O_RANDOM,
O_RANDOM_FULLY,
O_PERSISTENT,
- F_TO_SRC = 1 << O_TO_SRC,
- F_RANDOM = 1 << O_RANDOM,
- F_RANDOM_FULLY = 1 << O_RANDOM_FULLY,
};
static void SNAT_help(void)
case O_PERSISTENT:
range->flags |= NF_NAT_RANGE_PERSISTENT;
break;
- }
-}
-
-static void SNAT_fcheck(struct xt_fcheck_call *cb)
-{
- static const unsigned int f = F_TO_SRC | F_RANDOM;
- static const unsigned int r = F_TO_SRC | F_RANDOM_FULLY;
- struct nf_nat_range *range = cb->data;
-
- if ((cb->xflags & f) == f)
+ case O_RANDOM:
range->flags |= NF_NAT_RANGE_PROTO_RANDOM;
- if ((cb->xflags & r) == r)
+ break;
+ case O_RANDOM_FULLY:
range->flags |= NF_NAT_RANGE_PROTO_RANDOM_FULLY;
+ break;
+ }
}
static void print_range(const struct nf_nat_range *range)
.userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)),
.help = SNAT_help,
.x6_parse = SNAT_parse,
- .x6_fcheck = SNAT_fcheck,
.print = SNAT_print,
.save = SNAT_save,
.x6_options = SNAT_opts,
O_RANDOM,
O_RANDOM_FULLY,
O_PERSISTENT,
- F_TO_SRC = 1 << O_TO_SRC,
- F_RANDOM = 1 << O_RANDOM,
- F_RANDOM_FULLY = 1 << O_RANDOM_FULLY,
};
static void SNAT_help(void)
case O_PERSISTENT:
mr->range->flags |= NF_NAT_RANGE_PERSISTENT;
break;
+ case O_RANDOM:
+ mr->range->flags |= NF_NAT_RANGE_PROTO_RANDOM;
+ break;
+ case O_RANDOM_FULLY:
+ mr->range->flags |= NF_NAT_RANGE_PROTO_RANDOM_FULLY;
+ break;
}
}
static void SNAT_fcheck(struct xt_fcheck_call *cb)
{
- static const unsigned int f = F_TO_SRC | F_RANDOM;
- static const unsigned int r = F_TO_SRC | F_RANDOM_FULLY;
struct nf_nat_ipv4_multi_range_compat *mr = cb->data;
- if ((cb->xflags & f) == f)
- mr->range->flags |= NF_NAT_RANGE_PROTO_RANDOM;
- if ((cb->xflags & r) == r)
- mr->range->flags |= NF_NAT_RANGE_PROTO_RANDOM_FULLY;
-
mr->rangesize = 1;
}
O_TO_PORTS,
O_RANDOM,
O_PERSISTENT,
- F_TO_DEST = 1 << O_TO_DEST,
- F_TO_PORTS = 1 << O_TO_PORTS,
- F_RANDOM = 1 << O_RANDOM,
};
static void DNAT_help(void)
case O_PERSISTENT:
range->flags |= NF_NAT_RANGE_PERSISTENT;
break;
+ case O_RANDOM:
+ range->flags |= NF_NAT_RANGE_PROTO_RANDOM;
+ break;
}
}
mr->range->max = range.max_proto;
/* fall through */
case O_PERSISTENT:
+ case O_RANDOM:
mr->range->flags |= range.flags;
break;
}
}
-static void __DNAT_fcheck(struct xt_fcheck_call *cb, unsigned int *flags)
-{
- static const unsigned int redir_f = F_TO_PORTS | F_RANDOM;
- static const unsigned int dnat_f = F_TO_DEST | F_RANDOM;
-
- if ((cb->xflags & redir_f) == redir_f ||
- (cb->xflags & dnat_f) == dnat_f)
- *flags |= NF_NAT_RANGE_PROTO_RANDOM;
-}
-
static void DNAT_fcheck(struct xt_fcheck_call *cb)
{
struct nf_nat_ipv4_multi_range_compat *mr = cb->data;
if (mr->range[0].flags & NF_NAT_RANGE_PROTO_OFFSET)
xtables_error(PARAMETER_PROBLEM,
"Shifted portmap ranges not supported with this kernel");
-
- __DNAT_fcheck(cb, &mr->range[0].flags);
}
static char *sprint_range(const struct nf_nat_range2 *r, int family)
__DNAT_parse(cb, entry->ip.proto, cb->data, AF_INET);
}
-static void DNAT_fcheck_v2(struct xt_fcheck_call *cb)
-{
- __DNAT_fcheck(cb, &((struct nf_nat_range2 *)cb->data)->flags);
-}
-
static void DNAT_print_v2(const void *ip, const struct xt_entry_target *target,
int numeric)
{
if (range->flags & NF_NAT_RANGE_PROTO_OFFSET)
xtables_error(PARAMETER_PROBLEM,
"Shifted portmap ranges not supported with this kernel");
-
- __DNAT_fcheck(cb, &range->flags);
}
static void DNAT_print6(const void *ip, const struct xt_entry_target *target,
.print = DNAT_print_v2,
.save = DNAT_save_v2,
.x6_parse = DNAT_parse_v2,
- .x6_fcheck = DNAT_fcheck_v2,
.x6_options = DNAT_opts,
.xlate = DNAT_xlate_v2,
},
.print = DNAT_print6_v2,
.save = DNAT_save6_v2,
.x6_parse = DNAT_parse6_v2,
- .x6_fcheck = DNAT_fcheck_v2,
.x6_options = DNAT_opts,
.xlate = DNAT_xlate6_v2,
},
projects / thirdparty / iptables.git / commitdiff
