Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / f563bf65d9028c58bb0ecea9c8d40d5a57e64b3f / . / include / net / netfilter / nf_nat.h
blob: 07eaaf60409215198961cea9834c2d770a90f02e [file] [log] [blame]
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]1#ifndef _NF_NAT_H
2#define _NF_NAT_H
3#include <linux/netfilter_ipv4.h>
Patrick McHardycbc9f2f2011-12-23 13:59:49 +0100[diff] [blame]4#include <linux/netfilter/nf_nat.h>
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]5#include <net/netfilter/nf_conntrack_tuple.h>
6
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]7enum nf_nat_manip_type {
Patrick McHardycbc9f2f2011-12-23 13:59:49 +0100[diff] [blame]8 NF_NAT_MANIP_SRC,
9 NF_NAT_MANIP_DST
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]10};
11
12/* SRC manip occurs POST_ROUTING or LOCAL_IN */
Patrick McHardy6e23ae22007-11-19 18:53:30 -0800[diff] [blame]13#define HOOK2MANIP(hooknum) ((hooknum) != NF_INET_POST_ROUTING && \
14 (hooknum) != NF_INET_LOCAL_IN)
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]15
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]16#include <linux/list.h>
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]17#include <linux/netfilter/nf_conntrack_pptp.h>
Yasuyuki Kozakai2d59e5c2007-07-07 22:24:28 -0700[diff] [blame]18#include <net/netfilter/nf_conntrack_extend.h>
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]19
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]20/* per conntrack: nat application helper private data */
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]21union nf_conntrack_nat_help {
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]22 /* insert nat helper private data here */
Changli Gao03c0e5b2010-11-15 12:27:27 +0100[diff] [blame]23#if defined(CONFIG_NF_NAT_PPTP) || defined(CONFIG_NF_NAT_PPTP_MODULE)
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]24 struct nf_nat_pptp nat_pptp_info;
Changli Gao03c0e5b2010-11-15 12:27:27 +0100[diff] [blame]25#endif
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]26};
27
Yasuyuki Kozakaib6b84d42007-07-07 22:26:35 -0700[diff] [blame]28struct nf_conn;
29
30/* The structure embedded in the conntrack structure. */
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]31struct nf_conn_nat {
Patrick McHardy53aba592007-07-07 22:30:27 -0700[diff] [blame]32 struct hlist_node bysource;
Yasuyuki Kozakaib6b84d42007-07-07 22:26:35 -0700[diff] [blame]33 struct nf_conn *ct;
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]34 union nf_conntrack_nat_help help;
35#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) || \
Patrick McHardyb3f644f2012-08-26 19:14:14 +0200[diff] [blame]36 defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE) || \
37 defined(CONFIG_IP6_NF_TARGET_MASQUERADE) || \
38 defined(CONFIG_IP6_NF_TARGET_MASQUERADE_MODULE)
Yasuyuki Kozakai4ba88772007-07-07 22:22:33 -0700[diff] [blame]39 int masq_index;
40#endif
41};
42
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]43/* Set up the info structure to map into this range. */
Joe Perches4e77be42013-09-23 11:37:48 -0700[diff] [blame]44unsigned int nf_nat_setup_info(struct nf_conn *ct,
45 const struct nf_nat_range *range,
46 enum nf_nat_manip_type maniptype);
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]47
Pablo Neira Ayusof59cb042013-10-14 10:57:04 +0200[diff] [blame]48extern unsigned int nf_nat_alloc_null_binding(struct nf_conn *ct,
49 unsigned int hooknum);
50
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]51/* Is this tuple already taken? (not by us)*/
Joe Perches4e77be42013-09-23 11:37:48 -0700[diff] [blame]52int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
53 const struct nf_conn *ignored_conntrack);
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]54
Yasuyuki Kozakai2d59e5c2007-07-07 22:24:28 -0700[diff] [blame]55static inline struct nf_conn_nat *nfct_nat(const struct nf_conn *ct)
56{
Changli Gaoe0e76c82010-11-15 12:23:24 +0100[diff] [blame]57#if defined(CONFIG_NF_NAT) || defined(CONFIG_NF_NAT_MODULE)
Yasuyuki Kozakai2d59e5c2007-07-07 22:24:28 -0700[diff] [blame]58 return nf_ct_ext_find(ct, NF_CT_EXT_NAT);
Changli Gaoe0e76c82010-11-15 12:23:24 +0100[diff] [blame]59#else
60 return NULL;
61#endif
Yasuyuki Kozakai2d59e5c2007-07-07 22:24:28 -0700[diff] [blame]62}
63
Jozsef Kadlecsika0ecb852012-11-30 12:37:26 +0000[diff] [blame]64static inline bool nf_nat_oif_changed(unsigned int hooknum,
65 enum ip_conntrack_info ctinfo,
66 struct nf_conn_nat *nat,
67 const struct net_device *out)
68{
69#if IS_ENABLED(CONFIG_IP_NF_TARGET_MASQUERADE) || \
70 IS_ENABLED(CONFIG_IP6_NF_TARGET_MASQUERADE)
71 return nat->masq_index && hooknum == NF_INET_POST_ROUTING &&
72 CTINFO2DIR(ctinfo) == IP_CT_DIR_ORIGINAL &&
73 nat->masq_index != out->ifindex;
74#else
75 return false;
76#endif
77}
78
Jozsef Kadlecsik5b1158e2006-12-02 22:07:13 -0800[diff] [blame]79#endif