netfilter: nf_nat: move alloc_null_binding to nf_nat_core.c
Similar to nat_decode_session, alloc_null_binding is needed for both ip_tables and nf_tables, so move it to nf_nat_core.c. This change is required by nf_tables. This is an adapted version of the original patch from Patrick McHardy. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
795aa6ef6a
commit
f59cb0453c
|
@ -45,6 +45,9 @@ unsigned int nf_nat_setup_info(struct nf_conn *ct,
|
||||||
const struct nf_nat_range *range,
|
const struct nf_nat_range *range,
|
||||||
enum nf_nat_manip_type maniptype);
|
enum nf_nat_manip_type maniptype);
|
||||||
|
|
||||||
|
extern unsigned int nf_nat_alloc_null_binding(struct nf_conn *ct,
|
||||||
|
unsigned int hooknum);
|
||||||
|
|
||||||
/* Is this tuple already taken? (not by us)*/
|
/* Is this tuple already taken? (not by us)*/
|
||||||
int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
|
int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
|
||||||
const struct nf_conn *ignored_conntrack);
|
const struct nf_conn *ignored_conntrack);
|
||||||
|
|
|
@ -432,6 +432,26 @@ nf_nat_setup_info(struct nf_conn *ct,
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL(nf_nat_setup_info);
|
EXPORT_SYMBOL(nf_nat_setup_info);
|
||||||
|
|
||||||
|
unsigned int
|
||||||
|
nf_nat_alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)
|
||||||
|
{
|
||||||
|
/* Force range to this IP; let proto decide mapping for
|
||||||
|
* per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).
|
||||||
|
* Use reply in case it's already been mangled (eg local packet).
|
||||||
|
*/
|
||||||
|
union nf_inet_addr ip =
|
||||||
|
(HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?
|
||||||
|
ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3 :
|
||||||
|
ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3);
|
||||||
|
struct nf_nat_range range = {
|
||||||
|
.flags = NF_NAT_RANGE_MAP_IPS,
|
||||||
|
.min_addr = ip,
|
||||||
|
.max_addr = ip,
|
||||||
|
};
|
||||||
|
return nf_nat_setup_info(ct, &range, HOOK2MANIP(hooknum));
|
||||||
|
}
|
||||||
|
EXPORT_SYMBOL_GPL(nf_nat_alloc_null_binding);
|
||||||
|
|
||||||
/* Do packet manipulations according to nf_nat_setup_info. */
|
/* Do packet manipulations according to nf_nat_setup_info. */
|
||||||
unsigned int nf_nat_packet(struct nf_conn *ct,
|
unsigned int nf_nat_packet(struct nf_conn *ct,
|
||||||
enum ip_conntrack_info ctinfo,
|
enum ip_conntrack_info ctinfo,
|
||||||
|
|
Loading…
Reference in New Issue