root/net/netfilter/nf_conntrack_broadcast.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. nf_conntrack_broadcast_help

   1 // SPDX-License-Identifier: GPL-2.0-or-later
   2 /*
   3  *      broadcast connection tracking helper
   4  *
   5  *      (c) 2005 Patrick McHardy <kaber@trash.net>
   6  */
   7 
   8 #include <linux/module.h>
   9 #include <linux/ip.h>
  10 #include <net/route.h>
  11 #include <linux/inetdevice.h>
  12 #include <linux/skbuff.h>
  13 
  14 #include <net/netfilter/nf_conntrack.h>
  15 #include <net/netfilter/nf_conntrack_helper.h>
  16 #include <net/netfilter/nf_conntrack_expect.h>
  17 
  18 int nf_conntrack_broadcast_help(struct sk_buff *skb,
  19                                 struct nf_conn *ct,
  20                                 enum ip_conntrack_info ctinfo,
  21                                 unsigned int timeout)
  22 {
  23         struct nf_conntrack_expect *exp;
  24         struct iphdr *iph = ip_hdr(skb);
  25         struct rtable *rt = skb_rtable(skb);
  26         struct in_device *in_dev;
  27         struct nf_conn_help *help = nfct_help(ct);
  28         __be32 mask = 0;
  29 
  30         /* we're only interested in locally generated packets */
  31         if (skb->sk == NULL || !net_eq(nf_ct_net(ct), sock_net(skb->sk)))
  32                 goto out;
  33         if (rt == NULL || !(rt->rt_flags & RTCF_BROADCAST))
  34                 goto out;
  35         if (CTINFO2DIR(ctinfo) != IP_CT_DIR_ORIGINAL)
  36                 goto out;
  37 
  38         in_dev = __in_dev_get_rcu(rt->dst.dev);
  39         if (in_dev != NULL) {
  40                 const struct in_ifaddr *ifa;
  41 
  42                 in_dev_for_each_ifa_rcu(ifa, in_dev) {
  43                         if (ifa->ifa_flags & IFA_F_SECONDARY)
  44                                 continue;
  45 
  46                         if (ifa->ifa_broadcast == iph->daddr) {
  47                                 mask = ifa->ifa_mask;
  48                                 break;
  49                         }
  50                 }
  51         }
  52 
  53         if (mask == 0)
  54                 goto out;
  55 
  56         exp = nf_ct_expect_alloc(ct);
  57         if (exp == NULL)
  58                 goto out;
  59 
  60         exp->tuple                = ct->tuplehash[IP_CT_DIR_REPLY].tuple;
  61         exp->tuple.src.u.udp.port = help->helper->tuple.src.u.udp.port;
  62 
  63         exp->mask.src.u3.ip       = mask;
  64         exp->mask.src.u.udp.port  = htons(0xFFFF);
  65 
  66         exp->expectfn             = NULL;
  67         exp->flags                = NF_CT_EXPECT_PERMANENT;
  68         exp->class                = NF_CT_EXPECT_CLASS_DEFAULT;
  69         exp->helper               = NULL;
  70 
  71         nf_ct_expect_related(exp, 0);
  72         nf_ct_expect_put(exp);
  73 
  74         nf_ct_refresh(ct, skb, timeout * HZ);
  75 out:
  76         return NF_ACCEPT;
  77 }
  78 EXPORT_SYMBOL_GPL(nf_conntrack_broadcast_help);
  79 
  80 MODULE_LICENSE("GPL");

/* [<][>][^][v][top][bottom][index][help] */