Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit cbc9f2f4fcd70d5a627558ca9a881fa9391abf69

Authored by Patrick McHardy
Committed by Pablo Neira Ayuso
1 parent 3d058d7bc2
Exists in master and in 6 other branches imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

netfilter: nf_nat: export NAT definitions to userspace 

Export the NAT definitions to userspace. So far userspace (specifically,
iptables) has been copying the headers files from include/net. Also
rename some structures and definitions in preparation for IPv6 NAT.
Since these have never been officially exported, this doesn't affect
existing userspace code.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Showing 29 changed files with 185 additions and 194 deletions Side-by-side Diff

include/linux/netfilter/Kbuild
Diff comments   View file @ cbc9f2f
... ... @@ -5,6 +5,7 @@
5 5 header-y += nf_conntrack_sctp.h
6 6 header-y += nf_conntrack_tcp.h
7 7 header-y += nf_conntrack_tuple_common.h
  8 +header-y += nf_nat.h
8 9 header-y += nfnetlink.h
9 10 header-y += nfnetlink_compat.h
10 11 header-y += nfnetlink_conntrack.h
include/linux/netfilter/nf_conntrack_tuple_common.h
Diff comments   View file @ cbc9f2f
... ... @@ -7,6 +7,33 @@
7 7 IP_CT_DIR_MAX
8 8 };
9 9  
  10 +/* The protocol-specific manipulable parts of the tuple: always in
  11 + * network order
  12 + */
  13 +union nf_conntrack_man_proto {
  14 + /* Add other protocols here. */
  15 + __be16 all;
  16 +
  17 + struct {
  18 + __be16 port;
  19 + } tcp;
  20 + struct {
  21 + __be16 port;
  22 + } udp;
  23 + struct {
  24 + __be16 id;
  25 + } icmp;
  26 + struct {
  27 + __be16 port;
  28 + } dccp;
  29 + struct {
  30 + __be16 port;
  31 + } sctp;
  32 + struct {
  33 + __be16 key; /* GRE key is 32bit, PPtP only uses 16bit */
  34 + } gre;
  35 +};
  36 +
10 37 #define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL)
11 38  
12 39 #endif /* _NF_CONNTRACK_TUPLE_COMMON_H */
include/linux/netfilter/nf_nat.h
Diff comments   View file @ cbc9f2f
  1 +#ifndef _NETFILTER_NF_NAT_H
  2 +#define _NETFILTER_NF_NAT_H
  3 +
  4 +#include <linux/netfilter.h>
  5 +#include <linux/netfilter/nf_conntrack_tuple_common.h>
  6 +
  7 +#define NF_NAT_RANGE_MAP_IPS 1
  8 +#define NF_NAT_RANGE_PROTO_SPECIFIED 2
  9 +#define NF_NAT_RANGE_PROTO_RANDOM 4
  10 +#define NF_NAT_RANGE_PERSISTENT 8
  11 +
  12 +struct nf_nat_ipv4_range {
  13 + unsigned int flags;
  14 + __be32 min_ip;
  15 + __be32 max_ip;
  16 + union nf_conntrack_man_proto min;
  17 + union nf_conntrack_man_proto max;
  18 +};
  19 +
  20 +struct nf_nat_ipv4_multi_range_compat {
  21 + unsigned int rangesize;
  22 + struct nf_nat_ipv4_range range[1];
  23 +};
  24 +
  25 +#endif /* _NETFILTER_NF_NAT_H */
include/linux/netfilter_ipv4/Kbuild
Diff comments   View file @ cbc9f2f
... ... @@ -12,5 +12,4 @@
12 12 header-y += ipt_ecn.h
13 13 header-y += ipt_realm.h
14 14 header-y += ipt_ttl.h
15   -header-y += nf_nat.h
include/linux/netfilter_ipv4/nf_nat.h
View file @ cbc9f2f
1   -#ifndef _LINUX_NF_NAT_H
2   -#define _LINUX_NF_NAT_H
3   -
4   -#include <linux/types.h>
5   -
6   -#define IP_NAT_RANGE_MAP_IPS 1
7   -#define IP_NAT_RANGE_PROTO_SPECIFIED 2
8   -#define IP_NAT_RANGE_PROTO_RANDOM 4
9   -#define IP_NAT_RANGE_PERSISTENT 8
10   -
11   -/* The protocol-specific manipulable parts of the tuple. */
12   -union nf_conntrack_man_proto {
13   - /* Add other protocols here. */
14   - __be16 all;
15   -
16   - struct {
17   - __be16 port;
18   - } tcp;
19   - struct {
20   - __be16 port;
21   - } udp;
22   - struct {
23   - __be16 id;
24   - } icmp;
25   - struct {
26   - __be16 port;
27   - } dccp;
28   - struct {
29   - __be16 port;
30   - } sctp;
31   - struct {
32   - __be16 key; /* GRE key is 32bit, PPtP only uses 16bit */
33   - } gre;
34   -};
35   -
36   -/* Single range specification. */
37   -struct nf_nat_range {
38   - /* Set to OR of flags above. */
39   - unsigned int flags;
40   -
41   - /* Inclusive: network order. */
42   - __be32 min_ip, max_ip;
43   -
44   - /* Inclusive: network order */
45   - union nf_conntrack_man_proto min, max;
46   -};
47   -
48   -/* For backwards compat: don't use in modern code. */
49   -struct nf_nat_multi_range_compat {
50   - unsigned int rangesize; /* Must be 1. */
51   -
52   - /* hangs off end. */
53   - struct nf_nat_range range[1];
54   -};
55   -
56   -#define nf_nat_multi_range nf_nat_multi_range_compat
57   -
58   -#endif
include/net/netfilter/nf_conntrack_tuple.h
Diff comments   View file @ cbc9f2f
... ... @@ -12,7 +12,6 @@
12 12  
13 13 #include <linux/netfilter/x_tables.h>
14 14 #include <linux/netfilter/nf_conntrack_tuple_common.h>
15   -#include <linux/netfilter_ipv4/nf_nat.h>
16 15 #include <linux/list_nulls.h>
17 16  
18 17 /* A `tuple' is a structure containing the information to uniquely
include/net/netfilter/nf_nat.h
Diff comments   View file @ cbc9f2f
1 1 #ifndef _NF_NAT_H
2 2 #define _NF_NAT_H
3 3 #include <linux/netfilter_ipv4.h>
4   -#include <linux/netfilter_ipv4/nf_nat.h>
  4 +#include <linux/netfilter/nf_nat.h>
5 5 #include <net/netfilter/nf_conntrack_tuple.h>
6 6  
7   -#define NF_NAT_MAPPING_TYPE_MAX_NAMELEN 16
8   -
9 7 enum nf_nat_manip_type {
10   - IP_NAT_MANIP_SRC,
11   - IP_NAT_MANIP_DST
  8 + NF_NAT_MANIP_SRC,
  9 + NF_NAT_MANIP_DST
12 10 };
13 11  
14 12 /* SRC manip occurs POST_ROUTING or LOCAL_IN */
... ... @@ -52,7 +50,7 @@
52 50  
53 51 /* Set up the info structure to map into this range. */
54 52 extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
55   - const struct nf_nat_range *range,
  53 + const struct nf_nat_ipv4_range *range,
56 54 enum nf_nat_manip_type maniptype);
57 55  
58 56 /* Is this tuple already taken? (not by us)*/
include/net/netfilter/nf_nat_core.h
Diff comments   View file @ cbc9f2f
... ... @@ -20,7 +20,7 @@
20 20 static inline int nf_nat_initialized(struct nf_conn *ct,
21 21 enum nf_nat_manip_type manip)
22 22 {
23   - if (manip == IP_NAT_MANIP_SRC)
  23 + if (manip == NF_NAT_MANIP_SRC)
24 24 return ct->status & IPS_SRC_NAT_DONE;
25 25 else
26 26 return ct->status & IPS_DST_NAT_DONE;
include/net/netfilter/nf_nat_protocol.h
Diff comments   View file @ cbc9f2f
... ... @@ -4,7 +4,7 @@
4 4 #include <net/netfilter/nf_nat.h>
5 5 #include <linux/netfilter/nfnetlink_conntrack.h>
6 6  
7   -struct nf_nat_range;
  7 +struct nf_nat_ipv4_range;
8 8  
9 9 struct nf_nat_protocol {
10 10 /* Protocol number. */
11 11  
12 12  
... ... @@ -30,15 +30,15 @@
30 30 possible. Per-protocol part of tuple is initialized to the
31 31 incoming packet. */
32 32 void (*unique_tuple)(struct nf_conntrack_tuple *tuple,
33   - const struct nf_nat_range *range,
  33 + const struct nf_nat_ipv4_range *range,
34 34 enum nf_nat_manip_type maniptype,
35 35 const struct nf_conn *ct);
36 36  
37 37 int (*range_to_nlattr)(struct sk_buff *skb,
38   - const struct nf_nat_range *range);
  38 + const struct nf_nat_ipv4_range *range);
39 39  
40 40 int (*nlattr_to_range)(struct nlattr *tb[],
41   - struct nf_nat_range *range);
  41 + struct nf_nat_ipv4_range *range);
42 42 };
43 43  
44 44 /* Protocol registration. */
45 45  
46 46  
... ... @@ -61,15 +61,15 @@
61 61 const union nf_conntrack_man_proto *max);
62 62  
63 63 extern void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
64   - const struct nf_nat_range *range,
  64 + const struct nf_nat_ipv4_range *range,
65 65 enum nf_nat_manip_type maniptype,
66 66 const struct nf_conn *ct,
67 67 u_int16_t *rover);
68 68  
69 69 extern int nf_nat_proto_range_to_nlattr(struct sk_buff *skb,
70   - const struct nf_nat_range *range);
  70 + const struct nf_nat_ipv4_range *range);
71 71 extern int nf_nat_proto_nlattr_to_range(struct nlattr *tb[],
72   - struct nf_nat_range *range);
  72 + struct nf_nat_ipv4_range *range);
73 73  
74 74 #endif /*_NF_NAT_PROTO_H*/
net/ipv4/netfilter/ipt_MASQUERADE.c
Diff comments   View file @ cbc9f2f
... ... @@ -30,9 +30,9 @@
30 30 /* FIXME: Multiple targets. --RR */
31 31 static int masquerade_tg_check(const struct xt_tgchk_param *par)
32 32 {
33   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  33 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
34 34  
35   - if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) {
  35 + if (mr->range[0].flags & NF_NAT_RANGE_MAP_IPS) {
36 36 pr_debug("bad MAP_IPS.\n");
37 37 return -EINVAL;
38 38 }
... ... @@ -49,8 +49,8 @@
49 49 struct nf_conn *ct;
50 50 struct nf_conn_nat *nat;
51 51 enum ip_conntrack_info ctinfo;
52   - struct nf_nat_range newrange;
53   - const struct nf_nat_multi_range_compat *mr;
  52 + struct nf_nat_ipv4_range newrange;
  53 + const struct nf_nat_ipv4_multi_range_compat *mr;
54 54 const struct rtable *rt;
55 55 __be32 newsrc;
56 56  
57 57  
... ... @@ -79,13 +79,13 @@
79 79 nat->masq_index = par->out->ifindex;
80 80  
81 81 /* Transfer from original range. */
82   - newrange = ((struct nf_nat_range)
83   - { mr->range[0].flags | IP_NAT_RANGE_MAP_IPS,
  82 + newrange = ((struct nf_nat_ipv4_range)
  83 + { mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
84 84 newsrc, newsrc,
85 85 mr->range[0].min, mr->range[0].max });
86 86  
87 87 /* Hand modified range to generic setup. */
88   - return nf_nat_setup_info(ct, &newrange, IP_NAT_MANIP_SRC);
  88 + return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_SRC);
89 89 }
90 90  
91 91 static int
... ... @@ -139,7 +139,7 @@
139 139 .name = "MASQUERADE",
140 140 .family = NFPROTO_IPV4,
141 141 .target = masquerade_tg,
142   - .targetsize = sizeof(struct nf_nat_multi_range_compat),
  142 + .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
143 143 .table = "nat",
144 144 .hooks = 1 << NF_INET_POST_ROUTING,
145 145 .checkentry = masquerade_tg_check,
net/ipv4/netfilter/ipt_NETMAP.c
Diff comments   View file @ cbc9f2f
... ... @@ -24,9 +24,9 @@
24 24  
25 25 static int netmap_tg_check(const struct xt_tgchk_param *par)
26 26 {
27   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  27 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
28 28  
29   - if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) {
  29 + if (!(mr->range[0].flags & NF_NAT_RANGE_MAP_IPS)) {
30 30 pr_debug("bad MAP_IPS.\n");
31 31 return -EINVAL;
32 32 }
... ... @@ -43,8 +43,8 @@
43 43 struct nf_conn *ct;
44 44 enum ip_conntrack_info ctinfo;
45 45 __be32 new_ip, netmask;
46   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
47   - struct nf_nat_range newrange;
  46 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
  47 + struct nf_nat_ipv4_range newrange;
48 48  
49 49 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
50 50 par->hooknum == NF_INET_POST_ROUTING ||
... ... @@ -61,8 +61,8 @@
61 61 new_ip = ip_hdr(skb)->saddr & ~netmask;
62 62 new_ip |= mr->range[0].min_ip & netmask;
63 63  
64   - newrange = ((struct nf_nat_range)
65   - { mr->range[0].flags | IP_NAT_RANGE_MAP_IPS,
  64 + newrange = ((struct nf_nat_ipv4_range)
  65 + { mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
66 66 new_ip, new_ip,
67 67 mr->range[0].min, mr->range[0].max });
68 68  
... ... @@ -74,7 +74,7 @@
74 74 .name = "NETMAP",
75 75 .family = NFPROTO_IPV4,
76 76 .target = netmap_tg,
77   - .targetsize = sizeof(struct nf_nat_multi_range_compat),
  77 + .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
78 78 .table = "nat",
79 79 .hooks = (1 << NF_INET_PRE_ROUTING) |
80 80 (1 << NF_INET_POST_ROUTING) |
net/ipv4/netfilter/ipt_REDIRECT.c
Diff comments   View file @ cbc9f2f
... ... @@ -28,9 +28,9 @@
28 28 /* FIXME: Take multiple ranges --RR */
29 29 static int redirect_tg_check(const struct xt_tgchk_param *par)
30 30 {
31   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  31 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
32 32  
33   - if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) {
  33 + if (mr->range[0].flags & NF_NAT_RANGE_MAP_IPS) {
34 34 pr_debug("bad MAP_IPS.\n");
35 35 return -EINVAL;
36 36 }
... ... @@ -47,8 +47,8 @@
47 47 struct nf_conn *ct;
48 48 enum ip_conntrack_info ctinfo;
49 49 __be32 newdst;
50   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
51   - struct nf_nat_range newrange;
  50 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
  51 + struct nf_nat_ipv4_range newrange;
52 52  
53 53 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
54 54 par->hooknum == NF_INET_LOCAL_OUT);
55 55  
56 56  
... ... @@ -76,20 +76,20 @@
76 76 }
77 77  
78 78 /* Transfer from original range. */
79   - newrange = ((struct nf_nat_range)
80   - { mr->range[0].flags | IP_NAT_RANGE_MAP_IPS,
  79 + newrange = ((struct nf_nat_ipv4_range)
  80 + { mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
81 81 newdst, newdst,
82 82 mr->range[0].min, mr->range[0].max });
83 83  
84 84 /* Hand modified range to generic setup. */
85   - return nf_nat_setup_info(ct, &newrange, IP_NAT_MANIP_DST);
  85 + return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
86 86 }
87 87  
88 88 static struct xt_target redirect_tg_reg __read_mostly = {
89 89 .name = "REDIRECT",
90 90 .family = NFPROTO_IPV4,
91 91 .target = redirect_tg,
92   - .targetsize = sizeof(struct nf_nat_multi_range_compat),
  92 + .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
93 93 .table = "nat",
94 94 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
95 95 .checkentry = redirect_tg_check,
net/ipv4/netfilter/nf_nat_core.c
Diff comments   View file @ cbc9f2f
... ... @@ -82,14 +82,14 @@
82 82 * that meet the constraints of range. */
83 83 static int
84 84 in_range(const struct nf_conntrack_tuple *tuple,
85   - const struct nf_nat_range *range)
  85 + const struct nf_nat_ipv4_range *range)
86 86 {
87 87 const struct nf_nat_protocol *proto;
88 88 int ret = 0;
89 89  
90 90 /* If we are supposed to map IPs, then we must be in the
91 91 range specified, otherwise let this drag us onto a new src IP. */
92   - if (range->flags & IP_NAT_RANGE_MAP_IPS) {
  92 + if (range->flags & NF_NAT_RANGE_MAP_IPS) {
93 93 if (ntohl(tuple->src.u3.ip) < ntohl(range->min_ip) ||
94 94 ntohl(tuple->src.u3.ip) > ntohl(range->max_ip))
95 95 return 0;
... ... @@ -97,8 +97,8 @@
97 97  
98 98 rcu_read_lock();
99 99 proto = __nf_nat_proto_find(tuple->dst.protonum);
100   - if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED) ||
101   - proto->in_range(tuple, IP_NAT_MANIP_SRC,
  100 + if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) ||
  101 + proto->in_range(tuple, NF_NAT_MANIP_SRC,
102 102 &range->min, &range->max))
103 103 ret = 1;
104 104 rcu_read_unlock();
... ... @@ -123,7 +123,7 @@
123 123 find_appropriate_src(struct net *net, u16 zone,
124 124 const struct nf_conntrack_tuple *tuple,
125 125 struct nf_conntrack_tuple *result,
126   - const struct nf_nat_range *range)
  126 + const struct nf_nat_ipv4_range *range)
127 127 {
128 128 unsigned int h = hash_by_src(net, zone, tuple);
129 129 const struct nf_conn_nat *nat;
... ... @@ -157,7 +157,7 @@
157 157 */
158 158 static void
159 159 find_best_ips_proto(u16 zone, struct nf_conntrack_tuple *tuple,
160   - const struct nf_nat_range *range,
  160 + const struct nf_nat_ipv4_range *range,
161 161 const struct nf_conn *ct,
162 162 enum nf_nat_manip_type maniptype)
163 163 {
164 164  
... ... @@ -166,10 +166,10 @@
166 166 u_int32_t minip, maxip, j;
167 167  
168 168 /* No IP mapping? Do nothing. */
169   - if (!(range->flags & IP_NAT_RANGE_MAP_IPS))
  169 + if (!(range->flags & NF_NAT_RANGE_MAP_IPS))
170 170 return;
171 171  
172   - if (maniptype == IP_NAT_MANIP_SRC)
  172 + if (maniptype == NF_NAT_MANIP_SRC)
173 173 var_ipp = &tuple->src.u3.ip;
174 174 else
175 175 var_ipp = &tuple->dst.u3.ip;
... ... @@ -189,7 +189,7 @@
189 189 minip = ntohl(range->min_ip);
190 190 maxip = ntohl(range->max_ip);
191 191 j = jhash_2words((__force u32)tuple->src.u3.ip,
192   - range->flags & IP_NAT_RANGE_PERSISTENT ?
  192 + range->flags & NF_NAT_RANGE_PERSISTENT ?
193 193 0 : (__force u32)tuple->dst.u3.ip ^ zone, 0);
194 194 j = ((u64)j * (maxip - minip + 1)) >> 32;
195 195 *var_ipp = htonl(minip + j);
... ... @@ -204,7 +204,7 @@
204 204 static void
205 205 get_unique_tuple(struct nf_conntrack_tuple *tuple,
206 206 const struct nf_conntrack_tuple *orig_tuple,
207   - const struct nf_nat_range *range,
  207 + const struct nf_nat_ipv4_range *range,
208 208 struct nf_conn *ct,
209 209 enum nf_nat_manip_type maniptype)
210 210 {
... ... @@ -219,8 +219,8 @@
219 219 This is only required for source (ie. NAT/masq) mappings.
220 220 So far, we don't do local source mappings, so multiple
221 221 manips not an issue. */
222   - if (maniptype == IP_NAT_MANIP_SRC &&
223   - !(range->flags & IP_NAT_RANGE_PROTO_RANDOM)) {
  222 + if (maniptype == NF_NAT_MANIP_SRC &&
  223 + !(range->flags & NF_NAT_RANGE_PROTO_RANDOM)) {
224 224 /* try the original tuple first */
225 225 if (in_range(orig_tuple, range)) {
226 226 if (!nf_nat_used_tuple(orig_tuple, ct)) {
... ... @@ -247,8 +247,8 @@
247 247 proto = __nf_nat_proto_find(orig_tuple->dst.protonum);
248 248  
249 249 /* Only bother mapping if it's not already in range and unique */
250   - if (!(range->flags & IP_NAT_RANGE_PROTO_RANDOM)) {
251   - if (range->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
  250 + if (!(range->flags & NF_NAT_RANGE_PROTO_RANDOM)) {
  251 + if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
252 252 if (proto->in_range(tuple, maniptype, &range->min,
253 253 &range->max) &&
254 254 (range->min.all == range->max.all ||
... ... @@ -267,7 +267,7 @@
267 267  
268 268 unsigned int
269 269 nf_nat_setup_info(struct nf_conn *ct,
270   - const struct nf_nat_range *range,
  270 + const struct nf_nat_ipv4_range *range,
271 271 enum nf_nat_manip_type maniptype)
272 272 {
273 273 struct net *net = nf_ct_net(ct);
... ... @@ -284,8 +284,8 @@
284 284 }
285 285 }
286 286  
287   - NF_CT_ASSERT(maniptype == IP_NAT_MANIP_SRC ||
288   - maniptype == IP_NAT_MANIP_DST);
  287 + NF_CT_ASSERT(maniptype == NF_NAT_MANIP_SRC ||
  288 + maniptype == NF_NAT_MANIP_DST);
289 289 BUG_ON(nf_nat_initialized(ct, maniptype));
290 290  
291 291 /* What we've got will look like inverse of reply. Normally
292 292  
... ... @@ -306,13 +306,13 @@
306 306 nf_conntrack_alter_reply(ct, &reply);
307 307  
308 308 /* Non-atomic: we own this at the moment. */
309   - if (maniptype == IP_NAT_MANIP_SRC)
  309 + if (maniptype == NF_NAT_MANIP_SRC)
310 310 ct->status |= IPS_SRC_NAT;
311 311 else
312 312 ct->status |= IPS_DST_NAT;
313 313 }
314 314  
315   - if (maniptype == IP_NAT_MANIP_SRC) {
  315 + if (maniptype == NF_NAT_MANIP_SRC) {
316 316 unsigned int srchash;
317 317  
318 318 srchash = hash_by_src(net, nf_ct_zone(ct),
... ... @@ -327,7 +327,7 @@
327 327 }
328 328  
329 329 /* It's done. */
330   - if (maniptype == IP_NAT_MANIP_DST)
  330 + if (maniptype == NF_NAT_MANIP_DST)
331 331 ct->status |= IPS_DST_NAT_DONE;
332 332 else
333 333 ct->status |= IPS_SRC_NAT_DONE;
... ... @@ -361,7 +361,7 @@
361 361  
362 362 iph = (void *)skb->data + iphdroff;
363 363  
364   - if (maniptype == IP_NAT_MANIP_SRC) {
  364 + if (maniptype == NF_NAT_MANIP_SRC) {
365 365 csum_replace4(&iph->check, iph->saddr, target->src.u3.ip);
366 366 iph->saddr = target->src.u3.ip;
367 367 } else {
... ... @@ -381,7 +381,7 @@
381 381 unsigned long statusbit;
382 382 enum nf_nat_manip_type mtype = HOOK2MANIP(hooknum);
383 383  
384   - if (mtype == IP_NAT_MANIP_SRC)
  384 + if (mtype == NF_NAT_MANIP_SRC)
385 385 statusbit = IPS_SRC_NAT;
386 386 else
387 387 statusbit = IPS_DST_NAT;
... ... @@ -447,7 +447,7 @@
447 447 return 0;
448 448 }
449 449  
450   - if (manip == IP_NAT_MANIP_SRC)
  450 + if (manip == NF_NAT_MANIP_SRC)
451 451 statusbit = IPS_SRC_NAT;
452 452 else
453 453 statusbit = IPS_DST_NAT;
... ... @@ -602,7 +602,7 @@
602 602  
603 603 static int nfnetlink_parse_nat_proto(struct nlattr *attr,
604 604 const struct nf_conn *ct,
605   - struct nf_nat_range *range)
  605 + struct nf_nat_ipv4_range *range)
606 606 {
607 607 struct nlattr *tb[CTA_PROTONAT_MAX+1];
608 608 const struct nf_nat_protocol *npt;
... ... @@ -626,7 +626,7 @@
626 626  
627 627 static int
628 628 nfnetlink_parse_nat(const struct nlattr *nat,
629   - const struct nf_conn *ct, struct nf_nat_range *range)
  629 + const struct nf_conn *ct, struct nf_nat_ipv4_range *range)
630 630 {
631 631 struct nlattr *tb[CTA_NAT_MAX+1];
632 632 int err;
... ... @@ -646,7 +646,7 @@
646 646 range->max_ip = nla_get_be32(tb[CTA_NAT_MAXIP]);
647 647  
648 648 if (range->min_ip)
649   - range->flags |= IP_NAT_RANGE_MAP_IPS;
  649 + range->flags |= NF_NAT_RANGE_MAP_IPS;
650 650  
651 651 if (!tb[CTA_NAT_PROTO])
652 652 return 0;
... ... @@ -663,7 +663,7 @@
663 663 enum nf_nat_manip_type manip,
664 664 const struct nlattr *attr)
665 665 {
666   - struct nf_nat_range range;
  666 + struct nf_nat_ipv4_range range;
667 667  
668 668 if (nfnetlink_parse_nat(attr, ct, &range) < 0)
669 669 return -EINVAL;
net/ipv4/netfilter/nf_nat_h323.c
Diff comments   View file @ cbc9f2f
... ... @@ -398,7 +398,7 @@
398 398 static void ip_nat_q931_expect(struct nf_conn *new,
399 399 struct nf_conntrack_expect *this)
400 400 {
401   - struct nf_nat_range range;
  401 + struct nf_nat_ipv4_range range;
402 402  
403 403 if (this->tuple.src.u3.ip != 0) { /* Only accept calls from GK */
404 404 nf_nat_follow_master(new, this);
405 405  
406 406  
407 407  
... ... @@ -409,16 +409,16 @@
409 409 BUG_ON(new->status & IPS_NAT_DONE_MASK);
410 410  
411 411 /* Change src to where master sends to */
412   - range.flags = IP_NAT_RANGE_MAP_IPS;
  412 + range.flags = NF_NAT_RANGE_MAP_IPS;
413 413 range.min_ip = range.max_ip = new->tuplehash[!this->dir].tuple.src.u3.ip;
414   - nf_nat_setup_info(new, &range, IP_NAT_MANIP_SRC);
  414 + nf_nat_setup_info(new, &range, NF_NAT_MANIP_SRC);
415 415  
416 416 /* For DST manip, map port here to where it's expected. */
417   - range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED);
  417 + range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
418 418 range.min = range.max = this->saved_proto;
419 419 range.min_ip = range.max_ip =
420 420 new->master->tuplehash[!this->dir].tuple.src.u3.ip;
421   - nf_nat_setup_info(new, &range, IP_NAT_MANIP_DST);
  421 + nf_nat_setup_info(new, &range, NF_NAT_MANIP_DST);
422 422 }
423 423  
424 424 /****************************************************************************/
425 425  
426 426  
427 427  
428 428  
... ... @@ -496,21 +496,21 @@
496 496 static void ip_nat_callforwarding_expect(struct nf_conn *new,
497 497 struct nf_conntrack_expect *this)
498 498 {
499   - struct nf_nat_range range;
  499 + struct nf_nat_ipv4_range range;
500 500  
501 501 /* This must be a fresh one. */
502 502 BUG_ON(new->status & IPS_NAT_DONE_MASK);
503 503  
504 504 /* Change src to where master sends to */
505   - range.flags = IP_NAT_RANGE_MAP_IPS;
  505 + range.flags = NF_NAT_RANGE_MAP_IPS;
506 506 range.min_ip = range.max_ip = new->tuplehash[!this->dir].tuple.src.u3.ip;
507   - nf_nat_setup_info(new, &range, IP_NAT_MANIP_SRC);
  507 + nf_nat_setup_info(new, &range, NF_NAT_MANIP_SRC);
508 508  
509 509 /* For DST manip, map port here to where it's expected. */
510   - range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED);
  510 + range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
511 511 range.min = range.max = this->saved_proto;
512 512 range.min_ip = range.max_ip = this->saved_ip;
513   - nf_nat_setup_info(new, &range, IP_NAT_MANIP_DST);
  513 + nf_nat_setup_info(new, &range, NF_NAT_MANIP_DST);
514 514 }
515 515  
516 516 /****************************************************************************/
net/ipv4/netfilter/nf_nat_helper.c
Diff comments   View file @ cbc9f2f
... ... @@ -430,23 +430,23 @@
430 430 void nf_nat_follow_master(struct nf_conn *ct,
431 431 struct nf_conntrack_expect *exp)
432 432 {
433   - struct nf_nat_range range;
  433 + struct nf_nat_ipv4_range range;
434 434  
435 435 /* This must be a fresh one. */
436 436 BUG_ON(ct->status & IPS_NAT_DONE_MASK);
437 437  
438 438 /* Change src to where master sends to */
439   - range.flags = IP_NAT_RANGE_MAP_IPS;
  439 + range.flags = NF_NAT_RANGE_MAP_IPS;
440 440 range.min_ip = range.max_ip
441 441 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip;
442   - nf_nat_setup_info(ct, &range, IP_NAT_MANIP_SRC);
  442 + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
443 443  
444 444 /* For DST manip, map port here to where it's expected. */
445   - range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED);
  445 + range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
446 446 range.min = range.max = exp->saved_proto;
447 447 range.min_ip = range.max_ip
448 448 = ct->master->tuplehash[!exp->dir].tuple.src.u3.ip;
449   - nf_nat_setup_info(ct, &range, IP_NAT_MANIP_DST);
  449 + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
450 450 }
451 451 EXPORT_SYMBOL(nf_nat_follow_master);
net/ipv4/netfilter/nf_nat_pptp.c
Diff comments   View file @ cbc9f2f
... ... @@ -47,7 +47,7 @@
47 47 struct nf_conntrack_tuple t;
48 48 const struct nf_ct_pptp_master *ct_pptp_info;
49 49 const struct nf_nat_pptp *nat_pptp_info;
50   - struct nf_nat_range range;
  50 + struct nf_nat_ipv4_range range;
51 51  
52 52 ct_pptp_info = &nfct_help(master)->help.ct_pptp_info;
53 53 nat_pptp_info = &nfct_nat(master)->help.nat_pptp_info;
54 54  
55 55  
56 56  
57 57  
58 58  
... ... @@ -88,24 +88,24 @@
88 88 BUG_ON(ct->status & IPS_NAT_DONE_MASK);
89 89  
90 90 /* Change src to where master sends to */
91   - range.flags = IP_NAT_RANGE_MAP_IPS;
  91 + range.flags = NF_NAT_RANGE_MAP_IPS;
92 92 range.min_ip = range.max_ip
93 93 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip;
94 94 if (exp->dir == IP_CT_DIR_ORIGINAL) {
95   - range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
  95 + range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
96 96 range.min = range.max = exp->saved_proto;
97 97 }
98   - nf_nat_setup_info(ct, &range, IP_NAT_MANIP_SRC);
  98 + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
99 99  
100 100 /* For DST manip, map port here to where it's expected. */
101   - range.flags = IP_NAT_RANGE_MAP_IPS;
  101 + range.flags = NF_NAT_RANGE_MAP_IPS;
102 102 range.min_ip = range.max_ip
103 103 = ct->master->tuplehash[!exp->dir].tuple.src.u3.ip;
104 104 if (exp->dir == IP_CT_DIR_REPLY) {
105   - range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
  105 + range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
106 106 range.min = range.max = exp->saved_proto;
107 107 }
108   - nf_nat_setup_info(ct, &range, IP_NAT_MANIP_DST);
  108 + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
109 109 }
110 110  
111 111 /* outbound packets == from PNS to PAC */
net/ipv4/netfilter/nf_nat_proto_common.c
Diff comments   View file @ cbc9f2f
... ... @@ -26,7 +26,7 @@
26 26 {
27 27 __be16 port;
28 28  
29   - if (maniptype == IP_NAT_MANIP_SRC)
  29 + if (maniptype == NF_NAT_MANIP_SRC)
30 30 port = tuple->src.u.all;
31 31 else
32 32 port = tuple->dst.u.all;
... ... @@ -37,7 +37,7 @@
37 37 EXPORT_SYMBOL_GPL(nf_nat_proto_in_range);
38 38  
39 39 void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
40   - const struct nf_nat_range *range,
  40 + const struct nf_nat_ipv4_range *range,
41 41 enum nf_nat_manip_type maniptype,
42 42 const struct nf_conn *ct,
43 43 u_int16_t *rover)
44 44  
45 45  
... ... @@ -46,15 +46,15 @@
46 46 __be16 *portptr;
47 47 u_int16_t off;
48 48  
49   - if (maniptype == IP_NAT_MANIP_SRC)
  49 + if (maniptype == NF_NAT_MANIP_SRC)
50 50 portptr = &tuple->src.u.all;
51 51 else
52 52 portptr = &tuple->dst.u.all;
53 53  
54 54 /* If no range specified... */
55   - if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED)) {
  55 + if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) {
56 56 /* If it's dst rewrite, can't change port */
57   - if (maniptype == IP_NAT_MANIP_DST)
  57 + if (maniptype == NF_NAT_MANIP_DST)
58 58 return;
59 59  
60 60 if (ntohs(*portptr) < 1024) {
61 61  
... ... @@ -75,9 +75,9 @@
75 75 range_size = ntohs(range->max.all) - min + 1;
76 76 }
77 77  
78   - if (range->flags & IP_NAT_RANGE_PROTO_RANDOM)
  78 + if (range->flags & NF_NAT_RANGE_PROTO_RANDOM)
79 79 off = secure_ipv4_port_ephemeral(tuple->src.u3.ip, tuple->dst.u3.ip,
80   - maniptype == IP_NAT_MANIP_SRC
  80 + maniptype == NF_NAT_MANIP_SRC
81 81 ? tuple->dst.u.all
82 82 : tuple->src.u.all);
83 83 else
... ... @@ -87,7 +87,7 @@
87 87 *portptr = htons(min + off % range_size);
88 88 if (++i != range_size && nf_nat_used_tuple(tuple, ct))
89 89 continue;
90   - if (!(range->flags & IP_NAT_RANGE_PROTO_RANDOM))
  90 + if (!(range->flags & NF_NAT_RANGE_PROTO_RANDOM))
91 91 *rover = off;
92 92 return;
93 93 }
... ... @@ -97,7 +97,7 @@
97 97  
98 98 #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
99 99 int nf_nat_proto_range_to_nlattr(struct sk_buff *skb,
100   - const struct nf_nat_range *range)
  100 + const struct nf_nat_ipv4_range *range)
101 101 {
102 102 NLA_PUT_BE16(skb, CTA_PROTONAT_PORT_MIN, range->min.all);
103 103 NLA_PUT_BE16(skb, CTA_PROTONAT_PORT_MAX, range->max.all);
104 104  
105 105  
... ... @@ -109,16 +109,16 @@
109 109 EXPORT_SYMBOL_GPL(nf_nat_proto_nlattr_to_range);
110 110  
111 111 int nf_nat_proto_nlattr_to_range(struct nlattr *tb[],
112   - struct nf_nat_range *range)
  112 + struct nf_nat_ipv4_range *range)
113 113 {
114 114 if (tb[CTA_PROTONAT_PORT_MIN]) {
115 115 range->min.all = nla_get_be16(tb[CTA_PROTONAT_PORT_MIN]);
116 116 range->max.all = range->min.tcp.port;
117   - range->flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
  117 + range->flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
118 118 }
119 119 if (tb[CTA_PROTONAT_PORT_MAX]) {
120 120 range->max.all = nla_get_be16(tb[CTA_PROTONAT_PORT_MAX]);
121   - range->flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
  121 + range->flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
122 122 }
123 123 return 0;
124 124 }
net/ipv4/netfilter/nf_nat_proto_dccp.c
Diff comments   View file @ cbc9f2f
... ... @@ -24,7 +24,7 @@
24 24  
25 25 static void
26 26 dccp_unique_tuple(struct nf_conntrack_tuple *tuple,
27   - const struct nf_nat_range *range,
  27 + const struct nf_nat_ipv4_range *range,
28 28 enum nf_nat_manip_type maniptype,
29 29 const struct nf_conn *ct)
30 30 {
... ... @@ -54,7 +54,7 @@
54 54 iph = (struct iphdr *)(skb->data + iphdroff);
55 55 hdr = (struct dccp_hdr *)(skb->data + hdroff);
56 56  
57   - if (maniptype == IP_NAT_MANIP_SRC) {
  57 + if (maniptype == NF_NAT_MANIP_SRC) {
58 58 oldip = iph->saddr;
59 59 newip = tuple->src.u3.ip;
60 60 newport = tuple->src.u.dccp.port;
net/ipv4/netfilter/nf_nat_proto_gre.c
Diff comments   View file @ cbc9f2f
... ... @@ -39,7 +39,7 @@
39 39 /* generate unique tuple ... */
40 40 static void
41 41 gre_unique_tuple(struct nf_conntrack_tuple *tuple,
42   - const struct nf_nat_range *range,
  42 + const struct nf_nat_ipv4_range *range,
43 43 enum nf_nat_manip_type maniptype,
44 44 const struct nf_conn *ct)
45 45 {
46 46  
... ... @@ -52,12 +52,12 @@
52 52 if (!ct->master)
53 53 return;
54 54  
55   - if (maniptype == IP_NAT_MANIP_SRC)
  55 + if (maniptype == NF_NAT_MANIP_SRC)
56 56 keyptr = &tuple->src.u.gre.key;
57 57 else
58 58 keyptr = &tuple->dst.u.gre.key;
59 59  
60   - if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED)) {
  60 + if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) {
61 61 pr_debug("%p: NATing GRE PPTP\n", ct);
62 62 min = 1;
63 63 range_size = 0xffff;
... ... @@ -99,7 +99,7 @@
99 99  
100 100 /* we only have destination manip of a packet, since 'source key'
101 101 * is not present in the packet itself */
102   - if (maniptype != IP_NAT_MANIP_DST)
  102 + if (maniptype != NF_NAT_MANIP_DST)
103 103 return true;
104 104 switch (greh->version) {
105 105 case GRE_VERSION_1701:
net/ipv4/netfilter/nf_nat_proto_icmp.c
Diff comments   View file @ cbc9f2f
... ... @@ -30,7 +30,7 @@
30 30  
31 31 static void
32 32 icmp_unique_tuple(struct nf_conntrack_tuple *tuple,
33   - const struct nf_nat_range *range,
  33 + const struct nf_nat_ipv4_range *range,
34 34 enum nf_nat_manip_type maniptype,
35 35 const struct nf_conn *ct)
36 36 {
... ... @@ -40,7 +40,7 @@
40 40  
41 41 range_size = ntohs(range->max.icmp.id) - ntohs(range->min.icmp.id) + 1;
42 42 /* If no range specified... */
43   - if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED))
  43 + if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED))
44 44 range_size = 0xFFFF;
45 45  
46 46 for (i = 0; ; ++id) {
net/ipv4/netfilter/nf_nat_proto_sctp.c
Diff comments   View file @ cbc9f2f
... ... @@ -19,7 +19,7 @@
19 19  
20 20 static void
21 21 sctp_unique_tuple(struct nf_conntrack_tuple *tuple,
22   - const struct nf_nat_range *range,
  22 + const struct nf_nat_ipv4_range *range,
23 23 enum nf_nat_manip_type maniptype,
24 24 const struct nf_conn *ct)
25 25 {
... ... @@ -46,7 +46,7 @@
46 46 iph = (struct iphdr *)(skb->data + iphdroff);
47 47 hdr = (struct sctphdr *)(skb->data + hdroff);
48 48  
49   - if (maniptype == IP_NAT_MANIP_SRC) {
  49 + if (maniptype == NF_NAT_MANIP_SRC) {
50 50 /* Get rid of src ip and src pt */
51 51 oldip = iph->saddr;
52 52 newip = tuple->src.u3.ip;
net/ipv4/netfilter/nf_nat_proto_tcp.c
Diff comments   View file @ cbc9f2f
... ... @@ -23,7 +23,7 @@
23 23  
24 24 static void
25 25 tcp_unique_tuple(struct nf_conntrack_tuple *tuple,
26   - const struct nf_nat_range *range,
  26 + const struct nf_nat_ipv4_range *range,
27 27 enum nf_nat_manip_type maniptype,
28 28 const struct nf_conn *ct)
29 29 {
... ... @@ -55,7 +55,7 @@
55 55 iph = (struct iphdr *)(skb->data + iphdroff);
56 56 hdr = (struct tcphdr *)(skb->data + hdroff);
57 57  
58   - if (maniptype == IP_NAT_MANIP_SRC) {
  58 + if (maniptype == NF_NAT_MANIP_SRC) {
59 59 /* Get rid of src ip and src pt */
60 60 oldip = iph->saddr;
61 61 newip = tuple->src.u3.ip;
net/ipv4/netfilter/nf_nat_proto_udp.c
Diff comments   View file @ cbc9f2f
... ... @@ -22,7 +22,7 @@
22 22  
23 23 static void
24 24 udp_unique_tuple(struct nf_conntrack_tuple *tuple,
25   - const struct nf_nat_range *range,
  25 + const struct nf_nat_ipv4_range *range,
26 26 enum nf_nat_manip_type maniptype,
27 27 const struct nf_conn *ct)
28 28 {
... ... @@ -47,7 +47,7 @@
47 47 iph = (struct iphdr *)(skb->data + iphdroff);
48 48 hdr = (struct udphdr *)(skb->data + hdroff);
49 49  
50   - if (maniptype == IP_NAT_MANIP_SRC) {
  50 + if (maniptype == NF_NAT_MANIP_SRC) {
51 51 /* Get rid of src ip and src pt */
52 52 oldip = iph->saddr;
53 53 newip = tuple->src.u3.ip;
net/ipv4/netfilter/nf_nat_proto_udplite.c
Diff comments   View file @ cbc9f2f
... ... @@ -21,7 +21,7 @@
21 21  
22 22 static void
23 23 udplite_unique_tuple(struct nf_conntrack_tuple *tuple,
24   - const struct nf_nat_range *range,
  24 + const struct nf_nat_ipv4_range *range,
25 25 enum nf_nat_manip_type maniptype,
26 26 const struct nf_conn *ct)
27 27 {
... ... @@ -47,7 +47,7 @@
47 47 iph = (struct iphdr *)(skb->data + iphdroff);
48 48 hdr = (struct udphdr *)(skb->data + hdroff);
49 49  
50   - if (maniptype == IP_NAT_MANIP_SRC) {
  50 + if (maniptype == NF_NAT_MANIP_SRC) {
51 51 /* Get rid of src ip and src pt */
52 52 oldip = iph->saddr;
53 53 newip = tuple->src.u3.ip;
net/ipv4/netfilter/nf_nat_proto_unknown.c
Diff comments   View file @ cbc9f2f
... ... @@ -27,7 +27,7 @@
27 27 }
28 28  
29 29 static void unknown_unique_tuple(struct nf_conntrack_tuple *tuple,
30   - const struct nf_nat_range *range,
  30 + const struct nf_nat_ipv4_range *range,
31 31 enum nf_nat_manip_type maniptype,
32 32 const struct nf_conn *ct)
33 33 {
net/ipv4/netfilter/nf_nat_rule.c
Diff comments   View file @ cbc9f2f
... ... @@ -44,7 +44,7 @@
44 44 {
45 45 struct nf_conn *ct;
46 46 enum ip_conntrack_info ctinfo;
47   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  47 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
48 48  
49 49 NF_CT_ASSERT(par->hooknum == NF_INET_POST_ROUTING ||
50 50 par->hooknum == NF_INET_LOCAL_IN);
... ... @@ -56,7 +56,7 @@
56 56 ctinfo == IP_CT_RELATED_REPLY));
57 57 NF_CT_ASSERT(par->out != NULL);
58 58  
59   - return nf_nat_setup_info(ct, &mr->range[0], IP_NAT_MANIP_SRC);
  59 + return nf_nat_setup_info(ct, &mr->range[0], NF_NAT_MANIP_SRC);
60 60 }
61 61  
62 62 static unsigned int
... ... @@ -64,7 +64,7 @@
64 64 {
65 65 struct nf_conn *ct;
66 66 enum ip_conntrack_info ctinfo;
67   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  67 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
68 68  
69 69 NF_CT_ASSERT(par->hooknum == NF_INET_PRE_ROUTING ||
70 70 par->hooknum == NF_INET_LOCAL_OUT);
71 71  
... ... @@ -74,12 +74,12 @@
74 74 /* Connection must be valid and new. */
75 75 NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
76 76  
77   - return nf_nat_setup_info(ct, &mr->range[0], IP_NAT_MANIP_DST);
  77 + return nf_nat_setup_info(ct, &mr->range[0], NF_NAT_MANIP_DST);
78 78 }
79 79  
80 80 static int ipt_snat_checkentry(const struct xt_tgchk_param *par)
81 81 {
82   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  82 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
83 83  
84 84 /* Must be a valid range */
85 85 if (mr->rangesize != 1) {
... ... @@ -91,7 +91,7 @@
91 91  
92 92 static int ipt_dnat_checkentry(const struct xt_tgchk_param *par)
93 93 {
94   - const struct nf_nat_multi_range_compat *mr = par->targinfo;
  94 + const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
95 95  
96 96 /* Must be a valid range */
97 97 if (mr->rangesize != 1) {
98 98  
99 99  
... ... @@ -105,13 +105,13 @@
105 105 alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)
106 106 {
107 107 /* Force range to this IP; let proto decide mapping for
108   - per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).
  108 + per-proto parts (hence not NF_NAT_RANGE_PROTO_SPECIFIED).
109 109 */
110   - struct nf_nat_range range;
  110 + struct nf_nat_ipv4_range range;
111 111  
112 112 range.flags = 0;
113 113 pr_debug("Allocating NULL binding for %p (%pI4)\n", ct,
114   - HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC ?
  114 + HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?
115 115 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip :
116 116 &ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip);
117 117  
... ... @@ -140,7 +140,7 @@
140 140 static struct xt_target ipt_snat_reg __read_mostly = {
141 141 .name = "SNAT",
142 142 .target = ipt_snat_target,
143   - .targetsize = sizeof(struct nf_nat_multi_range_compat),
  143 + .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
144 144 .table = "nat",
145 145 .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_LOCAL_IN),
146 146 .checkentry = ipt_snat_checkentry,
... ... @@ -150,7 +150,7 @@
150 150 static struct xt_target ipt_dnat_reg __read_mostly = {
151 151 .name = "DNAT",
152 152 .target = ipt_dnat_target,
153   - .targetsize = sizeof(struct nf_nat_multi_range_compat),
  153 + .targetsize = sizeof(struct nf_nat_ipv4_multi_range_compat),
154 154 .table = "nat",
155 155 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
156 156 .checkentry = ipt_dnat_checkentry,
net/ipv4/netfilter/nf_nat_sip.c
Diff comments   View file @ cbc9f2f
... ... @@ -249,25 +249,25 @@
249 249 static void ip_nat_sip_expected(struct nf_conn *ct,
250 250 struct nf_conntrack_expect *exp)
251 251 {
252   - struct nf_nat_range range;
  252 + struct nf_nat_ipv4_range range;
253 253  
254 254 /* This must be a fresh one. */
255 255 BUG_ON(ct->status & IPS_NAT_DONE_MASK);
256 256  
257 257 /* For DST manip, map port here to where it's expected. */
258   - range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED);
  258 + range.flags = (NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED);
259 259 range.min = range.max = exp->saved_proto;
260 260 range.min_ip = range.max_ip = exp->saved_ip;
261   - nf_nat_setup_info(ct, &range, IP_NAT_MANIP_DST);
  261 + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
262 262  
263 263 /* Change src to where master sends to, but only if the connection
264 264 * actually came from the same source. */
265 265 if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip ==
266 266 ct->master->tuplehash[exp->dir].tuple.src.u3.ip) {
267   - range.flags = IP_NAT_RANGE_MAP_IPS;
  267 + range.flags = NF_NAT_RANGE_MAP_IPS;
268 268 range.min_ip = range.max_ip
269 269 = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip;
270   - nf_nat_setup_info(ct, &range, IP_NAT_MANIP_SRC);
  270 + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
271 271 }
272 272 }
273 273  
net/ipv4/netfilter/nf_nat_standalone.c
Diff comments   View file @ cbc9f2f
... ... @@ -137,7 +137,7 @@
137 137 return ret;
138 138 } else
139 139 pr_debug("Already setup manip %s for ct %p\n",
140   - maniptype == IP_NAT_MANIP_SRC ? "SRC" : "DST",
  140 + maniptype == NF_NAT_MANIP_SRC ? "SRC" : "DST",
141 141 ct);
142 142 break;
143 143  
net/netfilter/nf_conntrack_netlink.c
Diff comments   View file @ cbc9f2f
... ... @@ -1102,14 +1102,14 @@
1102 1102  
1103 1103 if (cda[CTA_NAT_DST]) {
1104 1104 ret = ctnetlink_parse_nat_setup(ct,
1105   - IP_NAT_MANIP_DST,
  1105 + NF_NAT_MANIP_DST,
1106 1106 cda[CTA_NAT_DST]);
1107 1107 if (ret < 0)
1108 1108 return ret;
1109 1109 }
1110 1110 if (cda[CTA_NAT_SRC]) {
1111 1111 ret = ctnetlink_parse_nat_setup(ct,
1112   - IP_NAT_MANIP_SRC,
  1112 + NF_NAT_MANIP_SRC,
1113 1113 cda[CTA_NAT_SRC]);
1114 1114 if (ret < 0)
1115 1115 return ret;