Skip to content

Latest commit

 

History

History
60 lines (45 loc) · 1.73 KB

README.md

File metadata and controls

60 lines (45 loc) · 1.73 KB

NATASHA

Introduction

Natasha is a fast, DPDK powered, stateless NAT44 packet processor. It supports DPDK v18.02 stable.

Features

  • NAT IPv4/TCP/UDP/UDPLite traffic.
  • Handle fragmented packets.
  • Handle inner IPv4 packet inside various ICMP messages.
  • Reply to ICMP Echo requests in both the public and private interface.
  • VLAN offload (Tx/Rx and filtering).
  • L3/L4 Rx checksum offload for stats purpose.
  • L3/L4 Tx checksum using hardware offload or software incremental update (RFC1624) depending on the case.
  • Various stats, Software and Hardware stats and per core.
  • Dumping release version with the commit id.
  • Test directory test with a bench of functional and performance tests.

TODO list

  • Replace AST lookup with LPM.
  • Rewrite configuration data structures.
  • Write a proper L2 stack with ARP handling.
  • Return ICMP response if TTL is exceeded.
  • Raise error if out on non-configured port.

Configuration

At startup, NATASHA reads a configuration file that defines rules. These rules are processed for each packet received.

A configuration file looks like:

if (ipv4.dst_addr in 10.0.0.0/8
    or vlan 64
    or ipv4.dst_addr in 192.168.0.0/16) {

    drop ;

} else {
    out port 0 mac de:ad:be:ef:ff:ff;
}

More concrete examples are given in the documentation.

Tests

Natasha has a functional and performance test, checkout func and perf for more informations.

License

Natasha is Free Software (learn more: http://www.gnu.org/philosophy/free-sw.html).

Natasha is released under the GPLv3 License. Please read the COPYING file for details.