aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet/libalias/libalias.3
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet/libalias/libalias.3')
-rw-r--r--sys/netinet/libalias/libalias.330
1 files changed, 25 insertions, 5 deletions
diff --git a/sys/netinet/libalias/libalias.3 b/sys/netinet/libalias/libalias.3
index b4d123682f0b..1b8ecc14059d 100644
--- a/sys/netinet/libalias/libalias.3
+++ b/sys/netinet/libalias/libalias.3
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd May 31, 2021
+.Dd November 29, 2024
.Dt LIBALIAS 3
.Os
.Sh NAME
@@ -200,11 +200,11 @@ is closed.
.It Dv PKT_ALIAS_UNREGISTERED_ONLY
If this mode bit is set, traffic on the local network which does not
originate from unregistered address spaces will be ignored.
-Standard Class A, B and C unregistered addresses are:
+The standard private IP address ranges are:
.Pp
-10.0.0.0 -> 10.255.255.255 (Class A subnet)
-172.16.0.0 -> 172.31.255.255 (Class B subnets)
-192.168.0.0 -> 192.168.255.255 (Class C subnets)
+10.0.0.0 -> 10.255.255.255 (/8)
+172.16.0.0 -> 172.31.255.255 (/16)
+192.168.0.0 -> 192.168.255.255 (/24)
.Pp
This option is useful in the case that the packet aliasing host has both
registered and unregistered subnets on different interfaces.
@@ -270,6 +270,26 @@ See section
in
.Xr ipfw 8
for more details.
+.It Dv PKT_ALIAS_UDP_EIM
+When this bit is set, UDP uses endpoint-independent mapping (EIM), as per
+RFC 4787 ("full cone" NAT of RFC 3489).
+All packets from the same internal address:port are mapped to the same NAT
+address:port, regardless of their destination address:port.
+If filtering rules allow, and if
+.Em PKT_ALIAS_DENY_INCOMING
+is unset, any other external address:port can
+also send to the internal address:port through its mapped NAT address:port.
+This is more compatible with applications, and can reduce the need for port
+forwarding, but less scalable as each NAT address:port can only be
+concurrently used by at most one internal address:port.
+.Pp
+When this bit is unset, UDP packets use endpoint-dependent mapping (EDM)
+("symmetric" NAT).
+Each connection from a particular internal address:port to different
+external addresses:ports is mapped to a random and unpredictable NAT
+address:port.
+Two appplications behind EDM NATs can only connect to each other
+by port forwarding on the NAT, or tunnelling through an in-between server.
.El
.Ed
.Pp
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 04:39:41 +0000