netfilter: nat: move repetitive nat port reserve loop to a helper

Almost all nat helpers reserve an expecation port the same way: Try the port inidcated by the peer, then move to next port if that port is already in use. We can squash this into a helper. Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2022-09-06 17:20:35 +0200
committer: Florian Westphal <fw@strlen.de> 2022-09-07 16:46:04 +0200
commit: c92c27171040554cfda7a3fc925e9dbcb5b4a698 (patch)
tree: 59d7fc3e6dbecbee86cb99add3454a1f999f5047 /net/netfilter/nf_nat_helper.c
parent: 8556bceb9c409946eebd2303d2f19e87844195ae (diff)
download: linux-c92c27171040554cfda7a3fc925e9dbcb5b4a698.tar.gz
1 files changed, 19 insertions, 0 deletions
diff --git a/net/netfilter/nf_nat_helper.c b/net/netfilter/nf_nat_helper.c
index a263505455fcc1..067d6d6f6b7dc2 100644
--- a/net/netfilter/nf_nat_helper.c
+++ b/net/netfilter/nf_nat_helper.c
@@ -198,3 +198,22 @@ void nf_nat_follow_master(struct nf_conn *ct,
 	nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
 }
 EXPORT_SYMBOL(nf_nat_follow_master);
+
+u16 nf_nat_exp_find_port(struct nf_conntrack_expect *exp, u16 port)
+{
+	/* Try to get same port: if not, try to change it. */
+	for (; port != 0; port++) {
+		int res;
+
+		exp->tuple.dst.u.tcp.port = htons(port);
+		res = nf_ct_expect_related(exp, 0);
+		if (res == 0)
+			return port;
+
+		if (res != -EBUSY)
+			break;
+	}
+
+	return 0;
+}
+EXPORT_SYMBOL_GPL(nf_nat_exp_find_port);
author	Florian Westphal <fw@strlen.de>	2022-09-06 17:20:35 +0200
committer	Florian Westphal <fw@strlen.de>	2022-09-07 16:46:04 +0200
commit	c92c27171040554cfda7a3fc925e9dbcb5b4a698 (patch)
tree	59d7fc3e6dbecbee86cb99add3454a1f999f5047 /net/netfilter/nf_nat_helper.c
parent	8556bceb9c409946eebd2303d2f19e87844195ae (diff)
download	linux-c92c27171040554cfda7a3fc925e9dbcb5b4a698.tar.gz