From owner-man-jp-reviewer@jp.freebsd.org  Thu May 18 20:05:49 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id UAA34059;
	Thu, 18 May 2000 20:05:49 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from bulls.mei.co.jp (bulls.mei.co.jp [202.224.189.102])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id UAA34054
	for <man-jp-reviewer@jp.freebsd.org>; Thu, 18 May 2000 20:05:48 +0900 (JST)
	(envelope-from takamune@vrl.mei.co.jp)
Received: by bulls.mei.co.jp (8.9.3/3.7W) with ESMTP id UAA10034
	for <man-jp-reviewer@jp.freebsd.org>; Thu, 18 May 2000 20:05:17 +0900 (JST)
Received: by mariners.mei.co.jp (8.9.1/3.7W) with ESMTP id UAA17683
	for <man-jp-reviewer@jp.freebsd.org>; Thu, 18 May 2000 20:05:17 +0900 (JST)
Received: by dream.vrl.mei.co.jp (8.9.3/3.7W-11/29/99)
	id UAA22348; Thu, 18 May 2000 20:05:13 +0900 (JST)
To: man-jp-reviewer@jp.freebsd.org
From: Kazu TAKAMUNE (=?iso-2022-jp?B?GyRCOWI9IU9CNkcbKEI=?=)
 <takamune@avrl.mei.co.jp>
X-Mailer: Mew version 1.94.1 on Emacs 20.6 / Mule 4.0 (HANANOEN)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Message-Id: <20000518200513X.takamune@vrl.mei.co.jp>
Date: Thu, 18 May 2000 20:05:13 +0900
X-Dispatcher: imput version 20000228(IM140)
Lines: 147
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: man-jp-reviewer 2498
Subject: [man-jp-reviewer 2498] ipnat.4
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org
X-Originator: takamune@vrl.mei.co.jp

$B9b=!$G$9!#(Bipnat.4 $B$N=iLu$G$9!#(B

o ($B%A%'%C%/0J30$G(B) $BK]Lu$O$3$l$,=iBN83$J$N$G!"JQ$J$H$3$m$,$J$$$+C!$$$F2<$5$$!#(B

o TER Software Develop $B$5$s$,%A%'%C%/Cf$N(B
	[man-jp-reviewer 2331] Re: ipf.4
  $B$r;29M$K$7$F$$$^$9$,!"(B

  These ioctl's are implemented as being routing ioctls and thus the same rules
  for the various routing ioctls and the file descriptor are employed, mainly
  being that the fd must be that of the device associated with the module
  (i.e., /dev/ipl).

  $B$NItJ,$O>/$70c$&2r<a$K$J$C$F$$$^$9!#(B
--
$B9b=!(B $BOB6G(B($B$?$+$`$M(B $B$+$:$H$-(B)
mailto:takamune@avrl.mei.co.jp

--- ipnat.4.orig	Mon Feb 15 19:45:03 1999
+++ ipnat.4	Thu May 18 20:00:00 2000
@@ -1,7 +1,8 @@
 .TH IPNAT 4
-.SH NAME
-ipnat \- Network Address Translation kernel interface
-.SH SYNOPSIS
+.\" jpman %Id: ipnat.4,v 0.0 1999/02/22 16:13:39 horikawa Stab %
+.SH $BL>>N(B
+ipnat \- $B%M%C%H%o!<%/%"%I%l%9JQ49(B (NAT) $B$N%+!<%M%k%$%s%?%U%'!<%9(B
+.SH $B=q<0(B
 #include <netinet/ip_compat.h>
 .br
 #include <netinet/ip_fil.h>
@@ -9,27 +10,30 @@
 #include <netinet/ip_proxy.h>
 .br
 #include <netinet/ip_nat.h>
-.SH IOCTLS
+.SH IOCTL
 .PP
-To add and delete rules to the NAT list, two 'basic' ioctls are provided
-for use.  The ioctl's are called as:
+NAT $B%j%9%H$K%k!<%k$rDI2C$*$h$S:o=|$9$k$?$a$K!"(B
+2 $B$D$N(B `$B4pK\E*(B' $B$J(B ioctl $B$,Ds6!$5$l$F$$$^$9!#(B
+ioctl $B$O2<5-$N$h$&$K8F$P$l$^$9(B:
 .LP
 .nf
 	ioctl(fd, SIOCADNAT, struct ipnat *)
 	ioctl(fd, SIOCRMNAT, struct ipnat *)
 .fi
 .PP
-Unlike \fBipf(4)\fP, there is only a single list supported by the kernel NAT
-interface.  An inactive list which can be swapped to is not currently
-supported.
+\fBipf(4)\fP $B$H$O0[$J$j!"%+!<%M%k$N(B NAT $B%$%s%?%U%'!<%9$K$h$C$F(B
+$B%5%]!<%H$5$l$F$$$k%j%9%H$O(B 1 $B$D$@$1$G$9!#(B
+$BF0:nCf$N%j%9%H$H8r492DG=$JHsF0:nCf$N%j%9%H$N5!G=$O!"(B
+$B8=:_$O%5%]!<%H$5$l$F$$$^$;$s!#(B
 
-These ioctl's are implemented as being routing ioctls and thus the same rules
-for the various routing ioctls and the file descriptor are employed, mainly
-being that the fd must be that of the device associated with the module
-(i.e., /dev/ipl).
+$B>e5-$N(B ioctl $B$O!"%k!<%F%#%s%0(B ioctl $B$H$7$F?6Iq$&$h$&$K(B
+$B<BAu$5$l$F$$$k$N$G!"3F<o$N%k!<%F%#%s%0(B ioctl $B$KMQ$$$k$N$H(B
+$BF1$8%k!<%k$d%U%!%$%k5-=R;R$,;HMQ$5$l$^$9!#(B
+$B$?$$$F$$$N>l9g(B fd $B$O!"$=$N%b%8%e!<%k$K4XO"$9$k(B
+$B%G%P%$%9(B ($BNc$($P(B /dev/ipl) $B$N%U%!%$%k5-=R;R$G$J$1$l$P$J$j$^$;$s!#(B
 .LP
 .PP
-The structure used with the NAT interface is described below:
+NAT $B%$%s%?%U%'!<%9$GMQ$$$i$l$k9=B$BN$O0J2<$NDL$j$G$9(B:
 .LP
 .nf
 typedef struct  ipnat   {
@@ -42,11 +46,11 @@
         struct  in_addr in_out[2];
         struct  in_addr in_nextip;
         int     in_space;
-        int     in_redir; /* 0 if it's a mapping, 1 if it's a hard redir */
+        int     in_redir; /* 0 $B%^%C%W$5$l$F$$$k!"(B1 $B%j%@%$%l%/%H$O:$Fq(B */
         char    in_ifname[IFNAMSIZ];
 } ipnat_t;
 
-#define in_pmin         in_port[0]      /* Also holds static redir port */
+#define in_pmin         in_port[0]    /* $B@EE*$J%j%@%$%l%/%H%]!<%H$bJ];}(B */
 #define in_pmax         in_port[1]
 #define in_nip          in_nextip.s_addr
 #define in_inip         in_in[0].s_addr
@@ -56,7 +60,7 @@
 
 .fi
 .PP
-Recognised values for in_redir:
+in_redir $B$GG'<1$5$l$kCM(B:
 .LP
 .nf
 #define NAT_MAP         0
@@ -64,17 +68,24 @@
 .fi
 .PP
 .LP
-\fBNAT statistics\fP
-Statistics on the the number of packets mapped, going in and out are kept,
-the number of times a new entry is added and deleted (through expiration) to
-the NAT table and the current usage level of the NAT table.
-.PP
-Pointers to the NAT table inside the kernel, as well as to the top of the
-internal NAT lists constructed with the \fBSIOCADNAT\fP ioctls.  The table
-itself is a hash table of size NAT_SIZE (default size is 367).
+\fBNAT $BE}7W(B\fP
+.PP
+$B%^%C%W$5$l$?%Q%1%C%H$N?t$dAw<u?.$5$l$?%Q%1%C%H$N?t(B
+$B$K4X$9$kE}7W$,:N<h$5$l$^$9!#(B
+$B$^$?!"(BNAT $B%F!<%V%k$K?75,$N%(%s%H%j$,DI2C$5$l$?$j!"(B
+($B4|8B@Z$l$N$?$a$K(B) $B%(%s%H%j$,:o=|$5$l$?2s?t$d8=:_$N(B NAT $B%F!<%V%k$N(B
+$B;HMQNL$K4X$9$kE}7W$,:N<h$5$l$^$9!#(B
+.PP
+$B%+!<%M%kFbIt$K$"$k(B NAT $B%F!<%V%k$X$N%]%$%s%?$H!"(B
+\fBSIOCADNAT\fP ioctl $B$GAH$_N)$F$i$l$?FbIt$N(B NAT $B%j%9%H$N(B
+$B@hF,$X$N%]%$%s%?$,F@$i$l$^$9!#(B
+.PP
+$B$3$N%F!<%V%k<+?H$O!"(BNAT_SIZE ($B%G%U%)%k%H$G$O(B 367) $B$NBg$-$5$N(B
+$B%O%C%7%e%F!<%V%k$G$9!#(B
+.PP
+$BE}7W$r<hF@$9$k$K$O!"(B\fBSIOCGNATS\fP ioctl $B$rMQ$$$F!"(B
+$BE,@Z$J9=B$BN$r0J2<$N$h$&$K;2>H$GEO$9I,MW$,$"$j$^$9(B:
 .PP
-To retrieve the statistics, the \fBSIOCGNATS\fP ioctl must be used, with
-the appropriate structure passed by reference, as follows:
 .nf
 	ioctl(fd, SIOCGNATS, struct natstat *)
 
@@ -87,10 +98,9 @@
         ipnat_t *ns_list;
 } natstat_t;
 .fi
-.SH BUGS
-It would be nice if there were more flexibility when adding and deleting
-filter rules.
-.SH FILES
+.SH $B%P%0(B
+$B%U%#%k%?%k!<%k$NDI2C$d:o=|$,$b$C$H=@Fp$K$G$-$l$PNI$$$G$7$g$&!#(B
+.SH $B4XO"%U%!%$%k(B
 /dev/ipnat
-.SH SEE ALSO
+.SH $B4XO"9`L\(B
 ipf(4), ipnat(5), ipf(8), ipnat(8), ipfstat(8)
