netfilter: nf_nat: generalize IPv6 masquerading support for nf_tables

Let's refactor the code so we can reach the masquerade functionality from outside the xt context (ie. nftables). The patch includes the addition of an atomic counter to the masquerade notifier: the stuff to be done by the notifier is the same for xt and nftables. Therefore, only one notification handler is needed. This factorization only involves IPv6; a similar patch exists to handle IPv4. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Arturo Borrero <arturo.borrero.glez@gmail.com> 2014-09-04 14:06:49 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-09-09 16:31:29 +0200
commit: be6b635cd674add9410efa9ac6f03e0040848b12 (patch)
tree: ace7d6c1ecd491aa68d3a1b3ad4b8829dd40305f /net/ipv6/netfilter/Kconfig
parent: 8dd33cc93ec92b8460ed2ad98c6db39276f6a72b (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig
index ac93df16f5af..6c8cfec6836a 100644
--- a/net/ipv6/netfilter/Kconfig
+++ b/net/ipv6/netfilter/Kconfig
@@ -246,8 +246,15 @@ config NF_NAT_IPV6
 
 if NF_NAT_IPV6
 
+config NF_NAT_MASQUERADE_IPV6
+	tristate "IPv6 masquerade support"
+	help
+	 This is the kernel functionality to provide NAT in the masquerade
+	 flavour (automatic source address selection) for IPv6.
+
 config IP6_NF_TARGET_MASQUERADE
 	tristate "MASQUERADE target support"
+	select NF_NAT_MASQUERADE_IPV6
 	help
 	  Masquerading is a special case of NAT: all outgoing connections are
 	  changed to seem to come from a particular interface's address, and
author	Arturo Borrero <arturo.borrero.glez@gmail.com>	2014-09-04 14:06:49 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-09-09 16:31:29 +0200
commit	be6b635cd674add9410efa9ac6f03e0040848b12 (patch)
tree	ace7d6c1ecd491aa68d3a1b3ad4b8829dd40305f /net/ipv6/netfilter/Kconfig
parent	8dd33cc93ec92b8460ed2ad98c6db39276f6a72b (diff)