URL https://opencores.org/ocsvn/or1k_soc_on_altera_embedded_dev_kit/or1k_soc_on_altera_embedded_dev_kit/trunk

Subversion Repositories or1k_soc_on_altera_embedded_dev_kit

[/] [or1k_soc_on_altera_embedded_dev_kit/] [tags/] [linux-2.6/] [linux-2.6.24_or32_unified_v2.3/] [net/] [ipv4/] [netfilter/] [ipt_NETMAP.c] - Blame information for rev 8

Details | Compare with Previous | View Log


/* NETMAP - static NAT mapping of IP network addresses (1:1).
 * The mapping can be applied to source (POSTROUTING),
 * destination (PREROUTING), or both (with separate rules).
 */
 
/* (C) 2000-2001 Svenning Soerensen <svenning@post5.tele.dk>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */
 
#include <linux/ip.h>
#include <linux/module.h>
#include <linux/netdevice.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter/x_tables.h>
#include <net/netfilter/nf_nat_rule.h>
 
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Svenning Soerensen <svenning@post5.tele.dk>");
MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");
 
static bool
check(const char *tablename,
      const void *e,
      const struct xt_target *target,
      void *targinfo,
      unsigned int hook_mask)
{
        const struct nf_nat_multi_range_compat *mr = targinfo;
 
        if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) {
                pr_debug("NETMAP:check: bad MAP_IPS.\n");
                return false;
        }
        if (mr->rangesize != 1) {
                pr_debug("NETMAP:check: bad rangesize %u.\n", mr->rangesize);
                return false;
        }
        return true;
}
 
static unsigned int
target(struct sk_buff *skb,
       const struct net_device *in,
       const struct net_device *out,
       unsigned int hooknum,
       const struct xt_target *target,
       const void *targinfo)
{
        struct nf_conn *ct;
        enum ip_conntrack_info ctinfo;
        __be32 new_ip, netmask;
        const struct nf_nat_multi_range_compat *mr = targinfo;
        struct nf_nat_range newrange;
 
        NF_CT_ASSERT(hooknum == NF_IP_PRE_ROUTING
                     || hooknum == NF_IP_POST_ROUTING
                     || hooknum == NF_IP_LOCAL_OUT);
        ct = nf_ct_get(skb, &ctinfo);
 
        netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip);
 
        if (hooknum == NF_IP_PRE_ROUTING || hooknum == NF_IP_LOCAL_OUT)
                new_ip = ip_hdr(skb)->daddr & ~netmask;
        else
                new_ip = ip_hdr(skb)->saddr & ~netmask;
        new_ip |= mr->range[0].min_ip & netmask;
 
        newrange = ((struct nf_nat_range)
                { mr->range[0].flags | IP_NAT_RANGE_MAP_IPS,
                  new_ip, new_ip,
                  mr->range[0].min, mr->range[0].max });
 
        /* Hand modified range to generic setup. */
        return nf_nat_setup_info(ct, &newrange, hooknum);
}
 
static struct xt_target target_module __read_mostly = {
        .name           = "NETMAP",
        .family         = AF_INET,
        .target         = target,
        .targetsize     = sizeof(struct nf_nat_multi_range_compat),
        .table          = "nat",
        .hooks          = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_POST_ROUTING) |
                          (1 << NF_IP_LOCAL_OUT),
        .checkentry     = check,
        .me             = THIS_MODULE
};
 
static int __init ipt_netmap_init(void)
{
        return xt_register_target(&target_module);
}
 
static void __exit ipt_netmap_fini(void)
{
        xt_unregister_target(&target_module);
}
 
module_init(ipt_netmap_init);
module_exit(ipt_netmap_fini);

Line No.	Rev	Author	Line
1	3	xianfeng	`/* NETMAP - static NAT mapping of IP network addresses (1:1).`
2			`* The mapping can be applied to source (POSTROUTING),`
3			`* destination (PREROUTING), or both (with separate rules).`
4			`*/`
5
6			`/* (C) 2000-2001 Svenning Soerensen <svenning@post5.tele.dk>`
7			`*`
8			`* This program is free software; you can redistribute it and/or modify`
9			`* it under the terms of the GNU General Public License version 2 as`
10			`* published by the Free Software Foundation.`
11			`*/`
12
13			`#include <linux/ip.h>`
14			`#include <linux/module.h>`
15			`#include <linux/netdevice.h>`
16			`#include <linux/netfilter.h>`
17			`#include <linux/netfilter_ipv4.h>`
18			`#include <linux/netfilter/x_tables.h>`
19			`#include <net/netfilter/nf_nat_rule.h>`
20
21			`MODULE_LICENSE("GPL");`
22			`MODULE_AUTHOR("Svenning Soerensen <svenning@post5.tele.dk>");`
23			`MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");`
24
25			`static bool`
26			`check(const char *tablename,`
27			`const void *e,`
28			`const struct xt_target *target,`
29			`void *targinfo,`
30			`unsigned int hook_mask)`
31			`{`
32			`const struct nf_nat_multi_range_compat *mr = targinfo;`
33
34			`if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) {`
35			`pr_debug("NETMAP:check: bad MAP_IPS.\n");`
36			`return false;`
37			`}`
38			`if (mr->rangesize != 1) {`
39			`pr_debug("NETMAP:check: bad rangesize %u.\n", mr->rangesize);`
40			`return false;`
41			`}`
42			`return true;`
43			`}`
44
45			`static unsigned int`
46			`target(struct sk_buff *skb,`
47			`const struct net_device *in,`
48			`const struct net_device *out,`
49			`unsigned int hooknum,`
50			`const struct xt_target *target,`
51			`const void *targinfo)`
52			`{`
53			`struct nf_conn *ct;`
54			`enum ip_conntrack_info ctinfo;`
55			`__be32 new_ip, netmask;`
56			`const struct nf_nat_multi_range_compat *mr = targinfo;`
57			`struct nf_nat_range newrange;`
58
59			`NF_CT_ASSERT(hooknum == NF_IP_PRE_ROUTING`
60			`\|\| hooknum == NF_IP_POST_ROUTING`
61			`\|\| hooknum == NF_IP_LOCAL_OUT);`
62			`ct = nf_ct_get(skb, &ctinfo);`
63
64			`netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip);`
65
66			`if (hooknum == NF_IP_PRE_ROUTING \|\| hooknum == NF_IP_LOCAL_OUT)`
67			`new_ip = ip_hdr(skb)->daddr & ~netmask;`
68			`else`
69			`new_ip = ip_hdr(skb)->saddr & ~netmask;`
70			`new_ip \|= mr->range[0].min_ip & netmask;`
71
72			`newrange = ((struct nf_nat_range)`
73			`{ mr->range[0].flags \| IP_NAT_RANGE_MAP_IPS,`
74			`new_ip, new_ip,`
75			`mr->range[0].min, mr->range[0].max });`
76
77			`/* Hand modified range to generic setup. */`
78			`return nf_nat_setup_info(ct, &newrange, hooknum);`
79			`}`
80
81			`static struct xt_target target_module __read_mostly = {`
82			`.name = "NETMAP",`
83			`.family = AF_INET,`
84			`.target = target,`
85			`.targetsize = sizeof(struct nf_nat_multi_range_compat),`
86			`.table = "nat",`
87			`.hooks = (1 << NF_IP_PRE_ROUTING) \| (1 << NF_IP_POST_ROUTING) \|`
88			`(1 << NF_IP_LOCAL_OUT),`
89			`.checkentry = check,`
90			`.me = THIS_MODULE`
91			`};`
92
93			`static int __init ipt_netmap_init(void)`
94			`{`
95			`return xt_register_target(&target_module);`
96			`}`
97
98			`static void __exit ipt_netmap_fini(void)`
99			`{`
100			`xt_unregister_target(&target_module);`
101			`}`
102
103			`module_init(ipt_netmap_init);`
104			`module_exit(ipt_netmap_fini);`

Browse

Tools

Subversion Repositories or1k_soc_on_altera_embedded_dev_kit

[/] [or1k_soc_on_altera_embedded_dev_kit/] [tags/] [linux-2.6/] [linux-2.6.24_or32_unified_v2.3/] [net/] [ipv4/] [netfilter/] [ipt_NETMAP.c] - Blame information for rev 8