If the CAN stack receiving packets fast, but the application layer reading packets slow. Then `conn->readahead` will continue to grow, leading to memory leaks. Finally CAN stack potentially starve out all IOB buffers. To prevent memory leaks, users can restrict can socket buffer length.
Signed-off-by: gaohedong <gaohedong@xiaomi.com>
In "psock_send_eventhandler",when retransmit count bigger TCP_MAXRTX nuttx will set release wrb. But before this it will also set "conn->tx_unacked = 0" if we only retransmit one packet(conn->tx_unacked == sent),and In func "tcp_timer" only "conn->tx_unacked > 0" will close the tcp conn. So app will never close if nuttx retransmit over max timers.
Signed-off-by: meijian <meijian@xiaomi.com>
Otherwise, the IP address is always considered to conflict, and the ipv6
address cannot be effectively obtained.
Later we will look at how to perform conflict detection on L3 network cards
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
Now we only supports conntrack info from NAT entries, to let our apps in user space know the mapping status in NAT.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
I found `struct ipv*_nat_entry` is missing `_s` suffix, but the name is too long in some cases, so maybe `ipv*_nat_entry_t` could be better.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
Notes:
1. This version of NAT66 is a stateful one like NAT44, corresponding to Linux's MASQUERADE target of ip6tables. We can support stateless NAT66 & NPTv6 later by slightly modify the address & port selection logic (maybe just match the rules and skip the entry find).
2. We're using same flag `IFF_NAT` for both NAT44 & NAT66 to make control easier. Which means, if we enable NAT, both NAT44 & NAT66 will be enabled. If we don't want one of them, we can just disable that one in Kconfig.
3. Maybe we can accelerate the checksum adjustment by pre-calculate a difference of checksum, and apply it to each packet, instead of calling `net_chksum_adjust` each time. Just a thought, maybe do it later.
4. IP fragment segments on NAT66 connections are not supported yet.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
To prepare for future IPv6 NAT functions.
- Rename common ipv4_nat_xxx to nat_xxx
- Move some common definitions into header
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
Because CAN is a broadcast protocol, each conn needs to be given independent data to avoid mutual interference.
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
The symmetric NAT limits one external port to be used with only one peer ip:port.
Note:
1. To avoid using too much #ifdef, we're always passing peer_ip and peer_port as arguments, but won't use them under full cone NAT, let the compiler optimize them.
2. We need to find port binding without peer ip:port, so don't add peer ip:port into hash key.
3. Symmetric NAT needs to *select another external port if a port is used by any other NAT entry*, this behavior is exactly same as Full Cone NAT, so we don't need to change anything related to `ipv4_nat_port_inuse`.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
