diff options
author | Patrick McHardy <kaber@trash.net> | 2010-02-11 12:29:38 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2010-02-11 12:29:38 +0100 |
commit | 48f8ac26537c1b7b1a2422f5232f45d06c945348 (patch) | |
tree | 352aab0881ef9e449dc86b3dc1da2b4b329ead44 /net/netfilter | |
parent | 010c0b9f34a4c567b431f8b49a58b7332ed42e47 (diff) | |
download | kernel_samsung_smdk4412-48f8ac26537c1b7b1a2422f5232f45d06c945348.zip kernel_samsung_smdk4412-48f8ac26537c1b7b1a2422f5232f45d06c945348.tar.gz kernel_samsung_smdk4412-48f8ac26537c1b7b1a2422f5232f45d06c945348.tar.bz2 |
netfilter: nf_nat_sip: add TCP support
Add support for mangling TCP SIP packets.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r-- | net/netfilter/nf_conntrack_sip.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c index 1cc75c5..3bb3aaf 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c @@ -56,6 +56,9 @@ unsigned int (*nf_nat_sip_hook)(struct sk_buff *skb, unsigned int dataoff, unsigned int *datalen) __read_mostly; EXPORT_SYMBOL_GPL(nf_nat_sip_hook); +void (*nf_nat_sip_seq_adjust_hook)(struct sk_buff *skb, s16 off) __read_mostly; +EXPORT_SYMBOL_GPL(nf_nat_sip_seq_adjust_hook); + unsigned int (*nf_nat_sip_expect_hook)(struct sk_buff *skb, unsigned int dataoff, const char **dptr, @@ -1360,6 +1363,7 @@ static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff, const char *dptr, *end; s16 diff, tdiff = 0; int ret; + typeof(nf_nat_sip_seq_adjust_hook) nf_nat_sip_seq_adjust; if (ctinfo != IP_CT_ESTABLISHED && ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY) @@ -1415,6 +1419,12 @@ static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff, datalen = datalen + diff - msglen; } + if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) { + nf_nat_sip_seq_adjust = rcu_dereference(nf_nat_sip_seq_adjust_hook); + if (nf_nat_sip_seq_adjust) + nf_nat_sip_seq_adjust(skb, tdiff); + } + return ret; } |