-
Notifications
You must be signed in to change notification settings - Fork 78
ICMPPingRewriter
ICMPPingRewriter — Click element; rewrites ICMP echo requests and replies
ICMPPingRewriter(INPUTSPEC1, ..., INPUTSPECn, keywords DST_ANNO, TIMEOUT)
Rewrites ICMP echo requests and replies by changing their source and/or destination addresses and ICMP identifiers. This lets pings pass through a NAT gateway.
Expects ICMP echo requests and echo replies. Each ICMP echo request is rewritten according to the INPUTSPEC on its input port. The INPUTSPEC may change the packets' addresses. Usually the INPUTSPEC will also specify a source port range, which is used to change echo requests' identifiers. Replies to the rewritten request are also rewritten to look like they were responding to the original request. ICMPPingRewriter optionally changes destination IP address annotations; see the DST_ANNO keyword argument below.
ICMPPingRewriter actually keeps a table of mappings. Each mapping changes a given (source address, destination address, identifier) triple into another triple. Say that ICMPPingRewriter receives a request packet with triple (src, dst, ident), and chooses for it a new triple, (src2, dst2, ident2). The rewriter will then store two mappings in the table. The first mapping changes requests (src, dst, ident) into requests (src2, dst2, ident2). The second mapping changes replies (dst2, src2, ident2) into replies (dst, src, ident). Mappings are removed if they go unused for a default of 5 minutes.
Unexpected echo replies are dropped unless they arrive on an input with 'pass' INPUTSPEC.
Keyword arguments are:
Keyword arguments are:
- TIMEOUT time — Time out connections every time seconds. Default is 5 minutes.
- GUARANTEE time — Preserve each connection mapping for at least time seconds after each successfully processed packet. Defaults to 5 seconds. Incoming flows are dropped if the mapping table is full of guaranteed flows.
- REAP_INTERVAL time — Reap timed-out connections every time seconds. Default is 15 minutes.
- MAPPING_CAPACITY capacity — Set the maximum number of mappings this rewriter can hold to capacity. Capacity can either be an integer or the name of another rewriter-like element, in which case this element will share the other element's capacity.
- DST_ANNO — Boolean. If true, then set the destination IP address annotation on passing packets to the rewritten destination address. Default is true.
Generated by click-elem2man from ../elements/icmp/icmppingrewriter.hh:8 on 2018/10/03.