Re: [H.323 Helper 1/3]: Add support for Call Forwarding

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: Jing Min Zhao <zhaojingmin@users.sourceforge.net>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: [H.323 Helper 1/3]: Add support for Call Forwarding
Date: Sat, 20 May 2006 05:23:23 +0200	[thread overview]
Message-ID: <446E8BAB.80105@trash.net> (raw)
In-Reply-To: <44523130.20007@trash.net>

[-- Attachment #1: Type: text/plain, Size: 642 bytes --]

Patrick McHardy wrote:
> Jing Min Zhao wrote:
> 
>>WARNING: "ip_fib_main_table" [net/ipv4/netfilter/ip_conntrack_h323.ko] undefined!
>>WARNING: "ip_fib_local_table" [net/ipv4/netfilter/ip_conntrack_h323.ko] undefined!
>>WARNING: "free_fib_info" [net/ipv4/netfilter/ip_conntrack_h323.ko] undefined!
> 
> 
> Oops .. these aren't exported. Just drop the patch, I'll send you a
> better one this weekend.

Sorry for the delay, but here it is :) I've already queued your patch
for 2.6.18, if there are no problems I'll just add this one on top.
The saved_ip conversion can happen latter, currently it would conflict
with a bunch of other patches.

[-- Attachment #2: x --]
[-- Type: text/plain, Size: 3945 bytes --]

[NETFILTER]: H.323 helper: replace internal_net_addr parameter by routing-based heuristic

Call Forwarding doesn't need to create an expectation if both peers can
reach each other without our help. The internal_net_addr parameter
lets the user explicitly specify a single network where this is true,
but is not very flexible and even fails in the common case that calls
will both be forwarded to outside parties and inside parties. Use an
optional heuristic based on routing instead, the assumption is that
if bpth the outgoing device and the gateway are equal, both peers can
reach each other directly.

Signed-off-by: Patrick McHardy <kaber@trash.net>

---
commit 19d2680b3e7afec4258525d4ca13079bea4e4d7b
tree 67a780d51c8e8bde8234abc17d497177d53a2299
parent 165f6194cc61940a2277b0f0dde84695e598aebe
author Patrick McHardy <kaber@trash.net> Sat, 20 May 2006 05:16:47 +0200
committer Patrick McHardy <kaber@trash.net> Sat, 20 May 2006 05:16:47 +0200

 net/ipv4/netfilter/ip_conntrack_helper_h323.c |   57 ++++++++++++-------------
 1 files changed, 27 insertions(+), 30 deletions(-)

diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323.c b/net/ipv4/netfilter/ip_conntrack_helper_h323.c
index 3052468..0665674 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_h323.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_h323.c
@@ -40,12 +40,11 @@ static int gkrouted_only = 1;
 module_param(gkrouted_only, int, 0600);
 MODULE_PARM_DESC(gkrouted_only, "only accept calls from gatekeeper");
 
-static char *internal_net = NULL;
-static u_int32_t internal_net_addr = 0;
-static u_int32_t internal_net_mask = 0;
-module_param(internal_net, charp, 0600);
-MODULE_PARM_DESC(internal_net, "specify your internal network using format "
-		 "address/mask. this is used by call forwarding support");
+static int callforward_filter = 1;
+module_param(callforward_filter, bool, 0600);
+MODULE_PARM_DESC(callforward_filter, "only create call forwarding expectations "
+		                     "if both endpoints are on different sides "
+				     "(determined by routing information)");
 
 /* Hooks for NAT */
 int (*set_h245_addr_hook) (struct sk_buff ** pskb,
@@ -721,12 +720,28 @@ static int expect_callforwarding(struct 
 
 	/* If the calling party is on the same side of the forward-to party,
 	 * we don't need to track the second call */
-	if (internal_net &&
-	    ((ip & internal_net_mask) == internal_net_addr) ==
-	    ((ct->tuplehash[!dir].tuple.src.ip & internal_net_mask) ==
-	     internal_net_addr)) {
-		DEBUGP("ip_ct_q931: Call Forwarding not tracked\n");
-		return 0;
+	if (callforward_filter) {
+		struct rtable *rt1, *rt2;
+		struct flowi fl1 = {
+			.fl4_dst = ip,
+		};
+		struct flowi fl2 = {
+			.fl4_dst = ct->tuplehash[!dir].tuple.src.ip,
+		};
+
+		if (ip_route_output_key(&rt1, &fl1) == 0) {
+			if (ip_route_output_key(&rt2, &fl2) == 0) {
+				if (rt1->rt_gateway == rt2->rt_gateway &&
+				    rt1->u.dst.dev  == rt2->u.dst.dev)
+					ret = 1;
+				dst_release(&rt2->u.dst);
+			}
+			dst_release(&rt1->u.dst);
+		}
+		if (ret) {
+			DEBUGP("ip_ct_q931: Call Forwarding not tracked\n");
+			return 0;
+		}
 	}
 
 	/* Create expect for the second call leg */
@@ -1762,7 +1777,6 @@ static void fini(void)
 static int __init init(void)
 {
 	int ret;
-	char *p;
 
 	h323_buffer = kmalloc(65536, GFP_KERNEL);
 	if (!h323_buffer)
@@ -1772,23 +1786,6 @@ static int __init init(void)
 		fini();
 		return ret;
 	}
-
-	if (internal_net) {
-		if ((p = strchr(internal_net, '/')))
-			*p++ = 0;
-		if (isdigit(internal_net[0])) {
-			internal_net_addr = in_aton(internal_net);
-			if (p && isdigit(p[0]))
-				internal_net_mask = in_aton(p);
-			else
-				internal_net_mask = 0xffffffff;
-			internal_net_addr &= internal_net_mask;
-		}
-		DEBUGP("ip_ct_h323: internal_net = %u.%u.%u.%u/%u.%u.%u.%u\n",
-		       NIPQUAD(internal_net_addr),
-		       NIPQUAD(internal_net_mask));
-	}
-
 	DEBUGP("ip_ct_h323: init success\n");
 	return 0;
 }

next prev parent reply	other threads:[~2006-05-20  3:23 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-04-24  3:40 [H.323 Helper 1/3]: Add support for Call Forwarding Jing Min Zhao
2006-04-26 13:48 ` Patrick McHardy
2006-04-26 14:33   ` Jing Min Zhao
2006-04-26 16:49     ` Patrick McHardy
2006-04-26 18:06       ` Jing Min Zhao
2006-04-26 20:20         ` Patrick McHardy
2006-04-26 20:21         ` Patrick McHardy
2006-04-26 21:15           ` Jing Min Zhao
2006-04-27 19:57             ` Patrick McHardy
2006-04-28 15:07               ` Jing Min Zhao
2006-04-28 15:13                 ` Patrick McHardy
2006-05-20  3:23                   ` Patrick McHardy [this message]
2006-05-20  4:10                     ` Jing Min Zhao
2006-05-01 17:51         ` imap.netfilter.org (was Re: [H.323 Helper 1/3]: Add support for Call Forwarding) Harald Welte

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3052468 dfblob:0665674 )
 OR (
bs:"Re: [H.323 Helper 1/3]: Add support for Call Forwarding" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=446E8BAB.80105@trash.net \
    --to=kaber@trash.net \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=zhaojingmin@users.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.