summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2008-03-25 20:24:57 -0700
committerDavid S. Miller <davem@davemloft.net>2008-03-25 20:24:57 -0700
commitc978cd3a937141deaf7995b849824af6dacdeae7 (patch)
treee5e86e630a5e103072a34cc0d9d6f8a1bcf53395
parent720ac7085ce815ea4caec24396575fed7bd711aa (diff)
[NETFILTER]: nf_nat_sip: translate all Contact headers
The SIP message may contain multiple Contact: addresses referring to the NATed endpoint, translate all of them. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/netfilter/nf_nat_sip.c19
1 files changed, 15 insertions, 4 deletions
diff --git a/net/ipv4/netfilter/nf_nat_sip.c b/net/ipv4/netfilter/nf_nat_sip.c
index 71a4adcfd57..b443618a857 100644
--- a/net/ipv4/netfilter/nf_nat_sip.c
+++ b/net/ipv4/netfilter/nf_nat_sip.c
@@ -101,10 +101,10 @@ static unsigned int ip_nat_sip(struct sk_buff *skb,
enum ip_conntrack_info ctinfo;
struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
- unsigned int matchoff, matchlen;
+ unsigned int dataoff, matchoff, matchlen;
union nf_inet_addr addr;
__be16 port;
- int request;
+ int request, in_header;
/* Basic rules: requests and responses. */
if (strnicmp(*dptr, "SIP/2.0", strlen("SIP/2.0")) != 0) {
@@ -187,9 +187,20 @@ static unsigned int ip_nat_sip(struct sk_buff *skb,
}
next:
+ /* Translate Contact headers */
+ dataoff = 0;
+ in_header = 0;
+ while (ct_sip_parse_header_uri(ct, *dptr, &dataoff, *datalen,
+ SIP_HDR_CONTACT, &in_header,
+ &matchoff, &matchlen,
+ &addr, &port) > 0) {
+ if (!map_addr(skb, dptr, datalen, matchoff, matchlen,
+ &addr, port))
+ return NF_DROP;
+ }
+
if (!map_sip_addr(skb, dptr, datalen, SIP_HDR_FROM) ||
- !map_sip_addr(skb, dptr, datalen, SIP_HDR_TO) ||
- !map_sip_addr(skb, dptr, datalen, SIP_HDR_CONTACT))
+ !map_sip_addr(skb, dptr, datalen, SIP_HDR_TO))
return NF_DROP;
return NF_ACCEPT;
}