summaryrefslogtreecommitdiffstats
path: root/src/conntrack/build.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/conntrack/build.c')
-rw-r--r--src/conntrack/build.c36
1 files changed, 36 insertions, 0 deletions
diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index 8ba6b16..cf282e6 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -283,6 +283,10 @@ static void __build_nat(struct nfnlhdr *req,
nfnl_addattr_l(&req->nlh, size, CTA_NAT_MINIP,
&nat->min_ip.v4, sizeof(uint32_t));
break;
+ case AF_INET6:
+ nfnl_addattr_l(&req->nlh, size, CTA_NAT_V6_MINIP,
+ &nat->min_ip.v6, sizeof(struct in6_addr));
+ break;
default:
break;
}
@@ -312,6 +316,17 @@ static void __build_snat_ipv4(struct nfnlhdr *req,
nfnl_nest_end(&req->nlh, nest);
}
+static void __build_snat_ipv6(struct nfnlhdr *req,
+ size_t size,
+ const struct nf_conntrack *ct)
+{
+ struct nfattr *nest;
+
+ nest = nfnl_nest(&req->nlh, size, CTA_NAT_SRC);
+ __build_nat(req, size, &ct->snat, AF_INET6);
+ nfnl_nest_end(&req->nlh, nest);
+}
+
static void __build_snat_port(struct nfnlhdr *req,
size_t size,
const struct nf_conntrack *ct)
@@ -347,6 +362,17 @@ static void __build_dnat_ipv4(struct nfnlhdr *req,
nfnl_nest_end(&req->nlh, nest);
}
+static void __build_dnat_ipv6(struct nfnlhdr *req,
+ size_t size,
+ const struct nf_conntrack *ct)
+{
+ struct nfattr *nest;
+
+ nest = nfnl_nest(&req->nlh, size, CTA_NAT_DST);
+ __build_nat(req, size, &ct->dnat, AF_INET6);
+ nfnl_nest_end(&req->nlh, nest);
+}
+
static void __build_dnat_port(struct nfnlhdr *req,
size_t size,
const struct nf_conntrack *ct)
@@ -526,16 +552,26 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh,
if (test_bit(ATTR_SNAT_IPV4, ct->head.set) &&
test_bit(ATTR_SNAT_PORT, ct->head.set))
__build_snat(req, size, ct, AF_INET);
+ else if (test_bit(ATTR_SNAT_IPV6, ct->head.set) &&
+ test_bit(ATTR_SNAT_PORT, ct->head.set))
+ __build_snat(req, size, ct, AF_INET6);
else if (test_bit(ATTR_SNAT_IPV4, ct->head.set))
__build_snat_ipv4(req, size, ct);
+ else if (test_bit(ATTR_SNAT_IPV6, ct->head.set))
+ __build_snat_ipv6(req, size, ct);
else if (test_bit(ATTR_SNAT_PORT, ct->head.set))
__build_snat_port(req, size, ct);
if (test_bit(ATTR_DNAT_IPV4, ct->head.set) &&
test_bit(ATTR_DNAT_PORT, ct->head.set))
__build_dnat(req, size, ct, AF_INET);
+ else if (test_bit(ATTR_DNAT_IPV6, ct->head.set) &&
+ test_bit(ATTR_DNAT_PORT, ct->head.set))
+ __build_dnat(req, size, ct, AF_INET6);
else if (test_bit(ATTR_DNAT_IPV4, ct->head.set))
__build_dnat_ipv4(req, size, ct);
+ else if (test_bit(ATTR_DNAT_IPV6, ct->head.set))
+ __build_dnat_ipv6(req, size, ct);
else if (test_bit(ATTR_DNAT_PORT, ct->head.set))
__build_dnat_port(req, size, ct);