conntrackd: add NAT expectation support

This patch adds the missing bits to support NAT expectation support. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2012-02-07 00:27:51 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2012-02-07 00:50:15 +0100
commit: 8259e6dca13127e51f81ca7e75e419969417597f (patch)
tree: 87c73ec7f098ee053a746d0b2eac3574a61c32b2 /src/build.c
parent: f7824f63ae45c4979abe95fd3e7702eacd63bec1 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/src/build.c b/src/build.c
index b845e0b..c07f429 100644
--- a/src/build.c
+++ b/src/build.c
@@ -324,4 +324,19 @@ void exp2msg(const struct nf_expect *exp, struct nethdr *n)
 	exp_build_u32(exp, ATTR_EXP_FLAGS, n, NTA_EXP_FLAGS);
 	if (nfexp_attr_is_set(exp, ATTR_EXP_CLASS))
 		exp_build_u32(exp, ATTR_EXP_CLASS, n, NTA_EXP_CLASS);
+
+	/* include NAT information, if any. */
+	ct = nfexp_get_attr(exp, ATTR_EXP_NAT_TUPLE);
+	if (ct != NULL) {
+		if (nfct_attr_grp_is_set(ct, ATTR_GRP_ORIG_IPV4)) {
+			ct_build_group(ct, ATTR_GRP_ORIG_IPV4, n,
+					NTA_EXP_NAT_IPV4,
+					sizeof(struct nfct_attr_grp_ipv4));
+		}
+		ct_build_u8(ct, ATTR_L4PROTO, n, NTA_EXP_NAT_L4PROTO);
+		if (exp_l4proto_fcn[l4proto].build)
+			exp_l4proto_fcn[l4proto].build(ct, n, NTA_EXP_NAT_PORT);
+
+		exp_build_u32(exp, ATTR_EXP_NAT_DIR, n, NTA_EXP_NAT_DIR);
+	}
 }
author	Pablo Neira Ayuso <pablo@netfilter.org>	2012-02-07 00:27:51 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2012-02-07 00:50:15 +0100
commit	8259e6dca13127e51f81ca7e75e419969417597f (patch)
tree	87c73ec7f098ee053a746d0b2eac3574a61c32b2 /src/build.c
parent	f7824f63ae45c4979abe95fd3e7702eacd63bec1 (diff)