This series merges ipv4 and ipv6 nat functionality into the nat core.
This simplifies code, avoids indirect calls and it makes it possible
to implement NAT support for the nft inet family as a followup.
Florian Westphal (9):
netfilter: nat: merge ipv4 and ipv6 masquerade functionality
netfilter: nat: move nlattr parse and xfrm session decode to core
netfilter: nat: merge nf_nat_ipv4,6 into nat core
netfilter: nat: remove nf_nat_l4proto.h
netfilter: nat: remove manip_pkt hook
netfilter: nat: remove csum_update hook
netfilter: nat: remove csum_recalc hook
netfilter: nat: remove l3proto struct
netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h
include/net/netfilter/nf_nat.h | 45 +
net/ipv4/netfilter/Kconfig | 22
net/ipv4/netfilter/Makefile | 4
net/ipv4/netfilter/iptable_nat.c | 8
net/ipv4/netfilter/nft_chain_nat_ipv4.c | 6
net/ipv6/netfilter/Kconfig | 26
net/ipv6/netfilter/Makefile | 4
net/ipv6/netfilter/ip6table_nat.c | 8
net/ipv6/netfilter/nft_chain_nat_ipv6.c | 6
net/netfilter/Kconfig | 11
net/netfilter/Makefile | 1
net/netfilter/nf_conntrack_core.c | 1
net/netfilter/nf_conntrack_netlink.c | 2
net/netfilter/nf_nat_core.c | 194 ++++---
net/netfilter/nf_nat_helper.c | 15
net/netfilter/nf_nat_masquerade.c | 208 +++++++
net/netfilter/nf_nat_proto.c | 744 ++++++++++++++++++++++++++--
net/netfilter/nft_nat.c | 2
net/netfilter/xt_nat.c | 2
net/openvswitch/Kconfig | 2
net/openvswitch/conntrack.c | 12
tools/testing/selftests/net/config | 3
include/net/netfilter/nf_nat_core.h | 29 -
include/net/netfilter/nf_nat_l3proto.h | 50 -
include/net/netfilter/nf_nat_l4proto.h | 16
net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 388 --------------
net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 427 ----------------
net/ipv6/netfilter/nf_nat_masquerade_ipv6.c 240 ---------
28 files changed, 1102 insertions(+), 1374 deletions(-)
