projects / linux-block.git / blame
| Commit | Line | Data |
|---|---|---|
| b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
| 5b1158e9 JK |
2 | #ifndef _NF_NAT_H |
| 3 | #define _NF_NAT_H | |
| 4 | #include <linux/netfilter_ipv4.h> | |
| cbc9f2f4 | 5 | #include <linux/netfilter/nf_nat.h> |
| 5b1158e9 JK |
6 | #include <net/netfilter/nf_conntrack_tuple.h> |
| 7 | ||
| fd2c3ef7 | 8 | enum nf_nat_manip_type { |
| cbc9f2f4 PM |
9 | NF_NAT_MANIP_SRC, |
| 10 | NF_NAT_MANIP_DST | |
| 5b1158e9 JK |
11 | }; |
| 12 | ||
| 13 | /* SRC manip occurs POST_ROUTING or LOCAL_IN */ | |
| 6e23ae2a PM |
14 | #define HOOK2MANIP(hooknum) ((hooknum) != NF_INET_POST_ROUTING && \ |
| 15 | (hooknum) != NF_INET_LOCAL_IN) | |
| 5b1158e9 | 16 | |
| 5b1158e9 | 17 | #include <linux/list.h> |
| 4ba88779 | 18 | #include <linux/netfilter/nf_conntrack_pptp.h> |
| 2d59e5ca | 19 | #include <net/netfilter/nf_conntrack_extend.h> |
| 5b1158e9 | 20 | |
| 4ba88779 | 21 | /* per conntrack: nat application helper private data */ |
| fd2c3ef7 | 22 | union nf_conntrack_nat_help { |
| 4ba88779 | 23 | /* insert nat helper private data here */ |
| 03c0e5bb | 24 | #if defined(CONFIG_NF_NAT_PPTP) || defined(CONFIG_NF_NAT_PPTP_MODULE) |
| 4ba88779 | 25 | struct nf_nat_pptp nat_pptp_info; |
| 03c0e5bb | 26 | #endif |
| 4ba88779 YK |
27 | }; |
| 28 | ||
| b6b84d4a YK |
29 | struct nf_conn; |
| 30 | ||
| 31 | /* The structure embedded in the conntrack structure. */ | |
| fd2c3ef7 | 32 | struct nf_conn_nat { |
| 4ba88779 | 33 | union nf_conntrack_nat_help help; |
| 67981fef PNA |
34 | #if IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV4) || \ |
| 35 | IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV6) | |
| 4ba88779 YK |
36 | int masq_index; |
| 37 | #endif | |
| 38 | }; | |
| 39 | ||
| 5b1158e9 | 40 | /* Set up the info structure to map into this range. */ |
| 4e77be46 JP |
41 | unsigned int nf_nat_setup_info(struct nf_conn *ct, |
| 42 | const struct nf_nat_range *range, | |
| 43 | enum nf_nat_manip_type maniptype); | |
| 5b1158e9 | 44 | |
| f59cb045 PNA |
45 | extern unsigned int nf_nat_alloc_null_binding(struct nf_conn *ct, |
| 46 | unsigned int hooknum); | |
| 47 | ||
| f768e5bd FW |
48 | struct nf_conn_nat *nf_ct_nat_ext_add(struct nf_conn *ct); |
| 49 | ||
| 5b1158e9 | 50 | /* Is this tuple already taken? (not by us)*/ |
| 4e77be46 JP |
51 | int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple, |
| 52 | const struct nf_conn *ignored_conntrack); | |
| 5b1158e9 | 53 | |
| 2d59e5ca YK |
54 | static inline struct nf_conn_nat *nfct_nat(const struct nf_conn *ct) |
| 55 | { | |
| e0e76c83 | 56 | #if defined(CONFIG_NF_NAT) || defined(CONFIG_NF_NAT_MODULE) |
| 2d59e5ca | 57 | return nf_ct_ext_find(ct, NF_CT_EXT_NAT); |
| e0e76c83 CG |
58 | #else |
| 59 | return NULL; | |
| 60 | #endif | |
| 2d59e5ca YK |
61 | } |
| 62 | ||
| a0ecb85a JK |
63 | static inline bool nf_nat_oif_changed(unsigned int hooknum, |
| 64 | enum ip_conntrack_info ctinfo, | |
| 65 | struct nf_conn_nat *nat, | |
| 66 | const struct net_device *out) | |
| 67 | { | |
| 67981fef PNA |
68 | #if IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV4) || \ |
| 69 | IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV6) | |
| 9a08ecfe | 70 | return nat && nat->masq_index && hooknum == NF_INET_POST_ROUTING && |
| a0ecb85a JK |
71 | CTINFO2DIR(ctinfo) == IP_CT_DIR_ORIGINAL && |
| 72 | nat->masq_index != out->ifindex; | |
| 73 | #else | |
| 74 | return false; | |
| 75 | #endif | |
| 76 | } | |
| 77 | ||
| 5b1158e9 | 78 | #endif |