From 7f9112dc9b40a7cb952d2d5927cae12cbb35960a Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org"
 </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>
Date: Sat, 9 Feb 2008 20:01:39 +0000
Subject: add support for NAT sequence adjusment

---
 src/conntrack/build.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

(limited to 'src/conntrack/build.c')

diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index f5e7353..37dded0 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -117,6 +117,41 @@ void __build_protoinfo(struct nfnlhdr *req,
 	}
 }
 
+static inline void 
+__nat_seq_adj(struct nfnlhdr *req,
+	      size_t size,
+	      const struct nf_conntrack *ct,
+	      int dir)
+{
+	nfnl_addattr32(&req->nlh, 
+		       size, 
+		       CTA_NAT_SEQ_CORRECTION_POS,
+		       htonl(ct->tuple[dir].natseq.correction_pos));
+	nfnl_addattr32(&req->nlh, 
+		       size, 
+		       CTA_NAT_SEQ_OFFSET_BEFORE,
+		       htonl(ct->tuple[dir].natseq.offset_before));
+	nfnl_addattr32(&req->nlh, 
+		       size, 
+		       CTA_NAT_SEQ_OFFSET_AFTER,
+		       htonl(ct->tuple[dir].natseq.offset_after));
+}
+
+static void 
+__build_nat_seq_adj(struct nfnlhdr *req, 
+		    size_t size,
+		    const struct nf_conntrack *ct,
+		    int dir)
+{
+	struct nfattr *nest;
+	int type = (dir == __DIR_ORIG) ? CTA_NAT_SEQ_ADJ_ORIG : 
+					 CTA_NAT_SEQ_ADJ_REPLY;
+
+	nest = nfnl_nest(&req->nlh, size, type);
+	__nat_seq_adj(req, size, ct, dir);
+	nfnl_nest_end(&req->nlh, nest);
+}
+
 void __build_protonat(struct nfnlhdr *req,
 		      size_t size,
 		      const struct nf_conntrack *ct,
@@ -315,5 +350,15 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh,
 	else if (test_bit(ATTR_DNAT_PORT, ct->set))
 		__build_dnat_port(req, size, ct);
 
+	if (test_bit(ATTR_ORIG_NAT_SEQ_CORRECTION_POS, ct->set) &&
+	    test_bit(ATTR_ORIG_NAT_SEQ_OFFSET_BEFORE, ct->set) &&
+	    test_bit(ATTR_ORIG_NAT_SEQ_OFFSET_AFTER, ct->set))
+	    	__build_nat_seq_adj(req, size, ct, __DIR_ORIG);
+
+	if (test_bit(ATTR_REPL_NAT_SEQ_CORRECTION_POS, ct->set) &&
+	    test_bit(ATTR_REPL_NAT_SEQ_OFFSET_BEFORE, ct->set) &&
+	    test_bit(ATTR_REPL_NAT_SEQ_OFFSET_AFTER, ct->set))
+	    	__build_nat_seq_adj(req, size, ct, __DIR_REPL);
+
 	return 0;
 }
-- 
cgit v1.2.3