From patchwork Mon Oct 14 16:38:43 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pablo Neira Ayuso <pablo@netfilter.org>
X-Patchwork-Id: 283342
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 93E7F2C034A
	for <incoming@patchwork.ozlabs.org>;
	Tue, 15 Oct 2013 03:40:54 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1757258Ab3JNQjO (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 14 Oct 2013 12:39:14 -0400
Received: from mail.us.es ([193.147.175.20]:34730 "EHLO mail.us.es"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1757070Ab3JNQjN (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);
	Mon, 14 Oct 2013 12:39:13 -0400
Received: (qmail 12318 invoked from network); 14 Oct 2013 18:39:09 +0200
Received: from unknown (HELO us.es) (192.168.2.14)
	by us.es with SMTP; 14 Oct 2013 18:39:09 +0200
Received: (qmail 2562 invoked by uid 507); 14 Oct 2013 16:39:25 -0000
X-Qmail-Scanner-Diagnostics: from 127.0.0.1 by antivirus4 (envelope-from
	<pablo@netfilter.org>, uid 501) with qmail-scanner-2.10
	(clamdscan: 0.98/17960. spamassassin: 3.3.2.  
	Clear:RC:1(127.0.0.1):SA:0(-99.8/7.5):.
	Processed in 1.771129 secs); 14 Oct 2013 16:39:25 -0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on antivirus4
X-Spam-Level: 
X-Spam-Status: No, score=-99.8 required=7.5 tests=BAYES_50,RCVD_IN_PBL,
	RCVD_IN_RP_RNBL, RCVD_IN_SORBS_DUL, RDNS_DYNAMIC, SMTPAUTH_US,
	USER_IN_WHITELIST autolearn=disabled version=3.3.2
X-Spam-ASN: AS12715 95.20.0.0/16
X-Envelope-From: pablo@netfilter.org
Received: from unknown (HELO antivirus4) (127.0.0.1)
	by us.es with SMTP; 14 Oct 2013 16:39:23 -0000
Received: from 192.168.1.13 (192.168.1.13)
	by antivirus4 (F-Secure/fsigk_smtp/412/antivirus4);
	Mon, 14 Oct 2013 18:39:23 +0200 (CEST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/412/antivirus4)
Received: (qmail 4734 invoked from network); 14 Oct 2013 18:39:09 +0200
Received: from 184.146.20.95.dynamic.jazztel.es (HELO soleta.pb.local)
	(pneira@us.es@95.20.146.184)
	by mail.us.es with SMTP; 14 Oct 2013 18:39:09 +0200
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, kaber@trash.net, netdev@vger.kernel.org
Subject: [PATCH 02/17] netfilter: nf_nat: move alloc_null_binding to
	nf_nat_core.c
Date: Mon, 14 Oct 2013 18:38:43 +0200
Message-Id: <1381768738-17739-3-git-send-email-pablo@netfilter.org>
X-Mailer: git-send-email 1.7.10.4
In-Reply-To: <1381768738-17739-1-git-send-email-pablo@netfilter.org>
References: <1381768738-17739-1-git-send-email-pablo@netfilter.org>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Similar to nat_decode_session, alloc_null_binding is needed for both
ip_tables and nf_tables, so move it to nf_nat_core.c. This change
is required by nf_tables.

This is an adapted version of the original patch from Patrick McHardy.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/net/netfilter/nf_nat.h |    3 +++
 net/netfilter/nf_nat_core.c    |   20 ++++++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h
index c29b4e5..07eaaf6 100644
--- a/include/net/netfilter/nf_nat.h
+++ b/include/net/netfilter/nf_nat.h
@@ -45,6 +45,9 @@ unsigned int nf_nat_setup_info(struct nf_conn *ct,
 			       const struct nf_nat_range *range,
 			       enum nf_nat_manip_type maniptype);
 
+extern unsigned int nf_nat_alloc_null_binding(struct nf_conn *ct,
+					      unsigned int hooknum);
+
 /* Is this tuple already taken? (not by us)*/
 int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
 		      const struct nf_conn *ignored_conntrack);
diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 6f0f4f7..63a8154 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -432,6 +432,26 @@ nf_nat_setup_info(struct nf_conn *ct,
 }
 EXPORT_SYMBOL(nf_nat_setup_info);
 
+unsigned int
+nf_nat_alloc_null_binding(struct nf_conn *ct, unsigned int hooknum)
+{
+	/* Force range to this IP; let proto decide mapping for
+	 * per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).
+	 * Use reply in case it's already been mangled (eg local packet).
+	 */
+	union nf_inet_addr ip =
+		(HOOK2MANIP(hooknum) == NF_NAT_MANIP_SRC ?
+		ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3 :
+		ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3);
+	struct nf_nat_range range = {
+		.flags		= NF_NAT_RANGE_MAP_IPS,
+		.min_addr	= ip,
+		.max_addr	= ip,
+	};
+	return nf_nat_setup_info(ct, &range, HOOK2MANIP(hooknum));
+}
+EXPORT_SYMBOL_GPL(nf_nat_alloc_null_binding);
+
 /* Do packet manipulations according to nf_nat_setup_info. */
 unsigned int nf_nat_packet(struct nf_conn *ct,
 			   enum ip_conntrack_info ctinfo,