9aefd6717c
Support DEST_UNREACHABLE, TIME_EXCEEDED and PARAMETER_PROBLEM ICMP types in NAT. Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
48 lines
1.3 KiB
Plaintext
48 lines
1.3 KiB
Plaintext
#
|
|
# For a description of the syntax of this configuration file,
|
|
# see the file kconfig-language.txt in the NuttX tools repository.
|
|
#
|
|
|
|
config NET_NAT
|
|
bool "Network Address Translation (NAT)"
|
|
default n
|
|
depends on NET_IPFORWARD && IOB_BUFSIZE >= 68
|
|
---help---
|
|
Enable or disable Network Address Translation (NAT) function.
|
|
|
|
Note: When forwarding IPv4 packet and applying NAT, NAT may be
|
|
applied directly on a single I/O buffer containing L3 packet header,
|
|
and NAT may need a continuous buffer of at least 68 Bytes
|
|
(IPv4 20B + ICMP 8B + IPv4 20B + TCP 20B).
|
|
|
|
config NET_NAT_TCP_EXPIRE_SEC
|
|
int "TCP NAT entry expiration seconds"
|
|
default 86400
|
|
depends on NET_NAT
|
|
---help---
|
|
The expiration time for idle TCP entry in NAT.
|
|
|
|
Note: The default value 86400 is suggested by RFC2663, Section 2.6,
|
|
Page 5.
|
|
|
|
config NET_NAT_UDP_EXPIRE_SEC
|
|
int "UDP NAT entry expiration seconds"
|
|
default 240
|
|
depends on NET_NAT
|
|
---help---
|
|
The expiration time for idle UDP entry in NAT.
|
|
|
|
Note: RFC2663 (Section 2.6, Page 5) suggests that non-TCP sessions
|
|
that have not been used for a couple of minutes can be assumed to be
|
|
terminated.
|
|
|
|
config NET_NAT_ICMP_EXPIRE_SEC
|
|
int "ICMP NAT entry expiration seconds"
|
|
default 60
|
|
depends on NET_NAT
|
|
---help---
|
|
The expiration time for idle ICMP entry in NAT.
|
|
|
|
Note: The default value 60 is suggested by RFC5508, Section 3.2,
|
|
Page 8.
|