summaryrefslogblamecommitdiffstats
path: root/net/netfilter/nf_tproxy_core.c
blob: 5490fc37c92dfa5363a2992fd67fd4f145f65360 (plain) (tree) 
9ad2d745a238 ^












9ad2d745a238 ^





























































9a279bcbe347 ^

9ad2d745a238 ^






















1
2
3
4
5
6
7
8
9
10
11
12

13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

74

75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96












                                                                       




























































                                                                                                       
                                





















                                                                                     
/*
 * Transparent proxy support for Linux/iptables
 *
 * Copyright (c) 2006-2007 BalaBit IT Ltd.
 * Author: Balazs Scheidler, Krisztian Kovacs
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 */

#include <linux/module.h>

#include <linux/net.h>
#include <linux/if.h>
#include <linux/netdevice.h>
#include <net/udp.h>
#include <net/netfilter/nf_tproxy_core.h>

struct sock *
nf_tproxy_get_sock_v4(struct net *net, const u8 protocol,
		      const __be32 saddr, const __be32 daddr,
		      const __be16 sport, const __be16 dport,
		      const struct net_device *in, bool listening_only)
{
	struct sock *sk;

	/* look up socket */
	switch (protocol) {
	case IPPROTO_TCP:
		if (listening_only)
			sk = __inet_lookup_listener(net, &tcp_hashinfo,
						    daddr, ntohs(dport),
						    in->ifindex);
		else
			sk = __inet_lookup(net, &tcp_hashinfo,
					   saddr, sport, daddr, dport,
					   in->ifindex);
		break;
	case IPPROTO_UDP:
		sk = udp4_lib_lookup(net, saddr, sport, daddr, dport,
				     in->ifindex);
		break;
	default:
		WARN_ON(1);
		sk = NULL;
	}

	pr_debug("tproxy socket lookup: proto %u %08x:%u -> %08x:%u, listener only: %d, sock %p\n",
		 protocol, ntohl(saddr), ntohs(sport), ntohl(daddr), ntohs(dport), listening_only, sk);

	return sk;
}
EXPORT_SYMBOL_GPL(nf_tproxy_get_sock_v4);

static void
nf_tproxy_destructor(struct sk_buff *skb)
{
	struct sock *sk = skb->sk;

	skb->sk = NULL;
	skb->destructor = NULL;

	if (sk)
		nf_tproxy_put_sock(sk);
}

/* consumes sk */
int
nf_tproxy_assign_sock(struct sk_buff *skb, struct sock *sk)
{
	if (inet_sk(sk)->transparent) {
		skb_orphan(skb);
		skb->sk = sk;
		skb->destructor = nf_tproxy_destructor;
		return 1;
	} else
		nf_tproxy_put_sock(sk);

	return 0;
}
EXPORT_SYMBOL_GPL(nf_tproxy_assign_sock);

static int __init nf_tproxy_init(void)
{
	pr_info("NF_TPROXY: Transparent proxy support initialized, version 4.1.0\n");
	pr_info("NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.\n");
	return 0;
}

module_init(nf_tproxy_init);

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Krisztian Kovacs");
MODULE_DESCRIPTION("Transparent proxy support core routines");
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-07-02 18:30:16 +0200
span='5'> | | | | * | | ASoC: Intel: correct the fixed free block allocationJie Yang2014-12-241-1/+5 | | | | * | | ASoC: Intel: Fix BYTCR machine driver MODULE_ALIASJarkko Nikula2014-12-221-1/+1 | | | | * | | ASoC: Intel: Fix BYTCR firmware nameJarkko Nikula2014-12-221-1/+1 | | | | * | | ASoC: Intel: Add I2C dependency to two new machinesJarkko Nikula2014-12-221-2/+2 | | | | |/ / | | | * | | ASoC: dwc: Iterate over all channelsAndrew Jackson2014-12-221-19/+16Star | | | * | | ASoC: dwc: Ensure FIFOs are flushed to prevent channel swapAndrew Jackson2014-12-221-0/+14 | | | |/ / | | * | | Merge remote-tracking branch 'asoc/fix/dapm' into asoc-linusMark Brown2014-12-241-9/+5Star | | |\ \ \ | | | |/ / | | |/| | | | | * | ASoC: dapm: Remove snd_soc_of_parse_audio_routing() due to deferred probeMark Brown2014-12-191-9/+5Star * | | | | Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhostLinus Torvalds2015-01-022-3/+14 |\ \ \ \ \ | * | | | | vhost: relax used address alignmentMichael S. Tsirkin2014-12-291-3/+7 | * | | | | virtio_ring: document alignment requirementsMichael S. Tsirkin2014-12-291-0/+7 | | |_|_|/ | |/| | | * | | | | Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/auditLinus Torvalds2014-12-311-9/+40 |\ \ \ \ \ | * | | | | audit: create private file name copies when auditing inodesPaul Moore2014-12-301-9/+40 * | | | | | Revert "Input: atmel_mxt_ts - use deep sleep mode when stopped"Linus Torvalds2014-12-311-73/+26Star * | | | | | Merge tag 'nios2-fixes-v3.19-rc3' of git://git.rocketboards.org/linux-socfpga...Linus Torvalds2014-12-312-18/+3Star |\ \ \ \ \ \ | * | | | | | nios2: Use preempt_schedule_irqTobias Klauser2014-12-311-18/+2Star | * | | | | | nios2: Initialize cpuinfo.mmuWalter Goossens2014-12-311-0/+1 | | |/ / / / | |/| | | | * | | | | | Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Linus Torvalds2014-12-311-0/+3 |\ \ \ \ \ \ | * | | | | | crypto: af_alg - fix backlog handlingRabin Vincent2014-12-221-0/+3 | | |_|_|/ / | |/| | | | * | | | | | Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/...Linus Torvalds2014-12-313-25/+2Star |\ \ \ \ \ \ | * | | | | | Add USB_EHCI_EXYNOS to multi_v7_defconfigSteev Klimaszewski2014-12-301-0/+1 | * | | | | | Merge tag 'mvebu-fixes-3.19' of git://git.infradead.org/linux-mvebu into fixesArnd Bergmann2014-12-30