[NETFILTER]: nf_conntrack/nf_nat: add PPTP helper port

Add nf_conntrack port of the PPtP conntrack/NAT helper. Since there seems
to be no IPv6-capable PPtP implementation the helper only support IPv4.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

4 files changed, 14 insertions, 0 deletions

diff --git a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
index a1c57ee0a4fa..1401ccc051c4 100644
--- a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
+++ b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
@@ -11,10 +11,12 @@
 
 #ifdef CONFIG_NF_NAT_NEEDED
 #include <net/netfilter/nf_nat.h>
+#include <linux/netfilter/nf_conntrack_pptp.h>
 
 /* per conntrack: nat application helper private data */
 union nf_conntrack_nat_help {
         /* insert nat helper private data here */
+        struct nf_nat_pptp nat_pptp_info;
 };
 
 struct nf_conn_nat {
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 1646076933b1..032b36a0e378 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -21,6 +21,7 @@
 
 #include <linux/netfilter/nf_conntrack_tcp.h>
 #include <linux/netfilter/nf_conntrack_sctp.h>
+#include <linux/netfilter/nf_conntrack_proto_gre.h>
 #include <net/netfilter/ipv4/nf_conntrack_icmp.h>
 #include <net/netfilter/ipv6/nf_conntrack_icmpv6.h>
 
@@ -33,6 +34,7 @@ union nf_conntrack_proto {
         struct ip_ct_tcp tcp;
         struct ip_ct_icmp icmp;
         struct nf_ct_icmpv6 icmpv6;
+        struct nf_ct_gre gre;
 };
 
 union nf_conntrack_expect_proto {
@@ -41,12 +43,14 @@ union nf_conntrack_expect_proto {
 
 /* Add protocol helper include file here */
 #include <linux/netfilter/nf_conntrack_ftp.h>
+#include <linux/netfilter/nf_conntrack_pptp.h>
 #include <linux/netfilter/nf_conntrack_h323.h>
 
 /* per conntrack: application helper private data */
 union nf_conntrack_help {
         /* insert conntrack helper private data (master) here */
         struct nf_ct_ftp_master ct_ftp_info;
+        struct nf_ct_pptp_master ct_pptp_info;
         struct nf_ct_h323_master ct_h323_info;
 };
 
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index fbba9e8b95fc..8c72ac9f0ab8 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -34,6 +34,8 @@ struct nf_conntrack_helper
                     struct nf_conn *ct,
                     enum ip_conntrack_info conntrackinfo);
 
+        void (*destroy)(struct nf_conn *ct);
+
         int (*to_nfattr)(struct sk_buff *skb, const struct nf_conn *ct);
 };
 
diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h
index c96a9c576736..5d72b16e876f 100644
--- a/include/net/netfilter/nf_conntrack_tuple.h
+++ b/include/net/netfilter/nf_conntrack_tuple.h
@@ -49,6 +49,9 @@ union nf_conntrack_man_proto
         struct {
                 __be16 port;
         } sctp;
+        struct {
+                __be16 key;     /* GRE key is 32bit, PPtP only uses 16bit */
+        } gre;
 };
 
 /* The manipulable part of the tuple. */
@@ -84,6 +87,9 @@ struct nf_conntrack_tuple
                         struct {
                                 __be16 port;
                         } sctp;
+                        struct {
+                                __be16 key;
+                        } gre;
                 } u;
 
                 /* The protocol. */