static int mangle_content_len(struct sk_buff **pskb,
enum ip_conntrack_info ctinfo,
struct ip_conntrack *ct,
const char *dptr)
{
unsigned int dataoff, matchoff, matchlen;
char buffer[sizeof("65536")];
int bufflen;
dataoff = (*pskb)->nh.iph->ihl*4 + sizeof(struct udphdr);
/* Get actual SDP lenght */
if (ct_sip_get_info(dptr, (*pskb)->len - dataoff, &matchoff,
&matchlen, &ct_sip_hdrs[POS_SDP_HEADER]) > 0) {
/* since ct_sip_get_info() give us a pointer passing 'v='
we need to add 2 bytes in this count. */
int c_len = (*pskb)->len - dataoff - matchoff + 2;
/* Now, update SDP lenght */
if (ct_sip_get_info(dptr, (*pskb)->len - dataoff, &matchoff,
&matchlen, &ct_sip_hdrs[POS_CONTENT]) > 0) {
bufflen = sprintf(buffer, "%u", c_len);
return ip_nat_mangle_udp_packet(pskb, ct, ctinfo,
matchoff, matchlen,
buffer, bufflen);
}
}
return 0;
}
static int set_addr(struct sk_buff **pskb,
unsigned char **data, int dataoff,
unsigned int addroff, __be32 ip, u_int16_t port)
{
enum ip_conntrack_info ctinfo;
struct ip_conntrack *ct = ip_conntrack_get(*pskb, &ctinfo);
struct {
__be32 ip;
__be16 port;
} __attribute__ ((__packed__)) buf;
struct tcphdr _tcph, *th;
buf.ip = ip;
buf.port = htons(port);
addroff += dataoff;
if ((*pskb)->nh.iph->protocol == IPPROTO_TCP) {
if (!ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
addroff, sizeof(buf),
(char *) &buf, sizeof(buf))) {
if (net_ratelimit())
printk("ip_nat_h323: ip_nat_mangle_tcp_packet"
" error\n");
return -1;
}
/* Relocate data pointer */
th = skb_header_pointer(*pskb, (*pskb)->nh.iph->ihl * 4,
sizeof(_tcph), &_tcph);
if (th == NULL)
return -1;
*data = (*pskb)->data + (*pskb)->nh.iph->ihl * 4 +
th->doff * 4 + dataoff;
} else {
if (!ip_nat_mangle_udp_packet(pskb, ct, ctinfo,
addroff, sizeof(buf),
(char *) &buf, sizeof(buf))) {
if (net_ratelimit())
printk("ip_nat_h323: ip_nat_mangle_udp_packet"
" error\n");
return -1;
}
/* ip_nat_mangle_udp_packet uses skb_make_writable() to copy
* or pull everything in a linear buffer, so we can safely
* use the skb pointers now */
*data = (*pskb)->data + (*pskb)->nh.iph->ihl * 4 +
sizeof(struct udphdr);
}
return 0;
}
static unsigned int mangle_sip_packet(struct sk_buff **pskb,
enum ip_conntrack_info ctinfo,
struct ip_conntrack *ct,
const char **dptr, size_t dlen,
char *buffer, int bufflen,
struct sip_header_nfo *hnfo)
{
unsigned int matchlen, matchoff;
if (ct_sip_get_info(*dptr, dlen, &matchoff, &matchlen, hnfo) <= 0)
return 0;
if (!ip_nat_mangle_udp_packet(pskb, ct, ctinfo,
matchoff, matchlen, buffer, bufflen))
return 0;
/* We need to reload this. Thanks Patrick. */
*dptr = (*pskb)->data + (*pskb)->nh.iph->ihl*4 + sizeof(struct udphdr);
return 1;
}
static unsigned int help(struct sk_buff **pskb,
enum ip_conntrack_info ctinfo,
unsigned int matchoff,
unsigned int matchlen,
struct ip_conntrack_expect *exp)
{
char buffer[sizeof("65535")];
u_int16_t port;
unsigned int ret;
/* Connection comes from client. */
exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port;
exp->dir = IP_CT_DIR_ORIGINAL;
/* When you see the packet, we need to NAT it the same as the
* this one (ie. same IP: it will be TCP and master is UDP). */
exp->expectfn = ip_nat_follow_master;
/* Try to get same port: if not, try to change it. */
for (port = ntohs(exp->saved_proto.tcp.port); port != 0; port++) {
exp->tuple.dst.u.tcp.port = htons(port);
if (ip_conntrack_expect_related(exp) == 0)
break;
}
if (port == 0) {
ip_conntrack_expect_free(exp);
return NF_DROP;
}
sprintf(buffer, "%u", port);
ret = ip_nat_mangle_udp_packet(pskb, exp->master, ctinfo,
matchoff, matchlen,
buffer, strlen(buffer));
if (ret != NF_ACCEPT)
ip_conntrack_unexpect_related(exp);
return ret;
}
