- 25 Mar, 2008 7 commits
-
-
Patrick McHardy authored
Introduce new function for SIP header parsing that properly deals with continuation lines and whitespace in headers and use it. Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
The request URI is not a header and needs to be treated differently than real SIP headers. Add a seperate function for parsing it and get rid of the POS_REQ_URI/POS_REG_REQ_URI definitions. Signed-off-by:
-
Patrick McHardy authored
SDP and SIP headers are quite different, SIP can have continuation lines, leading and trailing whitespace after the colon and is mostly case-insensitive while SDP headers always begin on a new line and are followed by an equal sign and the value, without any whitespace. Introduce new SDP header parsing function and convert all users that used the SIP header parsing function. This will allow to properly deal with the special SIP cases in the SIP header parsing function later. Signed-off-by:
-
Patrick McHardy authored
Replace sizeof/memcmp by strlen/strcmp. Use case-insensitive comparison for SIP methods and the SIP/2.0 string, as specified in RFC 3261. Signed-off-by:
-
Patrick McHardy authored
The conntrack reference and ctinfo can be derived from the packet. Signed-off-by:
-
Patrick McHardy authored
After mangling the packet, the pointer to the data and the length of the data portion may change and need to be adjusted. Use double data pointers and a pointer to the length everywhere and add a helper function to the NAT helper for performing the adjustments. Signed-off-by:
-
Patrick McHardy authored
We need to set up the destination NAT mapping before the source NAT mapping, so the NAT core gets to see the final tuple and can decide whether the source port needs to be remapped. Signed-off-by:
-
- 31 Jan, 2008 1 commit
-
-
Jan Engelhardt authored
Signed-off-by:
Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by:
-
- 28 Jan, 2008 2 commits
-
-
Patrick McHardy authored
nf_nat_setup_info gets the hook number and translates that to the manip type to perform. This is a relict from the time when one manip per hook could exist, the exact hook number doesn't matter anymore, its converted to the manip type. Most callers already know what kind of NAT they want to perform, so pass the maniptype in directly. Signed-off-by:
-
Patrick McHardy authored
The IPv4 and IPv6 hook values are identical, yet some code tries to figure out the "correct" value by looking at the address family. Introduce NF_INET_* values for both IPv4 and IPv6. The old values are kept in a #ifndef __KERNEL__ section for userspace compatibility. Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
-
- 20 Dec, 2007 1 commit
-
-
Joe Perches authored
Signed-off-by:
Joe Perches <joe@perches.com> Signed-off-by:
-
- 07 Nov, 2007 1 commit
-
-
Patrick McHardy authored
As noticed by Paul McKenney, the rcu_dereference calls in the init path of NAT modules are unneeded, remove them. Signed-off-by:
-
- 15 Oct, 2007 1 commit
-
-
Herbert Xu authored
With all the users of the double pointers removed, this patch mops up by finally replacing all occurances of sk_buff ** in the netfilter API by sk_buff *. Signed-off-by:
-
- 14 Aug, 2007 1 commit
-
-
Patrick McHardy authored
Don't drop packets shorter than "SIP/2.0", just ignore them. Keep-alives can validly be shorter for example. Signed-off-by:
-
- 10 Jul, 2007 3 commits
-
-
Patrick McHardy authored
Convert DEBUGP to pr_debug and fix lots of non-compiling debug statements. Signed-off-by:
-
Patrick McHardy authored
Currently there is a wild mix of nf_conntrack_expect_, nf_ct_exp_, expect_, exp_, ... Consistently use nf_ct_ as prefix for exported functions. Signed-off-by:
-
Jerome Borsboom authored
DNAT of the the RTP session is only necessary if the SIP session has been SNATed. Signed-off-by:
Jerome Borsboom <j.borsboom@erasmusmc.nl> Signed-off-by:
-
- 03 May, 2007 1 commit
-
-
Herbert Xu authored
I needed to use this recently to talk to a Cisco server. In my case I only did SNAT while the Cisco server used a different address for RTP traffic than the one for SIP. I discovered that nf_nat_sip NATed the RTP address to the SIP one which was unnecessary but OK. However, in doing so it did not DNAT the destination address on the RTP traffic to the Cisco back to the original RTP address. This patch corrects this by noting down the RTP address and using it when the expectation fires. Signed-off-by:
-
- 25 Apr, 2007 1 commit
-
-
Arnaldo Carvalho de Melo authored
For the common sequence "skb->nh.iph->ihl * 4", removing a good number of open coded skb->nh.iph uses, now to go after the rest... Just out of curiosity, here are the idioms found to get the same result: skb->nh.iph->ihl << 2 skb->nh.iph->ihl<<2 skb->nh.iph->ihl * 4 skb->nh.iph->ihl*4 (skb->nh.iph)->ihl * sizeof(u32) Signed-off-by:
Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by:
-
- 11 Feb, 2007 1 commit
-
-
YOSHIFUJI Hideaki authored
Signed-off-by:
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by:
-
- 02 Dec, 2006 5 commits
-
-
Patrick McHardy authored
Add IPv4 and IPv6 capable nf_conntrack port of the SIP conntrack/NAT helper. Signed-off-by:
-
Patrick McHardy authored
The NAT handling of the SIP helper has a few problems: - Request headers are only mangled in the reply direction, From/To headers not at all, which can lead to authentication failures with DNAT in case the authentication domain is the IP address - Contact headers in responses are only mangled for REGISTER responses - Headers may be mangled even though they contain addresses not participating in the connection, like alternative addresses - Packets are droppen when domain names are used where the helper expects IP addresses This patch takes a different approach, instead of fixed rules what field to mangle to what content, it adds symetric mapping of From/To/Via/Contact headers, which allows to deal properly with echoed addresses in responses and foreign addresses not belonging to the connection. Signed-off-by: -
Patrick McHardy authored
SIP headers are generally case-insensitive, only SDP headers are case sensitive. Signed-off-by: -
Patrick McHardy authored
- Use enum for header field enumeration - Use numerical value instead of pointer to header info structure to identify headers, unexport ct_sip_hdrs - group SIP and SDP entries in header info structure - remove double forward declaration of ct_sip_get_info Signed-off-by: -
Patrick McHardy authored
The NAT helpr hooks are protected by RCU, but all of the conntrack helpers test and use the global pointers instead of copying them first using rcu_dereference() Also replace synchronize_net() by synchronize_rcu() for clarity since sychronizing only with packet receive processing is insufficient to prevent races. Signed-off-by:
-
- 28 Sep, 2006 1 commit
-
-
Al Viro authored
Signed-off-by:
Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
-
- 17 Jun, 2006 1 commit
-
-
Patrick McHardy authored
Add SIP connection tracking helper. Originally written by Christian Hentschel <chentschel@arnet.com.ar>, some cleanup, minor fixes and bidirectional SIP support added by myself. Signed-off-by:
-
