whiterose

linux unikernel
Log | Files | Refs | README | LICENSE | git clone https://git.ne02ptzero.me/git/whiterose

ip6t_MASQUERADE.c (2141B)


      1 /*
      2  * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
      3  *
      4  * This program is free software; you can redistribute it and/or modify
      5  * it under the terms of the GNU General Public License version 2 as
      6  * published by the Free Software Foundation.
      7  *
      8  * Based on Rusty Russell's IPv6 MASQUERADE target. Development of IPv6
      9  * NAT funded by Astaro.
     10  */
     11 
     12 #include <linux/kernel.h>
     13 #include <linux/module.h>
     14 #include <linux/netdevice.h>
     15 #include <linux/ipv6.h>
     16 #include <linux/netfilter.h>
     17 #include <linux/netfilter_ipv6.h>
     18 #include <linux/netfilter/x_tables.h>
     19 #include <net/netfilter/nf_nat.h>
     20 #include <net/addrconf.h>
     21 #include <net/ipv6.h>
     22 #include <net/netfilter/ipv6/nf_nat_masquerade.h>
     23 
     24 static unsigned int
     25 masquerade_tg6(struct sk_buff *skb, const struct xt_action_param *par)
     26 {
     27 	return nf_nat_masquerade_ipv6(skb, par->targinfo, xt_out(par));
     28 }
     29 
     30 static int masquerade_tg6_checkentry(const struct xt_tgchk_param *par)
     31 {
     32 	const struct nf_nat_range2 *range = par->targinfo;
     33 
     34 	if (range->flags & NF_NAT_RANGE_MAP_IPS)
     35 		return -EINVAL;
     36 	return nf_ct_netns_get(par->net, par->family);
     37 }
     38 
     39 static void masquerade_tg6_destroy(const struct xt_tgdtor_param *par)
     40 {
     41 	nf_ct_netns_put(par->net, par->family);
     42 }
     43 
     44 static struct xt_target masquerade_tg6_reg __read_mostly = {
     45 	.name		= "MASQUERADE",
     46 	.family		= NFPROTO_IPV6,
     47 	.checkentry	= masquerade_tg6_checkentry,
     48 	.destroy	= masquerade_tg6_destroy,
     49 	.target		= masquerade_tg6,
     50 	.targetsize	= sizeof(struct nf_nat_range),
     51 	.table		= "nat",
     52 	.hooks		= 1 << NF_INET_POST_ROUTING,
     53 	.me		= THIS_MODULE,
     54 };
     55 
     56 static int __init masquerade_tg6_init(void)
     57 {
     58 	int err;
     59 
     60 	err = xt_register_target(&masquerade_tg6_reg);
     61 	if (err)
     62 		return err;
     63 
     64 	err = nf_nat_masquerade_ipv6_register_notifier();
     65 	if (err)
     66 		xt_unregister_target(&masquerade_tg6_reg);
     67 
     68 	return err;
     69 }
     70 static void __exit masquerade_tg6_exit(void)
     71 {
     72 	nf_nat_masquerade_ipv6_unregister_notifier();
     73 	xt_unregister_target(&masquerade_tg6_reg);
     74 }
     75 
     76 module_init(masquerade_tg6_init);
     77 module_exit(masquerade_tg6_exit);
     78 
     79 MODULE_LICENSE("GPL");
     80 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
     81 MODULE_DESCRIPTION("Xtables: automatic address SNAT");