diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-04-24 22:55:36 +0300 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-04-28 01:53:54 +0300 |
| commit | acd766e31bb96b90c2dc4954f86e573c9ac16c66 (patch) | |
| tree | fb07212a671c33414a0ff195d2107aa523c5685d /net | |
| parent | 4566aa440008103c9bd364f38c03ca5309acc8f4 (diff) | |
| download | linux-acd766e31bb96b90c2dc4954f86e573c9ac16c66.tar.xz | |
netfilter: nft_nat: add helper function to set up NAT address and protocol
This patch add nft_nat_setup_addr() and nft_nat_setup_proto() to set up
the NAT mangling.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/nft_nat.c | 56 |
1 files changed, 34 insertions, 22 deletions
diff --git a/net/netfilter/nft_nat.c b/net/netfilter/nft_nat.c index 5c7ff213c030..7442aa8b1555 100644 --- a/net/netfilter/nft_nat.c +++ b/net/netfilter/nft_nat.c @@ -30,6 +30,36 @@ struct nft_nat { u16 flags; }; +static void nft_nat_setup_addr(struct nf_nat_range2 *range, + const struct nft_regs *regs, + const struct nft_nat *priv) +{ + switch (priv->family) { + case AF_INET: + range->min_addr.ip = (__force __be32) + regs->data[priv->sreg_addr_min]; + range->max_addr.ip = (__force __be32) + regs->data[priv->sreg_addr_max]; + break; + case AF_INET6: + memcpy(range->min_addr.ip6, ®s->data[priv->sreg_addr_min], + sizeof(range->min_addr.ip6)); + memcpy(range->max_addr.ip6, ®s->data[priv->sreg_addr_max], + sizeof(range->max_addr.ip6)); + break; + } +} + +static void nft_nat_setup_proto(struct nf_nat_range2 *range, + const struct nft_regs *regs, + const struct nft_nat *priv) +{ + range->min_proto.all = (__force __be16) + nft_reg_load16(®s->data[priv->sreg_proto_min]); + range->max_proto.all = (__force __be16) + nft_reg_load16(®s->data[priv->sreg_proto_max]); +} + static void nft_nat_eval(const struct nft_expr *expr, struct nft_regs *regs, const struct nft_pktinfo *pkt) @@ -40,29 +70,11 @@ static void nft_nat_eval(const struct nft_expr *expr, struct nf_nat_range2 range; memset(&range, 0, sizeof(range)); - if (priv->sreg_addr_min) { - if (priv->family == AF_INET) { - range.min_addr.ip = (__force __be32) - regs->data[priv->sreg_addr_min]; - range.max_addr.ip = (__force __be32) - regs->data[priv->sreg_addr_max]; - - } else { - memcpy(range.min_addr.ip6, - ®s->data[priv->sreg_addr_min], - sizeof(range.min_addr.ip6)); - memcpy(range.max_addr.ip6, - ®s->data[priv->sreg_addr_max], - sizeof(range.max_addr.ip6)); - } - } + if (priv->sreg_addr_min) + nft_nat_setup_addr(&range, regs, priv); - if (priv->sreg_proto_min) { - range.min_proto.all = (__force __be16)nft_reg_load16( - ®s->data[priv->sreg_proto_min]); - range.max_proto.all = (__force __be16)nft_reg_load16( - ®s->data[priv->sreg_proto_max]); - } + if (priv->sreg_proto_min) + nft_nat_setup_proto(&range, regs, priv); range.flags = priv->flags; |