Struct NatManager

Source

pub struct NatManager { /* private fields */ }

Expand description

NAT rule manager using nftables via rustables netlink API.

Rebuilds the entire nftables table atomically on every change to avoid relying on kernel rule handle tracking (which rustables doesn’t expose). The table is small (one masquerade + two rules per mapping) so this is cheap.

Implementations§

Source §

impl NatManager

Source

pub fn new(lan_interface: String) -> Result<Self, NatError>

Create the nftables table and NAT chains.

Installs a masquerade rule for traffic exiting via fips0 so that LAN client source addresses are rewritten to the gateway’s mesh address, allowing return traffic to route back through the mesh.

lan_interface is the gateway’s LAN-facing interface name, needed by the port-forward LAN-side masquerade rule.

Source

pub fn set_port_forwards( &mut self, forwards: &[PortForward], ) -> Result<(), NatError>

Replace the current inbound port-forward rule set and rebuild the nftables table atomically. Pass an empty slice to clear.

Source

pub fn add_mapping( &mut self, virtual_ip: Ipv6Addr, mesh_addr: Ipv6Addr, ) -> Result<(), NatError>

Add DNAT and SNAT rules for a virtual IP ↔ mesh address mapping.

Source

pub fn remove_mapping(&mut self, virtual_ip: Ipv6Addr) -> Result<(), NatError>

Remove DNAT and SNAT rules for a virtual IP mapping.

Source

pub fn cleanup(self) -> Result<(), NatError>

Flush all rules and delete the nftables table.

Source

pub fn mapping_count(&self) -> usize

Number of active NAT mappings.

Auto Trait Implementations§

§

impl UnwindSafe for NatManager

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T> Instrument for T

Source §

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Source §

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §