~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/bridge/netfilter/ebtable_nat.c

Version: ~ [ linux-5.12-rc7 ] ~ [ linux-5.11.13 ] ~ [ linux-5.10.29 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.111 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.186 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.230 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.266 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.266 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  *  ebtable_nat
  3  *
  4  *      Authors:
  5  *      Bart De Schuymer <bdschuym@pandora.be>
  6  *
  7  *  April, 2002
  8  *
  9  */
 10 
 11 #include <linux/netfilter_bridge/ebtables.h>
 12 #include <linux/module.h>
 13 
 14 #define NAT_VALID_HOOKS ((1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_LOCAL_OUT) | \
 15                          (1 << NF_BR_POST_ROUTING))
 16 
 17 static struct ebt_entries initial_chains[] = {
 18         {
 19                 .name   = "PREROUTING",
 20                 .policy = EBT_ACCEPT,
 21         },
 22         {
 23                 .name   = "OUTPUT",
 24                 .policy = EBT_ACCEPT,
 25         },
 26         {
 27                 .name   = "POSTROUTING",
 28                 .policy = EBT_ACCEPT,
 29         }
 30 };
 31 
 32 static struct ebt_replace_kernel initial_table = {
 33         .name           = "nat",
 34         .valid_hooks    = NAT_VALID_HOOKS,
 35         .entries_size   = 3 * sizeof(struct ebt_entries),
 36         .hook_entry     = {
 37                 [NF_BR_PRE_ROUTING]     = &initial_chains[0],
 38                 [NF_BR_LOCAL_OUT]       = &initial_chains[1],
 39                 [NF_BR_POST_ROUTING]    = &initial_chains[2],
 40         },
 41         .entries        = (char *)initial_chains,
 42 };
 43 
 44 static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
 45 {
 46         if (valid_hooks & ~NAT_VALID_HOOKS)
 47                 return -EINVAL;
 48         return 0;
 49 }
 50 
 51 static struct ebt_table frame_nat = {
 52         .name           = "nat",
 53         .table          = &initial_table,
 54         .valid_hooks    = NAT_VALID_HOOKS,
 55         .check          = check,
 56         .me             = THIS_MODULE,
 57 };
 58 
 59 static unsigned int
 60 ebt_nat_in(void *priv, struct sk_buff *skb,
 61            const struct nf_hook_state *state)
 62 {
 63         return ebt_do_table(skb, state, state->net->xt.frame_nat);
 64 }
 65 
 66 static unsigned int
 67 ebt_nat_out(void *priv, struct sk_buff *skb,
 68             const struct nf_hook_state *state)
 69 {
 70         return ebt_do_table(skb, state, state->net->xt.frame_nat);
 71 }
 72 
 73 static struct nf_hook_ops ebt_ops_nat[] __read_mostly = {
 74         {
 75                 .hook           = ebt_nat_out,
 76                 .pf             = NFPROTO_BRIDGE,
 77                 .hooknum        = NF_BR_LOCAL_OUT,
 78                 .priority       = NF_BR_PRI_NAT_DST_OTHER,
 79         },
 80         {
 81                 .hook           = ebt_nat_out,
 82                 .pf             = NFPROTO_BRIDGE,
 83                 .hooknum        = NF_BR_POST_ROUTING,
 84                 .priority       = NF_BR_PRI_NAT_SRC,
 85         },
 86         {
 87                 .hook           = ebt_nat_in,
 88                 .pf             = NFPROTO_BRIDGE,
 89                 .hooknum        = NF_BR_PRE_ROUTING,
 90                 .priority       = NF_BR_PRI_NAT_DST_BRIDGED,
 91         },
 92 };
 93 
 94 static int __net_init frame_nat_net_init(struct net *net)
 95 {
 96         net->xt.frame_nat = ebt_register_table(net, &frame_nat);
 97         return PTR_ERR_OR_ZERO(net->xt.frame_nat);
 98 }
 99 
100 static void __net_exit frame_nat_net_exit(struct net *net)
101 {
102         ebt_unregister_table(net, net->xt.frame_nat);
103 }
104 
105 static struct pernet_operations frame_nat_net_ops = {
106         .init = frame_nat_net_init,
107         .exit = frame_nat_net_exit,
108 };
109 
110 static int __init ebtable_nat_init(void)
111 {
112         int ret;
113 
114         ret = register_pernet_subsys(&frame_nat_net_ops);
115         if (ret < 0)
116                 return ret;
117         ret = nf_register_hooks(ebt_ops_nat, ARRAY_SIZE(ebt_ops_nat));
118         if (ret < 0)
119                 unregister_pernet_subsys(&frame_nat_net_ops);
120         return ret;
121 }
122 
123 static void __exit ebtable_nat_fini(void)
124 {
125         nf_unregister_hooks(ebt_ops_nat, ARRAY_SIZE(ebt_ops_nat));
126         unregister_pernet_subsys(&frame_nat_net_ops);
127 }
128 
129 module_init(ebtable_nat_init);
130 module_exit(ebtable_nat_fini);
131 MODULE_LICENSE("GPL");
132 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp