diff options
author | Phil Sutter <phil@nwl.cc> | 2018-03-17 10:39:27 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-17 13:23:45 +0100 |
commit | fde8ddfc31bbc4015e8a76b40cc7e27bcd7920ff (patch) | |
tree | 33c8e5ca8bdb473d772950359e57a326738c2e91 /include/statement.h | |
parent | 48632359f4dea5ee2484debba498ba069229e6d0 (diff) |
Combine redir and masq statements into nat
All these statements are very similar, handling them with the same code
is obvious. The only thing required here is a custom extension of enum
nft_nat_types which is used in nat_stmt to distinguish between snat and
dnat already. Though since enum nft_nat_types is part of kernel uAPI,
create a local extended version containing the additional fields.
Note that nat statement printing got a bit more complicated to get the
number of spaces right for every possible combination of attributes.
Note also that there wasn't a case for STMT_MASQ in
rule_parse_postprocess(), which seems like a bug. Since STMT_MASQ became
just a variant of STMT_NAT, postprocessing will take place for it now
anyway.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/statement.h')
-rw-r--r-- | include/statement.h | 32 |
1 files changed, 10 insertions, 22 deletions
diff --git a/include/statement.h b/include/statement.h index bb4af9d3..fa0b5dfa 100644 --- a/include/statement.h +++ b/include/statement.h @@ -98,28 +98,22 @@ struct reject_stmt { extern struct stmt *reject_stmt_alloc(const struct location *loc); -struct nat_stmt { - enum nft_nat_types type; - struct expr *addr; - struct expr *proto; - uint32_t flags; -}; - -extern struct stmt *nat_stmt_alloc(const struct location *loc); - -struct masq_stmt { - uint32_t flags; - struct expr *proto; +enum nft_nat_etypes { + __NFT_NAT_SNAT = NFT_NAT_SNAT, + __NFT_NAT_DNAT = NFT_NAT_DNAT, + NFT_NAT_MASQ, + NFT_NAT_REDIR, }; -extern struct stmt *masq_stmt_alloc(const struct location *loc); - -struct redir_stmt { +struct nat_stmt { + enum nft_nat_etypes type; + struct expr *addr; struct expr *proto; uint32_t flags; }; -extern struct stmt *redir_stmt_alloc(const struct location *loc); +extern struct stmt *nat_stmt_alloc(const struct location *loc, + enum nft_nat_etypes type); struct queue_stmt { struct expr *queue; @@ -233,8 +227,6 @@ extern struct stmt *xt_stmt_alloc(const struct location *loc); * @STMT_LOG: log statement * @STMT_REJECT: REJECT statement * @STMT_NAT: NAT statement - * @STMT_MASQ: masquerade statement - * @STMT_REDIR: redirect statement * @STMT_QUEUE: QUEUE statement * @STMT_CT: conntrack statement * @STMT_SET: set statement @@ -260,8 +252,6 @@ enum stmt_types { STMT_LOG, STMT_REJECT, STMT_NAT, - STMT_MASQ, - STMT_REDIR, STMT_QUEUE, STMT_CT, STMT_SET, @@ -324,8 +314,6 @@ struct stmt { struct limit_stmt limit; struct reject_stmt reject; struct nat_stmt nat; - struct masq_stmt masq; - struct redir_stmt redir; struct queue_stmt queue; struct quota_stmt quota; struct ct_stmt ct; |