diff --git a/net/ipv4/netfilter/nf_nat_h323.c b/net/ipv4/netfilter/nf_nat_h323.c index a7e818d..c9ff0c6 100644 --- a/net/ipv4/netfilter/nf_nat_h323.c +++ b/net/ipv4/netfilter/nf_nat_h323.c @@ -324,18 +324,6 @@ static int nat_t120(struct sk_buff **psk return 0; } -/**************************************************************************** - * This conntrack expect function replaces nf_conntrack_h245_expect() - * which was set by nf_conntrack_helper_h323.c. It calls both - * nf_nat_follow_master() and nf_conntrack_h245_expect() - ****************************************************************************/ -static void ip_nat_h245_expect(struct nf_conn *new, - struct nf_conntrack_expect *this) -{ - nf_nat_follow_master(new, this); - nf_conntrack_h245_expect(new, this); -} - /****************************************************************************/ static int nat_h245(struct sk_buff **pskb, struct nf_conn *ct, enum ip_conntrack_info ctinfo, @@ -349,7 +337,7 @@ static int nat_h245(struct sk_buff **psk /* Set expectations for NAT */ exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port; - exp->expectfn = ip_nat_h245_expect; + exp->expectfn = nf_nat_follow_master; exp->dir = !dir; /* Check existing expects */ @@ -399,7 +387,7 @@ static void ip_nat_q931_expect(struct nf if (this->tuple.src.u3.ip != 0) { /* Only accept calls from GK */ nf_nat_follow_master(new, this); - goto out; + return; } /* This must be a fresh one. */ @@ -420,9 +408,6 @@ static void ip_nat_q931_expect(struct nf /* hook doesn't matter, but it has to do destination manip */ nf_nat_setup_info(new, &range, NF_IP_PRE_ROUTING); - - out: - nf_conntrack_q931_expect(new, this); } /****************************************************************************/ @@ -510,8 +495,6 @@ static void ip_nat_callforwarding_expect /* hook doesn't matter, but it has to do destination manip */ nf_nat_setup_info(new, &range, NF_IP_PRE_ROUTING); - - nf_conntrack_q931_expect(new, this); } /****************************************************************************/ diff --git a/net/netfilter/nf_conntrack_helper_h323.c b/net/netfilter/nf_conntrack_helper_h323.c index 67b935b..755c195 100644 --- a/net/netfilter/nf_conntrack_helper_h323.c +++ b/net/netfilter/nf_conntrack_helper_h323.c @@ -109,6 +109,10 @@ int (*nat_q931_hook) (struct sk_buff **p static DEFINE_SPINLOCK(nf_h323_lock); static char *h323_buffer; +static struct nf_conntrack_helper nf_conntrack_helper_h245; +static struct nf_conntrack_helper nf_conntrack_helper_q931; +static struct nf_conntrack_helper nf_conntrack_helper_ras; + /****************************************************************************/ static int get_tpkt_data(struct sk_buff **pskb, unsigned int protoff, struct nf_conn *ct, enum ip_conntrack_info ctinfo, @@ -304,9 +308,6 @@ static int expect_rtp_rtcp(struct sk_buf ret = nat_rtp_rtcp(pskb, ct, ctinfo, data, dataoff, taddr, port, rtp_port, rtp_exp, rtcp_exp); } else { /* Conntrack only */ - rtp_exp->expectfn = NULL; - rtcp_exp->expectfn = NULL; - if (nf_conntrack_expect_related(rtp_exp) == 0) { if (nf_conntrack_expect_related(rtcp_exp) == 0) { DEBUGP("nf_ct_h323: expect RTP "); @@ -365,7 +366,6 @@ static int expect_t120(struct sk_buff ** ret = nat_t120(pskb, ct, ctinfo, data, dataoff, taddr, port, exp); } else { /* Conntrack only */ - exp->expectfn = NULL; if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_h323: expect T.120 "); NF_CT_DUMP_TUPLE(&exp->tuple); @@ -622,15 +622,6 @@ static struct nf_conntrack_helper nf_con }; /****************************************************************************/ -void nf_conntrack_h245_expect(struct nf_conn *new, - struct nf_conntrack_expect *this) -{ - write_lock_bh(&nf_conntrack_lock); - nfct_help(new)->helper = &nf_conntrack_helper_h245; - write_unlock_bh(&nf_conntrack_lock); -} - -/****************************************************************************/ int get_h225_addr(struct nf_conn *ct, unsigned char *data, TransportAddress *taddr, union nf_conntrack_address *addr, __be16 *port) @@ -689,6 +680,7 @@ static int expect_h245(struct sk_buff ** &ct->tuplehash[!dir].tuple.src.u3, &ct->tuplehash[!dir].tuple.dst.u3, IPPROTO_TCP, NULL, &port); + exp->helper = &nf_conntrack_helper_h245; if (memcmp(&ct->tuplehash[dir].tuple.src.u3, &ct->tuplehash[!dir].tuple.dst.u3, @@ -699,8 +691,6 @@ static int expect_h245(struct sk_buff ** ret = nat_h245(pskb, ct, ctinfo, data, dataoff, taddr, port, exp); } else { /* Conntrack only */ - exp->expectfn = nf_conntrack_h245_expect; - if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_q931: expect H.245 "); NF_CT_DUMP_TUPLE(&exp->tuple); @@ -713,10 +703,6 @@ static int expect_h245(struct sk_buff ** return ret; } -/* Forwarding declaration */ -void nf_conntrack_q931_expect(struct nf_conn *new, - struct nf_conntrack_expect *this); - /* If the calling party is on the same side of the forward-to party, * we don't need to track the second call */ static int callforward_do_filter(union nf_conntrack_address *src, @@ -805,6 +791,7 @@ static int expect_callforwarding(struct nf_conntrack_expect_init(exp, ct->tuplehash[!dir].tuple.src.l3num, &ct->tuplehash[!dir].tuple.src.u3, &addr, IPPROTO_TCP, NULL, &port); + exp->helper = &nf_conntrack_helper_q931; if (memcmp(&ct->tuplehash[dir].tuple.src.u3, &ct->tuplehash[!dir].tuple.dst.u3, @@ -815,8 +802,6 @@ static int expect_callforwarding(struct ret = nat_callforwarding(pskb, ct, ctinfo, data, dataoff, taddr, port, exp); } else { /* Conntrack only */ - exp->expectfn = nf_conntrack_q931_expect; - if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_q931: expect Call Forwarding "); NF_CT_DUMP_TUPLE(&exp->tuple); @@ -1210,15 +1195,6 @@ static struct nf_conntrack_helper nf_con }; /****************************************************************************/ -void nf_conntrack_q931_expect(struct nf_conn *new, - struct nf_conntrack_expect *this) -{ - write_lock_bh(&nf_conntrack_lock); - nfct_help(new)->helper = &nf_conntrack_helper_q931; - write_unlock_bh(&nf_conntrack_lock); -} - -/****************************************************************************/ static unsigned char *get_udp_data(struct sk_buff **pskb, unsigned int protoff, int *datalen) { @@ -1303,14 +1279,13 @@ static int expect_q931(struct sk_buff ** NULL, &ct->tuplehash[!dir].tuple.dst.u3, IPPROTO_TCP, NULL, &port); + exp->helper = &nf_conntrack_helper_q931; exp->flags = NF_CT_EXPECT_PERMANENT; /* Accept multiple calls */ nat_q931 = rcu_dereference(nat_q931_hook); if (nat_q931 && ct->status & IPS_NAT_MASK) { /* Need NAT */ ret = nat_q931(pskb, ct, ctinfo, data, taddr, i, port, exp); } else { /* Conntrack only */ - exp->expectfn = nf_conntrack_q931_expect; - if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_ras: expect Q.931 "); NF_CT_DUMP_TUPLE(&exp->tuple); @@ -1342,10 +1317,6 @@ static int process_grq(struct sk_buff ** return 0; } -/* Declare before using */ -static void nf_conntrack_ras_expect(struct nf_conn *new, - struct nf_conntrack_expect *this); - /****************************************************************************/ static int process_gcf(struct sk_buff **pskb, struct nf_conn *ct, enum ip_conntrack_info ctinfo, @@ -1377,7 +1348,7 @@ static int process_gcf(struct sk_buff ** nf_conntrack_expect_init(exp, ct->tuplehash[!dir].tuple.src.l3num, &ct->tuplehash[!dir].tuple.src.u3, &addr, IPPROTO_UDP, NULL, &port); - exp->expectfn = nf_conntrack_ras_expect; + exp->helper = &nf_conntrack_helper_ras; if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_ras: expect RAS "); @@ -1583,7 +1554,7 @@ static int process_acf(struct sk_buff ** &ct->tuplehash[!dir].tuple.src.u3, &addr, IPPROTO_TCP, NULL, &port); exp->flags = NF_CT_EXPECT_PERMANENT; - exp->expectfn = nf_conntrack_q931_expect; + exp->helper = &nf_conntrack_helper_q931; if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_ras: expect Q.931 "); @@ -1636,7 +1607,7 @@ static int process_lcf(struct sk_buff ** &ct->tuplehash[!dir].tuple.src.u3, &addr, IPPROTO_TCP, NULL, &port); exp->flags = NF_CT_EXPECT_PERMANENT; - exp->expectfn = nf_conntrack_q931_expect; + exp->helper = &nf_conntrack_helper_q931; if (nf_conntrack_expect_related(exp) == 0) { DEBUGP("nf_ct_ras: expect Q.931 "); @@ -1785,15 +1756,6 @@ static struct nf_conntrack_helper nf_con }; /****************************************************************************/ -static void nf_conntrack_ras_expect(struct nf_conn *new, - struct nf_conntrack_expect *this) -{ - write_lock_bh(&nf_conntrack_lock); - nfct_help(new)->helper = &nf_conntrack_helper_ras; - write_unlock_bh(&nf_conntrack_lock); -} - -/****************************************************************************/ /* Not __exit - called from init() */ static void fini(void) { @@ -1825,8 +1787,6 @@ module_init(init); module_exit(fini); EXPORT_SYMBOL_GPL(get_h225_addr); -EXPORT_SYMBOL_GPL(nf_conntrack_h245_expect); -EXPORT_SYMBOL_GPL(nf_conntrack_q931_expect); EXPORT_SYMBOL_GPL(set_h245_addr_hook); EXPORT_SYMBOL_GPL(set_h225_addr_hook); EXPORT_SYMBOL_GPL(set_sig_addr_hook);