Loading include/net/netfilter/nf_conntrack.h +9 −0 Original line number Diff line number Diff line Loading @@ -47,6 +47,11 @@ union nf_conntrack_expect_proto { #include <net/netfilter/ipv4/nf_conntrack_ipv4.h> #include <net/netfilter/ipv6/nf_conntrack_ipv6.h> /* Handle NATTYPE Stuff,only if NATTYPE module was defined */ #ifdef CONFIG_IP_NF_TARGET_NATTYPE_MODULE #include <linux/netfilter_ipv4/ipt_NATTYPE.h> #endif struct nf_conn { /* Usage count in here is 1 for hash table, 1 per skb, * plus 1 for any connection(s) we are `master' for Loading Loading @@ -98,6 +103,10 @@ struct nf_conn { void *sfe_entry; #ifdef CONFIG_IP_NF_TARGET_NATTYPE_MODULE unsigned long nattype_entry; #endif /* Storage reserved for other modules, must be the last member */ union nf_conntrack_proto proto; }; Loading include/net/netfilter/nf_conntrack_core.h +3 −0 Original line number Diff line number Diff line Loading @@ -52,6 +52,9 @@ bool nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse, const struct nf_conntrack_l3proto *l3proto, const struct nf_conntrack_l4proto *l4proto); extern void (*delete_sfe_entry)(struct nf_conn *ct); extern bool (*nattype_refresh_timer) (unsigned long nattype, unsigned long timeout_value); /* Find a connection corresponding to a tuple. */ struct nf_conntrack_tuple_hash * Loading include/uapi/linux/netfilter_ipv4/Kbuild 0 → 100644 +11 −0 Original line number Diff line number Diff line # UAPI Header export list header-y += ip_tables.h header-y += ipt_CLUSTERIP.h header-y += ipt_ECN.h header-y += ipt_LOG.h header-y += ipt_REJECT.h header-y += ipt_TTL.h header-y += ipt_ah.h header-y += ipt_ecn.h header-y += ipt_ttl.h header-y += ipt_NATTYPE.h include/uapi/linux/netfilter_ipv4/ipt_NATTYPE.h 0 → 100644 +25 −0 Original line number Diff line number Diff line #ifndef _IPT_NATTYPE_H_target #define _IPT_NATTYPE_H_target #define NATTYPE_TIMEOUT 300 enum nattype_mode { MODE_DNAT, MODE_FORWARD_IN, MODE_FORWARD_OUT }; enum nattype_type { TYPE_PORT_ADDRESS_RESTRICTED, TYPE_ENDPOINT_INDEPENDENT, TYPE_ADDRESS_RESTRICTED }; struct ipt_nattype_info { u_int16_t mode; u_int16_t type; }; #endif /*_IPT_NATTYPE_H_target*/ net/ipv4/netfilter/Kconfig +15 −4 Original line number Diff line number Diff line Loading @@ -296,6 +296,17 @@ config IP_NF_TARGET_MASQUERADE To compile it as a module, choose M here. If unsure, say N. config IP_NF_TARGET_NATTYPE_MODULE tristate "NATTYPE target support" depends on NF_NAT default m if NETFILTER_ADVANCED=n help NATTYPE is a special case of NAT: used to support FULL Cone NAT and ADDRESS Restricted Cone NAT. All incoming connections are allowed if there is an outgoing connection using that port. To compile it as a module, choose M here. If unsure, say N. config IP_NF_TARGET_NETMAP tristate "NETMAP target support" depends on NETFILTER_ADVANCED Loading Loading
include/net/netfilter/nf_conntrack.h +9 −0 Original line number Diff line number Diff line Loading @@ -47,6 +47,11 @@ union nf_conntrack_expect_proto { #include <net/netfilter/ipv4/nf_conntrack_ipv4.h> #include <net/netfilter/ipv6/nf_conntrack_ipv6.h> /* Handle NATTYPE Stuff,only if NATTYPE module was defined */ #ifdef CONFIG_IP_NF_TARGET_NATTYPE_MODULE #include <linux/netfilter_ipv4/ipt_NATTYPE.h> #endif struct nf_conn { /* Usage count in here is 1 for hash table, 1 per skb, * plus 1 for any connection(s) we are `master' for Loading Loading @@ -98,6 +103,10 @@ struct nf_conn { void *sfe_entry; #ifdef CONFIG_IP_NF_TARGET_NATTYPE_MODULE unsigned long nattype_entry; #endif /* Storage reserved for other modules, must be the last member */ union nf_conntrack_proto proto; }; Loading
include/net/netfilter/nf_conntrack_core.h +3 −0 Original line number Diff line number Diff line Loading @@ -52,6 +52,9 @@ bool nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse, const struct nf_conntrack_l3proto *l3proto, const struct nf_conntrack_l4proto *l4proto); extern void (*delete_sfe_entry)(struct nf_conn *ct); extern bool (*nattype_refresh_timer) (unsigned long nattype, unsigned long timeout_value); /* Find a connection corresponding to a tuple. */ struct nf_conntrack_tuple_hash * Loading
include/uapi/linux/netfilter_ipv4/Kbuild 0 → 100644 +11 −0 Original line number Diff line number Diff line # UAPI Header export list header-y += ip_tables.h header-y += ipt_CLUSTERIP.h header-y += ipt_ECN.h header-y += ipt_LOG.h header-y += ipt_REJECT.h header-y += ipt_TTL.h header-y += ipt_ah.h header-y += ipt_ecn.h header-y += ipt_ttl.h header-y += ipt_NATTYPE.h
include/uapi/linux/netfilter_ipv4/ipt_NATTYPE.h 0 → 100644 +25 −0 Original line number Diff line number Diff line #ifndef _IPT_NATTYPE_H_target #define _IPT_NATTYPE_H_target #define NATTYPE_TIMEOUT 300 enum nattype_mode { MODE_DNAT, MODE_FORWARD_IN, MODE_FORWARD_OUT }; enum nattype_type { TYPE_PORT_ADDRESS_RESTRICTED, TYPE_ENDPOINT_INDEPENDENT, TYPE_ADDRESS_RESTRICTED }; struct ipt_nattype_info { u_int16_t mode; u_int16_t type; }; #endif /*_IPT_NATTYPE_H_target*/
net/ipv4/netfilter/Kconfig +15 −4 Original line number Diff line number Diff line Loading @@ -296,6 +296,17 @@ config IP_NF_TARGET_MASQUERADE To compile it as a module, choose M here. If unsure, say N. config IP_NF_TARGET_NATTYPE_MODULE tristate "NATTYPE target support" depends on NF_NAT default m if NETFILTER_ADVANCED=n help NATTYPE is a special case of NAT: used to support FULL Cone NAT and ADDRESS Restricted Cone NAT. All incoming connections are allowed if there is an outgoing connection using that port. To compile it as a module, choose M here. If unsure, say N. config IP_NF_TARGET_NETMAP tristate "NETMAP target support" depends on NETFILTER_ADVANCED Loading
