Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f59cb045 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso
Browse files

netfilter: nf_nat: move alloc_null_binding to nf_nat_core.c 



Similar to nat_decode_session, alloc_null_binding is needed for both
ip_tables and nf_tables, so move it to nf_nat_core.c. This change
is required by nf_tables.

This is an adapted version of the original patch from Patrick McHardy.

Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 795aa6ef

include/net/netfilter/nf_nat.h

+3 −0
Original line number Original line Diff line number Diff line
@@ -45,6 +45,9 @@ unsigned int nf_nat_setup_info(struct nf_conn *ct, 
			       const struct nf_nat_range *range,

			       const struct nf_nat_range *range,

			       enum nf_nat_manip_type maniptype);

			       enum nf_nat_manip_type maniptype);





extern unsigned int nf_nat_alloc_null_binding(struct nf_conn *ct,

					      unsigned int hooknum);



/* Is this tuple already taken? (not by us)*/

/* Is this tuple already taken? (not by us)*/

int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,

int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,

		      const struct nf_conn *ignored_conntrack);

		      const struct nf_conn *ignored_conntrack);

net/netfilter/nf_nat_core.c

+20 −0
Original line number Original line Diff line number Diff line
@@ -432,6 +432,26 @@ nf_nat_setup_info(struct nf_conn *ct, 
}

}

EXPORT_SYMBOL(nf_nat_setup_info);

EXPORT_SYMBOL(nf_nat_setup_info);





unsigned int

nf_nat_alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)

{

	/* Force range to this IP; let proto decide mapping for

	 * per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).

	 * Use reply in case it's already been mangled (eg local packet).

	 */

	union nf_inet_addr ip =

		(HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?

		ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3 :

		ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3);

	struct nf_nat_range range = {

		.flags		= NF_NAT_RANGE_MAP_IPS,

		.min_addr	= ip,

		.max_addr	= ip,

	};

	return nf_nat_setup_info(ct, &range, HOOK2MANIP(hooknum));

}

EXPORT_SYMBOL_GPL(nf_nat_alloc_null_binding);



/* Do packet manipulations according to nf_nat_setup_info. */

/* Do packet manipulations according to nf_nat_setup_info. */

unsigned int nf_nat_packet(struct nf_conn *ct,

unsigned int nf_nat_packet(struct nf_conn *ct,

			   enum ip_conntrack_info ctinfo,

			   enum ip_conntrack_info ctinfo,