[NETFILTER]: nf_conntrack/nf_nat: add amanda helper port

#ifndef _NF_CONNTRACK_AMANDA_H

#define _NF_CONNTRACK_AMANDA_H

/* AMANDA tracking. */

extern unsigned int (*nf_nat_amanda_hook)(struct sk_buff **pskb,

					  enum ip_conntrack_info ctinfo,

					  unsigned int matchoff,

					  unsigned int matchlen,

					  struct nf_conntrack_expect *exp);

#endif /* _NF_CONNTRACK_AMANDA_H */

	default IP_NF_NAT if IP_NF_AMANDA=y

	default m if IP_NF_AMANDA=m

config NF_NAT_AMANDA

	tristate

	depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT

	default NF_NAT && NF_CONNTRACK_AMANDA

config IP_NF_NAT_PPTP

	tristate

	depends on IP_NF_NAT!=n && IP_NF_PPTP!=n

obj-$(CONFIG_IP_NF_NAT_SIP) += ip_nat_sip.o

# NAT helpers (nf_conntrack)

obj-$(CONFIG_NF_NAT_AMANDA) += nf_nat_amanda.o

obj-$(CONFIG_NF_NAT_FTP) += nf_nat_ftp.o

# generic IP tables 

/* Amanda extension for TCP NAT alteration.

 * (C) 2002 by Brian J. Murrell <netfilter@interlinx.bc.ca>

 * based on a copy of HW's ip_nat_irc.c as well as other modules

 *

 * This program is free software; you can redistribute it and/or

 * modify it under the terms of the GNU General Public License

 * as published by the Free Software Foundation; either version

 * 2 of the License, or (at your option) any later version.

 */

#include <linux/kernel.h>

#include <linux/module.h>

#include <linux/skbuff.h>

#include <linux/udp.h>

#include <net/netfilter/nf_nat_helper.h>

#include <net/netfilter/nf_nat_rule.h>

#include <net/netfilter/nf_conntrack_helper.h>

#include <net/netfilter/nf_conntrack_expect.h>

#include <linux/netfilter/nf_conntrack_amanda.h>

MODULE_AUTHOR("Brian J. Murrell <netfilter@interlinx.bc.ca>");

MODULE_DESCRIPTION("Amanda NAT helper");

MODULE_LICENSE("GPL");

MODULE_ALIAS("ip_nat_amanda");

static unsigned int help(struct sk_buff **pskb,

			 enum ip_conntrack_info ctinfo,

			 unsigned int matchoff,

			 unsigned int matchlen,

			 struct nf_conntrack_expect *exp)

{

	char buffer[sizeof("65535")];

	u_int16_t port;

	unsigned int ret;

	/* Connection comes from client. */

	exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port;

	exp->dir = IP_CT_DIR_ORIGINAL;

	/* When you see the packet, we need to NAT it the same as the

	 * this one (ie. same IP: it will be TCP and master is UDP). */

	exp->expectfn = nf_nat_follow_master;

	/* Try to get same port: if not, try to change it. */

	for (port = ntohs(exp->saved_proto.tcp.port); port != 0; port++) {

		exp->tuple.dst.u.tcp.port = htons(port);

		if (nf_conntrack_expect_related(exp) == 0)

			break;

	}

	if (port == 0)

		return NF_DROP;

	sprintf(buffer, "%u", port);

	ret = nf_nat_mangle_udp_packet(pskb, exp->master, ctinfo,

				       matchoff, matchlen,

				       buffer, strlen(buffer));

	if (ret != NF_ACCEPT)

		nf_conntrack_unexpect_related(exp);

	return ret;

}

static void __exit nf_nat_amanda_fini(void)

{

	rcu_assign_pointer(nf_nat_amanda_hook, NULL);

	synchronize_rcu();

}

static int __init nf_nat_amanda_init(void)

{

	BUG_ON(rcu_dereference(nf_nat_amanda_hook));

	rcu_assign_pointer(nf_nat_amanda_hook, help);

	return 0;

}

module_init(nf_nat_amanda_init);

module_exit(nf_nat_amanda_fini);

	  If you want to compile it as a module, say M here and read

	  Documentation/modules.txt.  If unsure, say `N'.

config NF_CONNTRACK_AMANDA

	tristate "Amanda backup protocol support (EXPERIMENTAL)"

	depends on EXPERIMENTAL && NF_CONNTRACK

	select TEXTSEARCH

	select TEXTSEARCH_KMP

	help

	  If you are running the Amanda backup package <http://www.amanda.org/>

	  on this machine or machines that will be MASQUERADED through this

	  machine, then you may want to enable this feature.  This allows the

	  connection tracking and natting code to allow the sub-channels that

	  Amanda requires for communication of the backup data, messages and

	  index.

	  To compile it as a module, choose M here.  If unsure, say N.

config NF_CONNTRACK_FTP

	tristate "FTP support on new connection tracking (EXPERIMENTAL)"

	depends on EXPERIMENTAL && NF_CONNTRACK