From c978cd3a937141deaf7995b849824af6dacdeae7 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Tue, 25 Mar 2008 20:24:57 -0700 Subject: [PATCH] [NETFILTER]: nf_nat_sip: translate all Contact headers The SIP message may contain multiple Contact: addresses referring to the NATed endpoint, translate all of them. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/ipv4/netfilter/nf_nat_sip.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/net/ipv4/netfilter/nf_nat_sip.c b/net/ipv4/netfilter/nf_nat_sip.c index 71a4adcfd57..b443618a857 100644 --- a/net/ipv4/netfilter/nf_nat_sip.c +++ b/net/ipv4/netfilter/nf_nat_sip.c @@ -101,10 +101,10 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); - unsigned int matchoff, matchlen; + unsigned int dataoff, matchoff, matchlen; union nf_inet_addr addr; __be16 port; - int request; + int request, in_header; /* Basic rules: requests and responses. */ if (strnicmp(*dptr, "SIP/2.0", strlen("SIP/2.0")) != 0) { @@ -187,9 +187,20 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, } next: + /* Translate Contact headers */ + dataoff = 0; + in_header = 0; + while (ct_sip_parse_header_uri(ct, *dptr, &dataoff, *datalen, + SIP_HDR_CONTACT, &in_header, + &matchoff, &matchlen, + &addr, &port) > 0) { + if (!map_addr(skb, dptr, datalen, matchoff, matchlen, + &addr, port)) + return NF_DROP; + } + if (!map_sip_addr(skb, dptr, datalen, SIP_HDR_FROM) || - !map_sip_addr(skb, dptr, datalen, SIP_HDR_TO) || - !map_sip_addr(skb, dptr, datalen, SIP_HDR_CONTACT)) + !map_sip_addr(skb, dptr, datalen, SIP_HDR_TO)) return NF_DROP; return NF_ACCEPT; } -- 2.41.1