Now we only supports conntrack info from NAT entries, to let our apps in user space know the mapping status in NAT.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
I found `struct ipv*_nat_entry` is missing `_s` suffix, but the name is too long in some cases, so maybe `ipv*_nat_entry_t` could be better.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
Notes:
1. This version of NAT66 is a stateful one like NAT44, corresponding to Linux's MASQUERADE target of ip6tables. We can support stateless NAT66 & NPTv6 later by slightly modify the address & port selection logic (maybe just match the rules and skip the entry find).
2. We're using same flag `IFF_NAT` for both NAT44 & NAT66 to make control easier. Which means, if we enable NAT, both NAT44 & NAT66 will be enabled. If we don't want one of them, we can just disable that one in Kconfig.
3. Maybe we can accelerate the checksum adjustment by pre-calculate a difference of checksum, and apply it to each packet, instead of calling `net_chksum_adjust` each time. Just a thought, maybe do it later.
4. IP fragment segments on NAT66 connections are not supported yet.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
