From fde8ddfc31bbc4015e8a76b40cc7e27bcd7920ff Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Sat, 17 Mar 2018 10:39:27 +0100
Subject: Combine redir and masq statements into nat

All these statements are very similar, handling them with the same code
is obvious. The only thing required here is a custom extension of enum
nft_nat_types which is used in nat_stmt to distinguish between snat and
dnat already. Though since enum nft_nat_types is part of kernel uAPI,
create a local extended version containing the additional fields.

Note that nat statement printing got a bit more complicated to get the
number of spaces right for every possible combination of attributes.

Note also that there wasn't a case for STMT_MASQ in
rule_parse_postprocess(), which seems like a bug. Since STMT_MASQ became
just a variant of STMT_NAT, postprocessing will take place for it now
anyway.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/statement.h | 32 ++++++++++----------------------
 1 file changed, 10 insertions(+), 22 deletions(-)

(limited to 'include')

diff --git a/include/statement.h b/include/statement.h
index bb4af9d3..fa0b5dfa 100644
--- a/include/statement.h
+++ b/include/statement.h
@@ -98,28 +98,22 @@ struct reject_stmt {
 
 extern struct stmt *reject_stmt_alloc(const struct location *loc);
 
-struct nat_stmt {
-	enum nft_nat_types	type;
-	struct expr		*addr;
-	struct expr		*proto;
-	uint32_t		flags;
-};
-
-extern struct stmt *nat_stmt_alloc(const struct location *loc);
-
-struct masq_stmt {
-	uint32_t		flags;
-	struct expr		*proto;
+enum nft_nat_etypes {
+	__NFT_NAT_SNAT = NFT_NAT_SNAT,
+	__NFT_NAT_DNAT = NFT_NAT_DNAT,
+	NFT_NAT_MASQ,
+	NFT_NAT_REDIR,
 };
 
-extern struct stmt *masq_stmt_alloc(const struct location *loc);
-
-struct redir_stmt {
+struct nat_stmt {
+	enum nft_nat_etypes	type;
+	struct expr		*addr;
 	struct expr		*proto;
 	uint32_t		flags;
 };
 
-extern struct stmt *redir_stmt_alloc(const struct location *loc);
+extern struct stmt *nat_stmt_alloc(const struct location *loc,
+				   enum nft_nat_etypes type);
 
 struct queue_stmt {
 	struct expr		*queue;
@@ -233,8 +227,6 @@ extern struct stmt *xt_stmt_alloc(const struct location *loc);
  * @STMT_LOG:		log statement
  * @STMT_REJECT:	REJECT statement
  * @STMT_NAT:		NAT statement
- * @STMT_MASQ:		masquerade statement
- * @STMT_REDIR:		redirect statement
  * @STMT_QUEUE:		QUEUE statement
  * @STMT_CT:		conntrack statement
  * @STMT_SET:		set statement
@@ -260,8 +252,6 @@ enum stmt_types {
 	STMT_LOG,
 	STMT_REJECT,
 	STMT_NAT,
-	STMT_MASQ,
-	STMT_REDIR,
 	STMT_QUEUE,
 	STMT_CT,
 	STMT_SET,
@@ -324,8 +314,6 @@ struct stmt {
 		struct limit_stmt	limit;
 		struct reject_stmt	reject;
 		struct nat_stmt		nat;
-		struct masq_stmt	masq;
-		struct redir_stmt	redir;
 		struct queue_stmt	queue;
 		struct quota_stmt	quota;
 		struct ct_stmt		ct;
-- 
cgit v1.2.3