diff options
| -rw-r--r-- | include/net/netfilter/nf_nat_l3proto.h | 24 | ||||
| -rw-r--r-- | net/ipv4/netfilter/iptable_nat.c | 3 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 14 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nft_chain_nat_ipv4.c | 3 | ||||
| -rw-r--r-- | net/ipv6/netfilter/ip6table_nat.c | 3 | ||||
| -rw-r--r-- | net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 14 | ||||
| -rw-r--r-- | net/ipv6/netfilter/nft_chain_nat_ipv6.c | 3 |
7 files changed, 22 insertions, 42 deletions
diff --git a/include/net/netfilter/nf_nat_l3proto.h b/include/net/netfilter/nf_nat_l3proto.h index ac47098a61dc..8bad2560576f 100644 --- a/include/net/netfilter/nf_nat_l3proto.h +++ b/include/net/netfilter/nf_nat_l3proto.h | |||
| @@ -48,30 +48,26 @@ unsigned int nf_nat_ipv4_in(void *priv, struct sk_buff *skb, | |||
| 48 | const struct nf_hook_state *state, | 48 | const struct nf_hook_state *state, |
| 49 | unsigned int (*do_chain)(void *priv, | 49 | unsigned int (*do_chain)(void *priv, |
| 50 | struct sk_buff *skb, | 50 | struct sk_buff *skb, |
| 51 | const struct nf_hook_state *state, | 51 | const struct nf_hook_state *state)); |
| 52 | struct nf_conn *ct)); | ||
| 53 | 52 | ||
| 54 | unsigned int nf_nat_ipv4_out(void *priv, struct sk_buff *skb, | 53 | unsigned int nf_nat_ipv4_out(void *priv, struct sk_buff *skb, |
| 55 | const struct nf_hook_state *state, | 54 | const struct nf_hook_state *state, |
| 56 | unsigned int (*do_chain)(void *priv, | 55 | unsigned int (*do_chain)(void *priv, |
| 57 | struct sk_buff *skb, | 56 | struct sk_buff *skb, |
| 58 | const struct nf_hook_state *state, | 57 | const struct nf_hook_state *state)); |
| 59 | struct nf_conn *ct)); | ||
| 60 | 58 | ||
| 61 | unsigned int nf_nat_ipv4_local_fn(void *priv, | 59 | unsigned int nf_nat_ipv4_local_fn(void *priv, |
| 62 | struct sk_buff *skb, | 60 | struct sk_buff *skb, |
| 63 | const struct nf_hook_state *state, | 61 | const struct nf_hook_state *state, |
| 64 | unsigned int (*do_chain)(void *priv, | 62 | unsigned int (*do_chain)(void *priv, |
| 65 | struct sk_buff *skb, | 63 | struct sk_buff *skb, |
| 66 | const struct nf_hook_state *state, | 64 | const struct nf_hook_state *state)); |
| 67 | struct nf_conn *ct)); | ||
| 68 | 65 | ||
| 69 | unsigned int nf_nat_ipv4_fn(void *priv, struct sk_buff *skb, | 66 | unsigned int nf_nat_ipv4_fn(void *priv, struct sk_buff *skb, |
| 70 | const struct nf_hook_state *state, | 67 | const struct nf_hook_state *state, |
| 71 | unsigned int (*do_chain)(void *priv, | 68 | unsigned int (*do_chain)(void *priv, |
| 72 | struct sk_buff *skb, | 69 | struct sk_buff *skb, |
| 73 | const struct nf_hook_state *state, | 70 | const struct nf_hook_state *state)); |
| 74 | struct nf_conn *ct)); | ||
| 75 | 71 | ||
| 76 | int nf_nat_icmpv6_reply_translation(struct sk_buff *skb, struct nf_conn *ct, | 72 | int nf_nat_icmpv6_reply_translation(struct sk_buff *skb, struct nf_conn *ct, |
| 77 | enum ip_conntrack_info ctinfo, | 73 | enum ip_conntrack_info ctinfo, |
| @@ -81,29 +77,25 @@ unsigned int nf_nat_ipv6_in(void *priv, struct sk_buff *skb, | |||
| 81 | const struct nf_hook_state *state, | 77 | const struct nf_hook_state *state, |
| 82 | unsigned int (*do_chain)(void *priv, | 78 | unsigned int (*do_chain)(void *priv, |
| 83 | struct sk_buff *skb, | 79 | struct sk_buff *skb, |
| 84 | const struct nf_hook_state *state, | 80 | const struct nf_hook_state *state)); |
| 85 | struct nf_conn *ct)); | ||
| 86 | 81 | ||
| 87 | unsigned int nf_nat_ipv6_out(void *priv, struct sk_buff *skb, | 82 | unsigned int nf_nat_ipv6_out(void *priv, struct sk_buff *skb, |
| 88 | const struct nf_hook_state *state, | 83 | const struct nf_hook_state *state, |
| 89 | unsigned int (*do_chain)(void *priv, | 84 | unsigned int (*do_chain)(void *priv, |
| 90 | struct sk_buff *skb, | 85 | struct sk_buff *skb, |
| 91 | const struct nf_hook_state *state, | 86 | const struct nf_hook_state *state)); |
| 92 | struct nf_conn *ct)); | ||
| 93 | 87 | ||
| 94 | unsigned int nf_nat_ipv6_local_fn(void *priv, | 88 | unsigned int nf_nat_ipv6_local_fn(void *priv, |
| 95 | struct sk_buff *skb, | 89 | struct sk_buff *skb, |
| 96 | const struct nf_hook_state *state, | 90 | const struct nf_hook_state *state, |
| 97 | unsigned int (*do_chain)(void *priv, | 91 | unsigned int (*do_chain)(void *priv, |
| 98 | struct sk_buff *skb, | 92 | struct sk_buff *skb, |
| 99 | const struct nf_hook_state *state, | 93 | const struct nf_hook_state *state)); |
| 100 | struct nf_conn *ct)); | ||
| 101 | 94 | ||
| 102 | unsigned int nf_nat_ipv6_fn(void *priv, struct sk_buff *skb, | 95 | unsigned int nf_nat_ipv6_fn(void *priv, struct sk_buff *skb, |
| 103 | const struct nf_hook_state *state, | 96 | const struct nf_hook_state *state, |
| 104 | unsigned int (*do_chain)(void *priv, | 97 | unsigned int (*do_chain)(void *priv, |
| 105 | struct sk_buff *skb, | 98 | struct sk_buff *skb, |
| 106 | const struct nf_hook_state *state, | 99 | const struct nf_hook_state *state)); |
| 107 | struct nf_conn *ct)); | ||
| 108 | 100 | ||
| 109 | #endif /* _NF_NAT_L3PROTO_H */ | 101 | #endif /* _NF_NAT_L3PROTO_H */ |
diff --git a/net/ipv4/netfilter/iptable_nat.c b/net/ipv4/netfilter/iptable_nat.c index 0f7255cc65ee..529d89ec31e8 100644 --- a/net/ipv4/netfilter/iptable_nat.c +++ b/net/ipv4/netfilter/iptable_nat.c | |||
| @@ -33,8 +33,7 @@ static const struct xt_table nf_nat_ipv4_table = { | |||
| 33 | 33 | ||
| 34 | static unsigned int iptable_nat_do_chain(void *priv, | 34 | static unsigned int iptable_nat_do_chain(void *priv, |
| 35 | struct sk_buff *skb, | 35 | struct sk_buff *skb, |
| 36 | const struct nf_hook_state *state, | 36 | const struct nf_hook_state *state) |
| 37 | struct nf_conn *ct) | ||
| 38 | { | 37 | { |
| 39 | return ipt_do_table(skb, state, state->net->ipv4.nat_table); | 38 | return ipt_do_table(skb, state, state->net->ipv4.nat_table); |
| 40 | } | 39 | } |
diff --git a/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c b/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c index 4346336cee4c..325e02956bf5 100644 --- a/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | |||
| @@ -246,8 +246,7 @@ nf_nat_ipv4_fn(void *priv, struct sk_buff *skb, | |||
| 246 | const struct nf_hook_state *state, | 246 | const struct nf_hook_state *state, |
| 247 | unsigned int (*do_chain)(void *priv, | 247 | unsigned int (*do_chain)(void *priv, |
| 248 | struct sk_buff *skb, | 248 | struct sk_buff *skb, |
| 249 | const struct nf_hook_state *state, | 249 | const struct nf_hook_state *state)) |
| 250 | struct nf_conn *ct)) | ||
| 251 | { | 250 | { |
| 252 | struct nf_conn *ct; | 251 | struct nf_conn *ct; |
| 253 | enum ip_conntrack_info ctinfo; | 252 | enum ip_conntrack_info ctinfo; |
| @@ -285,7 +284,7 @@ nf_nat_ipv4_fn(void *priv, struct sk_buff *skb, | |||
| 285 | if (!nf_nat_initialized(ct, maniptype)) { | 284 | if (!nf_nat_initialized(ct, maniptype)) { |
| 286 | unsigned int ret; | 285 | unsigned int ret; |
| 287 | 286 | ||
| 288 | ret = do_chain(priv, skb, state, ct); | 287 | ret = do_chain(priv, skb, state); |
| 289 | if (ret != NF_ACCEPT) | 288 | if (ret != NF_ACCEPT) |
| 290 | return ret; | 289 | return ret; |
| 291 | 290 | ||
| @@ -326,8 +325,7 @@ nf_nat_ipv4_in(void *priv, struct sk_buff *skb, | |||
| 326 | const struct nf_hook_state *state, | 325 | const struct nf_hook_state *state, |
| 327 | unsigned int (*do_chain)(void *priv, | 326 | unsigned int (*do_chain)(void *priv, |
| 328 | struct sk_buff *skb, | 327 | struct sk_buff *skb, |
| 329 | const struct nf_hook_state *state, | 328 | const struct nf_hook_state *state)) |
| 330 | struct nf_conn *ct)) | ||
| 331 | { | 329 | { |
| 332 | unsigned int ret; | 330 | unsigned int ret; |
| 333 | __be32 daddr = ip_hdr(skb)->daddr; | 331 | __be32 daddr = ip_hdr(skb)->daddr; |
| @@ -346,8 +344,7 @@ nf_nat_ipv4_out(void *priv, struct sk_buff *skb, | |||
| 346 | const struct nf_hook_state *state, | 344 | const struct nf_hook_state *state, |
| 347 | unsigned int (*do_chain)(void *priv, | 345 | unsigned int (*do_chain)(void *priv, |
| 348 | struct sk_buff *skb, | 346 | struct sk_buff *skb, |
| 349 | const struct nf_hook_state *state, | 347 | const struct nf_hook_state *state)) |
| 350 | struct nf_conn *ct)) | ||
| 351 | { | 348 | { |
| 352 | #ifdef CONFIG_XFRM | 349 | #ifdef CONFIG_XFRM |
| 353 | const struct nf_conn *ct; | 350 | const struct nf_conn *ct; |
| @@ -383,8 +380,7 @@ nf_nat_ipv4_local_fn(void *priv, struct sk_buff *skb, | |||
| 383 | const struct nf_hook_state *state, | 380 | const struct nf_hook_state *state, |
| 384 | unsigned int (*do_chain)(void *priv, | 381 | unsigned int (*do_chain)(void *priv, |
| 385 | struct sk_buff *skb, | 382 | struct sk_buff *skb, |
| 386 | const struct nf_hook_state *state, | 383 | const struct nf_hook_state *state)) |
| 387 | struct nf_conn *ct)) | ||
| 388 | { | 384 | { |
| 389 | const struct nf_conn *ct; | 385 | const struct nf_conn *ct; |
| 390 | enum ip_conntrack_info ctinfo; | 386 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv4/netfilter/nft_chain_nat_ipv4.c b/net/ipv4/netfilter/nft_chain_nat_ipv4.c index b5464a3f253b..285baccfbdea 100644 --- a/net/ipv4/netfilter/nft_chain_nat_ipv4.c +++ b/net/ipv4/netfilter/nft_chain_nat_ipv4.c | |||
| @@ -28,8 +28,7 @@ | |||
| 28 | 28 | ||
| 29 | static unsigned int nft_nat_do_chain(void *priv, | 29 | static unsigned int nft_nat_do_chain(void *priv, |
| 30 | struct sk_buff *skb, | 30 | struct sk_buff *skb, |
| 31 | const struct nf_hook_state *state, | 31 | const struct nf_hook_state *state) |
| 32 | struct nf_conn *ct) | ||
| 33 | { | 32 | { |
| 34 | struct nft_pktinfo pkt; | 33 | struct nft_pktinfo pkt; |
| 35 | 34 | ||
diff --git a/net/ipv6/netfilter/ip6table_nat.c b/net/ipv6/netfilter/ip6table_nat.c index 47306e45a80a..2bf554e18af8 100644 --- a/net/ipv6/netfilter/ip6table_nat.c +++ b/net/ipv6/netfilter/ip6table_nat.c | |||
| @@ -35,8 +35,7 @@ static const struct xt_table nf_nat_ipv6_table = { | |||
| 35 | 35 | ||
| 36 | static unsigned int ip6table_nat_do_chain(void *priv, | 36 | static unsigned int ip6table_nat_do_chain(void *priv, |
| 37 | struct sk_buff *skb, | 37 | struct sk_buff *skb, |
| 38 | const struct nf_hook_state *state, | 38 | const struct nf_hook_state *state) |
| 39 | struct nf_conn *ct) | ||
| 40 | { | 39 | { |
| 41 | return ip6t_do_table(skb, state, state->net->ipv6.ip6table_nat); | 40 | return ip6t_do_table(skb, state, state->net->ipv6.ip6table_nat); |
| 42 | } | 41 | } |
diff --git a/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c index 56d75eb5448f..f1582b6f9588 100644 --- a/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | |||
| @@ -257,8 +257,7 @@ nf_nat_ipv6_fn(void *priv, struct sk_buff *skb, | |||
| 257 | const struct nf_hook_state *state, | 257 | const struct nf_hook_state *state, |
| 258 | unsigned int (*do_chain)(void *priv, | 258 | unsigned int (*do_chain)(void *priv, |
| 259 | struct sk_buff *skb, | 259 | struct sk_buff *skb, |
| 260 | const struct nf_hook_state *state, | 260 | const struct nf_hook_state *state)) |
| 261 | struct nf_conn *ct)) | ||
| 262 | { | 261 | { |
| 263 | struct nf_conn *ct; | 262 | struct nf_conn *ct; |
| 264 | enum ip_conntrack_info ctinfo; | 263 | enum ip_conntrack_info ctinfo; |
| @@ -303,7 +302,7 @@ nf_nat_ipv6_fn(void *priv, struct sk_buff *skb, | |||
| 303 | if (!nf_nat_initialized(ct, maniptype)) { | 302 | if (!nf_nat_initialized(ct, maniptype)) { |
| 304 | unsigned int ret; | 303 | unsigned int ret; |
| 305 | 304 | ||
| 306 | ret = do_chain(priv, skb, state, ct); | 305 | ret = do_chain(priv, skb, state); |
| 307 | if (ret != NF_ACCEPT) | 306 | if (ret != NF_ACCEPT) |
| 308 | return ret; | 307 | return ret; |
| 309 | 308 | ||
| @@ -343,8 +342,7 @@ nf_nat_ipv6_in(void *priv, struct sk_buff *skb, | |||
| 343 | const struct nf_hook_state *state, | 342 | const struct nf_hook_state *state, |
| 344 | unsigned int (*do_chain)(void *priv, | 343 | unsigned int (*do_chain)(void *priv, |
| 345 | struct sk_buff *skb, | 344 | struct sk_buff *skb, |
| 346 | const struct nf_hook_state *state, | 345 | const struct nf_hook_state *state)) |
| 347 | struct nf_conn *ct)) | ||
| 348 | { | 346 | { |
| 349 | unsigned int ret; | 347 | unsigned int ret; |
| 350 | struct in6_addr daddr = ipv6_hdr(skb)->daddr; | 348 | struct in6_addr daddr = ipv6_hdr(skb)->daddr; |
| @@ -363,8 +361,7 @@ nf_nat_ipv6_out(void *priv, struct sk_buff *skb, | |||
| 363 | const struct nf_hook_state *state, | 361 | const struct nf_hook_state *state, |
| 364 | unsigned int (*do_chain)(void *priv, | 362 | unsigned int (*do_chain)(void *priv, |
| 365 | struct sk_buff *skb, | 363 | struct sk_buff *skb, |
| 366 | const struct nf_hook_state *state, | 364 | const struct nf_hook_state *state)) |
| 367 | struct nf_conn *ct)) | ||
| 368 | { | 365 | { |
| 369 | #ifdef CONFIG_XFRM | 366 | #ifdef CONFIG_XFRM |
| 370 | const struct nf_conn *ct; | 367 | const struct nf_conn *ct; |
| @@ -400,8 +397,7 @@ nf_nat_ipv6_local_fn(void *priv, struct sk_buff *skb, | |||
| 400 | const struct nf_hook_state *state, | 397 | const struct nf_hook_state *state, |
| 401 | unsigned int (*do_chain)(void *priv, | 398 | unsigned int (*do_chain)(void *priv, |
| 402 | struct sk_buff *skb, | 399 | struct sk_buff *skb, |
| 403 | const struct nf_hook_state *state, | 400 | const struct nf_hook_state *state)) |
| 404 | struct nf_conn *ct)) | ||
| 405 | { | 401 | { |
| 406 | const struct nf_conn *ct; | 402 | const struct nf_conn *ct; |
| 407 | enum ip_conntrack_info ctinfo; | 403 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv6/netfilter/nft_chain_nat_ipv6.c b/net/ipv6/netfilter/nft_chain_nat_ipv6.c index 3557b114446c..100a6bd1046a 100644 --- a/net/ipv6/netfilter/nft_chain_nat_ipv6.c +++ b/net/ipv6/netfilter/nft_chain_nat_ipv6.c | |||
| @@ -26,8 +26,7 @@ | |||
| 26 | 26 | ||
| 27 | static unsigned int nft_nat_do_chain(void *priv, | 27 | static unsigned int nft_nat_do_chain(void *priv, |
| 28 | struct sk_buff *skb, | 28 | struct sk_buff *skb, |
| 29 | const struct nf_hook_state *state, | 29 | const struct nf_hook_state *state) |
| 30 | struct nf_conn *ct) | ||
| 31 | { | 30 | { |
| 32 | struct nft_pktinfo pkt; | 31 | struct nft_pktinfo pkt; |
| 33 | 32 | ||