linux/net/bridge/netfilter/ebt_snat.c
<<
>>
Prefs
   1/*
   2 *  ebt_snat
   3 *
   4 *      Authors:
   5 *      Bart De Schuymer <bdschuym@pandora.be>
   6 *
   7 *  June, 2002
   8 *
   9 */
  10#include <linux/module.h>
  11#include <net/sock.h>
  12#include <linux/if_arp.h>
  13#include <net/arp.h>
  14#include <linux/netfilter.h>
  15#include <linux/netfilter/x_tables.h>
  16#include <linux/netfilter_bridge/ebtables.h>
  17#include <linux/netfilter_bridge/ebt_nat.h>
  18
  19static unsigned int
  20ebt_snat_tg(struct sk_buff *skb, const struct xt_action_param *par)
  21{
  22        const struct ebt_nat_info *info = par->targinfo;
  23
  24        if (!skb_make_writable(skb, 0))
  25                return EBT_DROP;
  26
  27        ether_addr_copy(eth_hdr(skb)->h_source, info->mac);
  28        if (!(info->target & NAT_ARP_BIT) &&
  29            eth_hdr(skb)->h_proto == htons(ETH_P_ARP)) {
  30                const struct arphdr *ap;
  31                struct arphdr _ah;
  32
  33                ap = skb_header_pointer(skb, 0, sizeof(_ah), &_ah);
  34                if (ap == NULL)
  35                        return EBT_DROP;
  36                if (ap->ar_hln != ETH_ALEN)
  37                        goto out;
  38                if (skb_store_bits(skb, sizeof(_ah), info->mac, ETH_ALEN))
  39                        return EBT_DROP;
  40        }
  41out:
  42        return info->target | ~EBT_VERDICT_BITS;
  43}
  44
  45static int ebt_snat_tg_check(const struct xt_tgchk_param *par)
  46{
  47        const struct ebt_nat_info *info = par->targinfo;
  48        int tmp;
  49
  50        tmp = info->target | ~EBT_VERDICT_BITS;
  51        if (BASE_CHAIN && tmp == EBT_RETURN)
  52                return -EINVAL;
  53
  54        if (ebt_invalid_target(tmp))
  55                return -EINVAL;
  56        tmp = info->target | EBT_VERDICT_BITS;
  57        if ((tmp & ~NAT_ARP_BIT) != ~NAT_ARP_BIT)
  58                return -EINVAL;
  59        return 0;
  60}
  61
  62static struct xt_target ebt_snat_tg_reg __read_mostly = {
  63        .name           = "snat",
  64        .revision       = 0,
  65        .family         = NFPROTO_BRIDGE,
  66        .table          = "nat",
  67        .hooks          = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_POST_ROUTING),
  68        .target         = ebt_snat_tg,
  69        .checkentry     = ebt_snat_tg_check,
  70        .targetsize     = sizeof(struct ebt_nat_info),
  71        .me             = THIS_MODULE,
  72};
  73
  74static int __init ebt_snat_init(void)
  75{
  76        return xt_register_target(&ebt_snat_tg_reg);
  77}
  78
  79static void __exit ebt_snat_fini(void)
  80{
  81        xt_unregister_target(&ebt_snat_tg_reg);
  82}
  83
  84module_init(ebt_snat_init);
  85module_exit(ebt_snat_fini);
  86MODULE_DESCRIPTION("Ebtables: Source MAC address translation");
  87MODULE_LICENSE("GPL");
  88