Add to NAT64LSN ability to swap runtime configuration between instances
Needs ReviewPublic
Actions

Authored by ae on Jun 6 2019, 11:08 AM.

Details

Reviewers

melifaro
cy

Group Reviewers

manpages

Summary

When the changing of firewall rules is doing with use of different ipfw(8) sets, each rules reloading leads to lost of all NAT64LSN states.
This patch adds ability to keep runtime configuration of NAT64 instance. To use this ability, an instance should be configured with swap_conf option. Then new instance should be created in new set with the same configuration, also new rules that use this instance should be in the same set too. So, when ipfw set swap is used, the set of all rules will be changed and also instance will use old runtime config, that keeps all states.

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 24719
Build 23482: arc lint + arc unit

Event Timeline

ae created this revision.Jun 6 2019, 11:08 AM

Herald added a reviewer: cy. · View Herald TranscriptJun 6 2019, 11:08 AM

Herald added a reviewer: manpages. · View Herald Transcript

Herald added subscribers: bz, imp. · View Herald Transcript

Harbormaster completed remote builds in B24719: Diff 58303.Jun 6 2019, 11:08 AM

melifaro added inline comments.Jun 7 2019, 12:10 PM

sbin/ipfw/ipfw.8
3459	It is actually state, not configuration that is being exchanged :-). What about naming an option as something like 'inheritable' or 'swappable'?
sys/netpfil/ipfw/nat64/nat64lsn.c
1517	Would it be possible to use more descriptive variable? inst / ilsn / whatever?
1528	Would it make sense to store i->cfg pointer in a separate variable to avoid multiple pointer lookups & simplify code?