net/ipv6/netfilter/ip6t_MASQUERADE.c

   1 /*
   2  * Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
   3  *
   4  * This program is free software; you can redistribute it and/or modify
   5  * it under the terms of the GNU General Public License version 2 as
   6  * published by the Free Software Foundation.
   7  *
   8  * Based on Rusty Russell's IPv6 MASQUERADE target. Development of IPv6
   9  * NAT funded by Astaro.
  10  */
  11
  12 #include <linux/kernel.h>
  13 #include <linux/module.h>
  14 #include <linux/netdevice.h>
  15 #include <linux/ipv6.h>
  16 #include <linux/netfilter.h>
  17 #include <linux/netfilter_ipv6.h>
  18 #include <linux/netfilter/x_tables.h>
  19 #include <net/netfilter/nf_nat.h>
  20 #include <net/addrconf.h>
  21 #include <net/ipv6.h>
  22 #include <net/netfilter/ipv6/nf_nat_masquerade.h>
  23
  24 static unsigned int
  25 masquerade_tg6(struct sk_buff *skb, const struct xt_action_param *par)
  26 {
  27         return nf_nat_masquerade_ipv6(skb, par->targinfo, xt_out(par));
  28 }
  29
  30 static int masquerade_tg6_checkentry(const struct xt_tgchk_param *par)
  31 {
  32         const struct nf_nat_range *range = par->targinfo;
  33
  34         if (range->flags & NF_NAT_RANGE_MAP_IPS)
  35                 return -EINVAL;
  36         return nf_ct_netns_get(par->net, par->family);
  37 }
  38
  39 static void masquerade_tg6_destroy(const struct xt_tgdtor_param *par)
  40 {
  41         nf_ct_netns_put(par->net, par->family);
  42 }
  43
  44 static struct xt_target masquerade_tg6_reg __read_mostly = {
  45         .name           = "MASQUERADE",
  46         .family         = NFPROTO_IPV6,
  47         .checkentry     = masquerade_tg6_checkentry,
  48         .destroy        = masquerade_tg6_destroy,
  49         .target         = masquerade_tg6,
  50         .targetsize     = sizeof(struct nf_nat_range),
  51         .table          = "nat",
  52         .hooks          = 1 << NF_INET_POST_ROUTING,
  53         .me             = THIS_MODULE,
  54 };
  55
  56 static int __init masquerade_tg6_init(void)
  57 {
  58         int err;
  59
  60         err = xt_register_target(&masquerade_tg6_reg);
  61         if (err == 0)
  62                 nf_nat_masquerade_ipv6_register_notifier();
  63
  64         return err;
  65 }
  66 static void __exit masquerade_tg6_exit(void)
  67 {
  68         nf_nat_masquerade_ipv6_unregister_notifier();
  69         xt_unregister_target(&masquerade_tg6_reg);
  70 }
  71
  72 module_init(masquerade_tg6_init);
  73 module_exit(masquerade_tg6_exit);
  74
  75 MODULE_LICENSE("GPL");
  76 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
  77 MODULE_DESCRIPTION("Xtables: automatic address SNAT");