NG_NAT(4) MidnightBSD Kernel Interfaces Manual NG_NAT(4)
ng_nat — NAT netgraph node type
An ng_nat node performs network address translation (NAT) of packets passing through it. A nat node uses libalias(3) engine for packet aliasing. At this moment it supports only the basic functionality of the library.
This node type has two hooks:
Packets received on this hook are considered outgoing and will be masqueraded to a configured address.
Packets coming on this hook are considered incoming and will be dealiased.
This node type supports the generic control messages, plus the following:
Configure aliasing address for a node. After both hooks have been connected and aliasing address was configured, a node is ready for aliasing operation.
This node shuts down upon receipt of a NGM_SHUTDOWN control message, or when both hooks are disconnected.
In the following example, the packets are injected into a nat node using the ng_ipfw(4) node.
# Create NAT node
ngctl mkpeer ipfw: nat 60 out
ngctl name ipfw:60 nat
ngctl connect ipfw: nat: 61 in
ngctl msg nat: setaliasaddr x.y.35.8
# Divert traffic into
ipfw add 300 netgraph 61 all from any to any in via fxp0
ipfw add 400 netgraph 60 all from any to any out via fxp0
# Let packets continue
with after being (de)aliased
The ng_nat node can be inserted right after the ng_iface(4) node in the graph. In the following example, we perform masquerading on a serial line with HDLC encapsulation.
/usr/sbin/ngctl -f- <<-SEQ
mkpeer cp0: cisco rawdata downstream
name cp0:rawdata hdlc
mkpeer hdlc: nat inet in
name hdlc:inet nat
mkpeer nat: iface out inet
msg nat: setaliasaddr x.y.8.35
ifconfig ng0 x.y.8.35 x.y.8.1
libalias(3), ng_ipfw(4), natd(8), ngctl(8)
The ng_nat node type was implemented in FreeBSD 6.0.
Gleb Smirnoff 〈glebius@FreeBSD.org〉
MidnightBSD 0.3 May 6, 2005 MidnightBSD 0.3