1 /*
2 * Copyright (c) 2008 Patrick McHardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9 #include <linux/types.h>
10 #include <linux/init.h>
11 #include <linux/sctp.h>
12 #include <linux/module.h>
13 #include <net/sctp/checksum.h>
14
15 #include <net/netfilter/nf_nat_l4proto.h>
16
17 static u_int16_t nf_sctp_port_rover;
18
19 static void
sctp_unique_tuple(const struct nf_nat_l3proto * l3proto,struct nf_conntrack_tuple * tuple,const struct nf_nat_range * range,enum nf_nat_manip_type maniptype,const struct nf_conn * ct)20 sctp_unique_tuple(const struct nf_nat_l3proto *l3proto,
21 struct nf_conntrack_tuple *tuple,
22 const struct nf_nat_range *range,
23 enum nf_nat_manip_type maniptype,
24 const struct nf_conn *ct)
25 {
26 nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct,
27 &nf_sctp_port_rover);
28 }
29
30 static bool
sctp_manip_pkt(struct sk_buff * skb,const struct nf_nat_l3proto * l3proto,unsigned int iphdroff,unsigned int hdroff,const struct nf_conntrack_tuple * tuple,enum nf_nat_manip_type maniptype)31 sctp_manip_pkt(struct sk_buff *skb,
32 const struct nf_nat_l3proto *l3proto,
33 unsigned int iphdroff, unsigned int hdroff,
34 const struct nf_conntrack_tuple *tuple,
35 enum nf_nat_manip_type maniptype)
36 {
37 struct sk_buff *frag;
38 sctp_sctphdr_t *hdr;
39 __u32 crc32;
40
41 if (!skb_make_writable(skb, hdroff + sizeof(*hdr)))
42 return false;
43
44 hdr = (struct sctphdr *)(skb->data + hdroff);
45
46 if (maniptype == NF_NAT_MANIP_SRC) {
47 /* Get rid of src port */
48 hdr->source = tuple->src.u.sctp.port;
49 } else {
50 /* Get rid of dst port */
51 hdr->dest = tuple->dst.u.sctp.port;
52 }
53
54 crc32 = sctp_start_cksum((u8 *)hdr, skb_headlen(skb) - hdroff);
55 skb_walk_frags(skb, frag)
56 crc32 = sctp_update_cksum((u8 *)frag->data, skb_headlen(frag),
57 crc32);
58 hdr->checksum = sctp_end_cksum(crc32);
59
60 return true;
61 }
62
63 static const struct nf_nat_l4proto nf_nat_l4proto_sctp = {
64 .l4proto = IPPROTO_SCTP,
65 .manip_pkt = sctp_manip_pkt,
66 .in_range = nf_nat_l4proto_in_range,
67 .unique_tuple = sctp_unique_tuple,
68 #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
69 .nlattr_to_range = nf_nat_l4proto_nlattr_to_range,
70 #endif
71 };
72
nf_nat_proto_sctp_init(void)73 static int __init nf_nat_proto_sctp_init(void)
74 {
75 int err;
76
77 err = nf_nat_l4proto_register(NFPROTO_IPV4, &nf_nat_l4proto_sctp);
78 if (err < 0)
79 goto err1;
80 err = nf_nat_l4proto_register(NFPROTO_IPV6, &nf_nat_l4proto_sctp);
81 if (err < 0)
82 goto err2;
83 return 0;
84
85 err2:
86 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_sctp);
87 err1:
88 return err;
89 }
90
nf_nat_proto_sctp_exit(void)91 static void __exit nf_nat_proto_sctp_exit(void)
92 {
93 nf_nat_l4proto_unregister(NFPROTO_IPV6, &nf_nat_l4proto_sctp);
94 nf_nat_l4proto_unregister(NFPROTO_IPV4, &nf_nat_l4proto_sctp);
95 }
96
97 module_init(nf_nat_proto_sctp_init);
98 module_exit(nf_nat_proto_sctp_exit);
99
100 MODULE_LICENSE("GPL");
101 MODULE_DESCRIPTION("SCTP NAT protocol helper");
102 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
103