summaryrefslogtreecommitdiffstats
path: root/ip6t_SNPTV6.c
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2011-11-10 07:53:52 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2011-11-10 07:53:52 +0100
commita95082117ad4813141f5733e5c3dda8efc5dec16 (patch)
tree61edab08d7390e0179fc6c2900234c040168500a /ip6t_SNPTV6.c
parentc25768e4311eaf9e9d9166e42fe74e9c597c466d (diff)
downloadNPTv6-a95082117ad4813141f5733e5c3dda8efc5dec16.tar
NPTv6-a95082117ad4813141f5733e5c3dda8efc5dec16.zip
Make this work again.
Diffstat (limited to 'ip6t_SNPTV6.c')
-rw-r--r--ip6t_SNPTV6.c83
1 files changed, 83 insertions, 0 deletions
diff --git a/ip6t_SNPTV6.c b/ip6t_SNPTV6.c
new file mode 100644
index 0000000..5651382
--- /dev/null
+++ b/ip6t_SNPTV6.c
@@ -0,0 +1,83 @@
+/*
+ * NATv6: IPv6-to-IPv6 Network Prefix Translation as
+ * proposed in RFC 6296.
+ * Based on MAP66 (c) 2010 sven-ola()gmx.de
+ * (c) 2011 mschiffer()universe-factory.net "I'm the one to blame for any problems with this version ;P"
+ */
+
+#include <linux/module.h>
+#include <linux/version.h>
+#include <linux/netfilter_ipv6/ip6_tables.h>
+#include <net/ipv6.h>
+
+#include "ip6t_NPTV6_common.h"
+
+MODULE_AUTHOR("Matthias Schiffer <mschiffer()universe-factory.net>");
+MODULE_DESCRIPTION("Xtables: Source NPTv6 - IPv6-to-IPv6 Network Prefix Translation");
+MODULE_LICENSE("GPL");
+
+
+static unsigned int snptv6_tg6(struct sk_buff *skb, const struct xt_action_param *par)
+{
+ struct ipv6hdr* hdr = ipv6_hdr(skb);
+ const struct ip6t_nptv6_info *info = par->targinfo;
+
+ pr_devel("SNPTV6: enter in=%s, out=%s, saddr=" NIP6_FMT ", daddr=" NIP6_FMT "\n",
+ NULL != par->in ? par->in->name : "",
+ NULL != par->out ? par->out->name : "",
+ NIP6(hdr->saddr), NIP6(hdr->daddr));
+
+ if (!skb_make_writable(skb, sizeof(struct ipv6hdr))) {
+ pr_devel("SNPTV6: unwriteable, dropped\n");
+ return NF_DROP;
+ }
+ hdr = ipv6_hdr(skb);
+
+ if (!translate_address(&hdr->saddr, &info->nptv6_prefix, info->nptv6_prefix_len)) {
+ pr_devel("SNPTV6: untranslatable address\n");
+ return NF_DROP;
+ }
+
+ pr_devel("SNPTV6: exit in=%s, out=%s, saddr=" NIP6_FMT ", daddr=" NIP6_FMT "\n",
+ NULL != par->in ? par->in->name : "",
+ NULL != par->out ? par->out->name : "",
+ NIP6(hdr->saddr), NIP6(hdr->daddr));
+
+ return NF_ACCEPT;
+}
+
+static int snptv6_tg6_check(const struct xt_tgchk_param *par)
+{
+ const struct ip6t_nptv6_info *info = par->targinfo;
+
+ if (info->nptv6_prefix_len > 64) {
+ printk("SNPTV6: Prefix length longer than 64 given\n");
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+static struct xt_target snptv6_tg6_reg __read_mostly = {
+ .name = "SNPTV6",
+ .family = NFPROTO_IPV6,
+ .target = snptv6_tg6,
+ .checkentry = snptv6_tg6_check,
+ .targetsize = sizeof(struct ip6t_nptv6_info),
+ .table = "mangle",
+ .hooks = (1 << NF_INET_POST_ROUTING),
+ .me = THIS_MODULE,
+};
+
+static int __init snptv6_tg6_init(void)
+{
+ return xt_register_target(&snptv6_tg6_reg);
+}
+
+static void __exit snptv6_tg6_exit(void)
+{
+ xt_unregister_target(&snptv6_tg6_reg);
+}
+
+module_init(snptv6_tg6_init);
+module_exit(snptv6_tg6_exit);