// SPDX-License-Identifier: GPL-2.0-only /* nf_nat_helper.c - generic support functions for NAT helpers * * (C) 2000-2002 Harald Welte <[email protected]> * (C) 2003-2006 Netfilter Core Team <[email protected]> * (C) 2007-2012 Patrick McHardy <[email protected]> */ #include <linux/module.h> #include <linux/gfp.h> #include <linux/types.h> #include <linux/skbuff.h> #include <linux/tcp.h> #include <linux/udp.h> #include <net/tcp.h> #include <net/netfilter/nf_conntrack.h> #include <net/netfilter/nf_conntrack_helper.h> #include <net/netfilter/nf_conntrack_ecache.h> #include <net/netfilter/nf_conntrack_expect.h> #include <net/netfilter/nf_conntrack_seqadj.h> #include <net/netfilter/nf_nat.h> #include <net/netfilter/nf_nat_helper.h> /* Frobs data inside this packet, which is linear. */ static void mangle_contents(struct sk_buff *skb, unsigned int dataoff, unsigned int match_offset, unsigned int match_len, const char *rep_buffer, unsigned int rep_len) { … } /* Unusual, but possible case. */ static bool enlarge_skb(struct sk_buff *skb, unsigned int extra) { … } /* Generic function for mangling variable-length address changes inside * NATed TCP connections (like the PORT XXX,XXX,XXX,XXX,XXX,XXX * command in FTP). * * Takes care about all the nasty sequence number changes, checksumming, * skb enlargement, ... * * */ bool __nf_nat_mangle_tcp_packet(struct sk_buff *skb, struct nf_conn *ct, enum ip_conntrack_info ctinfo, unsigned int protoff, unsigned int match_offset, unsigned int match_len, const char *rep_buffer, unsigned int rep_len, bool adjust) { … } EXPORT_SYMBOL(…); /* Generic function for mangling variable-length address changes inside * NATed UDP connections (like the CONNECT DATA XXXXX MESG XXXXX INDEX XXXXX * command in the Amanda protocol) * * Takes care about all the nasty sequence number changes, checksumming, * skb enlargement, ... * * XXX - This function could be merged with nf_nat_mangle_tcp_packet which * should be fairly easy to do. */ bool nf_nat_mangle_udp_packet(struct sk_buff *skb, struct nf_conn *ct, enum ip_conntrack_info ctinfo, unsigned int protoff, unsigned int match_offset, unsigned int match_len, const char *rep_buffer, unsigned int rep_len) { … } EXPORT_SYMBOL(…); /* Setup NAT on this expected conntrack so it follows master. */ /* If we fail to get a free NAT slot, we'll get dropped on confirm */ void nf_nat_follow_master(struct nf_conn *ct, struct nf_conntrack_expect *exp) { … } EXPORT_SYMBOL(…); u16 nf_nat_exp_find_port(struct nf_conntrack_expect *exp, u16 port) { … } EXPORT_SYMBOL_GPL(…);
Codebase Browser
linux