Merge ../linux-2.6

[linux-2.6] / net / ipv4 / netfilter / nf_nat_helper.c

diff --git a/net/ipv4/netfilter/nf_nat_helper.c b/net/ipv4/netfilter/nf_nat_helper.c
index 53f79a310b438508167b04d69dc004fb97bfc790..11976ea2988493eee1b108aceb677da3d5637250 100644 (file)
--- a/net/ipv4/netfilter/nf_nat_helper.c
+++ b/net/ipv4/netfilter/nf_nat_helper.c
@@ -20,6 +20,7 @@
 #include <linux/netfilter_ipv4.h>
 #include <net/netfilter/nf_conntrack.h>
 #include <net/netfilter/nf_conntrack_helper.h>
+#include <net/netfilter/nf_conntrack_ecache.h>
 #include <net/netfilter/nf_conntrack_expect.h>
 #include <net/netfilter/nf_nat.h>
 #include <net/netfilter/nf_nat_protocol.h>
@@ -43,8 +44,7 @@ adjust_tcp_sequence(u32 seq,
        struct nf_nat_seq *this_way, *other_way;
        struct nf_conn_nat *nat = nfct_nat(ct);
 
-       pr_debug("adjust_tcp_sequence: seq = %u, sizediff = %d\n",
-                ntohl(seq), seq);
+       pr_debug("adjust_tcp_sequence: seq = %u, sizediff = %d\n", seq, seq);
 
        dir = CTINFO2DIR(ctinfo);
 
@@ -139,7 +139,7 @@ nf_nat_mangle_tcp_packet(struct sk_buff *skb,
                         const char *rep_buffer,
                         unsigned int rep_len)
 {
-       struct rtable *rt = (struct rtable *)skb->dst;
+       struct rtable *rt = skb->rtable;
        struct iphdr *iph;
        struct tcphdr *tcph;
        int oldlen, datalen;
@@ -191,6 +191,8 @@ nf_nat_mangle_tcp_packet(struct sk_buff *skb,
                /* Tell TCP window tracking about seq change */
                nf_conntrack_tcp_update(skb, ip_hdrlen(skb),
                                        ct, CTINFO2DIR(ctinfo));
+
+               nf_conntrack_event_cache(IPCT_NATSEQADJ, skb);
        }
        return 1;
 }
@@ -215,7 +217,7 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb,
                         const char *rep_buffer,
                         unsigned int rep_len)
 {
-       struct rtable *rt = (struct rtable *)skb->dst;
+       struct rtable *rt = skb->rtable;
        struct iphdr *iph;
        struct udphdr *udph;
        int datalen, oldlen;
@@ -414,7 +416,6 @@ nf_nat_seq_adjust(struct sk_buff *skb,
 
        return 1;
 }
-EXPORT_SYMBOL(nf_nat_seq_adjust);
 
 /* Setup NAT on this expected conntrack so it follows master. */
 /* If we fail to get a free NAT slot, we'll get dropped on confirm */
@@ -430,15 +431,13 @@ void nf_nat_follow_master(struct nf_conn *ct,
        range.flags = IP_NAT_RANGE_MAP_IPS;
        range.min_ip = range.max_ip
                = ct->master->tuplehash[!exp->dir].tuple.dst.u3.ip;
-       /* hook doesn't matter, but it has to do source manip */
-       nf_nat_setup_info(ct, &range, NF_INET_POST_ROUTING);
+       nf_nat_setup_info(ct, &range, IP_NAT_MANIP_SRC);
 
        /* For DST manip, map port here to where it's expected. */
        range.flags = (IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED);
        range.min = range.max = exp->saved_proto;
        range.min_ip = range.max_ip
                = ct->master->tuplehash[!exp->dir].tuple.src.u3.ip;
-       /* hook doesn't matter, but it has to do destination manip */
-       nf_nat_setup_info(ct, &range, NF_INET_PRE_ROUTING);
+       nf_nat_setup_info(ct, &range, IP_NAT_MANIP_DST);
 }
 EXPORT_SYMBOL(nf_nat_follow_master);