~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv4/netfilter/nft_chain_nat_ipv4.c

Version: ~ [ linux-5.12-rc7 ] ~ [ linux-5.11.13 ] ~ [ linux-5.10.29 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.111 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.186 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.230 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.266 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.266 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /*
  2  * Copyright (c) 2008-2009 Patrick McHardy <kaber@trash.net>
  3  * Copyright (c) 2012 Pablo Neira Ayuso <pablo@netfilter.org>
  4  * Copyright (c) 2012 Intel Corporation
  5  *
  6  * This program is free software; you can redistribute it and/or modify
  7  * it under the terms of the GNU General Public License version 2 as
  8  * published by the Free Software Foundation.
  9  *
 10  * Development of this code funded by Astaro AG (http://www.astaro.com/)
 11  */
 12 
 13 #include <linux/module.h>
 14 #include <linux/init.h>
 15 #include <linux/list.h>
 16 #include <linux/skbuff.h>
 17 #include <linux/ip.h>
 18 #include <linux/netfilter.h>
 19 #include <linux/netfilter_ipv4.h>
 20 #include <linux/netfilter/nf_tables.h>
 21 #include <net/netfilter/nf_conntrack.h>
 22 #include <net/netfilter/nf_nat.h>
 23 #include <net/netfilter/nf_nat_core.h>
 24 #include <net/netfilter/nf_tables.h>
 25 #include <net/netfilter/nf_tables_ipv4.h>
 26 #include <net/netfilter/nf_nat_l3proto.h>
 27 #include <net/ip.h>
 28 
 29 static unsigned int nft_nat_do_chain(void *priv,
 30                                       struct sk_buff *skb,
 31                                       const struct nf_hook_state *state,
 32                                       struct nf_conn *ct)
 33 {
 34         struct nft_pktinfo pkt;
 35 
 36         nft_set_pktinfo_ipv4(&pkt, skb, state);
 37 
 38         return nft_do_chain(&pkt, priv);
 39 }
 40 
 41 static unsigned int nft_nat_ipv4_fn(void *priv,
 42                                     struct sk_buff *skb,
 43                                     const struct nf_hook_state *state)
 44 {
 45         return nf_nat_ipv4_fn(priv, skb, state, nft_nat_do_chain);
 46 }
 47 
 48 static unsigned int nft_nat_ipv4_in(void *priv,
 49                                     struct sk_buff *skb,
 50                                     const struct nf_hook_state *state)
 51 {
 52         return nf_nat_ipv4_in(priv, skb, state, nft_nat_do_chain);
 53 }
 54 
 55 static unsigned int nft_nat_ipv4_out(void *priv,
 56                                      struct sk_buff *skb,
 57                                      const struct nf_hook_state *state)
 58 {
 59         return nf_nat_ipv4_out(priv, skb, state, nft_nat_do_chain);
 60 }
 61 
 62 static unsigned int nft_nat_ipv4_local_fn(void *priv,
 63                                           struct sk_buff *skb,
 64                                           const struct nf_hook_state *state)
 65 {
 66         return nf_nat_ipv4_local_fn(priv, skb, state, nft_nat_do_chain);
 67 }
 68 
 69 static const struct nf_chain_type nft_chain_nat_ipv4 = {
 70         .name           = "nat",
 71         .type           = NFT_CHAIN_T_NAT,
 72         .family         = NFPROTO_IPV4,
 73         .owner          = THIS_MODULE,
 74         .hook_mask      = (1 << NF_INET_PRE_ROUTING) |
 75                           (1 << NF_INET_POST_ROUTING) |
 76                           (1 << NF_INET_LOCAL_OUT) |
 77                           (1 << NF_INET_LOCAL_IN),
 78         .hooks          = {
 79                 [NF_INET_PRE_ROUTING]   = nft_nat_ipv4_in,
 80                 [NF_INET_POST_ROUTING]  = nft_nat_ipv4_out,
 81                 [NF_INET_LOCAL_OUT]     = nft_nat_ipv4_local_fn,
 82                 [NF_INET_LOCAL_IN]      = nft_nat_ipv4_fn,
 83         },
 84 };
 85 
 86 static int __init nft_chain_nat_init(void)
 87 {
 88         int err;
 89 
 90         err = nft_register_chain_type(&nft_chain_nat_ipv4);
 91         if (err < 0)
 92                 return err;
 93 
 94         return 0;
 95 }
 96 
 97 static void __exit nft_chain_nat_exit(void)
 98 {
 99         nft_unregister_chain_type(&nft_chain_nat_ipv4);
100 }
101 
102 module_init(nft_chain_nat_init);
103 module_exit(nft_chain_nat_exit);
104 
105 MODULE_LICENSE("GPL");
106 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
107 MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat");
108
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp