⚠️ VeridianOS Kernel Documentation - This is low-level kernel code. All functions are unsafe unless explicitly marked otherwise. no_std

NatEngine

veridian_kernel::net::firewall::nat

Struct NatEngine 

Source 
pub struct NatEngine {
    pub port_pool: PortPool,
    pub mappings: BTreeMap<ConntrackKey, NatMapping>,
    pub masquerade_addr: Ipv4Address,
    pub total_translations: u64,
}
Expand description

The NAT engine managing translations and port allocation

Fields§

§port_pool: PortPool

Ephemeral port pool

§mappings: BTreeMap<ConntrackKey, NatMapping>

Active NAT mappings indexed by original connection key

§masquerade_addr: Ipv4Address

Masquerade address (outgoing interface IP)

§total_translations: u64

Total translations performed

Implementations§

Source§

impl NatEngine

Source

pub fn new() -> Self

Create a new NAT engine

Source

pub fn set_masquerade_addr(&mut self, addr: Ipv4Address)

Set the masquerade (outgoing interface) address

Source

pub fn translate_outbound_snat( &mut self, key: &ConntrackKey, new_src_ip: Ipv4Address, ) -> Option<NatMapping>

Translate an outbound packet with SNAT

Rewrites the source address and allocates a new source port. Returns the NAT mapping on success.

Source

pub fn translate_outbound_masquerade( &mut self, key: &ConntrackKey, ) -> Option<NatMapping>

Translate an outbound packet with masquerading

Uses the configured masquerade address as the source.

Source

pub fn translate_inbound_dnat( &mut self, key: &ConntrackKey, new_dst_ip: Ipv4Address, new_dst_port: Port, ) -> Option<NatMapping>

Translate an inbound packet with DNAT

Rewrites the destination address and port.

Source

pub fn lookup_reverse(&self, reply_key: &ConntrackKey) -> Option<&NatMapping>

Look up a reverse NAT mapping for inbound reply traffic

Given a reply packet’s key, find the corresponding SNAT/masquerade mapping to reverse the translation.

Source

pub fn remove_mapping(&mut self, key: &ConntrackKey) -> Option<NatMapping>

Remove a NAT mapping and release its allocated port

Source

pub fn mapping_count(&self) -> usize

Number of active mappings

Trait Implementations§

Source§

impl Default for NatEngine

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl Freeze for NatEngine

§

impl RefUnwindSafe for NatEngine

§

impl Send for NatEngine

§

impl Sync for NatEngine

§

impl Unpin for NatEngine

§

impl UnwindSafe for NatEngine

Blanket Implementations§

§

impl<T> Any for T
where T: 'static + ?Sized,

§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> Borrow<T> for T
where T: ?Sized,

§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
§

impl<T> BorrowMut<T> for T
where T: ?Sized,

§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> From<T> for T

§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, U> Into<U> for T
where U: From<T>,

§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.