1
2
3
4
5
6
7
8
9
10#include <linux/module.h>
11#include <net/sock.h>
12#include "../br_private.h"
13#include <linux/netfilter.h>
14#include <linux/netfilter/x_tables.h>
15#include <linux/netfilter_bridge/ebtables.h>
16#include <linux/netfilter_bridge/ebt_nat.h>
17
18static unsigned int
19ebt_dnat_tg(struct sk_buff *skb, const struct xt_action_param *par)
20{
21 const struct ebt_nat_info *info = par->targinfo;
22 struct net_device *dev;
23
24 if (!skb_make_writable(skb, 0))
25 return EBT_DROP;
26
27 ether_addr_copy(eth_hdr(skb)->h_dest, info->mac);
28
29 if (is_multicast_ether_addr(info->mac)) {
30 if (is_broadcast_ether_addr(info->mac))
31 skb->pkt_type = PACKET_BROADCAST;
32 else
33 skb->pkt_type = PACKET_MULTICAST;
34 } else {
35 if (xt_hooknum(par) != NF_BR_BROUTING)
36 dev = br_port_get_rcu(xt_in(par))->br->dev;
37 else
38 dev = xt_in(par);
39
40 if (ether_addr_equal(info->mac, dev->dev_addr))
41 skb->pkt_type = PACKET_HOST;
42 else
43 skb->pkt_type = PACKET_OTHERHOST;
44 }
45
46 return info->target;
47}
48
49static int ebt_dnat_tg_check(const struct xt_tgchk_param *par)
50{
51 const struct ebt_nat_info *info = par->targinfo;
52 unsigned int hook_mask;
53
54 if (BASE_CHAIN && info->target == EBT_RETURN)
55 return -EINVAL;
56
57 hook_mask = par->hook_mask & ~(1 << NF_BR_NUMHOOKS);
58 if ((strcmp(par->table, "nat") != 0 ||
59 (hook_mask & ~((1 << NF_BR_PRE_ROUTING) |
60 (1 << NF_BR_LOCAL_OUT)))) &&
61 (strcmp(par->table, "broute") != 0 ||
62 hook_mask & ~(1 << NF_BR_BROUTING)))
63 return -EINVAL;
64 if (ebt_invalid_target(info->target))
65 return -EINVAL;
66 return 0;
67}
68
69static struct xt_target ebt_dnat_tg_reg __read_mostly = {
70 .name = "dnat",
71 .revision = 0,
72 .family = NFPROTO_BRIDGE,
73 .hooks = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_PRE_ROUTING) |
74 (1 << NF_BR_LOCAL_OUT) | (1 << NF_BR_BROUTING),
75 .target = ebt_dnat_tg,
76 .checkentry = ebt_dnat_tg_check,
77 .targetsize = sizeof(struct ebt_nat_info),
78 .me = THIS_MODULE,
79};
80
81static int __init ebt_dnat_init(void)
82{
83 return xt_register_target(&ebt_dnat_tg_reg);
84}
85
86static void __exit ebt_dnat_fini(void)
87{
88 xt_unregister_target(&ebt_dnat_tg_reg);
89}
90
91module_init(ebt_dnat_init);
92module_exit(ebt_dnat_fini);
93MODULE_DESCRIPTION("Ebtables: Destination MAC address translation");
94MODULE_LICENSE("GPL");
95
