From patchwork Tue Mar 26 20:57:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066074 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="QTtviprO"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkH14gRz9sV0 for ; Wed, 27 Mar 2019 07:57:43 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732767AbfCZU5l (ORCPT ); Tue, 26 Mar 2019 16:57:41 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21034 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU5l (ORCPT ); Tue, 26 Mar 2019 16:57:41 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633853; cv=none; d=zoho.com; s=zohoarc; b=RhQWLO3T4u4ndOJBmzpTAnEAM9KrqYP9+FGbdQEgjdUmgNTclRFbJWyLjiAXMqJNrN7xE7ApLJGTnysqnPjwsO9wSjn0j9W0rCzLEOsqZRBye53wsU6WbQ/EAHmAhvzU78xezZt7G3XmNShsHz0xEv7IU8CRPoZ67TVc7ek9tWk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633853; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=gbK3oRcV1+O/l27rLJlwgzN3TUvSMaSvpnfknpakots=; b=Bl7jS3hCT/s5AzsASU+EHBMy5AXd/OmPRuMG4nAtomg6SJ3qaf4ZWlncSsKjW7xPRdF+e1Ee++kcxT3drP1ER/yoBGOaKhWC54c4Veae3POa34dEnXqxS+lcMkEXDw549YVXCC/KsO45Mbfe7XmTRv7Tp9US4Mv4BOpaT5CVXNs= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633853; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=4532; bh=gbK3oRcV1+O/l27rLJlwgzN3TUvSMaSvpnfknpakots=; b=QTtviprOw+PM5Cyhk+95lYsGCek+RhmEVs7qbjK9XZjdBVx6kfRxc/4lWPJTIysL jqtvzRRq6LSYcR9HsSc3bar8VTAJVR1n7GxwNIDhYAh1j6q1U9VNqIB18TPXeM8EGYi YIeGTrbP7uzJGe7/KnL6CUgW3u2OgsWvmD7b9920= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633851785306.0051481156381; Tue, 26 Mar 2019 13:57:31 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-2-fbl@sysclose.org> Subject: [PATCH net-next 1/8] netfilter: use macros to create module aliases. Date: Tue, 26 Mar 2019 17:57:08 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Each NAT helper creates a module alias which follows a pattern. Use macros for consistency. Signed-off-by: Flavio Leitner --- include/net/netfilter/nf_conntrack_helper.h | 4 ++++ net/ipv4/netfilter/nf_nat_h323.c | 2 +- net/ipv4/netfilter/nf_nat_pptp.c | 2 +- net/netfilter/nf_nat_amanda.c | 2 +- net/netfilter/nf_nat_ftp.c | 2 +- net/netfilter/nf_nat_irc.c | 2 +- net/netfilter/nf_nat_sip.c | 2 +- net/netfilter/nf_nat_tftp.c | 2 +- 8 files changed, 11 insertions(+), 7 deletions(-) diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index ec52a8dc32fd..e86fadf7e7c5 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -15,6 +15,10 @@ #include #include +#define NF_CT_NAT_HELPER_MOD_NAME(name) "ip_nat_" name +#define MODULE_ALIAS_NFCT_HELPER_NAT(name) \ + MODULE_ALIAS(NF_CT_NAT_HELPER_MOD_NAME(name)) + struct module; enum nf_ct_helper_flags { diff --git a/net/ipv4/netfilter/nf_nat_h323.c b/net/ipv4/netfilter/nf_nat_h323.c index 4e6b53ab6c33..09754e787692 100644 --- a/net/ipv4/netfilter/nf_nat_h323.c +++ b/net/ipv4/netfilter/nf_nat_h323.c @@ -631,4 +631,4 @@ module_exit(fini); MODULE_AUTHOR("Jing Min Zhao "); MODULE_DESCRIPTION("H.323 NAT helper"); MODULE_LICENSE("GPL"); -MODULE_ALIAS("ip_nat_h323"); +MODULE_ALIAS_NFCT_HELPER_NAT("h323"); diff --git a/net/ipv4/netfilter/nf_nat_pptp.c b/net/ipv4/netfilter/nf_nat_pptp.c index 68b4d450391b..1a984e5db88a 100644 --- a/net/ipv4/netfilter/nf_nat_pptp.c +++ b/net/ipv4/netfilter/nf_nat_pptp.c @@ -37,7 +37,7 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Harald Welte "); MODULE_DESCRIPTION("Netfilter NAT helper module for PPTP"); -MODULE_ALIAS("ip_nat_pptp"); +MODULE_ALIAS_NFCT_HELPER_NAT("pptp"); static void pptp_nat_expected(struct nf_conn *ct, struct nf_conntrack_expect *exp) diff --git a/net/netfilter/nf_nat_amanda.c b/net/netfilter/nf_nat_amanda.c index e4d61a7a5258..e87075763f73 100644 --- a/net/netfilter/nf_nat_amanda.c +++ b/net/netfilter/nf_nat_amanda.c @@ -22,7 +22,7 @@ MODULE_AUTHOR("Brian J. Murrell "); MODULE_DESCRIPTION("Amanda NAT helper"); MODULE_LICENSE("GPL"); -MODULE_ALIAS("ip_nat_amanda"); +MODULE_ALIAS_NFCT_HELPER_NAT("amanda"); static unsigned int help(struct sk_buff *skb, enum ip_conntrack_info ctinfo, diff --git a/net/netfilter/nf_nat_ftp.c b/net/netfilter/nf_nat_ftp.c index 5063cbf1689c..19f5739fd5e2 100644 --- a/net/netfilter/nf_nat_ftp.c +++ b/net/netfilter/nf_nat_ftp.c @@ -24,7 +24,7 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Rusty Russell "); MODULE_DESCRIPTION("ftp NAT helper"); -MODULE_ALIAS("ip_nat_ftp"); +MODULE_ALIAS_NFCT_HELPER_NAT("ftp"); /* FIXME: Time out? --RR */ diff --git a/net/netfilter/nf_nat_irc.c b/net/netfilter/nf_nat_irc.c index 3aa35a43100d..c18e3ce6589b 100644 --- a/net/netfilter/nf_nat_irc.c +++ b/net/netfilter/nf_nat_irc.c @@ -26,7 +26,7 @@ MODULE_AUTHOR("Harald Welte "); MODULE_DESCRIPTION("IRC (DCC) NAT helper"); MODULE_LICENSE("GPL"); -MODULE_ALIAS("ip_nat_irc"); +MODULE_ALIAS_NFCT_HELPER_NAT("irc"); static unsigned int help(struct sk_buff *skb, enum ip_conntrack_info ctinfo, diff --git a/net/netfilter/nf_nat_sip.c b/net/netfilter/nf_nat_sip.c index aa1be643d7a0..f31c2a1b95b8 100644 --- a/net/netfilter/nf_nat_sip.c +++ b/net/netfilter/nf_nat_sip.c @@ -27,7 +27,7 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Christian Hentschel "); MODULE_DESCRIPTION("SIP NAT helper"); -MODULE_ALIAS("ip_nat_sip"); +MODULE_ALIAS_NFCT_HELPER_NAT("sip"); static unsigned int mangle_packet(struct sk_buff *skb, unsigned int protoff, diff --git a/net/netfilter/nf_nat_tftp.c b/net/netfilter/nf_nat_tftp.c index 7f67e1d5310d..51673aa6e1dc 100644 --- a/net/netfilter/nf_nat_tftp.c +++ b/net/netfilter/nf_nat_tftp.c @@ -16,7 +16,7 @@ MODULE_AUTHOR("Magnus Boden "); MODULE_DESCRIPTION("TFTP NAT helper"); MODULE_LICENSE("GPL"); -MODULE_ALIAS("ip_nat_tftp"); +MODULE_ALIAS_NFCT_HELPER_NAT("tftp"); static unsigned int help(struct sk_buff *skb, enum ip_conntrack_info ctinfo, From patchwork Tue Mar 26 20:57:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066076 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="doUPSJr8"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkP4cchz9sV0 for ; Wed, 27 Mar 2019 07:57:49 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732803AbfCZU5s (ORCPT ); Tue, 26 Mar 2019 16:57:48 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21044 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU5s (ORCPT ); Tue, 26 Mar 2019 16:57:48 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633857; cv=none; d=zoho.com; s=zohoarc; b=E9Qz1e5pApwzLbjD/7B0cxDWxPHUXxXqmQqn82aaOgHSSPfYa/BwAUR0MLsWstUMthiaD//3s5BZC6u5EuIJJtgAZZwTpnv0luLmqw27oPHu5DPXA9r1tnIBKcEyCgK66qnrHOk6kdTI/qDfNnPzfQG42PGUmpSMnAljK8wQLN0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633857; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=sVTUDP1D/Xg9En8NKjz9zg6WRIOmBBfHMtuk9ue6A3I=; b=QbpnTq2ok+rtWZFm3wDES/pUsjaEX9EU3gtGY7CyJrWFFLZQ3DPamryXqWxhZj0vMlt1Tiqj7b0zXB8b6LzAgHsb/oAx3uOFVyJO3RCbTo97fITyBYTPD5GAaaB5/FAibhXU9xsOnyVJb94LbgP1zxQf+WXSdgAUZEVDWCRxpxo= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633857; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=13391; bh=sVTUDP1D/Xg9En8NKjz9zg6WRIOmBBfHMtuk9ue6A3I=; b=doUPSJr8hKliL+0YQpEGIGg1XLdvlaHt1t0D3GBV1xy2TTd2Chss5WlOnewQhr41 DzNSoj0hJW37R946teBfK5WxzLnyvZJOkEUVAZ27O+WB98b8tRPi/S5l8J6rist/4qT 1ox/z0e4aayHUKz27RXbT+8u3aIuU3y2ARXHCxOY= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633856195782.1851203181355; Tue, 26 Mar 2019 13:57:36 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-3-fbl@sysclose.org> Subject: [PATCH net-next 2/8] netfilter: add API to manage NAT helpers. Date: Tue, 26 Mar 2019 17:57:09 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The API allows a conntrack helper to indicate its corresponding NAT helper which then can be loaded and reference counted. Signed-off-by: Flavio Leitner --- include/net/netfilter/nf_conntrack_helper.h | 19 +++- net/netfilter/nf_conntrack_amanda.c | 2 + net/netfilter/nf_conntrack_ftp.c | 6 +- net/netfilter/nf_conntrack_helper.c | 108 +++++++++++++++++++- net/netfilter/nf_conntrack_irc.c | 3 +- net/netfilter/nf_conntrack_sane.c | 4 +- net/netfilter/nf_conntrack_sip.c | 12 ++- net/netfilter/nf_conntrack_tftp.c | 6 +- 8 files changed, 147 insertions(+), 13 deletions(-) diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index e86fadf7e7c5..0d36d6bfb522 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -58,6 +58,8 @@ struct nf_conntrack_helper { unsigned int queue_num; /* length of userspace private data stored in nf_conn_help->data */ u16 data_len; + /* name of NAT helper module */ + char nat_mod_name[NF_CT_HELPER_NAME_LEN]; }; /* Must be kept in sync with the classes defined by helpers */ @@ -98,7 +100,8 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper, enum ip_conntrack_info ctinfo), int (*from_nlattr)(struct nlattr *attr, struct nf_conn *ct), - struct module *module); + struct module *module, + const char *nat_mod_name); int nf_conntrack_helper_register(struct nf_conntrack_helper *); void nf_conntrack_helper_unregister(struct nf_conntrack_helper *); @@ -157,4 +160,18 @@ nf_ct_helper_expectfn_find_by_symbol(const void *symbol); extern struct hlist_head *nf_ct_helper_hash; extern unsigned int nf_ct_helper_hsize; +struct nf_conntrack_helper_nat { + struct list_head list; + char name[NF_CT_HELPER_NAME_LEN]; + struct module *module; /* pointer to self */ +}; + +void nf_ct_helper_nat_init(struct nf_conntrack_helper_nat *nat, + const char *name, struct module *module); + +void nf_conntrack_helper_nat_register(struct nf_conntrack_helper_nat *nat); +void nf_conntrack_helper_nat_unregister(struct nf_conntrack_helper_nat *nat); +int nf_conntrack_helper_nat_try_module_get(const char *name, u16 l3num, + u8 protonum); +void nf_conntrack_helper_nat_put(struct nf_conntrack_helper *helper); #endif /*_NF_CONNTRACK_HELPER_H*/ diff --git a/net/netfilter/nf_conntrack_amanda.c b/net/netfilter/nf_conntrack_amanda.c index f2681ec5b5f6..b5d255897d9e 100644 --- a/net/netfilter/nf_conntrack_amanda.c +++ b/net/netfilter/nf_conntrack_amanda.c @@ -186,6 +186,7 @@ static struct nf_conntrack_helper amanda_helper[2] __read_mostly = { .tuple.src.u.udp.port = cpu_to_be16(10080), .tuple.dst.protonum = IPPROTO_UDP, .expect_policy = &amanda_exp_policy, + .nat_mod_name = NF_CT_NAT_HELPER_MOD_NAME("amanda"), }, { .name = "amanda", @@ -195,6 +196,7 @@ static struct nf_conntrack_helper amanda_helper[2] __read_mostly = { .tuple.src.u.udp.port = cpu_to_be16(10080), .tuple.dst.protonum = IPPROTO_UDP, .expect_policy = &amanda_exp_policy, + .nat_mod_name = NF_CT_NAT_HELPER_MOD_NAME("amanda"), }, }; diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c index a11c304fb771..fec9bb462071 100644 --- a/net/netfilter/nf_conntrack_ftp.c +++ b/net/netfilter/nf_conntrack_ftp.c @@ -590,10 +590,12 @@ static int __init nf_conntrack_ftp_init(void) for (i = 0; i < ports_c; i++) { nf_ct_helper_init(&ftp[2 * i], AF_INET, IPPROTO_TCP, "ftp", FTP_PORT, ports[i], ports[i], &ftp_exp_policy, - 0, help, nf_ct_ftp_from_nlattr, THIS_MODULE); + 0, help, nf_ct_ftp_from_nlattr, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("ftp")); nf_ct_helper_init(&ftp[2 * i + 1], AF_INET6, IPPROTO_TCP, "ftp", FTP_PORT, ports[i], ports[i], &ftp_exp_policy, - 0, help, nf_ct_ftp_from_nlattr, THIS_MODULE); + 0, help, nf_ct_ftp_from_nlattr, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("ftp")); } ret = nf_conntrack_helpers_register(ftp, ports_c * 2); diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c index 274baf1dab87..883a8d438503 100644 --- a/net/netfilter/nf_conntrack_helper.c +++ b/net/netfilter/nf_conntrack_helper.c @@ -42,6 +42,9 @@ module_param_named(nf_conntrack_helper, nf_ct_auto_assign_helper, bool, 0644); MODULE_PARM_DESC(nf_conntrack_helper, "Enable automatic conntrack helper assignment (default 0)"); +static struct list_head nf_ct_nat_helpers __read_mostly; +static DEFINE_SPINLOCK(nf_ct_nat_helpers_lock); + /* Stupid hash, but collision free for the default registrations of the * helpers currently in the kernel. */ static unsigned int helper_hash(const struct nf_conntrack_tuple *tuple) @@ -130,6 +133,75 @@ void nf_conntrack_helper_put(struct nf_conntrack_helper *helper) } EXPORT_SYMBOL_GPL(nf_conntrack_helper_put); +static struct nf_conntrack_helper_nat * +nf_conntrack_helper_nat_find(const char *name) +{ + struct nf_conntrack_helper_nat *cur; + bool found = false; + + list_for_each_entry_rcu(cur, &nf_ct_nat_helpers, list) { + if (!strcmp(cur->name, name)) { + found = true; + break; + } + } + return found ? cur : NULL; +} + +int +nf_conntrack_helper_nat_try_module_get(const char *name, u16 l3num, u8 protonum) +{ + struct nf_conntrack_helper *h; + struct nf_conntrack_helper_nat *nat; + char mod_name[NF_CT_HELPER_NAME_LEN]; + int ret = 0; + + rcu_read_lock(); + h = __nf_conntrack_helper_find(name, l3num, protonum); + if (h == NULL) { + rcu_read_unlock(); + return -EINVAL; + } + + if (!strlen(h->nat_mod_name)) { + rcu_read_unlock(); + return -EOPNOTSUPP; + } + + nat = nf_conntrack_helper_nat_find(h->nat_mod_name); + if (nat == NULL) { + snprintf(mod_name, sizeof(mod_name), "%s", h->nat_mod_name); + rcu_read_unlock(); + ret = request_module(mod_name); + if (ret != 0) + return ret; + + rcu_read_lock(); + nat = nf_conntrack_helper_nat_find(mod_name); + if (nat == NULL) { + rcu_read_unlock(); + return -EINVAL; + } + } + + if (!try_module_get(nat->module)) + ret = -EINVAL; + + rcu_read_unlock(); + return ret; +} +EXPORT_SYMBOL_GPL(nf_conntrack_helper_nat_try_module_get); + +void nf_conntrack_helper_nat_put(struct nf_conntrack_helper *helper) +{ + struct nf_conntrack_helper_nat *nat; + + nat = nf_conntrack_helper_nat_find(helper->nat_mod_name); + BUG_ON(nat == NULL); + module_put(nat->module); +} +EXPORT_SYMBOL_GPL(nf_conntrack_helper_nat_put); + struct nf_conn_help * nf_ct_helper_ext_add(struct nf_conn *ct, gfp_t gfp) { @@ -420,7 +492,8 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper, enum ip_conntrack_info ctinfo), int (*from_nlattr)(struct nlattr *attr, struct nf_conn *ct), - struct module *module) + struct module *module, + const char *nat_mod_name) { helper->tuple.src.l3num = l3num; helper->tuple.dst.protonum = protonum; @@ -430,6 +503,10 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper, helper->help = help; helper->from_nlattr = from_nlattr; helper->me = module; + helper->nat_mod_name[0] = '\0'; + if (nat_mod_name) + snprintf(helper->nat_mod_name, sizeof(helper->nat_mod_name), + "%s", nat_mod_name); if (spec_port == default_port) snprintf(helper->name, sizeof(helper->name), "%s", name); @@ -466,6 +543,34 @@ void nf_conntrack_helpers_unregister(struct nf_conntrack_helper *helper, } EXPORT_SYMBOL_GPL(nf_conntrack_helpers_unregister); +void nf_conntrack_helper_nat_register(struct nf_conntrack_helper_nat *nat) +{ + BUG_ON(nat->module == NULL); + + spin_lock(&nf_ct_nat_helpers_lock); + list_add_rcu(&nat->list, &nf_ct_nat_helpers); + spin_unlock(&nf_ct_nat_helpers_lock); +} +EXPORT_SYMBOL_GPL(nf_conntrack_helper_nat_register); + +void nf_conntrack_helper_nat_unregister(struct nf_conntrack_helper_nat *nat) +{ + BUG_ON(nat->module == NULL); + + spin_lock(&nf_ct_nat_helpers_lock); + list_del_rcu(&nat->list); + spin_unlock(&nf_ct_nat_helpers_lock); +} +EXPORT_SYMBOL_GPL(nf_conntrack_helper_nat_unregister); + +void nf_ct_helper_nat_init(struct nf_conntrack_helper_nat *nat, + const char *name, struct module *module) +{ + nat->module = module; + snprintf(nat->name, sizeof(nat->name), "%s", name); +} +EXPORT_SYMBOL_GPL(nf_ct_helper_nat_init); + static const struct nf_ct_ext_type helper_extend = { .len = sizeof(struct nf_conn_help), .align = __alignof__(struct nf_conn_help), @@ -493,6 +598,7 @@ int nf_conntrack_helper_init(void) goto out_extend; } + INIT_LIST_HEAD(&nf_ct_nat_helpers); return 0; out_extend: kvfree(nf_ct_helper_hash); diff --git a/net/netfilter/nf_conntrack_irc.c b/net/netfilter/nf_conntrack_irc.c index 4099f4d79bae..659aa2cb5493 100644 --- a/net/netfilter/nf_conntrack_irc.c +++ b/net/netfilter/nf_conntrack_irc.c @@ -261,7 +261,8 @@ static int __init nf_conntrack_irc_init(void) for (i = 0; i < ports_c; i++) { nf_ct_helper_init(&irc[i], AF_INET, IPPROTO_TCP, "irc", IRC_PORT, ports[i], i, &irc_exp_policy, - 0, help, NULL, THIS_MODULE); + 0, help, NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("irc")); } ret = nf_conntrack_helpers_register(&irc[0], ports_c); diff --git a/net/netfilter/nf_conntrack_sane.c b/net/netfilter/nf_conntrack_sane.c index 5072ff96ab33..b08724b8754c 100644 --- a/net/netfilter/nf_conntrack_sane.c +++ b/net/netfilter/nf_conntrack_sane.c @@ -198,11 +198,11 @@ static int __init nf_conntrack_sane_init(void) nf_ct_helper_init(&sane[2 * i], AF_INET, IPPROTO_TCP, "sane", SANE_PORT, ports[i], ports[i], &sane_exp_policy, 0, help, NULL, - THIS_MODULE); + THIS_MODULE, NULL); nf_ct_helper_init(&sane[2 * i + 1], AF_INET6, IPPROTO_TCP, "sane", SANE_PORT, ports[i], ports[i], &sane_exp_policy, 0, help, NULL, - THIS_MODULE); + THIS_MODULE, NULL); } ret = nf_conntrack_helpers_register(sane, ports_c * 2); diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c index f067c6b50857..0d4fca4a329f 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c @@ -1677,19 +1677,23 @@ static int __init nf_conntrack_sip_init(void) nf_ct_helper_init(&sip[4 * i], AF_INET, IPPROTO_UDP, "sip", SIP_PORT, ports[i], i, sip_exp_policy, SIP_EXPECT_MAX, sip_help_udp, - NULL, THIS_MODULE); + NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("sip")); nf_ct_helper_init(&sip[4 * i + 1], AF_INET, IPPROTO_TCP, "sip", SIP_PORT, ports[i], i, sip_exp_policy, SIP_EXPECT_MAX, sip_help_tcp, - NULL, THIS_MODULE); + NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("sip")); nf_ct_helper_init(&sip[4 * i + 2], AF_INET6, IPPROTO_UDP, "sip", SIP_PORT, ports[i], i, sip_exp_policy, SIP_EXPECT_MAX, sip_help_udp, - NULL, THIS_MODULE); + NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("sip")); nf_ct_helper_init(&sip[4 * i + 3], AF_INET6, IPPROTO_TCP, "sip", SIP_PORT, ports[i], i, sip_exp_policy, SIP_EXPECT_MAX, sip_help_tcp, - NULL, THIS_MODULE); + NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("sip")); } ret = nf_conntrack_helpers_register(sip, ports_c * 4); diff --git a/net/netfilter/nf_conntrack_tftp.c b/net/netfilter/nf_conntrack_tftp.c index 548b673b3625..e1fbf892db70 100644 --- a/net/netfilter/nf_conntrack_tftp.c +++ b/net/netfilter/nf_conntrack_tftp.c @@ -121,10 +121,12 @@ static int __init nf_conntrack_tftp_init(void) for (i = 0; i < ports_c; i++) { nf_ct_helper_init(&tftp[2 * i], AF_INET, IPPROTO_UDP, "tftp", TFTP_PORT, ports[i], i, &tftp_exp_policy, - 0, tftp_help, NULL, THIS_MODULE); + 0, tftp_help, NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("tftp")); nf_ct_helper_init(&tftp[2 * i + 1], AF_INET6, IPPROTO_UDP, "tftp", TFTP_PORT, ports[i], i, &tftp_exp_policy, - 0, tftp_help, NULL, THIS_MODULE); + 0, tftp_help, NULL, THIS_MODULE, + NF_CT_NAT_HELPER_MOD_NAME("tftp")); } ret = nf_conntrack_helpers_register(tftp, ports_c * 2); From patchwork Tue Mar 26 20:57:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066078 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="ZH15r7Tw"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkV3lHbz9sV0 for ; Wed, 27 Mar 2019 07:57:54 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732816AbfCZU5x (ORCPT ); Tue, 26 Mar 2019 16:57:53 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21049 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU5x (ORCPT ); Tue, 26 Mar 2019 16:57:53 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633862; cv=none; d=zoho.com; s=zohoarc; b=FLk8JtK/xCESA3ttOF+m6FYVW4F4VhaMBmyuzuhFvFHu+w5bMCO5L8xdBYmBvLN0U2CLBQTP6POXk9pRgZOocFqQcLG+UubNATudhRPqpyF+0fl5cmwS4Rp5d7ocIssembhCRN7sjHJ3PtEjuD59PTrro+V3EliO6uORbGKVXqg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633862; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=RdX7ooXWtC5qFGmUTdLbejQooqCsggbQuPGxptJT6+U=; b=bYjnDNhCNsQRRoTFrQah0Sc1GBa40A4kFEvYLnCedeWFpkob6vnodhBDbyYdEzmcGaExSaFOM+TRLIfepoNHWNfWI6jz537X4CYSpOcN7i81GVzmgxmcjOWWStbnaq1fpToBvaf22EAV4e+hXgCthFwRQpUKOzfrhncM44Em/kA= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633862; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=1323; bh=RdX7ooXWtC5qFGmUTdLbejQooqCsggbQuPGxptJT6+U=; b=ZH15r7Tw+CbgUUmHFf2KhIAFnpTEulTfn92e/gJgzjh+HXdvXKQWvc99hLLwOXOm 2gvfcBvCTfNK0ccFxgX1p8blnYTc5eSYIlhaSHc6dc9Hmfw7olCqD06NrtdMtksO0x8 HF0IjpGnaV1wD0lb9nROL+9qZeNUhS8NjA/oRo2o= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 155363385995557.87658927428356; Tue, 26 Mar 2019 13:57:39 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-4-fbl@sysclose.org> Subject: [PATCH net-next 3/8] netfilter: nf_nat: register amanda NAT helper. Date: Tue, 26 Mar 2019 17:57:10 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Signed-off-by: Flavio Leitner --- net/netfilter/nf_nat_amanda.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/net/netfilter/nf_nat_amanda.c b/net/netfilter/nf_nat_amanda.c index e87075763f73..344096418224 100644 --- a/net/netfilter/nf_nat_amanda.c +++ b/net/netfilter/nf_nat_amanda.c @@ -24,6 +24,8 @@ MODULE_DESCRIPTION("Amanda NAT helper"); MODULE_LICENSE("GPL"); MODULE_ALIAS_NFCT_HELPER_NAT("amanda"); +static struct nf_conntrack_helper_nat helper_nat_amanda; + static unsigned int help(struct sk_buff *skb, enum ip_conntrack_info ctinfo, unsigned int protoff, @@ -74,6 +76,7 @@ static unsigned int help(struct sk_buff *skb, static void __exit nf_nat_amanda_fini(void) { + nf_conntrack_helper_nat_unregister(&helper_nat_amanda); RCU_INIT_POINTER(nf_nat_amanda_hook, NULL); synchronize_rcu(); } @@ -81,6 +84,10 @@ static void __exit nf_nat_amanda_fini(void) static int __init nf_nat_amanda_init(void) { BUG_ON(nf_nat_amanda_hook != NULL); + nf_ct_helper_nat_init(&helper_nat_amanda, + NF_CT_NAT_HELPER_MOD_NAME("amanda"), + THIS_MODULE); + nf_conntrack_helper_nat_register(&helper_nat_amanda); RCU_INIT_POINTER(nf_nat_amanda_hook, help); return 0; } From patchwork Tue Mar 26 20:57:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066081 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="Qsg8oikb"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkZ60cnz9sV1 for ; Wed, 27 Mar 2019 07:57:58 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732829AbfCZU55 (ORCPT ); Tue, 26 Mar 2019 16:57:57 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21055 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU55 (ORCPT ); Tue, 26 Mar 2019 16:57:57 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633865; cv=none; d=zoho.com; s=zohoarc; b=FdcQ3LEkkS40NRDrFE5KfVRS4trKS0Xl49Vvsdzn+W+JkLX26uQ6p+3H8fa8HQYaFTa1+HLBefVJv6nLyB2GkrW8w5zKzJ3ZZKHtgybvroBEcEOclJbhQBipvzT0XpLWtQnRq0f3MrcxAN4VndhRlJb/srnuJNDyVVZ3Xjq0T1M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633865; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=J6R9zZ05Q66AkfnJKfT/JAzkD7QhX0GqMJjcriAtjqc=; b=mykDU3oN9tUWS1d+iU6H7oQTA9ANNpCq2ju+I5SzcE5JjvPeQPEJzvtXWfZFwD6QwaJlHalvhlSiekXOPAGI+dCvgfLIJbEwlbo4vuqqOt3AMDc9kxHTJAnLgBHhsP/3kVtjYy2b+nVe3hK1fE5cWD+ad3382KyqLgvYL7+ANb8= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633865; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=1286; bh=J6R9zZ05Q66AkfnJKfT/JAzkD7QhX0GqMJjcriAtjqc=; b=Qsg8oikbhMgyYLtXxOcNBprsgMhwfPUZNkMKNcclcum2/BSxz0Nq+jwHsZC4ENer tOXcR7rfnb9CaqUaICbPan8l10z4iqb2mXGpbO16PmpOX7F7r8IpuPNVN8PODjAwHun 2PQFxSOUAq2qlnf5JK6WhLblEJ/FtpR201S7RN/I= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633863691345.20847182481066; Tue, 26 Mar 2019 13:57:43 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-5-fbl@sysclose.org> Subject: [PATCH net-next 4/8] netfilter: nf_nat: register ftp NAT helper. Date: Tue, 26 Mar 2019 17:57:11 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Signed-off-by: Flavio Leitner --- net/netfilter/nf_nat_ftp.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/netfilter/nf_nat_ftp.c b/net/netfilter/nf_nat_ftp.c index 19f5739fd5e2..70fddcddad54 100644 --- a/net/netfilter/nf_nat_ftp.c +++ b/net/netfilter/nf_nat_ftp.c @@ -28,6 +28,8 @@ MODULE_ALIAS_NFCT_HELPER_NAT("ftp"); /* FIXME: Time out? --RR */ +static struct nf_conntrack_helper_nat helper_nat_ftp; + static int nf_nat_ftp_fmt_cmd(struct nf_conn *ct, enum nf_ct_ftp_type type, char *buffer, size_t buflen, union nf_inet_addr *addr, u16 port) @@ -124,6 +126,7 @@ static unsigned int nf_nat_ftp(struct sk_buff *skb, static void __exit nf_nat_ftp_fini(void) { + nf_conntrack_helper_nat_unregister(&helper_nat_ftp); RCU_INIT_POINTER(nf_nat_ftp_hook, NULL); synchronize_rcu(); } @@ -131,6 +134,9 @@ static void __exit nf_nat_ftp_fini(void) static int __init nf_nat_ftp_init(void) { BUG_ON(nf_nat_ftp_hook != NULL); + nf_ct_helper_nat_init(&helper_nat_ftp, + NF_CT_NAT_HELPER_MOD_NAME("ftp"), THIS_MODULE); + nf_conntrack_helper_nat_register(&helper_nat_ftp); RCU_INIT_POINTER(nf_nat_ftp_hook, nf_nat_ftp); return 0; } From patchwork Tue Mar 26 20:57:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066083 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="G7teA0xt"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkh03h7z9sV1 for ; Wed, 27 Mar 2019 07:58:04 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732839AbfCZU6C (ORCPT ); Tue, 26 Mar 2019 16:58:02 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21067 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU6C (ORCPT ); Tue, 26 Mar 2019 16:58:02 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633869; cv=none; d=zoho.com; s=zohoarc; b=ZGpr9C+fRFVC/G6waZF0Wxx3Qj7sQCkmsHjco9DS7YEi6NftdPQuiS4jAfz+tdjxtx2cmvUiI/TX71qb/JN4lzs525VSxiG20P2E0dPGiGOPr1xM9v0mWlMjiMwrJsZTv3Xh2QyB35EZ3lKW72eJ6DNhu/EHSeULRkLnQhMpvT8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633869; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=4ujUuF389lOnqKY0B6CaQdC6++eiK9827Ee8dTlrYLI=; b=VqvnJQnd7/OjCgdmj8hSPRZ85uYsQKdSHoiGm4bu4blxIXgXNZuRwz+dW7GKV0Qz99YNWxXkbV+6M1UCMDOFPTA7CS2DodJCspiAxz04APTERod6CNSDKntClG0bUUuEf+ovaaJSl/oO/hHZqaxwSDx+zNRJtUYRE2T+DFJlHPc= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633869; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=1263; bh=4ujUuF389lOnqKY0B6CaQdC6++eiK9827Ee8dTlrYLI=; b=G7teA0xtkTupXufD7lb5qTXwgoSRRAwWtPOl+knUE6CDzruOR6/3pWqBSBdXlTK/ U8LFJamm2YweGd4BqjOrPSevrrRMGPhEQ5s/opLEJ5tgiflW3qsR6arjU3vjoun8+Kf bvPzS5Y8zVriS+ijFrx8xh2L3EfglG+ssuOkJJnM= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633867767240.78749244303606; Tue, 26 Mar 2019 13:57:47 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-6-fbl@sysclose.org> Subject: [PATCH net-next 5/8] netfilter: nf_nat: register irc NAT helper. Date: Tue, 26 Mar 2019 17:57:12 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Signed-off-by: Flavio Leitner --- net/netfilter/nf_nat_irc.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/netfilter/nf_nat_irc.c b/net/netfilter/nf_nat_irc.c index c18e3ce6589b..853e91c1cea5 100644 --- a/net/netfilter/nf_nat_irc.c +++ b/net/netfilter/nf_nat_irc.c @@ -28,6 +28,8 @@ MODULE_DESCRIPTION("IRC (DCC) NAT helper"); MODULE_LICENSE("GPL"); MODULE_ALIAS_NFCT_HELPER_NAT("irc"); +static struct nf_conntrack_helper_nat helper_nat_irc; + static unsigned int help(struct sk_buff *skb, enum ip_conntrack_info ctinfo, unsigned int protoff, @@ -96,6 +98,7 @@ static unsigned int help(struct sk_buff *skb, static void __exit nf_nat_irc_fini(void) { + nf_conntrack_helper_nat_unregister(&helper_nat_irc); RCU_INIT_POINTER(nf_nat_irc_hook, NULL); synchronize_rcu(); } @@ -103,6 +106,9 @@ static void __exit nf_nat_irc_fini(void) static int __init nf_nat_irc_init(void) { BUG_ON(nf_nat_irc_hook != NULL); + nf_ct_helper_nat_init(&helper_nat_irc, + NF_CT_NAT_HELPER_MOD_NAME("irc"), THIS_MODULE); + nf_conntrack_helper_nat_register(&helper_nat_irc); RCU_INIT_POINTER(nf_nat_irc_hook, help); return 0; } From patchwork Tue Mar 26 20:57:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066085 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="ee++TOdM"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkn4cYPz9sV0 for ; Wed, 27 Mar 2019 07:58:09 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732848AbfCZU6I (ORCPT ); Tue, 26 Mar 2019 16:58:08 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21083 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU6H (ORCPT ); Tue, 26 Mar 2019 16:58:07 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633873; cv=none; d=zoho.com; s=zohoarc; b=j5To2kw1MjWBHA3IxGB0kehE322N7kLAjSp0tQxunzGa1pw9+z/YKLN7tUGMjgN3+OlkyLO21uwWfU5gvkxK3fvmJinQk2IH7Id/LBFGuKCSrF7k5B0CFaJQqfuOpcK55SovNQYk1S+SitIcEmCNxKDnjDraYRGqwCGjmhuWz7c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633873; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=TAru2jTqEEdhkxlmEsmL5fYFWp3aX2q1v2JEALqHOEM=; b=avfVa+MTDEDb2HTve0L3bBeB4Pymy9j9RXhC66ZBGlNfj/S0/ukJbnfIsOmS17QSvbFNELWzph/V/52sJUwchcgZiifVrSmAFDKF6Y9eM0O7ubo5GBBzUjJKWwEEHMOGgWbkoBAuJponkbQnpegJtvHsuXen7cMSAsOjq0ElvbE= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633873; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=1434; bh=TAru2jTqEEdhkxlmEsmL5fYFWp3aX2q1v2JEALqHOEM=; b=ee++TOdM75WOmLdlQyf4bFa1jaKNY0ZVTmwe4YKQJakIDG94K4O1SCnvFQYiCXbc FizxmtylRNt894T159RC1vbw984fGJoeOeismmfF5RAjaI+8yOqx351ChQCZNNGI/r6 OAF8Lcd3CilDbrUx78zF0xfqdivNjD9UEk2leryc= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633871652592.329257973618; Tue, 26 Mar 2019 13:57:51 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-7-fbl@sysclose.org> Subject: [PATCH net-next 6/8] netfilter: nf_nat: register sip NAT helper. Date: Tue, 26 Mar 2019 17:57:13 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Signed-off-by: Flavio Leitner --- net/netfilter/nf_nat_sip.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nf_nat_sip.c b/net/netfilter/nf_nat_sip.c index f31c2a1b95b8..42b3d2e7ecbd 100644 --- a/net/netfilter/nf_nat_sip.c +++ b/net/netfilter/nf_nat_sip.c @@ -29,6 +29,7 @@ MODULE_AUTHOR("Christian Hentschel "); MODULE_DESCRIPTION("SIP NAT helper"); MODULE_ALIAS_NFCT_HELPER_NAT("sip"); +static struct nf_conntrack_helper_nat helper_nat_sip; static unsigned int mangle_packet(struct sk_buff *skb, unsigned int protoff, unsigned int dataoff, @@ -656,8 +657,8 @@ static struct nf_ct_helper_expectfn sip_nat = { static void __exit nf_nat_sip_fini(void) { + nf_conntrack_helper_nat_unregister(&helper_nat_sip); RCU_INIT_POINTER(nf_nat_sip_hooks, NULL); - nf_ct_helper_expectfn_unregister(&sip_nat); synchronize_rcu(); } @@ -675,6 +676,9 @@ static const struct nf_nat_sip_hooks sip_hooks = { static int __init nf_nat_sip_init(void) { BUG_ON(nf_nat_sip_hooks != NULL); + nf_ct_helper_nat_init(&helper_nat_sip, + NF_CT_NAT_HELPER_MOD_NAME("sip"), THIS_MODULE); + nf_conntrack_helper_nat_register(&helper_nat_sip); RCU_INIT_POINTER(nf_nat_sip_hooks, &sip_hooks); nf_ct_helper_expectfn_register(&sip_nat); return 0; From patchwork Tue Mar 26 20:57:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066087 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="AsUT3jtU"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNkt0JnBz9sV0 for ; Wed, 27 Mar 2019 07:58:13 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732861AbfCZU6M (ORCPT ); Tue, 26 Mar 2019 16:58:12 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21090 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU6M (ORCPT ); Tue, 26 Mar 2019 16:58:12 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633875; cv=none; d=zoho.com; s=zohoarc; b=h5GNb6PJpRr7g2FRN5tRcZh7VFBopn7H9VLGZJJQpE48G9q0BekBT8sLKTGQvZsCbG493Aw+pHWvs6oFXnm5E1Mbf90TSTpmE7ELVzq9cNWjJ3WbM+GGsVpIZ42+wf8wgja6nHsGRMfm+BgE/S873uXilejHqzYl4KzBN4zFo3s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633875; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=ih8YfcFgGDhETgyWDDz6NzCR2DlozE6kgWZ8CcCFebI=; b=UdAhmYPQdrsOok3tddl4QOEabXIsyZpce9144T0sbAFFJPc1D6ENAPfcXS7wKYuZL2i29D4UwKHAujCstZK5T3yWLm2S1nJYQrcPAOnXwEiuguE4RwO7CFCXR1uNE3sluRvHa7DvBMtYfz7YHdA2LTVyPUwsywKrkk5ehdg8QAU= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633875; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=1284; bh=ih8YfcFgGDhETgyWDDz6NzCR2DlozE6kgWZ8CcCFebI=; b=AsUT3jtUqULOUqIp4i+viSDizgq60ap1rz/1Wyq/iqYwa6R2lXuK1zHW6kIkh09l zm0ApVTYCBIHbIZKTb+fcwRIUzAAqA0+g+eRs94efspSnFaJeY27nTXVomBDBER9Prc dIFFjcU3f++eN8LzpQLtuCUPiRZh5ioAnzQzOV+g= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633875378775.6491236271501; Tue, 26 Mar 2019 13:57:55 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-8-fbl@sysclose.org> Subject: [PATCH net-next 7/8] netfilter: nf_nat: register tftp NAT helper. Date: Tue, 26 Mar 2019 17:57:14 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Signed-off-by: Flavio Leitner --- net/netfilter/nf_nat_tftp.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/netfilter/nf_nat_tftp.c b/net/netfilter/nf_nat_tftp.c index 51673aa6e1dc..5a7af30e3e02 100644 --- a/net/netfilter/nf_nat_tftp.c +++ b/net/netfilter/nf_nat_tftp.c @@ -18,6 +18,8 @@ MODULE_DESCRIPTION("TFTP NAT helper"); MODULE_LICENSE("GPL"); MODULE_ALIAS_NFCT_HELPER_NAT("tftp"); +static struct nf_conntrack_helper_nat helper_nat_tftp; + static unsigned int help(struct sk_buff *skb, enum ip_conntrack_info ctinfo, struct nf_conntrack_expect *exp) @@ -37,6 +39,7 @@ static unsigned int help(struct sk_buff *skb, static void __exit nf_nat_tftp_fini(void) { + nf_conntrack_helper_nat_unregister(&helper_nat_tftp); RCU_INIT_POINTER(nf_nat_tftp_hook, NULL); synchronize_rcu(); } @@ -44,6 +47,9 @@ static void __exit nf_nat_tftp_fini(void) static int __init nf_nat_tftp_init(void) { BUG_ON(nf_nat_tftp_hook != NULL); + nf_ct_helper_nat_init(&helper_nat_tftp, + NF_CT_NAT_HELPER_MOD_NAME("tftp"), THIS_MODULE); + nf_conntrack_helper_nat_register(&helper_nat_tftp); RCU_INIT_POINTER(nf_nat_tftp_hook, help); return 0; } From patchwork Tue Mar 26 20:57:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Flavio Leitner X-Patchwork-Id: 1066089 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sysclose.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=sysclose.org header.i=fbl@sysclose.org header.b="C58GsBia"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 44TNky3Vblz9sV0 for ; Wed, 27 Mar 2019 07:58:18 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732871AbfCZU6R (ORCPT ); Tue, 26 Mar 2019 16:58:17 -0400 Received: from sender-of-o51.zoho.com ([135.84.80.216]:21001 "EHLO sender-of-o51.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732716AbfCZU6Q (ORCPT ); Tue, 26 Mar 2019 16:58:16 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1553633880; cv=none; d=zoho.com; s=zohoarc; b=Bq+l9U2WHzPgWd4reTaP6NjV2hMPBqFSMx1pTjoTrOaDpoLBrWrdjZO9Ifnv5uDmxl+QS65LNYLHh6cfUuoy3a4/LCsQquZP6XBnmPGoC5+GyawxqzqhyE2Y7UiHaSE4BcprpLfNjsJR5IoyDMBwu7kZEtdDrxXcjdlf80AUgDs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1553633880; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=G8QQucY9Kz1XJ+21AaQeXMshwUdjgwC5KoHAY8pdQqQ=; b=jWaZH/zWi1b8Cf9q3ZHYDjaF8Yl2nStc8b1hmrCP4XWKbay5lOOVnJWsDTtpsODN4BcggdKDtMMmhuJBuoJiwcp3S6Iel7dxnZDvtVcMFiRjSq777SYtsBvhsbwrFvBzAYNYQIYWfydSBiD+5oCgdze/nsQUjYdpEgX7xtbQCFY= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass header.i=sysclose.org; spf=pass smtp.mailfrom=fbl@sysclose.org; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633880; s=zoho; d=sysclose.org; i=fbl@sysclose.org; h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type; l=2480; bh=G8QQucY9Kz1XJ+21AaQeXMshwUdjgwC5KoHAY8pdQqQ=; b=C58GsBia7jJJpbaZZBcyuQZqiS3PXP2Yj0DYRFFExDTfoAtIVk76wiSLqwX/mvux xdaCfpsxGkewiXOuiLmf6ZJjrJGNY6kr+/1tYob1UzHfkY5CMogR5mF3UyURbmJmWtg HlQbXdxfndO6QiGwo2JsZmO3uxXJ5sgFxhxOmRKs= Received: from localhost (177.183.215.126 [177.183.215.126]) by mx.zohomail.com with SMTPS id 1553633879367456.6709163022415; Tue, 26 Mar 2019 13:57:59 -0700 (PDT) From: Flavio Leitner To: netdev@vger.kernel.org Cc: Joe Stringer , Pravin B Shelar , dev@openvswitch.org, netfilter-devel@vger.kernel.org Message-ID: <20190326205715.22288-9-fbl@sysclose.org> Subject: [PATCH net-next 8/8] openvswitch: load and reference the NAT helper. Date: Tue, 26 Mar 2019 17:57:15 -0300 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org> References: <20190326205715.22288-1-fbl@sysclose.org> MIME-Version: 1.0 X-ZohoMailClient: External Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This improves the original commit 17c357efe5ec ("openvswitch: load NAT helper") where it unconditionally tries to load the module for every flow using NAT, so not efficient when loading multiple flows. It also doesn't hold any references to the NAT module while the flow is active. This change fixes those problems. It will try to load the module only if it's not present. It grabs a reference to the NAT module and holds it while the flow is active. Finally, an error message shows up if either actions above fails. Fixes: 17c357efe5ec ("openvswitch: load NAT helper") Signed-off-by: Flavio Leitner --- net/openvswitch/conntrack.c | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c index 845b83598e0d..fb58637a27c9 100644 --- a/net/openvswitch/conntrack.c +++ b/net/openvswitch/conntrack.c @@ -1305,6 +1305,7 @@ static int ovs_ct_add_helper(struct ovs_conntrack_info *info, const char *name, { struct nf_conntrack_helper *helper; struct nf_conn_help *help; + int ret = 0; helper = nf_conntrack_helper_try_module_get(name, info->family, key->ip.proto); @@ -1319,13 +1320,22 @@ static int ovs_ct_add_helper(struct ovs_conntrack_info *info, const char *name, return -ENOMEM; } +#ifdef CONFIG_NF_NAT_NEEDED + if (info->nat) { + ret = nf_conntrack_helper_nat_try_module_get(name, + info->family, + key->ip.proto); + if (ret) { + nf_conntrack_helper_put(helper); + OVS_NLERR(log, "Failed to load \"%s\" NAT helper, err: %d", + name, ret); + return ret; + } + } +#endif rcu_assign_pointer(help->helper, helper); info->helper = helper; - - if (info->nat) - request_module("ip_nat_%s", name); - - return 0; + return ret; } #ifdef CONFIG_NF_NAT_NEEDED @@ -1776,8 +1786,13 @@ void ovs_ct_free_action(const struct nlattr *a) static void __ovs_ct_free_action(struct ovs_conntrack_info *ct_info) { - if (ct_info->helper) + if (ct_info->helper) { +#ifdef CONFIG_NF_NAT_NEEDED + if (ct_info->nat) + nf_conntrack_helper_nat_put(ct_info->helper); +#endif nf_conntrack_helper_put(ct_info->helper); + } if (ct_info->ct) nf_ct_tmpl_free(ct_info->ct); }