openvswitch: Interface with NAT.
authorJarno Rajahalme <jarno@ovn.org>
Thu, 10 Mar 2016 18:54:23 +0000 (10:54 -0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 14 Mar 2016 22:47:29 +0000 (23:47 +0100)
commit05752523e56502cd9975aec0a2ded465d51a71f3
tree790e1c4d9855ca15e1104ef9697c342dfe08a780
parent28b6e0c1ace45779c60e7cefe6d469b7ecb520b8
openvswitch: Interface with NAT.

Extend OVS conntrack interface to cover NAT.  New nested
OVS_CT_ATTR_NAT attribute may be used to include NAT with a CT action.
A bare OVS_CT_ATTR_NAT only mangles existing and expected connections.
If OVS_NAT_ATTR_SRC or OVS_NAT_ATTR_DST is included within the nested
attributes, new (non-committed/non-confirmed) connections are mangled
according to the rest of the nested attributes.

The corresponding OVS userspace patch series includes test cases (in
tests/system-traffic.at) that also serve as example uses.

This work extends on a branch by Thomas Graf at
https://github.com/tgraf/ovs/tree/nat.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Thomas Graf <tgraf@suug.ch>
Acked-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/uapi/linux/openvswitch.h
net/openvswitch/Kconfig
net/openvswitch/conntrack.c
net/openvswitch/conntrack.h