netfilter: nat: merge ipv4 and ipv6 nat modules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This series gets rid of nf_nat_ipv6.ko dependency on the ipv6 module,
then merges ipv4 and ipv6 nat into the nat core.

This simplifies code, avoids indirect calls and it makes it possible
to implement NAT support for the nft inet family as a followup.

v3: remove IS_ENABLED() checks for NF_NAT_IPV{4,6} (always false now)
v2: fix build failures with CONFIG_IPV6=n

Florian Westphal (11):
      netfilter: nat: remove module dependency on ipv6 core
      netfilter: ipv6: avoid indirect calls for IPV6=y case
      netfilter: nat: merge ipv4 and ipv6 masquerade functionality
      netfilter: nat: move nlattr parse and xfrm session decode to core
      netfilter: nat: merge nf_nat_ipv4,6 into nat core
      netfilter: nat: remove nf_nat_l4proto.h
      netfilter: nat: remove manip_pkt hook
      netfilter: nat: remove csum_update hook
      netfilter: nat: remove csum_recalc hook
      netfilter: nat: remove l3proto struct
      netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h

 include/linux/netfilter_ipv6.h            |   85 +++
 include/net/netfilter/nf_nat.h            |   45 +
 net/bridge/br_netfilter_hooks.c           |    7
 net/bridge/br_netfilter_ipv6.c            |   22
 net/ipv4/netfilter/Kconfig                |   22
 net/ipv4/netfilter/Makefile               |    4
 net/ipv4/netfilter/iptable_nat.c          |    8
 net/ipv4/netfilter/nft_chain_nat_ipv4.c   |    6
 net/ipv6/netfilter.c                      |   13
 net/ipv6/netfilter/Kconfig                |   26 -
 net/ipv6/netfilter/Makefile               |    4
 net/ipv6/netfilter/ip6table_nat.c         |    8
 net/ipv6/netfilter/nft_chain_nat_ipv6.c   |    6
 net/ipv6/netfilter/nft_fib_ipv6.c         |    9
 net/netfilter/Kconfig                     |   11
 net/netfilter/Makefile                    |    1
 net/netfilter/nf_conntrack_core.c         |    1
 net/netfilter/nf_conntrack_netlink.c      |    2
 net/netfilter/nf_nat_core.c               |  198 ++++---
 net/netfilter/nf_nat_helper.c             |   15
 net/netfilter/nf_nat_masquerade.c         |  208 +++++++-
 net/netfilter/nf_nat_proto.c              |  728 ++++++++++++++++++++++++++--
 net/netfilter/nft_nat.c                   |    2
 net/netfilter/utils.c                     |    6
 net/netfilter/xt_addrtype.c               |   16
 net/netfilter/xt_nat.c                    |    2
 net/openvswitch/Kconfig                   |    2
 net/openvswitch/actions.c                 |    6
 net/openvswitch/conntrack.c               |   12
 tools/testing/selftests/net/config        |    3
 include/net/netfilter/nf_nat_core.h       |   29 -
 include/net/netfilter/nf_nat_l3proto.h    |   50 -
 include/net/netfilter/nf_nat_l4proto.h    |   16
 net/ipv4/netfilter/nf_nat_l3proto_ipv4.c  |  387 --------------
 net/ipv6/netfilter/nf_nat_l3proto_ipv6.c  |  411 ---------------
 net/ipv6/netfilter/nf_nat_masquerade_ipv6.c  223 --------
 36 files changed, 1207 insertions(+), 1387 deletions(-)




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux