diff options
author | Phil Sutter <phil@nwl.cc> | 2018-03-17 10:39:27 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-17 13:23:45 +0100 |
commit | fde8ddfc31bbc4015e8a76b40cc7e27bcd7920ff (patch) | |
tree | 33c8e5ca8bdb473d772950359e57a326738c2e91 /src/netlink_delinearize.c | |
parent | 48632359f4dea5ee2484debba498ba069229e6d0 (diff) |
Combine redir and masq statements into nat
All these statements are very similar, handling them with the same code
is obvious. The only thing required here is a custom extension of enum
nft_nat_types which is used in nat_stmt to distinguish between snat and
dnat already. Though since enum nft_nat_types is part of kernel uAPI,
create a local extended version containing the additional fields.
Note that nat statement printing got a bit more complicated to get the
number of spaces right for every possible combination of attributes.
Note also that there wasn't a case for STMT_MASQ in
rule_parse_postprocess(), which seems like a bug. Since STMT_MASQ became
just a variant of STMT_NAT, postprocessing will take place for it now
anyway.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink_delinearize.c')
-rw-r--r-- | src/netlink_delinearize.c | 32 |
1 files changed, 14 insertions, 18 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index b20047f1..754a307e 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -861,8 +861,8 @@ static void netlink_parse_nat(struct netlink_parse_ctx *ctx, enum nft_registers reg1, reg2; int family; - stmt = nat_stmt_alloc(loc); - stmt->nat.type = nftnl_expr_get_u32(nle, NFTNL_EXPR_NAT_TYPE); + stmt = nat_stmt_alloc(loc, + nftnl_expr_get_u32(nle, NFTNL_EXPR_NAT_TYPE)); family = nftnl_expr_get_u32(nle, NFTNL_EXPR_NAT_FAMILY); @@ -951,8 +951,8 @@ static void netlink_parse_masq(struct netlink_parse_ctx *ctx, if (nftnl_expr_is_set(nle, NFTNL_EXPR_MASQ_FLAGS)) flags = nftnl_expr_get_u32(nle, NFTNL_EXPR_MASQ_FLAGS); - stmt = masq_stmt_alloc(loc); - stmt->masq.flags = flags; + stmt = nat_stmt_alloc(loc, NFT_NAT_MASQ); + stmt->nat.flags = flags; reg1 = netlink_parse_register(nle, NFTNL_EXPR_MASQ_REG_PROTO_MIN); if (reg1) { @@ -963,7 +963,7 @@ static void netlink_parse_masq(struct netlink_parse_ctx *ctx, goto out_err; } expr_set_type(proto, &inet_service_type, BYTEORDER_BIG_ENDIAN); - stmt->masq.proto = proto; + stmt->nat.proto = proto; } reg2 = netlink_parse_register(nle, NFTNL_EXPR_MASQ_REG_PROTO_MAX); @@ -975,9 +975,9 @@ static void netlink_parse_masq(struct netlink_parse_ctx *ctx, goto out_err; } expr_set_type(proto, &inet_service_type, BYTEORDER_BIG_ENDIAN); - if (stmt->masq.proto != NULL) - proto = range_expr_alloc(loc, stmt->masq.proto, proto); - stmt->masq.proto = proto; + if (stmt->nat.proto != NULL) + proto = range_expr_alloc(loc, stmt->nat.proto, proto); + stmt->nat.proto = proto; } ctx->stmt = stmt; @@ -995,11 +995,11 @@ static void netlink_parse_redir(struct netlink_parse_ctx *ctx, enum nft_registers reg1, reg2; uint32_t flags; - stmt = redir_stmt_alloc(loc); + stmt = nat_stmt_alloc(loc, NFT_NAT_REDIR); if (nftnl_expr_is_set(nle, NFTNL_EXPR_REDIR_FLAGS)) { flags = nftnl_expr_get_u32(nle, NFTNL_EXPR_REDIR_FLAGS); - stmt->redir.flags = flags; + stmt->nat.flags = flags; } reg1 = netlink_parse_register(nle, NFTNL_EXPR_REDIR_REG_PROTO_MIN); @@ -1012,7 +1012,7 @@ static void netlink_parse_redir(struct netlink_parse_ctx *ctx, } expr_set_type(proto, &inet_service_type, BYTEORDER_BIG_ENDIAN); - stmt->redir.proto = proto; + stmt->nat.proto = proto; } reg2 = netlink_parse_register(nle, NFTNL_EXPR_REDIR_REG_PROTO_MAX); @@ -1025,10 +1025,10 @@ static void netlink_parse_redir(struct netlink_parse_ctx *ctx, } expr_set_type(proto, &inet_service_type, BYTEORDER_BIG_ENDIAN); - if (stmt->redir.proto != NULL) - proto = range_expr_alloc(loc, stmt->redir.proto, + if (stmt->nat.proto != NULL) + proto = range_expr_alloc(loc, stmt->nat.proto, proto); - stmt->redir.proto = proto; + stmt->nat.proto = proto; } ctx->stmt = stmt; @@ -2366,10 +2366,6 @@ static void rule_parse_postprocess(struct netlink_parse_ctx *ctx, struct rule *r if (stmt->nat.proto != NULL) expr_postprocess(&rctx, &stmt->nat.proto); break; - case STMT_REDIR: - if (stmt->redir.proto != NULL) - expr_postprocess(&rctx, &stmt->redir.proto); - break; case STMT_REJECT: stmt_reject_postprocess(&rctx); break; |