Page MenuHomeFreeBSD
Differential D17765

Add ability to use dynamic external prefix in ipfw_nptv6 module
ClosedPublic
Actions

Authored by ae on Oct 30 2018, 7:50 PM.
Tags
None
Referenced Files
F112350408: D17765.diff
Sun, Mar 16, 12:57 PM
Unknown Object (File)
Fri, Mar 7, 10:56 AM
Unknown Object (File)
Fri, Mar 7, 10:13 AM
Unknown Object (File)
Feb 3 2025, 3:20 AM
Unknown Object (File)
Jan 24 2025, 12:18 AM
Unknown Object (File)
Jan 21 2025, 9:19 AM
Unknown Object (File)
Jan 3 2025, 11:31 PM
Unknown Object (File)
Dec 28 2024, 2:40 PM
View All 76 Files
Subscribers
0mp
driesm
imp

Details

Reviewers
0mp
Group Reviewers
network
manpages
Commits
rS340360: Add ability to use dynamic external prefix in ipfw_nptv6 module.
Summary

The idea is to have ability to specify interface name that will obtain IPv6 prefix dynamically instead of using ext_prefix argument.

  • to ipfw(8) added ability to use ext_if ifname argument
  • to keep ABI the struct _ipfw_nptv6_cfg was modified using anonymous union. The size of if_name is the same as in6_addr.
  • added ifaddr_event_ext handler and the code modified to be able use specified if_name to obtain external prefix.

The nptv6 instance will handle ifaddr events and take suitable address as external prefix. When address disappears, or interface has not suitable address, instance silently skips handling of matched packets. So, they probably will be routed untranslated.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

ae created this revision.Oct 30 2018, 7:50 PM
Herald added a reviewer: manpages. · View Herald TranscriptOct 30 2018, 7:50 PM
Herald added a subscriber: imp. · View Herald Transcript
Harbormaster completed remote builds in B20517: Diff 49804.Oct 30 2018, 7:50 PM
0mp accepted this revision.Oct 30 2018, 8:25 PM
0mp added a subscriber: 0mp.

The manpage change looks fine. Remember to bump the date :)

This revision is now accepted and ready to land.Oct 30 2018, 8:25 PM
driesm added a subscriber: driesm.Nov 10 2018, 10:19 AM

Hi, I tested this code and it works like a charm! Thanks! Now I can have a static addresses config for jails with a dynamic external prefix.
I needed this because my ISP uses DHCPv6 to delegate prefixes which can change, so a static NPTv6 rule in IPFW was a nono.

I guess this wont be MFC'able to STABLE12 as it uses the other patch in D17100? Or maybe this breaks ABI, anyway thanks for doing this!

Closed by commit rS340360: Add ability to use dynamic external prefix in ipfw_nptv6 module. (authored by ae). · Explain WhyNov 12 2018, 11:21 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sbin/
ipfw/
11 lines
1 line
30 lines
sys/
netinet6/
6 lines
netpfil/
ipfw/
nptv6/
7 lines
177 lines

Diff 50312

View Options

head/sbin/ipfw/ipfw.8

Loading...
View Options

head/sbin/ipfw/ipfw2.h

Loading...
View Options

head/sbin/ipfw/nptv6.c

Loading...
View Options

head/sys/netinet6/ip_fw_nptv6.h

Loading...
View Options

head/sys/netpfil/ipfw/nptv6/nptv6.h

Loading...
View Options

head/sys/netpfil/ipfw/nptv6/nptv6.c

Loading...