projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
netfilter: Make nf_hookfn use nf_hook_state.
[deliverable/linux.git] / net / ipv6 / netfilter / nft_chain_nat_ipv6.c
CommitLineData
eb31628e
TB		 1/*
2 * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
3 * Copyright (c) 2012 Intel Corporation
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
8 *
9 */
10
11#include <linux/module.h>
12#include <linux/init.h>
13#include <linux/list.h>
14#include <linux/skbuff.h>
15#include <linux/ip.h>
16#include <linux/netfilter.h>
17#include <linux/netfilter_ipv6.h>
18#include <linux/netfilter/nf_tables.h>
19#include <net/netfilter/nf_conntrack.h>
20#include <net/netfilter/nf_nat.h>
21#include <net/netfilter/nf_nat_core.h>
22#include <net/netfilter/nf_tables.h>
23#include <net/netfilter/nf_tables_ipv6.h>
24#include <net/netfilter/nf_nat_l3proto.h>
25#include <net/ipv6.h>
26
876665ea
PNA		 27static unsigned int nft_nat_do_chain(const struct nf_hook_ops *ops,
28 struct sk_buff *skb,
29 const struct net_device *in,
30 const struct net_device *out,
31 struct nf_conn *ct)
eb31628e 32{
eb31628e 33 struct nft_pktinfo pkt;
eb31628e 34
876665ea 35 nft_set_pktinfo_ipv6(&pkt, ops, skb, in, out);
eb31628e 36
876665ea 37 return nft_do_chain(&pkt, ops);
eb31628e
TB		 38}
39
876665ea
PNA		 40static unsigned int nft_nat_ipv6_fn(const struct nf_hook_ops *ops,
41 struct sk_buff *skb,
238e54c9 42 const struct nf_hook_state *state)
eb31628e 43{
238e54c9 44 return nf_nat_ipv6_fn(ops, skb, state->in, state->out, nft_nat_do_chain);
eb31628e
TB		 45}
46
876665ea
PNA		 47static unsigned int nft_nat_ipv6_in(const struct nf_hook_ops *ops,
48 struct sk_buff *skb,
238e54c9 49 const struct nf_hook_state *state)
eb31628e 50{
238e54c9 51 return nf_nat_ipv6_in(ops, skb, state->in, state->out, nft_nat_do_chain);
eb31628e
TB		 52}
53
876665ea
PNA		 54static unsigned int nft_nat_ipv6_out(const struct nf_hook_ops *ops,
55 struct sk_buff *skb,
238e54c9 56 const struct nf_hook_state *state)
eb31628e 57{
238e54c9 58 return nf_nat_ipv6_out(ops, skb, state->in, state->out, nft_nat_do_chain);
876665ea 59}
eb31628e 60
876665ea
PNA		 61static unsigned int nft_nat_ipv6_local_fn(const struct nf_hook_ops *ops,
62 struct sk_buff *skb,
238e54c9 63 const struct nf_hook_state *state)
876665ea 64{
238e54c9 65 return nf_nat_ipv6_local_fn(ops, skb, state->in, state->out, nft_nat_do_chain);
eb31628e
TB		 66}
67
2a37d755 68static const struct nf_chain_type nft_chain_nat_ipv6 = {
eb31628e
TB		 69 .name = "nat",
70 .type = NFT_CHAIN_T_NAT,
fa2c1de0
PM		 71 .family = NFPROTO_IPV6,
72 .owner = THIS_MODULE,
eb31628e
TB		 73 .hook_mask = (1 << NF_INET_PRE_ROUTING) |
74 (1 << NF_INET_POST_ROUTING) |
75 (1 << NF_INET_LOCAL_OUT) |
76 (1 << NF_INET_LOCAL_IN),
fa2c1de0 77 .hooks = {
876665ea
PNA		 78 [NF_INET_PRE_ROUTING] = nft_nat_ipv6_in,
79 [NF_INET_POST_ROUTING] = nft_nat_ipv6_out,
80 [NF_INET_LOCAL_OUT] = nft_nat_ipv6_local_fn,
2a5538e9 81 [NF_INET_LOCAL_IN] = nft_nat_ipv6_fn,
eb31628e 82 },
eb31628e
TB		 83};
84
85static int __init nft_chain_nat_ipv6_init(void)
86{
87 int err;
88
89 err = nft_register_chain_type(&nft_chain_nat_ipv6);
90 if (err < 0)
91 return err;
92
93 return 0;
94}
95
96static void __exit nft_chain_nat_ipv6_exit(void)
97{
98 nft_unregister_chain_type(&nft_chain_nat_ipv6);
99}
100
101module_init(nft_chain_nat_ipv6_init);
102module_exit(nft_chain_nat_ipv6_exit);
103
104MODULE_LICENSE("GPL");
105MODULE_AUTHOR("Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>");
106MODULE_ALIAS_NFT_CHAIN(AF_INET6, "nat");
Linux kernel - Deliverables
This page took 0.097214 seconds and 5 git commands to generate.