Differential D46689
LibAlias: implement RFC 4787 REQ 1 and 3 (full cone NAT) Authored by damjan.jov_gmail.com on Tue, Sep 17, 6:44 PM. Tags Referenced Files
Details Make libalias's NAT use endpoint-independent mapping ("full cone NAT") for UDP, conforming to RFC 4787 requirements 1 and 3. All UDP packets sent out from a particular internal address:port leave via the same NAT address:port, regardless of their destination. Also add some libalias tests, and fix other tests that broke. Closes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219918 Tests are included in the patch.
Diff Detail
Event TimelineComment Actions So far this generally looks ok to me and the tests seem to work. I think this NAT behaviour should be optional in the same way we made it a configuration option for pf. I would like someone more familiar with libalias to weigh in, in case there is something I am missing.
Comment Actions I really don't remember much of libalias internals. Trusting your expertise, Tom! Thanks, Damjan! | |||||||||||||||||||||||||||||||||||||