This is a NAT implementation for Plan 9 from Bell Labs.

* Introduction

This is a NAPT (Network Address Port Translation) implementation,
also known under the name "IP masquerade".

This is an early work, don't expect too much from it. Improvements
will come in the next future.

* Installation

First, apply the patches with the "apply" script:

/n/sources/contrib/djc/nat/apply

Then, add "nat" to you kernel configuration file, under
section dev/ip.

Finally, compile and install your kernel.

* Documentation

First, enable routing:

echo iprouting > /net/ipifc/clone

Then, enable NAT:

echo nat add <src> <mask> <dst> > /net/ipifc/<ifc>/ctl

Where:
 - <src> is the address of the source network or machine
   allowed to pass through the NAT
 - <mask> is the corresponding mask
 - <dst> is the address to be translated to, which must
   exist on the specified interface
 - <ifc> is your network physical interface number.

You can add or remove any NAT rule you want.

* Performance

The current implementation can handle up to 800 TCP connections
per second on a Soekris net5501-70, but the performance quickly
decrease as the table grows.

* Future

We plan to implement the following features in the next future:

 - improve performance
 - improve garbage collector
 - handling of TCP and IL connection states
 - IPv6 support
 - port forwarding (you can currently use trampoline(8) instead)
 - FTP proxy
 - statistics

* History

The work began in June 2010 and quickly evolved to the current state.
Erik Quanstrom offered his help in March 2011 with code review
and suggestions. We thank him much.

* Contact

David du Colombier <0intro@gmail.com>
With the help of Jean-Baptiste Campesato <camjelemon@gmail.com>