Commit c978cd3a authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: nf_nat_sip: translate all Contact headers

The SIP message may contain multiple Contact: addresses referring to
the NATed endpoint, translate all of them.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 720ac708
...@@ -101,10 +101,10 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, ...@@ -101,10 +101,10 @@ static unsigned int ip_nat_sip(struct sk_buff *skb,
enum ip_conntrack_info ctinfo; enum ip_conntrack_info ctinfo;
struct nf_conn *ct = nf_ct_get(skb, &ctinfo); struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
unsigned int matchoff, matchlen; unsigned int dataoff, matchoff, matchlen;
union nf_inet_addr addr; union nf_inet_addr addr;
__be16 port; __be16 port;
int request; int request, in_header;
/* Basic rules: requests and responses. */ /* Basic rules: requests and responses. */
if (strnicmp(*dptr, "SIP/2.0", strlen("SIP/2.0")) != 0) { if (strnicmp(*dptr, "SIP/2.0", strlen("SIP/2.0")) != 0) {
...@@ -187,9 +187,20 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, ...@@ -187,9 +187,20 @@ static unsigned int ip_nat_sip(struct sk_buff *skb,
} }
next: next:
/* Translate Contact headers */
dataoff = 0;
in_header = 0;
while (ct_sip_parse_header_uri(ct, *dptr, &dataoff, *datalen,
SIP_HDR_CONTACT, &in_header,
&matchoff, &matchlen,
&addr, &port) > 0) {
if (!map_addr(skb, dptr, datalen, matchoff, matchlen,
&addr, port))
return NF_DROP;
}
if (!map_sip_addr(skb, dptr, datalen, SIP_HDR_FROM) || if (!map_sip_addr(skb, dptr, datalen, SIP_HDR_FROM) ||
!map_sip_addr(skb, dptr, datalen, SIP_HDR_TO) || !map_sip_addr(skb, dptr, datalen, SIP_HDR_TO))
!map_sip_addr(skb, dptr, datalen, SIP_HDR_CONTACT))
return NF_DROP; return NF_DROP;
return NF_ACCEPT; return NF_ACCEPT;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment