diff options
-rw-r--r-- | include/net/netfilter/nf_nat_protocol.h | 8 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_common.c | 8 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_dccp.c | 6 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_gre.c | 8 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_icmp.c | 6 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_sctp.c | 6 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_tcp.c | 5 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_udp.c | 5 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_udplite.c | 6 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_unknown.c | 4 |
10 files changed, 30 insertions, 32 deletions
diff --git a/include/net/netfilter/nf_nat_protocol.h b/include/net/netfilter/nf_nat_protocol.h index c398017ccfa3..df17bac46bf5 100644 --- a/include/net/netfilter/nf_nat_protocol.h +++ b/include/net/netfilter/nf_nat_protocol.h | |||
@@ -27,9 +27,9 @@ struct nf_nat_protocol { | |||
27 | 27 | ||
28 | /* Alter the per-proto part of the tuple (depending on | 28 | /* Alter the per-proto part of the tuple (depending on |
29 | maniptype), to give a unique tuple in the given range if | 29 | maniptype), to give a unique tuple in the given range if |
30 | possible; return false if not. Per-protocol part of tuple | 30 | possible. Per-protocol part of tuple is initialized to the |
31 | is initialized to the incoming packet. */ | 31 | incoming packet. */ |
32 | bool (*unique_tuple)(struct nf_conntrack_tuple *tuple, | 32 | void (*unique_tuple)(struct nf_conntrack_tuple *tuple, |
33 | const struct nf_nat_range *range, | 33 | const struct nf_nat_range *range, |
34 | enum nf_nat_manip_type maniptype, | 34 | enum nf_nat_manip_type maniptype, |
35 | const struct nf_conn *ct); | 35 | const struct nf_conn *ct); |
@@ -63,7 +63,7 @@ extern bool nf_nat_proto_in_range(const struct nf_conntrack_tuple *tuple, | |||
63 | const union nf_conntrack_man_proto *min, | 63 | const union nf_conntrack_man_proto *min, |
64 | const union nf_conntrack_man_proto *max); | 64 | const union nf_conntrack_man_proto *max); |
65 | 65 | ||
66 | extern bool nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, | 66 | extern void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, |
67 | const struct nf_nat_range *range, | 67 | const struct nf_nat_range *range, |
68 | enum nf_nat_manip_type maniptype, | 68 | enum nf_nat_manip_type maniptype, |
69 | const struct nf_conn *ct, | 69 | const struct nf_conn *ct, |
diff --git a/net/ipv4/netfilter/nf_nat_proto_common.c b/net/ipv4/netfilter/nf_nat_proto_common.c index 6c4f11f51446..2844a0383a11 100644 --- a/net/ipv4/netfilter/nf_nat_proto_common.c +++ b/net/ipv4/netfilter/nf_nat_proto_common.c | |||
@@ -34,7 +34,7 @@ bool nf_nat_proto_in_range(const struct nf_conntrack_tuple *tuple, | |||
34 | } | 34 | } |
35 | EXPORT_SYMBOL_GPL(nf_nat_proto_in_range); | 35 | EXPORT_SYMBOL_GPL(nf_nat_proto_in_range); |
36 | 36 | ||
37 | bool nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, | 37 | void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, |
38 | const struct nf_nat_range *range, | 38 | const struct nf_nat_range *range, |
39 | enum nf_nat_manip_type maniptype, | 39 | enum nf_nat_manip_type maniptype, |
40 | const struct nf_conn *ct, | 40 | const struct nf_conn *ct, |
@@ -53,7 +53,7 @@ bool nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, | |||
53 | if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED)) { | 53 | if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED)) { |
54 | /* If it's dst rewrite, can't change port */ | 54 | /* If it's dst rewrite, can't change port */ |
55 | if (maniptype == IP_NAT_MANIP_DST) | 55 | if (maniptype == IP_NAT_MANIP_DST) |
56 | return false; | 56 | return; |
57 | 57 | ||
58 | if (ntohs(*portptr) < 1024) { | 58 | if (ntohs(*portptr) < 1024) { |
59 | /* Loose convention: >> 512 is credential passing */ | 59 | /* Loose convention: >> 512 is credential passing */ |
@@ -87,9 +87,9 @@ bool nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, | |||
87 | continue; | 87 | continue; |
88 | if (!(range->flags & IP_NAT_RANGE_PROTO_RANDOM)) | 88 | if (!(range->flags & IP_NAT_RANGE_PROTO_RANDOM)) |
89 | *rover = off; | 89 | *rover = off; |
90 | return true; | 90 | return; |
91 | } | 91 | } |
92 | return false; | 92 | return; |
93 | } | 93 | } |
94 | EXPORT_SYMBOL_GPL(nf_nat_proto_unique_tuple); | 94 | EXPORT_SYMBOL_GPL(nf_nat_proto_unique_tuple); |
95 | 95 | ||
diff --git a/net/ipv4/netfilter/nf_nat_proto_dccp.c b/net/ipv4/netfilter/nf_nat_proto_dccp.c index 22485ce306d4..570faf2667b2 100644 --- a/net/ipv4/netfilter/nf_nat_proto_dccp.c +++ b/net/ipv4/netfilter/nf_nat_proto_dccp.c | |||
@@ -22,14 +22,14 @@ | |||
22 | 22 | ||
23 | static u_int16_t dccp_port_rover; | 23 | static u_int16_t dccp_port_rover; |
24 | 24 | ||
25 | static bool | 25 | static void |
26 | dccp_unique_tuple(struct nf_conntrack_tuple *tuple, | 26 | dccp_unique_tuple(struct nf_conntrack_tuple *tuple, |
27 | const struct nf_nat_range *range, | 27 | const struct nf_nat_range *range, |
28 | enum nf_nat_manip_type maniptype, | 28 | enum nf_nat_manip_type maniptype, |
29 | const struct nf_conn *ct) | 29 | const struct nf_conn *ct) |
30 | { | 30 | { |
31 | return nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, | 31 | nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, |
32 | &dccp_port_rover); | 32 | &dccp_port_rover); |
33 | } | 33 | } |
34 | 34 | ||
35 | static bool | 35 | static bool |
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c index d7e89201351e..89933ab6f63e 100644 --- a/net/ipv4/netfilter/nf_nat_proto_gre.c +++ b/net/ipv4/netfilter/nf_nat_proto_gre.c | |||
@@ -37,7 +37,7 @@ MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); | |||
37 | MODULE_DESCRIPTION("Netfilter NAT protocol helper module for GRE"); | 37 | MODULE_DESCRIPTION("Netfilter NAT protocol helper module for GRE"); |
38 | 38 | ||
39 | /* generate unique tuple ... */ | 39 | /* generate unique tuple ... */ |
40 | static bool | 40 | static void |
41 | gre_unique_tuple(struct nf_conntrack_tuple *tuple, | 41 | gre_unique_tuple(struct nf_conntrack_tuple *tuple, |
42 | const struct nf_nat_range *range, | 42 | const struct nf_nat_range *range, |
43 | enum nf_nat_manip_type maniptype, | 43 | enum nf_nat_manip_type maniptype, |
@@ -50,7 +50,7 @@ gre_unique_tuple(struct nf_conntrack_tuple *tuple, | |||
50 | /* If there is no master conntrack we are not PPTP, | 50 | /* If there is no master conntrack we are not PPTP, |
51 | do not change tuples */ | 51 | do not change tuples */ |
52 | if (!ct->master) | 52 | if (!ct->master) |
53 | return false; | 53 | return; |
54 | 54 | ||
55 | if (maniptype == IP_NAT_MANIP_SRC) | 55 | if (maniptype == IP_NAT_MANIP_SRC) |
56 | keyptr = &tuple->src.u.gre.key; | 56 | keyptr = &tuple->src.u.gre.key; |
@@ -71,11 +71,11 @@ gre_unique_tuple(struct nf_conntrack_tuple *tuple, | |||
71 | for (i = 0; i < range_size; i++, key++) { | 71 | for (i = 0; i < range_size; i++, key++) { |
72 | *keyptr = htons(min + key % range_size); | 72 | *keyptr = htons(min + key % range_size); |
73 | if (!nf_nat_used_tuple(tuple, ct)) | 73 | if (!nf_nat_used_tuple(tuple, ct)) |
74 | return true; | 74 | return; |
75 | } | 75 | } |
76 | 76 | ||
77 | pr_debug("%p: no NAT mapping\n", ct); | 77 | pr_debug("%p: no NAT mapping\n", ct); |
78 | return false; | 78 | return; |
79 | } | 79 | } |
80 | 80 | ||
81 | /* manipulate a GRE packet according to maniptype */ | 81 | /* manipulate a GRE packet according to maniptype */ |
diff --git a/net/ipv4/netfilter/nf_nat_proto_icmp.c b/net/ipv4/netfilter/nf_nat_proto_icmp.c index 19a8b0b07d8e..97003fe312e3 100644 --- a/net/ipv4/netfilter/nf_nat_proto_icmp.c +++ b/net/ipv4/netfilter/nf_nat_proto_icmp.c | |||
@@ -27,7 +27,7 @@ icmp_in_range(const struct nf_conntrack_tuple *tuple, | |||
27 | ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id); | 27 | ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id); |
28 | } | 28 | } |
29 | 29 | ||
30 | static bool | 30 | static void |
31 | icmp_unique_tuple(struct nf_conntrack_tuple *tuple, | 31 | icmp_unique_tuple(struct nf_conntrack_tuple *tuple, |
32 | const struct nf_nat_range *range, | 32 | const struct nf_nat_range *range, |
33 | enum nf_nat_manip_type maniptype, | 33 | enum nf_nat_manip_type maniptype, |
@@ -46,9 +46,9 @@ icmp_unique_tuple(struct nf_conntrack_tuple *tuple, | |||
46 | tuple->src.u.icmp.id = htons(ntohs(range->min.icmp.id) + | 46 | tuple->src.u.icmp.id = htons(ntohs(range->min.icmp.id) + |
47 | (id % range_size)); | 47 | (id % range_size)); |
48 | if (!nf_nat_used_tuple(tuple, ct)) | 48 | if (!nf_nat_used_tuple(tuple, ct)) |
49 | return true; | 49 | return; |
50 | } | 50 | } |
51 | return false; | 51 | return; |
52 | } | 52 | } |
53 | 53 | ||
54 | static bool | 54 | static bool |
diff --git a/net/ipv4/netfilter/nf_nat_proto_sctp.c b/net/ipv4/netfilter/nf_nat_proto_sctp.c index 3fc598eeeb1a..756331d42661 100644 --- a/net/ipv4/netfilter/nf_nat_proto_sctp.c +++ b/net/ipv4/netfilter/nf_nat_proto_sctp.c | |||
@@ -16,14 +16,14 @@ | |||
16 | 16 | ||
17 | static u_int16_t nf_sctp_port_rover; | 17 | static u_int16_t nf_sctp_port_rover; |
18 | 18 | ||
19 | static bool | 19 | static void |
20 | sctp_unique_tuple(struct nf_conntrack_tuple *tuple, | 20 | sctp_unique_tuple(struct nf_conntrack_tuple *tuple, |
21 | const struct nf_nat_range *range, | 21 | const struct nf_nat_range *range, |
22 | enum nf_nat_manip_type maniptype, | 22 | enum nf_nat_manip_type maniptype, |
23 | const struct nf_conn *ct) | 23 | const struct nf_conn *ct) |
24 | { | 24 | { |
25 | return nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, | 25 | nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, |
26 | &nf_sctp_port_rover); | 26 | &nf_sctp_port_rover); |
27 | } | 27 | } |
28 | 28 | ||
29 | static bool | 29 | static bool |
diff --git a/net/ipv4/netfilter/nf_nat_proto_tcp.c b/net/ipv4/netfilter/nf_nat_proto_tcp.c index 399e2cfa263b..aa460a595d5d 100644 --- a/net/ipv4/netfilter/nf_nat_proto_tcp.c +++ b/net/ipv4/netfilter/nf_nat_proto_tcp.c | |||
@@ -20,14 +20,13 @@ | |||
20 | 20 | ||
21 | static u_int16_t tcp_port_rover; | 21 | static u_int16_t tcp_port_rover; |
22 | 22 | ||
23 | static bool | 23 | static void |
24 | tcp_unique_tuple(struct nf_conntrack_tuple *tuple, | 24 | tcp_unique_tuple(struct nf_conntrack_tuple *tuple, |
25 | const struct nf_nat_range *range, | 25 | const struct nf_nat_range *range, |
26 | enum nf_nat_manip_type maniptype, | 26 | enum nf_nat_manip_type maniptype, |
27 | const struct nf_conn *ct) | 27 | const struct nf_conn *ct) |
28 | { | 28 | { |
29 | return nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, | 29 | nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, &tcp_port_rover); |
30 | &tcp_port_rover); | ||
31 | } | 30 | } |
32 | 31 | ||
33 | static bool | 32 | static bool |
diff --git a/net/ipv4/netfilter/nf_nat_proto_udp.c b/net/ipv4/netfilter/nf_nat_proto_udp.c index 9e61c79492e4..dfe65c7e2925 100644 --- a/net/ipv4/netfilter/nf_nat_proto_udp.c +++ b/net/ipv4/netfilter/nf_nat_proto_udp.c | |||
@@ -19,14 +19,13 @@ | |||
19 | 19 | ||
20 | static u_int16_t udp_port_rover; | 20 | static u_int16_t udp_port_rover; |
21 | 21 | ||
22 | static bool | 22 | static void |
23 | udp_unique_tuple(struct nf_conntrack_tuple *tuple, | 23 | udp_unique_tuple(struct nf_conntrack_tuple *tuple, |
24 | const struct nf_nat_range *range, | 24 | const struct nf_nat_range *range, |
25 | enum nf_nat_manip_type maniptype, | 25 | enum nf_nat_manip_type maniptype, |
26 | const struct nf_conn *ct) | 26 | const struct nf_conn *ct) |
27 | { | 27 | { |
28 | return nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, | 28 | nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, &udp_port_rover); |
29 | &udp_port_rover); | ||
30 | } | 29 | } |
31 | 30 | ||
32 | static bool | 31 | static bool |
diff --git a/net/ipv4/netfilter/nf_nat_proto_udplite.c b/net/ipv4/netfilter/nf_nat_proto_udplite.c index 440a229bbd87..3cc8c8af39ef 100644 --- a/net/ipv4/netfilter/nf_nat_proto_udplite.c +++ b/net/ipv4/netfilter/nf_nat_proto_udplite.c | |||
@@ -18,14 +18,14 @@ | |||
18 | 18 | ||
19 | static u_int16_t udplite_port_rover; | 19 | static u_int16_t udplite_port_rover; |
20 | 20 | ||
21 | static bool | 21 | static void |
22 | udplite_unique_tuple(struct nf_conntrack_tuple *tuple, | 22 | udplite_unique_tuple(struct nf_conntrack_tuple *tuple, |
23 | const struct nf_nat_range *range, | 23 | const struct nf_nat_range *range, |
24 | enum nf_nat_manip_type maniptype, | 24 | enum nf_nat_manip_type maniptype, |
25 | const struct nf_conn *ct) | 25 | const struct nf_conn *ct) |
26 | { | 26 | { |
27 | return nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, | 27 | nf_nat_proto_unique_tuple(tuple, range, maniptype, ct, |
28 | &udplite_port_rover); | 28 | &udplite_port_rover); |
29 | } | 29 | } |
30 | 30 | ||
31 | static bool | 31 | static bool |
diff --git a/net/ipv4/netfilter/nf_nat_proto_unknown.c b/net/ipv4/netfilter/nf_nat_proto_unknown.c index 14381c62acea..a50f2bc1c732 100644 --- a/net/ipv4/netfilter/nf_nat_proto_unknown.c +++ b/net/ipv4/netfilter/nf_nat_proto_unknown.c | |||
@@ -26,14 +26,14 @@ static bool unknown_in_range(const struct nf_conntrack_tuple *tuple, | |||
26 | return true; | 26 | return true; |
27 | } | 27 | } |
28 | 28 | ||
29 | static bool unknown_unique_tuple(struct nf_conntrack_tuple *tuple, | 29 | static void unknown_unique_tuple(struct nf_conntrack_tuple *tuple, |
30 | const struct nf_nat_range *range, | 30 | const struct nf_nat_range *range, |
31 | enum nf_nat_manip_type maniptype, | 31 | enum nf_nat_manip_type maniptype, |
32 | const struct nf_conn *ct) | 32 | const struct nf_conn *ct) |
33 | { | 33 | { |
34 | /* Sorry: we can't help you; if it's not unique, we can't frob | 34 | /* Sorry: we can't help you; if it's not unique, we can't frob |
35 | anything. */ | 35 | anything. */ |
36 | return false; | 36 | return; |
37 | } | 37 | } |
38 | 38 | ||
39 | static bool | 39 | static bool |