FORGOT YOUR DETAILS?

CREATE ACCOUNT

Unison Help

  1. Unison Kernel
    1. Pthreads
      1. pthread_create()
      2. pthread_exit()
      3. pthread_self()
      4. pthread_equal()
      5. pthread_join()
      6. pthread_detach()
      7. pthread_setschedparam()
      8. pthread_getschedparam()
      9. pthread_attr_init()
      10. pthread_attr_destroy()
      11. pthread_attr_setstackaddr()
      12. pthread_attr_getstackaddr()
      13. pthread_attr_setstacksize()
      14. pthread_attr_getstacksize()
      15. pthread_attr_setschedparam()
      16. pthread_attr_getschedparam()
      17. pthread_attr_setdetachstate()
      18. pthread_attr_getdetachstate()
      19. pthread_stackinfo()
      20. pthread_setprio()
      21. pthread_getprio()
      22. sched_get_priority_max()
      23. sched_get_priority_min()
      24. sched_yield()
    2. Pthread Cancellation
      1. pthread_cleanup_pop()
      2. pthread_cleanup_push()
      3. pthread_cancel()
      4. pthread_setcanceltype()
      5. pthread_setcancelstate()
      6. pthread_testcancel()
    3. Mutex
      1. pthread_mutex_init()
      2. pthread_mutex_destroy()
      3. pthread_mutex_lock()
      4. pthread_mutex_trylock()
      5. pthread_mutex_unlock()
    4. Semaphores
      1. sem_open()
      2. sem_close()
      3. sem_unlink()
      4. sem_init()
      5. sem_destroy()
      6. sem_wait()
      7. sem_trywait()
      8. sem_timedwait()
      9. sem_post()
      10. sem_getvalue()
    5. Message Queues
      1. mq_open()
      2. mq_close()
      3. mq_unlink()
      4. mq_send()
      5. mq_receive()
      6. mq_notify()
      7. mq_setattr()
      8. mq_getattr()
      9. mq_timedreceive()
      10. mq_timedsend()
    6. Conditional Variables
      1. pthread_cond_init()
      2. pthread_cond_destroy()
      3. pthread_cond_wait()
      4. pthread_cond_timedwait()
      5. pthread_cond_signal()
      6. pthread_cond_broadcast()
      7. pthread_condattr_init()
      8. pthread_condattr_destroy()
    7. Barriers
      1. pthread_barrier_init()
      2. pthread_barrier_destroy()
      3. pthread_barrier_wait()
    8. Timers
      1. timer_create()
      2. timer_delete()
      3. timer_settime()
      4. timer_gettime()
      5. timer_getoverrun()
      6. timer_tick()
      7. nanosleep()
    9. Clocks
      1. time()
      2. uptime()
      3. sleep()
      4. clock_settime()
      5. clock_gettime()
      6. clock_getres()
      7. clock_init()
    10. Memory Allocation
      1. POSIX.1
        1. malloc()
        2. free()
      2. Variable Length (Pools)
        1. pool_create()
        2. pool_destroy()
        3. pool_alloc()
        4. pool_free()
      3. Fixed Length (Partitions)
        1. pt_create()
        2. pt_destroy()
        3. pt_getblock()
        4. pt_freeblock()
    11. Rendezvous
      1. mr_init()
      2. mr_send()
      3. mr_receive()
      4. mr_reply()
      5. mr_sigrecv()
      6. mr_sigpost()
    12. Interrupts
      1. interrupts
      2. i_disable()
      3. i_restore()
    13. Directory Services
      1. dir_register()
      2. dir_deregister()
      3. dir_lookup()
      4. dir_lookup_string()
    14. Miscellaneous
      1. checkIstack()
      2. NanoStart() or DSPexec_Start()
      3. _isrStackFill
      4. Kernel Scaling
      5. kfatal()
      6. kalloc()
      7. kfree()
      8. mpu or mmu
      9. pthreadStackFill
      10. thread_numb()
      11. thread_utilization_start()
      12. thread_utilization_stop()
      13. xprintf()
      14. xputs()
      15. xputchar()
  2. Unison I/O Library
    1. accept()
    2. bind()
    3. chmod()
    4. close()
    5. connect()
    6. creat()
    7. fstat()
    8. getpeername()
    9. getsockname()
    10. getsockopt()
    11. ioctl()
    12. link()
    13. listen()
    14. lseek()
    15. mkdir()
    16. mkfs()
    17. mount()
    18. open()
    19. read()
    20. recv()
    21. recvfrom()
    22. rename()
    23. renameat()
    24. rmdir()
    25. select()
    26. send()
    27. sendto()
    28. setsockopt()
    29. shutdown()
    30. socket()
    31. stat()
    32. sync()
    33. umount()
    34. unlink()
    35. write()
  3. Unison STDIO Library
    1. STDIO Library Calls
      1. clearerr()
      2. dprintf()
      3. fclose()
      4. fdopen()
      5. feof()
      6. ferror()
      7. fileno()
      8. fflush()
      9. fgetc()
      10. fgetpos()
      11. fgets()
      12. fopen()
      13. fprintf()
      14. fputc()
      15. fputs()
      16. fread()
      17. freopen()
      18. fscanf()
      19. fseek()
      20. fseeko()
      21. fsetpos()
      22. ftell()
      23. ftello()
      24. fwrite()
      25. getc()
      26. getc_unlocked()
      27. getchar()
      28. getchar_unlocked()
      29. getdelim()
      30. getline()
      31. gets()
      32. get_stderr_ptr()
      33. get_stdin_ptr()
      34. get_stdout_ptr()
      35. noperprintf()
      36. perprintf()
      37. perror()
      38. posix_compat()
      39. printf()
      40. putc()
      41. putc_unlocked()
      42. putchar()
      43. putchar_unlocked()
      44. puts()
      45. remove()
      46. rewind()
      47. scanf()
      48. setbuf()
      49. setvbuf()
      50. snprintf()
      51. sprintf()
      52. sscanf()
      53. stderr_init()
      54. stderr_close()
      55. stdin_init()
      56. stdin_close()
      57. stdout_init()
      58. stdout_close()
      59. vdprintf()
      60. vscanf()
      61. vsscanf()
      62. vfscanf()
      63. vprintf()
      64. vsnprintf()
      65. vsprintf()
      66. vfprintf()
      67. ungetc()
    2. Do-nothing Stubs
      1. ctermid()
      2. flockfile()
      3. fmemopen()
      4. ftrylockfile()
      5. open_memstream()
      6. pclose()
      7. popen()
      8. tempnam()
      9. tmpfile()
      10. tmpnam()
  4. Unison LIBC Library
    1. LIBC Library Calls
      1. assert()
      2. realloc()
      3. strcasecmp()
      4. strdup()
      5. strncasecmp()
      6. strftime()
    2. Do-nothing Stubs
      1. abort()
      2. execve()
      3. exit()
      4. _Exit()
      5. fork()
      6. getpid()
      7. isatty()
      8. kill()
      9. sbrk()
      10. times()
      11. wait()
    3. Do-nothing Wide-character Stubs
      1. <wchar.h>
      2. <wctype.h>
  5. Unison I/O Servers
    1. File Servers
      1. Multimedia File Server - fsys
      2. FAT File System - fatfs
      3. NAND File Server - nandfsys
      4. NOR File Server - norfsys
      5. Network File Server - nfs
  6. Graphics, Camera, Video, Audio
    1. Vendor Graphics
    2. Prism++ Graphics
    3. ADPCM Services - adpcmd
    4. Camera
  7. Network Protocols
    1. TCP and UDP Server - tcpd
      1. IPv4 only server
      2. IPv4/IPv6 server
    2. DHCP Client Service - dhcp client
    3. DHCP Server - dhcpd
    4. Telnet Server - telnetd
    5. Tiny FTP Server - tftpd
    6. Point to Point - pppd
    7. Network Translation - NAT with PAT
    8. Firewall
      1. Packet filter: pf
      2. Packet filter control: pfctl
      3. Fitler rules: pf.filtering
      4. Translation rules: pf.nat
    9. Tiny HTTP Server - thttpd
    10. Tiny HTTP Server with TLS
    11. POP3 Server
    12. Simple Mail Transfer Protocol Services (SMTP)
    13. Bootp Protocol
    14. File Transfer Protocol Server (FTP)
    15. File Transfer Client Services
    16. RPC / XDR
    17. DNS Client
    18. HTTP/HTTPS Client
    19. REST Client
    20. AutoIP Service - autoip client
    21. mDNS server - mdnsd
    22. SNTP Client
    23. SNMP Agent - Snmpd server
    24. SSL/TLS library
    25. SSH server
    26. IP security
      1. IPsec description
      2. IPsec administration: ipsecadm
      3. Virtual Private Network: VPN
    27. Power Control
      1. Motor and Motion Control Servers
      2. PWM, Encoders
    28. Serial I/O
      1. Asynchronous Serial I/O Server - ttyserver
      2. CAN Server - cand
      3. I2C Server - i2cd
      4. I2S Server - i2sd
    29. System Services
      1. Power Management Servers
      2. Login Service - login_services
      3. XML
      4. POSIX Shell and Login Service - posh
    30. Universal Serial Bus (USB)
      1. USB Server
      2. USB Device Server
      3. USB Embedded Host Server
    31. Wireless
      1. Wireless Servers and Drivers
      2. 802.15.4 Radio Servers
      3. TCP/v6 with 6loWPAN
      4. ZigBee
      5. BlueTooth Server
      6. 802.11 Wi-Fi
      7. GPRS, UHF and GPS Radio Servers
    32. Remedy Tools for Unison
      1. Remedy Data Logging and Event Display Tools
      2. Remedy Diagnostics
      3. Remedy Flash Downloader/Bootloader
      4. Remedy Power On Self Test - POST
      5. Remedy OS Object Viewer
      6. Remedy Remote Control Tools

7.7. Network Translation - NAT with PAT #

NAME

Network Address Translation – NAT

SYNOPSIS

#include <netinet/ip_compat.h>
#include <netinet/ip_fil.h>
#include <netinet/ip_nat.h>

DESCRIPTION

In addition to the packet filter pf that contains the NAT capabilities, Unison offers a simple NAT mechanism.

To add/delete rules to/from the NAT list, two “basic” ioctl’s are provided:

           nat_ioctl(SIOCADNAT, struct ipnat *);
           nat_ioctl(SIOCRMNAT, struct ipnat *);

To retrieve statistics is provided ioctl:

           nat_ioctl(SIOCGNATS, struct natstat *);

To lookup state is provided ioctl:

           nat_ioctl(SIOCGNATL, struct natlookup *);

Search the NAT table for the rdr entry that matches the fields in the natlookup structure. The caller must populate the structure with the address/port information of the accepted TCP connection (nl_inip, nl_inport) and the address/port information of the peer (nl_outip, nl_outport). The nl_flags field must have the IPN_TCP option set. All other fields must be set to 0. If the call succeeds, nl_realip and nl_realport are set to the real destination address and port, respectively. The nl_inport and nl_outport fields must be in host byte order.

To flush/clear NAT entries, two ioctl’s are provided:

           nat_ioctl(SIOCFLNAT, int *);    - clear the NAT table of all mapping entries.
           nat_ioctl(SIOCCNATL, int *);    - delete all entries in the active NAT mapping list.

The structure ipnat and associated macros are defined as:

           typedef struct  ipnat   {
                   struct  ipnat   *in_next;
                   void    *in_ifp;
                   void    *in_apr;
                   u_int   in_space;
                   u_int   in_use;
                   struct  in_addr in_nextip;
                   u_short in_pnext;
                   u_short in_flags;
                   u_short in_port[2];
                   struct  in_addr in_in[2];
                   struct  in_addr in_out[2];
                   int     in_redir;
                   char    in_ifname[IFNAMSIZ];
                   char    in_plabel[APR_LABELLEN];
                   char    in_p;
                   u_short in_dport;
           } ipnat_t;

           #define in_pmin         in_port[0]
           #define in_pmax         in_port[1]
           #define in_nip          in_nextip.s_addr
           #define in_inip         in_in[0].s_addr
           #define in_inmsk        in_in[1].s_addr
           #define in_outip        in_out[0].s_addr
           #define in_outmsk       in_out[1].s_addr

The structure natstat is defined as:

           typedef struct  natstat {
                   u_long  ns_mapped[2];
                   u_long  ns_rules;
                   u_long  ns_added;
                   u_long  ns_expire;
                   u_long  ns_inuse;
                   u_long  ns_logged;
                   u_long  ns_logfail;
                   nat_t   **ns_table[2];
                   ipnat_t *ns_list;
           } natstat_t;

The structure natlookup is defined as:

           typedef struct natlookup {
                   struct   in_addr nl_inip;
                   struct   in_addr nl_outip;
                   struct   in_addr nl_realip;
                   int      nl_flags;
                   u_short  nl_inport;
                   u_short  nl_outport;
                   u_short  nl_realport;
           } natlookup_t

To start/stop NAT mechanism two commands are provided:

           int ipl_enable(void);
           int ipl_disable(void);

Before using NAT ioctl commands must be called function ipl_enable(). This function initializes the internal structures necessary for its setup and operation.

RULES PARSER

To easy manipulate NAT rules better to represent them in the text format and use parser to fill ipnat structure’s fields. This parser is shown in the ppp demo in the installdir/demos directory.

Valid NAT rules are described by the following grammar:

           natrule     ::= maprule | rdrrule | bimaprule

           maprule     ::= "map" ifname source "->" destination [mapoption]
           rdrrule     ::= "rdr" ifname destination port "->" target
           bimaprule   ::= "bimap" ifname source "->" destination

           source      ::= destination
           destination ::= host "/" mask
           target      ::= host "port" port porttype

           portrange   ::= port ":" port
           portmap     ::= "portmap" porttype portrange
           proxy       ::= "proxy port" port [ "/" protocol ]
           mapoption   ::= proxy | portmap

           porttype    ::= "tcp" | "udp" | "tcpudp" | "tcp/udp"

           protocol    ::= number
           port        ::= number
           host        ::= "any" | IP-addr
           mask        ::= non-numeric | IP-addr | hex-value | bit-count
           ifname      ::= interface-name

Elements in a rule are usually separated by whitespace (blanks or tabs). In the case of the ‘/’ in host rule or the ‘:’ in the portrange rule, there must be no whitespace before or after it. In the case of the ‘/’ in the proxy rule there must be whitespace before but no whitespace after.

In the host and mask rules, the alternatives are evaluated in the order given.

For the mask rule, if the element begins with a non-digit the mask is taken to be all zeros. A ‘.’ in the element causes the element to be interpreted as a numeric IP address of the form 1.2.3.4. An ‘x’ in the element causes the element to be interpreted as a 32 bit hex value. If all else fails the element is interpreted as the number of sequential 1’s to place as the most significant bits in the 32 bit network mask. Whatever the interpretation method, a result network mask of all 1’s, indicating a hostname, is valid. A network mask of 31 1’s (255.255.255.254) is considered invalid as there is no space for allocating host IP#’s after consideration for broadcast and network addresses.

EXAMPLE

To change IP numbers used internally from network 10 into an ISP provided 8-bit subnet at 209.1.2.0 through the ppp0 interface, the following would be used:

           map ppp0 10.0.0.0/8 -> 209.1.2.0/24

The obvious problem here is we’re trying to squeeze over 16,000,000 IP addresses into a 254 address space. To increase the scope, remapping for TCP and/or UDP, port remapping can be used:

           map ppp0 10.0.0.0/8 -> 209.1.2.0/24 portmap tcp/udp 1025:65000

which falls only 527,566 `addresses’ short of the space available in net- work 10. If we were to combine these rules, they would need to be speci- fied as follows:

           map ppp0 10.0.0.0/8 -> 209.1.2.0/24 portmap tcp/udp 1025:65000
           map ppp0 10.0.0.0/8 -> 209.1.2.0/24

so that all TCP/ UDP packets were port mapped and other protocols, such as ICMP, have only their IP# changed.

NOTES

There is a demo PPP available for the Unison and DSPnano NAT which is found in installdir/demos.

SEE ALSO

pppd, tcpd, tcpd_dual, pf

Suggest Edit

CONTACT US

TO GET YOUR PROJECT STARTED

TOP