netfilter: combine ipt_NETMAP and ip6t_NETMAP

Combine more modules since the actual code is so small anyway that the kmod metadata and the module in its loaded state totally outweighs the combined actual code size. IP_NF_TARGET_NETMAP becomes a compat option; IP6_NF_TARGET_NETMAP is completely eliminated since it has not see a release yet. Signed-off-by: Jan Engelhardt <jengelh@inai.de> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Jan Engelhardt <jengelh@inai.de> 2012-09-21 05:37:59 -0400
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2012-09-21 06:11:08 -0400
commit: b3d54b3e406b5d6ac391590bf7524e887e8e13c3 (patch)
tree: 3695787e235b3289593bb001f6f733cdd40a3a02 /net/ipv6
parent: 136251d02ff283e99f023b0abdeb52b4b3423a56 (diff)
3 files changed, 0 insertions, 104 deletions
diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig
index d8f276b9fd8a..007bb450f04f 100644
--- a/net/ipv6/netfilter/Kconfig
+++ b/net/ipv6/netfilter/Kconfig
@@ -209,15 +209,6 @@ config IP6_NF_TARGET_MASQUERADE
          To compile it as a module, choose M here.  If unsure, say N.
-config IP6_NF_TARGET_NETMAP
-        tristate "NETMAP target support"
-        help
-          NETMAP is an implementation of static 1:1 NAT mapping of network
-          addresses. It maps the network address part, while keeping the host
-          address part intact.
-          To compile it as a module, choose M here.  If unsure, say N.
 config IP6_NF_TARGET_REDIRECT
        tristate "REDIRECT target support"
        help
diff --git a/net/ipv6/netfilter/Makefile b/net/ipv6/netfilter/Makefile
index 5752132ca159..de8e0d11338d 100644
--- a/net/ipv6/netfilter/Makefile
+++ b/net/ipv6/netfilter/Makefile
@@ -35,7 +35,6 @@ obj-$(CONFIG_IP6_NF_MATCH_RT) += ip6t_rt.o
 # targets
 obj-$(CONFIG_IP6_NF_TARGET_MASQUERADE) += ip6t_MASQUERADE.o
-obj-$(CONFIG_IP6_NF_TARGET_NETMAP) += ip6t_NETMAP.o
 obj-$(CONFIG_IP6_NF_TARGET_NPT) += ip6t_NPT.o
 obj-$(CONFIG_IP6_NF_TARGET_REDIRECT) += ip6t_REDIRECT.o
 obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o
diff --git a/net/ipv6/netfilter/ip6t_NETMAP.c b/net/ipv6/netfilter/ip6t_NETMAP.c
deleted file mode 100644
index 4f3bf360e50f..000000000000
--- a/net/ipv6/netfilter/ip6t_NETMAP.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
- *
- * Based on Svenning Soerensen's IPv4 NETMAP target. Development of IPv6
- * NAT funded by Astaro.
- */
-#include <linux/kernel.h>
-#include <linux/module.h>
-#include <linux/ipv6.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter_ipv6.h>
-#include <linux/netfilter/x_tables.h>
-#include <net/netfilter/nf_nat.h>
-static unsigned int
-netmap_tg6(struct sk_buff *skb, const struct xt_action_param *par)
-{
-        const struct nf_nat_range *range = par->targinfo;
-        struct nf_nat_range newrange;
-        struct nf_conn *ct;
-        enum ip_conntrack_info ctinfo;
-        union nf_inet_addr new_addr, netmask;
-        unsigned int i;
-        ct = nf_ct_get(skb, &ctinfo);
-        for (i = 0; i < ARRAY_SIZE(range->min_addr.ip6); i++)
-                netmask.ip6[i] = ~(range->min_addr.ip6[i] ^
-                                   range->max_addr.ip6[i]);
-        if (par->hooknum == NF_INET_PRE_ROUTING ||
-            par->hooknum == NF_INET_LOCAL_OUT)
-                new_addr.in6 = ipv6_hdr(skb)->daddr;
-        else
-                new_addr.in6 = ipv6_hdr(skb)->saddr;
-        for (i = 0; i < ARRAY_SIZE(new_addr.ip6); i++) {
-                new_addr.ip6[i] &= ~netmask.ip6[i];
-                new_addr.ip6[i] |= range->min_addr.ip6[i] &
-                                   netmask.ip6[i];
-        }
-        newrange.flags  = range->flags | NF_NAT_RANGE_MAP_IPS;
-        newrange.min_addr       = new_addr;
-        newrange.max_addr       = new_addr;
-        newrange.min_proto      = range->min_proto;
-        newrange.max_proto      = range->max_proto;
-        return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
-}
-static int netmap_tg6_checkentry(const struct xt_tgchk_param *par)
-{
-        const struct nf_nat_range *range = par->targinfo;
-        if (!(range->flags & NF_NAT_RANGE_MAP_IPS))
-                return -EINVAL;
-        return 0;
-}
-static struct xt_target netmap_tg6_reg __read_mostly = {
-        .name           = "NETMAP",
-        .family         = NFPROTO_IPV6,
-        .target         = netmap_tg6,
-        .targetsize     = sizeof(struct nf_nat_range),
-        .table          = "nat",
-        .hooks          = (1 << NF_INET_PRE_ROUTING) |
-                          (1 << NF_INET_POST_ROUTING) |
-                          (1 << NF_INET_LOCAL_OUT) |
-                          (1 << NF_INET_LOCAL_IN),
-        .checkentry     = netmap_tg6_checkentry,
-        .me             = THIS_MODULE,
-};
-static int __init netmap_tg6_init(void)
-{
-        return xt_register_target(&netmap_tg6_reg);
-}
-static void netmap_tg6_exit(void)
-{
-        xt_unregister_target(&netmap_tg6_reg);
-}
-module_init(netmap_tg6_init);
-module_exit(netmap_tg6_exit);
-MODULE_LICENSE("GPL");
-MODULE_DESCRIPTION("Xtables: 1:1 NAT mapping of IPv6 subnets");
-MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
author	Jan Engelhardt <jengelh@inai.de>	2012-09-21 05:37:59 -0400
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2012-09-21 06:11:08 -0400
commit	b3d54b3e406b5d6ac391590bf7524e887e8e13c3 (patch)
tree	3695787e235b3289593bb001f6f733cdd40a3a02 /net/ipv6
parent	136251d02ff283e99f023b0abdeb52b4b3423a56 (diff)

diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig index d8f276b9fd8a..007bb450f04f 100644 --- a/net/ipv6/netfilter/Kconfig +++ b/net/ipv6/netfilter/Kconfig
@@ -209,15 +209,6 @@ config IP6_NF_TARGET_MASQUERADE
209		209
210	To compile it as a module, choose M here. If unsure, say N.	210	To compile it as a module, choose M here. If unsure, say N.
211		211
212	config IP6_NF_TARGET_NETMAP
213	tristate "NETMAP target support"
214	help
215	NETMAP is an implementation of static 1:1 NAT mapping of network
216	addresses. It maps the network address part, while keeping the host
217	address part intact.
218
219	To compile it as a module, choose M here. If unsure, say N.
220
221	config IP6_NF_TARGET_REDIRECT	212	config IP6_NF_TARGET_REDIRECT
222	tristate "REDIRECT target support"	213	tristate "REDIRECT target support"
223	help	214	help


diff --git a/net/ipv6/netfilter/Makefile b/net/ipv6/netfilter/Makefile index 5752132ca159..de8e0d11338d 100644 --- a/net/ipv6/netfilter/Makefile +++ b/net/ipv6/netfilter/Makefile
@@ -35,7 +35,6 @@ obj-$(CONFIG_IP6_NF_MATCH_RT) += ip6t_rt.o
35		35
36	# targets	36	# targets
37	obj-$(CONFIG_IP6_NF_TARGET_MASQUERADE) += ip6t_MASQUERADE.o	37	obj-$(CONFIG_IP6_NF_TARGET_MASQUERADE) += ip6t_MASQUERADE.o
38	obj-$(CONFIG_IP6_NF_TARGET_NETMAP) += ip6t_NETMAP.o
39	obj-$(CONFIG_IP6_NF_TARGET_NPT) += ip6t_NPT.o	38	obj-$(CONFIG_IP6_NF_TARGET_NPT) += ip6t_NPT.o
40	obj-$(CONFIG_IP6_NF_TARGET_REDIRECT) += ip6t_REDIRECT.o	39	obj-$(CONFIG_IP6_NF_TARGET_REDIRECT) += ip6t_REDIRECT.o
41	obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o	40	obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o


diff --git a/net/ipv6/netfilter/ip6t_NETMAP.c b/net/ipv6/netfilter/ip6t_NETMAP.c deleted file mode 100644 index 4f3bf360e50f..000000000000 --- a/net/ipv6/netfilter/ip6t_NETMAP.c +++ /dev/null
@@ -1,94 +0,0 @@
1	/*
2	* Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
3	*
4	* This program is free software; you can redistribute it and/or modify
5	* it under the terms of the GNU General Public License version 2 as
6	* published by the Free Software Foundation.
7	*
8	* Based on Svenning Soerensen's IPv4 NETMAP target. Development of IPv6
9	* NAT funded by Astaro.
10	*/
11
12	#include <linux/kernel.h>
13	#include <linux/module.h>
14	#include <linux/ipv6.h>
15	#include <linux/netfilter.h>
16	#include <linux/netfilter_ipv6.h>
17	#include <linux/netfilter/x_tables.h>
18	#include <net/netfilter/nf_nat.h>
19
20	static unsigned int
21	netmap_tg6(struct sk_buff skb, const struct xt_action_param par)
22	{
23	const struct nf_nat_range *range = par->targinfo;
24	struct nf_nat_range newrange;
25	struct nf_conn *ct;
26	enum ip_conntrack_info ctinfo;
27	union nf_inet_addr new_addr, netmask;
28	unsigned int i;
29
30	ct = nf_ct_get(skb, &ctinfo);
31	for (i = 0; i < ARRAY_SIZE(range->min_addr.ip6); i++)
32	netmask.ip6[i] = ~(range->min_addr.ip6[i] ^
33	range->max_addr.ip6[i]);
34
35	if (par->hooknum == NF_INET_PRE_ROUTING \|\|
36	par->hooknum == NF_INET_LOCAL_OUT)
37	new_addr.in6 = ipv6_hdr(skb)->daddr;
38	else
39	new_addr.in6 = ipv6_hdr(skb)->saddr;
40
41	for (i = 0; i < ARRAY_SIZE(new_addr.ip6); i++) {
42	new_addr.ip6[i] &= ~netmask.ip6[i];
43	new_addr.ip6[i] \|= range->min_addr.ip6[i] &
44	netmask.ip6[i];
45	}
46
47	newrange.flags = range->flags \| NF_NAT_RANGE_MAP_IPS;
48	newrange.min_addr = new_addr;
49	newrange.max_addr = new_addr;
50	newrange.min_proto = range->min_proto;
51	newrange.max_proto = range->max_proto;
52
53	return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
54	}
55
56	static int netmap_tg6_checkentry(const struct xt_tgchk_param *par)
57	{
58	const struct nf_nat_range *range = par->targinfo;
59
60	if (!(range->flags & NF_NAT_RANGE_MAP_IPS))
61	return -EINVAL;
62	return 0;
63	}
64
65	static struct xt_target netmap_tg6_reg __read_mostly = {
66	.name = "NETMAP",
67	.family = NFPROTO_IPV6,
68	.target = netmap_tg6,
69	.targetsize = sizeof(struct nf_nat_range),
70	.table = "nat",
71	.hooks = (1 << NF_INET_PRE_ROUTING) \|
72	(1 << NF_INET_POST_ROUTING) \|
73	(1 << NF_INET_LOCAL_OUT) \|
74	(1 << NF_INET_LOCAL_IN),
75	.checkentry = netmap_tg6_checkentry,
76	.me = THIS_MODULE,
77	};
78
79	static int __init netmap_tg6_init(void)
80	{
81	return xt_register_target(&netmap_tg6_reg);
82	}
83
84	static void netmap_tg6_exit(void)
85	{
86	xt_unregister_target(&netmap_tg6_reg);
87	}
88
89	module_init(netmap_tg6_init);
90	module_exit(netmap_tg6_exit);
91
92	MODULE_LICENSE("GPL");
93	MODULE_DESCRIPTION("Xtables: 1:1 NAT mapping of IPv6 subnets");
94	MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");