[PATCH nf-next v2 00/11] netfilter: nat: remove module dependency on

Florian Westphal <fw@xxxxxxxxx> · Fri, 1 Feb 2019 16:26:52 +0100

This series gets rid of nf_nat_ipv6.ko dependency on the ipv6 module,
then merges ipv4 and ipv6 nat into the nat core.

This simplifies code, avoids indirect calls and it makes it possible
to implement NAT support for the nft inet family as a followup.

v2: fix build errors with CONFIG_NETFILTER=n/CONFIG_IPV6=n.

Florian Westphal (11):
      netfilter: nat: remove module dependency on ipv6 core
      netfilter: ipv6: avoid indirect calls for IPV6=y case
      netfilter: nat: merge ipv4 and ipv6 masquerade functionality
      netfilter: nat: move nlattr parse and xfrm session decode to core
      netfilter: nat: merge nf_nat_ipv4,6 into nat core
      netfilter: nat: remove nf_nat_l4proto.h
      netfilter: nat: remove manip_pkt hook
      netfilter: nat: remove csum_update hook
      netfilter: nat: remove csum_recalc hook
      netfilter: nat: remove l3proto struct
      netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h

 include/linux/netfilter_ipv6.h            |   85 +++
 include/net/netfilter/nf_nat.h            |   45 +
 net/bridge/br_netfilter_hooks.c           |    7
 net/bridge/br_netfilter_ipv6.c            |   22
 net/ipv4/netfilter/Kconfig                |   22
 net/ipv4/netfilter/Makefile               |    4
 net/ipv4/netfilter/iptable_nat.c          |    8
 net/ipv4/netfilter/nft_chain_nat_ipv4.c   |    6
 net/ipv6/netfilter.c                      |   11
 net/ipv6/netfilter/Kconfig                |   26 -
 net/ipv6/netfilter/Makefile               |    4
 net/ipv6/netfilter/ip6table_nat.c         |    8
 net/ipv6/netfilter/nft_chain_nat_ipv6.c   |    6
 net/ipv6/netfilter/nft_fib_ipv6.c         |    9
 net/netfilter/Kconfig                     |   11
 net/netfilter/Makefile                    |    1
 net/netfilter/nf_conntrack_core.c         |    1
 net/netfilter/nf_conntrack_netlink.c      |    2
 net/netfilter/nf_nat_core.c               |  198 ++++---
 net/netfilter/nf_nat_helper.c             |   15
 b/net/netfilter/nf_nat_masquerade.c       |  208 +++++++-
 net/netfilter/nf_nat_proto.c              |  728 ++++++++++++++++++++++++++--
 net/netfilter/nft_nat.c                   |    2
 net/netfilter/utils.c                     |    6
 net/netfilter/xt_addrtype.c               |   16
 net/netfilter/xt_nat.c                    |    2
 net/openvswitch/actions.c                 |    6
 net/openvswitch/conntrack.c               |    4
 include/net/netfilter/nf_nat_core.h       |   29 -
 include/net/netfilter/nf_nat_l3proto.h    |   50 -
 include/net/netfilter/nf_nat_l4proto.h    |   16
 net/ipv4/netfilter/nf_nat_l3proto_ipv4.c  |  387 --------------
 net/ipv6/netfilter/nf_nat_l3proto_ipv6.c  |  411 ---------------
 net/ipv6/netfilter/nf_nat_masquerade_ipv6.c  223 --------
 34 files changed, 1202 insertions(+), 1379 deletions(-)