[networking-discuss] ipnat SIOCGNATL always returns ESRCH

Sat, 02 Apr 2011 16:56:54 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I'm trying to use SIOCGNATL to find the real destination IP address of a 
connection redirected using ipnat on oi_148.  The NAT rule looks like 
this:

rdr bge0 0.0.0.0/0 port 2001 -> 77.75.105.169 port 2000 tcp

I wrote a small program (appended) to accept a connection on port 2000 
and look up the address using SIOCGNAT, then I connected to port 2001 
from a remote host; however, the lookup always returns ESRCH:

remote = 46.4.78.138:58608
local  = 77.75.105.169:2000
ioctl: No such process

What's wrong?

Regards,
River.

#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>

#include <netinet/in.h>
#include <netinet/ip6.h>
#include <netinet/ipl.h>
#include <netinet/ip_fil.h>
#include <netinet/ip_nat.h>
#include <fcntl.h>

#include <sys/types.h>
#include <netinet/in.h>
#include <arpa/inet.h>

main() {
int                      listener, client, ipnat, one = 1;
struct addrinfo          hints, *res;
ipfobj_t                 io;
natlookup_t              nl;
struct sockaddr_in       loc, rem;
socklen_t                loclen = sizeof(loc), remlen = sizeof(rem);

        bzero(&hints, sizeof(hints));
        hints.ai_socktype = SOCK_STREAM;
        hints.ai_family = AF_INET;
        getaddrinfo("0.0.0.0", "2000", &hints, &res);
        listener = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
        setsockopt(listener, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
        bind(listener, res->ai_addr, res->ai_addrlen);
        listen(listener, 5);
        client = accept(listener, NULL, NULL);
        getpeername(client, (struct sockaddr *) &rem, &remlen);
        getsockname(client, (struct sockaddr *) &loc, &loclen);

        printf("remote = %s:%d\n", inet_ntoa(rem.sin_addr), 
ntohs(rem.sin_port));
        printf("local  = %s:%d\n", inet_ntoa(loc.sin_addr), 
ntohs(loc.sin_port));

        ipnat = open("/dev/ipnat", O_RDONLY);

        bzero(&nl, sizeof(nl));
        nl.nl_flags = IPN_TCP;
        nl.nl_outip = rem.sin_addr;
        nl.nl_outport = ntohs(rem.sin_port);
        nl.nl_inip = loc.sin_addr;
        nl.nl_inport = ntohs(loc.sin_port);
        nl.nl_v = 4;

        bzero(&io, sizeof(io));
        io.ipfo_rev = IPFILTER_VERSION;
        io.ipfo_size = sizeof(nl);
        io.ipfo_ptr = &nl;
        io.ipfo_type = IPFOBJ_NATLOOKUP;
        
        if (ioctl(ipnat, SIOCGNATL, &io) == -1) {
                perror("ioctl");
                return 1;
        }

        printf("real    = %s:%d\n", inet_ntoa(nl.nl_realip), nl.nl_realport);
        return 0;
}
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (SunOS)

iEYEARECAAYFAk2Xt30ACgkQIXd7fCuc5vI1rQCfbA8V/jzu+jRI+mT1NkOhayXI
ZiAAn0YvfOw33j6Ff5uNIhqTQ1dHdoA6
=bw6N
-----END PGP SIGNATURE-----
_______________________________________________
networking-discuss mailing list
networking-discuss@opensolaris.org

Reply via email to