sbin/pfctl/pfctl_parser.c
authorKurosawa Takahiro <takahiro.kurosawa@gmail.com>2021-04-13 08:50:00 +0000
committerKristof Provost <kp@FreeBSD.org>2021-05-11 15:04:45 +0000
commite49799dcf14e7026f377d26a70fe0a3a3d15390a (patch)
tree8b0788dd824a3407cb6df0697a014445517f052d /sbin/pfctl/pfctl_parser.c
parent0d0eb707b43e2b222434a98265db1fe7c3e3f3a8 (diff)
pf: Implement the NAT source port selection of MAP-E Customer Edge
MAP-E (RFC 7597) requires special care for selecting source ports in NAT operation on the Customer Edge because a part of bits of the port numbers are used by the Border Relay to distinguish another side of the IPv4-over-IPv6 tunnel. PR: 254577 Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D29468 (cherry picked from commit 2aa21096c7349390f22aa5d06b373a575baed1b4)
1 files changed, 3 insertions, 0 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index 826ba25b08d5..ce460ab691ca 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -486,6 +486,9 @@ print_pool(struct pfctl_pool *pool, u_int16_t p1, u_int16_t p2,
printf(" sticky-address");
if (id == PF_NAT && p1 == 0 && p2 == 0)
printf(" static-port");
+ if (pool->mape.offset > 0)
+ printf(" map-e-portset %u/%u/%u",
+ pool->mape.offset, pool->mape.psidlen, pool->mape.psid);
