Zhe Weng 9ab0d8cce6 Documentation: Add docs for lower-half of netdriver
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-04-07 10:17:13 -03:00
Zhe Weng 1eaeef5251 Documentation: Add documentation for packet sockets
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-02-23 08:32:49 +01:00
Zhe Weng da536bed9c Documentation: Move nat.rst and netdev.rst to net/
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-02-23 08:32:49 +01:00
Nathan Hartman 26e4dd5638 Documentation: Fix various typos 2023-11-23 16:38:19 -08:00
raiden00pl 1c6e5cc0c4 Documentation: migrate "Work Queue Deadlocks" from wiki
link: https://cwiki.apache.org/confluence/display/NUTTX/Work+Queue+Deadlocks
2023-11-06 18:42:17 -03:00
raiden00pl 2d8c4e6645 Documentation: migrate "SLIP Configuration" from wiki
link: https://cwiki.apache.org/confluence/display/NUTTX/SLIP+Configuration
2023-11-06 18:42:17 -03:00
raiden00pl 8a8111c2fc Documentation: migrate "CONFIG_NET_GUARDSIZE" from wiki
link: https://cwiki.apache.org/confluence/display/NUTTX/CONFIG_NET_GUARDSIZE
2023-11-06 18:42:17 -03:00
raiden00pl 870139e45f Documentation: move socketcan.rst to net/ 2023-10-27 13:21:40 -03:00
raiden00pl 9c4f042c57 Documentation: add missing directories in net 2023-10-27 13:21:40 -03:00
raiden00pl d98ae9d3e4 Documentation: cosmetics changes
- various style fixes
- limit the line length to about 80 characters to improve readability in terminal-based IDEs
2023-10-26 20:01:21 +08:00
raiden00pl ebcf8f0d16 Documentation: migrate /net 2023-10-26 00:08:54 +08:00