1
2
3
4
5
6
7
8
9
10#include <linux/module.h>
11#include <net/sock.h>
12#include <linux/netfilter.h>
13#include <linux/netfilter/x_tables.h>
14#include <linux/netfilter_bridge/ebtables.h>
15#include <linux/netfilter_bridge/ebt_nat.h>
16
17static unsigned int
18ebt_dnat_tg(struct sk_buff *skb, const struct xt_action_param *par)
19{
20 const struct ebt_nat_info *info = par->targinfo;
21
22 if (!skb_make_writable(skb, 0))
23 return EBT_DROP;
24
25 memcpy(eth_hdr(skb)->h_dest, info->mac, ETH_ALEN);
26 return info->target;
27}
28
29static int ebt_dnat_tg_check(const struct xt_tgchk_param *par)
30{
31 const struct ebt_nat_info *info = par->targinfo;
32 unsigned int hook_mask;
33
34 if (BASE_CHAIN && info->target == EBT_RETURN)
35 return -EINVAL;
36
37 hook_mask = par->hook_mask & ~(1 << NF_BR_NUMHOOKS);
38 if ((strcmp(par->table, "nat") != 0 ||
39 (hook_mask & ~((1 << NF_BR_PRE_ROUTING) |
40 (1 << NF_BR_LOCAL_OUT)))) &&
41 (strcmp(par->table, "broute") != 0 ||
42 hook_mask & ~(1 << NF_BR_BROUTING)))
43 return -EINVAL;
44 if (INVALID_TARGET)
45 return -EINVAL;
46 return 0;
47}
48
49static struct xt_target ebt_dnat_tg_reg __read_mostly = {
50 .name = "dnat",
51 .revision = 0,
52 .family = NFPROTO_BRIDGE,
53 .hooks = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_PRE_ROUTING) |
54 (1 << NF_BR_LOCAL_OUT) | (1 << NF_BR_BROUTING),
55 .target = ebt_dnat_tg,
56 .checkentry = ebt_dnat_tg_check,
57 .targetsize = sizeof(struct ebt_nat_info),
58 .me = THIS_MODULE,
59};
60
61static int __init ebt_dnat_init(void)
62{
63 return xt_register_target(&ebt_dnat_tg_reg);
64}
65
66static void __exit ebt_dnat_fini(void)
67{
68 xt_unregister_target(&ebt_dnat_tg_reg);
69}
70
71module_init(ebt_dnat_init);
72module_exit(ebt_dnat_fini);
73MODULE_DESCRIPTION("Ebtables: Destination MAC address translation");
74MODULE_LICENSE("GPL");
75
