tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: nft_nat: add helper function to set up NAT address and protocol
This patch add nft_nat_setup_addr() and nft_nat_setup_proto() to set up
the NAT mangling.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+34
-22
+34
-22
net/netfilter/nft_nat.c
+34
-22
net/netfilter/nft_nat.c
···
30
30
u16 flags;
31
31
};
32
32
33
+
static void nft_nat_setup_addr(struct nf_nat_range2 *range,
34
+
const struct nft_regs *regs,
35
+
const struct nft_nat *priv)
36
+
{
37
+
switch (priv->family) {
38
+
case AF_INET:
39
+
range->min_addr.ip = (__force __be32)
40
+
regs->data[priv->sreg_addr_min];
41
+
range->max_addr.ip = (__force __be32)
42
+
regs->data[priv->sreg_addr_max];
43
+
break;
44
+
case AF_INET6:
45
+
memcpy(range->min_addr.ip6, ®s->data[priv->sreg_addr_min],
46
+
sizeof(range->min_addr.ip6));
47
+
memcpy(range->max_addr.ip6, ®s->data[priv->sreg_addr_max],
48
+
sizeof(range->max_addr.ip6));
49
+
break;
50
+
}
51
+
}
52
+
53
+
static void nft_nat_setup_proto(struct nf_nat_range2 *range,
54
+
const struct nft_regs *regs,
55
+
const struct nft_nat *priv)
56
+
{
57
+
range->min_proto.all = (__force __be16)
58
+
nft_reg_load16(®s->data[priv->sreg_proto_min]);
59
+
range->max_proto.all = (__force __be16)
60
+
nft_reg_load16(®s->data[priv->sreg_proto_max]);
61
+
}
62
+
33
63
static void nft_nat_eval(const struct nft_expr *expr,
34
64
struct nft_regs *regs,
35
65
const struct nft_pktinfo *pkt)
···
70
40
struct nf_nat_range2 range;
71
41
72
42
memset(&range, 0, sizeof(range));
73
-
if (priv->sreg_addr_min) {
74
-
if (priv->family == AF_INET) {
75
-
range.min_addr.ip = (__force __be32)
76
-
regs->data[priv->sreg_addr_min];
77
-
range.max_addr.ip = (__force __be32)
78
-
regs->data[priv->sreg_addr_max];
43
+
if (priv->sreg_addr_min)
44
+
nft_nat_setup_addr(&range, regs, priv);
79
45
80
-
} else {
81
-
memcpy(range.min_addr.ip6,
82
-
®s->data[priv->sreg_addr_min],
83
-
sizeof(range.min_addr.ip6));
84
-
memcpy(range.max_addr.ip6,
85
-
®s->data[priv->sreg_addr_max],
86
-
sizeof(range.max_addr.ip6));
87
-
}
88
-
}
89
-
90
-
if (priv->sreg_proto_min) {
91
-
range.min_proto.all = (__force __be16)nft_reg_load16(
92
-
®s->data[priv->sreg_proto_min]);
93
-
range.max_proto.all = (__force __be16)nft_reg_load16(
94
-
®s->data[priv->sreg_proto_max]);
95
-
}
46
+
if (priv->sreg_proto_min)
47
+
nft_nat_setup_proto(&range, regs, priv);
96
48
97
49
range.flags = priv->flags;
98
50