1#ifndef _NF_NAT_H 2#define _NF_NAT_H 3#include <linux/netfilter_ipv4.h> 4#include <linux/netfilter/nf_nat.h> 5#include <net/netfilter/nf_conntrack_tuple.h> 6 7enum nf_nat_manip_type { 8 NF_NAT_MANIP_SRC, 9 NF_NAT_MANIP_DST 10}; 11 12/* SRC manip occurs POST_ROUTING or LOCAL_IN */ 13#define HOOK2MANIP(hooknum) ((hooknum) != NF_INET_POST_ROUTING && \ 14 (hooknum) != NF_INET_LOCAL_IN) 15 16#include <linux/list.h> 17#include <linux/netfilter/nf_conntrack_pptp.h> 18#include <net/netfilter/nf_conntrack_extend.h> 19 20/* per conntrack: nat application helper private data */ 21union nf_conntrack_nat_help { 22 /* insert nat helper private data here */ 23#if defined(CONFIG_NF_NAT_PPTP) || defined(CONFIG_NF_NAT_PPTP_MODULE) 24 struct nf_nat_pptp nat_pptp_info; 25#endif 26}; 27 28struct nf_conn; 29 30/* The structure embedded in the conntrack structure. */ 31struct nf_conn_nat { 32 struct hlist_node bysource; 33 struct nf_conn *ct; 34 union nf_conntrack_nat_help help; 35#if IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV4) || \ 36 IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV6) 37 int masq_index; 38#endif 39}; 40 41/* Set up the info structure to map into this range. */ 42unsigned int nf_nat_setup_info(struct nf_conn *ct, 43 const struct nf_nat_range *range, 44 enum nf_nat_manip_type maniptype); 45 46extern unsigned int nf_nat_alloc_null_binding(struct nf_conn *ct, 47 unsigned int hooknum); 48 49struct nf_conn_nat *nf_ct_nat_ext_add(struct nf_conn *ct); 50 51/* Is this tuple already taken? (not by us)*/ 52int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple, 53 const struct nf_conn *ignored_conntrack); 54 55static inline struct nf_conn_nat *nfct_nat(const struct nf_conn *ct) 56{ 57#if defined(CONFIG_NF_NAT) || defined(CONFIG_NF_NAT_MODULE) 58 return nf_ct_ext_find(ct, NF_CT_EXT_NAT); 59#else 60 return NULL; 61#endif 62} 63 64static inline bool nf_nat_oif_changed(unsigned int hooknum, 65 enum ip_conntrack_info ctinfo, 66 struct nf_conn_nat *nat, 67 const struct net_device *out) 68{ 69#if IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV4) || \ 70 IS_ENABLED(CONFIG_NF_NAT_MASQUERADE_IPV6) 71 return nat->masq_index && hooknum == NF_INET_POST_ROUTING && 72 CTINFO2DIR(ctinfo) == IP_CT_DIR_ORIGINAL && 73 nat->masq_index != out->ifindex; 74#else 75 return false; 76#endif 77} 78 79#endif 80