From patchwork Sun Feb 21 18:53:45 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Shivani Bhardwaj <shivanib134@gmail.com>
X-Patchwork-Id: 585870
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 1C936140784
	for <incoming@patchwork.ozlabs.org>;
	Mon, 22 Feb 2016 05:54:34 +1100 (AEDT)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com header.b=gbRuNEgD;
	dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751318AbcBUSyd (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Sun, 21 Feb 2016 13:54:33 -0500
Received: from mail-pf0-f177.google.com ([209.85.192.177]:34133 "EHLO
	mail-pf0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750985AbcBUSyc (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Sun, 21 Feb 2016 13:54:32 -0500
Received: by mail-pf0-f177.google.com with SMTP id x65so79965751pfb.1
	for <netfilter-devel@vger.kernel.org>;
	Sun, 21 Feb 2016 10:54:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=date:from:to:subject:message-id:references:mime-version
	:content-type:content-disposition:in-reply-to:user-agent;
	bh=cRxJaHs2RbNfDzXRRKIMg26FhHn21mFIxPoP32cpQG8=;
	b=gbRuNEgDDjEPzTrFiN1oFDTh7stD8xnxxmxy76ffyehAEXYYL84XMOYgFir4lwW2eE
	+pfvpW1IC0gSU/2unMY1L0JQn1Z2xtMHVQxphwxiqrB8ImgYsN+UIrf67J1aOyF4u8Dt
	mVQUz5Sk5eACpPBEtx6hRxkgQ8t31FkoHd57fhY0xypKo1qZoZrgh38W5PUNiICmzvCI
	O9LNBo+MBMKHUfSWCWStYxbFU8vq+vKFSsaeAZ8JAtgy3xhQ46GCTF3jd5FG72oOr+Gz
	3ZSVnbhg7Q4jcnXQwQonpueX1z6WNxio0DkPnVggIO2jC9n3pc8rpPBEHuGRmA6lVW83
	urnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:date:from:to:subject:message-id:references
	:mime-version:content-type:content-disposition:in-reply-to
	:user-agent;
	bh=cRxJaHs2RbNfDzXRRKIMg26FhHn21mFIxPoP32cpQG8=;
	b=Nq79P+2BQwl3pWq4dFlN/TnFbdLCUM8ysIlcKhKKcDZG2B50lRHHBtavEB5eEs4ins
	8IdTtK/ztCTUejGFw1xbadDnM4Nk9o27Qy9YW05yfDVO4u/HntTcruVT9HYx2KMdobEe
	GFpQmqUI0Z4R2cotqNO69vVG0Bl+Z40g7HpAspEMtVaUe2yjrf2795VXMvf6TW6SEsoj
	bwMF82TT1XFB8N3rieiLv4TadupDPQIDcdf3S4xhjCE6oyqpRiMJdG7bRegr10FEhQG3
	LW8eDptmc+/858DRzsZsC8xXGVXGh2Jab6nsFnKui+pZHVbFpkwaiMbE15i9cqUF2YnE
	6a8A==
X-Gm-Message-State: 
 AG10YORLZYexU+lsWbs5aJ9OF1Pr+vF6P0VqXmp4K0/lE9EnBHXii1E2z3mbxN59cEE0Ew==
X-Received: by 10.98.73.2 with SMTP id w2mr32556065pfa.106.1456080872327;
	Sun, 21 Feb 2016 10:54:32 -0800 (PST)
Received: from gmail.com ([116.202.36.30]) by smtp.gmail.com with ESMTPSA id
	q85sm31302185pfq.81.2016.02.21.10.54.29
	for <netfilter-devel@vger.kernel.org>
	(version=TLS1_2 cipher=AES128-SHA bits=128/128);
	Sun, 21 Feb 2016 10:54:31 -0800 (PST)
Date: Mon, 22 Feb 2016 00:23:45 +0530
From: Shivani Bhardwaj <shivanib134@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH 2/2] extensions: libip6t_mh: Add translation to nft
Message-ID: 
 <755537e264168d96942df92fa94329aed502a253.1456080369.git.shivanib134@gmail.com>
References: 
 <2cf9af3607f9af0ee203060ddbaae655b66a1085.1456080369.git.shivanib134@gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: 
 <2cf9af3607f9af0ee203060ddbaae655b66a1085.1456080369.git.shivanib134@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Add translation for mobility header to nftables.

Examples:

$ sudo ip6tables-translate -A INPUT -p mh --mh-type 1 -j ACCEPT
nft add rule ip6 filter INPUT meta l4proto mobility-header mh type 1 counter accept

$ sudo ip6tables-translate -A INPUT -p mh --mh-type 1:3 -j ACCEPT
nft add rule ip6 filter INPUT meta l4proto mobility-header mh type 1-3 counter accept

Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
---
 extensions/libip6t_mh.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index 686a293..e0c214c 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -202,6 +202,26 @@ static void mh_save(const void *ip, const struct xt_entry_match *match)
 		printf(" --mh-type %u", mhinfo->types[0]);
 }
 
+static int mh_xlate(const struct xt_entry_match *match,
+		    struct xt_xlate *xl, int numeric)
+{
+	const struct ip6t_mh *mhinfo = (struct ip6t_mh *)match->data;
+
+	if (mhinfo->types[0] == 0 && mhinfo->types[1] == 0xFF)
+		return 1;
+
+	if (mhinfo->types[0] != mhinfo->types[1])
+		xt_xlate_add(xl, "mh type %s%u-%u ",
+			     mhinfo->invflags & IP6T_MH_INV_TYPE ? "!= " : "",
+			     mhinfo->types[0], mhinfo->types[1]);
+	else
+		xt_xlate_add(xl, "mh type %s%u ",
+			     mhinfo->invflags & IP6T_MH_INV_TYPE ? "!= " : "",
+			     mhinfo->types[0]);
+
+	return 1;
+}
+
 static const struct xt_option_entry mh_opts[] = {
 	{.name = "mh-type", .id = O_MH_TYPE, .type = XTTYPE_STRING,
 	 .flags = XTOPT_INVERT},
@@ -220,6 +240,7 @@ static struct xtables_match mh_mt6_reg = {
 	.print		= mh_print,
 	.save		= mh_save,
 	.x6_options	= mh_opts,
+	.xlate		= mh_xlate,
 };
 
 void _init(void)