Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
6185f870
Commit
6185f870
authored
Mar 20, 2008
by
Patrick McHardy
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[NETFILTER]: nf_nat: add UDP-Lite support
Signed-off-by:
Patrick McHardy
<
kaber@trash.net
>
parent
2d2d84c4
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
109 additions
and
2 deletions
+109
-2
net/ipv4/netfilter/Kconfig
net/ipv4/netfilter/Kconfig
+5
-0
net/ipv4/netfilter/Makefile
net/ipv4/netfilter/Makefile
+1
-0
net/ipv4/netfilter/nf_nat_proto_udplite.c
net/ipv4/netfilter/nf_nat_proto_udplite.c
+99
-0
net/ipv4/netfilter/nf_nat_standalone.c
net/ipv4/netfilter/nf_nat_standalone.c
+4
-2
No files found.
net/ipv4/netfilter/Kconfig
View file @
6185f870
...
@@ -245,6 +245,11 @@ config NF_NAT_PROTO_GRE
...
@@ -245,6 +245,11 @@ config NF_NAT_PROTO_GRE
tristate
tristate
depends on NF_NAT && NF_CT_PROTO_GRE
depends on NF_NAT && NF_CT_PROTO_GRE
config NF_NAT_PROTO_UDPLITE
tristate
depends on NF_NAT && NF_CT_PROTO_UDPLITE
default NF_NAT && NF_CT_PROTO_UDPLITE
config NF_NAT_FTP
config NF_NAT_FTP
tristate
tristate
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
...
...
net/ipv4/netfilter/Makefile
View file @
6185f870
...
@@ -30,6 +30,7 @@ obj-$(CONFIG_NF_NAT_TFTP) += nf_nat_tftp.o
...
@@ -30,6 +30,7 @@ obj-$(CONFIG_NF_NAT_TFTP) += nf_nat_tftp.o
# NAT protocols (nf_nat)
# NAT protocols (nf_nat)
obj-$(CONFIG_NF_NAT_PROTO_GRE)
+=
nf_nat_proto_gre.o
obj-$(CONFIG_NF_NAT_PROTO_GRE)
+=
nf_nat_proto_gre.o
obj-$(CONFIG_NF_NAT_PROTO_UDPLITE)
+=
nf_nat_proto_udplite.o
# generic IP tables
# generic IP tables
obj-$(CONFIG_IP_NF_IPTABLES)
+=
ip_tables.o
obj-$(CONFIG_IP_NF_IPTABLES)
+=
ip_tables.o
...
...
net/ipv4/netfilter/nf_nat_proto_udplite.c
0 → 100644
View file @
6185f870
/* (C) 1999-2001 Paul `Rusty' Russell
* (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
* (C) 2008 Patrick McHardy <kaber@trash.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <linux/types.h>
#include <linux/init.h>
#include <linux/ip.h>
#include <linux/udp.h>
#include <linux/netfilter.h>
#include <net/netfilter/nf_nat.h>
#include <net/netfilter/nf_nat_protocol.h>
static
u_int16_t
udplite_port_rover
;
static
int
udplite_unique_tuple
(
struct
nf_conntrack_tuple
*
tuple
,
const
struct
nf_nat_range
*
range
,
enum
nf_nat_manip_type
maniptype
,
const
struct
nf_conn
*
ct
)
{
return
nf_nat_proto_unique_tuple
(
tuple
,
range
,
maniptype
,
ct
,
&
udplite_port_rover
);
}
static
int
udplite_manip_pkt
(
struct
sk_buff
*
skb
,
unsigned
int
iphdroff
,
const
struct
nf_conntrack_tuple
*
tuple
,
enum
nf_nat_manip_type
maniptype
)
{
const
struct
iphdr
*
iph
=
(
struct
iphdr
*
)(
skb
->
data
+
iphdroff
);
struct
udphdr
*
hdr
;
unsigned
int
hdroff
=
iphdroff
+
iph
->
ihl
*
4
;
__be32
oldip
,
newip
;
__be16
*
portptr
,
newport
;
if
(
!
skb_make_writable
(
skb
,
hdroff
+
sizeof
(
*
hdr
)))
return
0
;
iph
=
(
struct
iphdr
*
)(
skb
->
data
+
iphdroff
);
hdr
=
(
struct
udphdr
*
)(
skb
->
data
+
hdroff
);
if
(
maniptype
==
IP_NAT_MANIP_SRC
)
{
/* Get rid of src ip and src pt */
oldip
=
iph
->
saddr
;
newip
=
tuple
->
src
.
u3
.
ip
;
newport
=
tuple
->
src
.
u
.
udp
.
port
;
portptr
=
&
hdr
->
source
;
}
else
{
/* Get rid of dst ip and dst pt */
oldip
=
iph
->
daddr
;
newip
=
tuple
->
dst
.
u3
.
ip
;
newport
=
tuple
->
dst
.
u
.
udp
.
port
;
portptr
=
&
hdr
->
dest
;
}
inet_proto_csum_replace4
(
&
hdr
->
check
,
skb
,
oldip
,
newip
,
1
);
inet_proto_csum_replace2
(
&
hdr
->
check
,
skb
,
*
portptr
,
newport
,
0
);
if
(
!
hdr
->
check
)
hdr
->
check
=
CSUM_MANGLED_0
;
*
portptr
=
newport
;
return
1
;
}
static
const
struct
nf_nat_protocol
nf_nat_protocol_udplite
=
{
.
protonum
=
IPPROTO_UDPLITE
,
.
me
=
THIS_MODULE
,
.
manip_pkt
=
udplite_manip_pkt
,
.
in_range
=
nf_nat_proto_in_range
,
.
unique_tuple
=
udplite_unique_tuple
,
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
.
range_to_nlattr
=
nf_nat_proto_range_to_nlattr
,
.
nlattr_to_range
=
nf_nat_proto_nlattr_to_range
,
#endif
};
static
int
__init
nf_nat_proto_udplite_init
(
void
)
{
return
nf_nat_protocol_register
(
&
nf_nat_protocol_udplite
);
}
static
void
__exit
nf_nat_proto_udplite_fini
(
void
)
{
nf_nat_protocol_unregister
(
&
nf_nat_protocol_udplite
);
}
module_init
(
nf_nat_proto_udplite_init
);
module_exit
(
nf_nat_proto_udplite_fini
);
MODULE_LICENSE
(
"GPL"
);
MODULE_DESCRIPTION
(
"UDP-Lite NAT protocol helper"
);
MODULE_AUTHOR
(
"Patrick McHardy <kaber@trash.net>"
);
net/ipv4/netfilter/nf_nat_standalone.c
View file @
6185f870
...
@@ -50,7 +50,8 @@ static void nat_decode_session(struct sk_buff *skb, struct flowi *fl)
...
@@ -50,7 +50,8 @@ static void nat_decode_session(struct sk_buff *skb, struct flowi *fl)
if
(
ct
->
status
&
statusbit
)
{
if
(
ct
->
status
&
statusbit
)
{
fl
->
fl4_dst
=
t
->
dst
.
u3
.
ip
;
fl
->
fl4_dst
=
t
->
dst
.
u3
.
ip
;
if
(
t
->
dst
.
protonum
==
IPPROTO_TCP
||
if
(
t
->
dst
.
protonum
==
IPPROTO_TCP
||
t
->
dst
.
protonum
==
IPPROTO_UDP
)
t
->
dst
.
protonum
==
IPPROTO_UDP
||
t
->
dst
.
protonum
==
IPPROTO_UDPLITE
)
fl
->
fl_ip_dport
=
t
->
dst
.
u
.
tcp
.
port
;
fl
->
fl_ip_dport
=
t
->
dst
.
u
.
tcp
.
port
;
}
}
...
@@ -59,7 +60,8 @@ static void nat_decode_session(struct sk_buff *skb, struct flowi *fl)
...
@@ -59,7 +60,8 @@ static void nat_decode_session(struct sk_buff *skb, struct flowi *fl)
if
(
ct
->
status
&
statusbit
)
{
if
(
ct
->
status
&
statusbit
)
{
fl
->
fl4_src
=
t
->
src
.
u3
.
ip
;
fl
->
fl4_src
=
t
->
src
.
u3
.
ip
;
if
(
t
->
dst
.
protonum
==
IPPROTO_TCP
||
if
(
t
->
dst
.
protonum
==
IPPROTO_TCP
||
t
->
dst
.
protonum
==
IPPROTO_UDP
)
t
->
dst
.
protonum
==
IPPROTO_UDP
||
t
->
dst
.
protonum
==
IPPROTO_UDPLITE
)
fl
->
fl_ip_sport
=
t
->
src
.
u
.
tcp
.
port
;
fl
->
fl_ip_sport
=
t
->
src
.
u
.
tcp
.
port
;
}
}
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment