diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2007-02-12 22:43:25 -0800 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2007-02-12 22:43:25 -0800 |
commit | d9bc125caf592b7d081021f32ce5b717efdf70c8 (patch) | |
tree | 263b7066ba22ddce21db610c0300f6eaac6f2064 /net/ipv4/netfilter/nf_nat_rule.c | |
parent | NFS: disconnect before retrying NFSv4 requests over TCP (diff) | |
parent | Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6 (diff) | |
download | linux-dev-d9bc125caf592b7d081021f32ce5b717efdf70c8.tar.xz linux-dev-d9bc125caf592b7d081021f32ce5b717efdf70c8.zip |
Merge branch 'master' of /home/trondmy/kernel/linux-2.6/
Conflicts:
net/sunrpc/auth_gss/gss_krb5_crypto.c
net/sunrpc/auth_gss/gss_spkm3_token.c
net/sunrpc/clnt.c
Merge with mainline and fix conflicts.
Diffstat (limited to 'net/ipv4/netfilter/nf_nat_rule.c')
-rw-r--r-- | net/ipv4/netfilter/nf_nat_rule.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c index b868ee0195d4..147a4370cf03 100644 --- a/net/ipv4/netfilter/nf_nat_rule.c +++ b/net/ipv4/netfilter/nf_nat_rule.c @@ -56,8 +56,8 @@ static struct /* PRE_ROUTING */ { .entry = { - .target_offset = sizeof(struct ipt_entry), - .next_offset = sizeof(struct ipt_standard), + .target_offset = sizeof(struct ipt_entry), + .next_offset = sizeof(struct ipt_standard), }, .target = { .target = { @@ -71,8 +71,8 @@ static struct /* POST_ROUTING */ { .entry = { - .target_offset = sizeof(struct ipt_entry), - .next_offset = sizeof(struct ipt_standard), + .target_offset = sizeof(struct ipt_entry), + .next_offset = sizeof(struct ipt_standard), }, .target = { .target = { @@ -86,8 +86,8 @@ static struct /* LOCAL_OUT */ { .entry = { - .target_offset = sizeof(struct ipt_entry), - .next_offset = sizeof(struct ipt_standard), + .target_offset = sizeof(struct ipt_entry), + .next_offset = sizeof(struct ipt_standard), }, .target = { .target = { @@ -119,7 +119,7 @@ static struct } }; -static struct ipt_table nat_table = { +static struct xt_table nat_table = { .name = "nat", .valid_hooks = NAT_VALID_HOOKS, .lock = RW_LOCK_UNLOCKED, @@ -145,7 +145,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb, /* Connection must be valid and new. */ NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED || - ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY)); + ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY)); NF_CT_ASSERT(out); return nf_nat_setup_info(ct, &mr->range[0], hooknum); @@ -226,6 +226,10 @@ static int ipt_dnat_checkentry(const char *tablename, printk("DNAT: multiple ranges no longer supported\n"); return 0; } + if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM) { + printk("DNAT: port randomization not supported\n"); + return 0; + } return 1; } @@ -252,8 +256,8 @@ alloc_null_binding(struct nf_conn *ct, unsigned int alloc_null_binding_confirmed(struct nf_conn *ct, - struct nf_nat_info *info, - unsigned int hooknum) + struct nf_nat_info *info, + unsigned int hooknum) { __be32 ip = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC @@ -290,7 +294,7 @@ int nf_nat_rule_find(struct sk_buff **pskb, return ret; } -static struct ipt_target ipt_snat_reg = { +static struct xt_target ipt_snat_reg = { .name = "SNAT", .target = ipt_snat_target, .targetsize = sizeof(struct nf_nat_multi_range_compat), |