6 files changed, 201 insertions, 35 deletions

diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
index da05ab47ff2..7009b0cdd06 100644
--- a/include/linux/inetdevice.h
+++ b/include/linux/inetdevice.h
@@ -70,13 +70,13 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev)
 	ipv4_devconf_set((in_dev), NET_IPV4_CONF_ ## attr, (val))
 
 #define IN_DEV_ANDCONF(in_dev, attr) \
-	(IPV4_DEVCONF_ALL(in_dev->dev->nd_net, attr) && \
+	(IPV4_DEVCONF_ALL(dev_net(in_dev->dev), attr) && \
 	 IN_DEV_CONF_GET((in_dev), attr))
 #define IN_DEV_ORCONF(in_dev, attr) \
-	(IPV4_DEVCONF_ALL(in_dev->dev->nd_net, attr) || \
+	(IPV4_DEVCONF_ALL(dev_net(in_dev->dev), attr) || \
 	 IN_DEV_CONF_GET((in_dev), attr))
 #define IN_DEV_MAXCONF(in_dev, attr) \
-	(max(IPV4_DEVCONF_ALL(in_dev->dev->nd_net, attr), \
+	(max(IPV4_DEVCONF_ALL(dev_net(in_dev->dev), attr), \
 	     IN_DEV_CONF_GET((in_dev), attr)))
 
 #define IN_DEV_FORWARD(in_dev)		IN_DEV_CONF_GET((in_dev), FORWARDING)
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index c9ba0da16ce..b90d3d461d4 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -481,7 +481,7 @@ static inline struct raw6_sock *raw6_sk(const struct sock *sk)
 #endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
 
 #define INET6_MATCH(__sk, __net, __hash, __saddr, __daddr, __ports, __dif)\
-	(((__sk)->sk_hash == (__hash)) && ((__sk)->sk_net == (__net))	&& \
+	(((__sk)->sk_hash == (__hash)) && sock_net((__sk)) == (__net)	&& \
 	 ((*((__portpair *)&(inet_sk(__sk)->dport))) == (__ports))  	&& \
 	 ((__sk)->sk_family		== AF_INET6)		&& \
 	 ipv6_addr_equal(&inet6_sk(__sk)->daddr, (__saddr))	&& \
@@ -489,7 +489,7 @@ static inline struct raw6_sock *raw6_sk(const struct sock *sk)
 	 (!((__sk)->sk_bound_dev_if) || ((__sk)->sk_bound_dev_if == (__dif))))
 
 #define INET6_TW_MATCH(__sk, __net, __hash, __saddr, __daddr, __ports, __dif) \
-	(((__sk)->sk_hash == (__hash)) && ((__sk)->sk_net == (__net))	&& \
+	(((__sk)->sk_hash == (__hash)) && sock_net((__sk)) == (__net)	&& \
 	 (*((__portpair *)&(inet_twsk(__sk)->tw_dport)) == (__ports))	&& \
 	 ((__sk)->sk_family	       == PF_INET6)			&& \
 	 (ipv6_addr_equal(&inet6_twsk(__sk)->tw_v6_daddr, (__saddr)))	&& \
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index ced61f87660..d146be40f46 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -708,8 +708,10 @@ struct net_device
 	void                    (*poll_controller)(struct net_device *dev);
 #endif
 
+#ifdef CONFIG_NET_NS
 	/* Network namespace this network device is inside */
 	struct net		*nd_net;
+#endif
 
 	/* bridge stuff */
 	struct net_bridge_port	*br_port;
@@ -737,6 +739,27 @@ struct net_device
 #define	NETDEV_ALIGN		32
 #define	NETDEV_ALIGN_CONST	(NETDEV_ALIGN - 1)
 
+/*
+ * Net namespace inlines
+ */
+static inline
+struct net *dev_net(const struct net_device *dev)
+{
+#ifdef CONFIG_NET_NS
+	return dev->nd_net;
+#else
+	return &init_net;
+#endif
+}
+
+static inline
+void dev_net_set(struct net_device *dev, const struct net *net)
+{
+#ifdef CONFIG_NET_NS
+	dev->nd_dev = net;
+#endif
+}
+
 /**
  *	netdev_priv - access network device private data
  *	@dev: network device
@@ -813,7 +836,7 @@ static inline struct net_device *next_net_device(struct net_device *dev)
 	struct list_head *lh;
 	struct net *net;
 
-	net = dev->nd_net;
+	net = dev_net(dev);
 	lh = dev->dev_list.next;
 	return lh == &net->dev_base_head ? NULL : net_device_entry(lh);
 }
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index f0680c2bee7..89e6c72ad29 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -61,6 +61,15 @@ union nf_inet_addr {
 #ifdef __KERNEL__
 #ifdef CONFIG_NETFILTER
 
+static inline int nf_inet_addr_cmp(const union nf_inet_addr *a1,
+				   const union nf_inet_addr *a2)
+{
+	return a1->all[0] == a2->all[0] &&
+	       a1->all[1] == a2->all[1] &&
+	       a1->all[2] == a2->all[2] &&
+	       a1->all[3] == a2->all[3];
+}
+
 extern void netfilter_init(void);
 
 /* Largest hook number + 1 */
diff --git a/include/linux/netfilter/nf_conntrack_sip.h b/include/linux/netfilter/nf_conntrack_sip.h
index 8e5ce1ca7bf..5da04e586a3 100644
--- a/include/linux/netfilter/nf_conntrack_sip.h
+++ b/include/linux/netfilter/nf_conntrack_sip.h
@@ -5,37 +5,164 @@
 #define SIP_PORT	5060
 #define SIP_TIMEOUT	3600
 
-enum sip_header_pos {
-	POS_REG_REQ_URI,
-	POS_REQ_URI,
-	POS_FROM,
-	POS_TO,
-	POS_VIA,
-	POS_CONTACT,
-	POS_CONTENT,
-	POS_MEDIA,
-	POS_OWNER_IP4,
-	POS_CONNECTION_IP4,
-	POS_OWNER_IP6,
-	POS_CONNECTION_IP6,
-	POS_SDP_HEADER,
+struct nf_ct_sip_master {
+	unsigned int	register_cseq;
+};
+
+enum sip_expectation_classes {
+	SIP_EXPECT_SIGNALLING,
+	SIP_EXPECT_AUDIO,
+	SIP_EXPECT_VIDEO,
+	__SIP_EXPECT_MAX
+};
+#define SIP_EXPECT_MAX	(__SIP_EXPECT_MAX - 1)
+
+struct sdp_media_type {
+	const char			*name;
+	unsigned int			len;
+	enum sip_expectation_classes	class;
+};
+
+#define SDP_MEDIA_TYPE(__name, __class)					\
+{									\
+	.name	= (__name),						\
+	.len	= sizeof(__name) - 1,					\
+	.class	= (__class),						\
+}
+
+struct sip_handler {
+	const char	*method;
+	unsigned int	len;
+	int		(*request)(struct sk_buff *skb,
+				   const char **dptr, unsigned int *datalen,
+				   unsigned int cseq);
+	int		(*response)(struct sk_buff *skb,
+				    const char **dptr, unsigned int *datalen,
+				    unsigned int cseq, unsigned int code);
+};
+
+#define SIP_HANDLER(__method, __request, __response)			\
+{									\
+	.method		= (__method),					\
+	.len		= sizeof(__method) - 1,				\
+	.request	= (__request),					\
+	.response	= (__response),					\
+}
+
+struct sip_header {
+	const char	*name;
+	const char	*cname;
+	const char	*search;
+	unsigned int	len;
+	unsigned int	clen;
+	unsigned int	slen;
+	int		(*match_len)(const struct nf_conn *ct,
+				     const char *dptr, const char *limit,
+				     int *shift);
+};
+
+#define __SIP_HDR(__name, __cname, __search, __match)			\
+{									\
+	.name		= (__name),					\
+	.len		= sizeof(__name) - 1,				\
+	.cname		= (__cname),					\
+	.clen		= (__cname) ? sizeof(__cname) - 1 : 0,		\
+	.search		= (__search),					\
+	.slen		= (__search) ? sizeof(__search) - 1 : 0,	\
+	.match_len	= (__match),					\
+}
+
+#define SIP_HDR(__name, __cname, __search, __match) \
+	__SIP_HDR(__name, __cname, __search, __match)
+
+#define SDP_HDR(__name, __search, __match) \
+	__SIP_HDR(__name, NULL, __search, __match)
+
+enum sip_header_types {
+	SIP_HDR_CSEQ,
+	SIP_HDR_FROM,
+	SIP_HDR_TO,
+	SIP_HDR_CONTACT,
+	SIP_HDR_VIA,
+	SIP_HDR_EXPIRES,
+	SIP_HDR_CONTENT_LENGTH,
+};
+
+enum sdp_header_types {
+	SDP_HDR_UNSPEC,
+	SDP_HDR_VERSION,
+	SDP_HDR_OWNER_IP4,
+	SDP_HDR_CONNECTION_IP4,
+	SDP_HDR_OWNER_IP6,
+	SDP_HDR_CONNECTION_IP6,
+	SDP_HDR_MEDIA,
 };
 
 extern unsigned int (*nf_nat_sip_hook)(struct sk_buff *skb,
-				       enum ip_conntrack_info ctinfo,
-				       struct nf_conn *ct,
-				       const char **dptr);
-extern unsigned int (*nf_nat_sdp_hook)(struct sk_buff *skb,
-				       enum ip_conntrack_info ctinfo,
-				       struct nf_conntrack_expect *exp,
-				       const char *dptr);
-
-extern int ct_sip_get_info(const struct nf_conn *ct, const char *dptr,
-                           size_t dlen, unsigned int *matchoff,
-                           unsigned int *matchlen, enum sip_header_pos pos);
-extern int ct_sip_lnlen(const char *line, const char *limit);
-extern const char *ct_sip_search(const char *needle, const char *haystack,
-				 size_t needle_len, size_t haystack_len,
-				 int case_sensitive);
+				       const char **dptr,
+				       unsigned int *datalen);
+extern unsigned int (*nf_nat_sip_expect_hook)(struct sk_buff *skb,
+					      const char **dptr,
+					      unsigned int *datalen,
+					      struct nf_conntrack_expect *exp,
+					      unsigned int matchoff,
+					      unsigned int matchlen);
+extern unsigned int (*nf_nat_sdp_addr_hook)(struct sk_buff *skb,
+					    const char **dptr,
+					    unsigned int dataoff,
+					    unsigned int *datalen,
+					    enum sdp_header_types type,
+					    enum sdp_header_types term,
+					    const union nf_inet_addr *addr);
+extern unsigned int (*nf_nat_sdp_port_hook)(struct sk_buff *skb,
+					    const char **dptr,
+					    unsigned int *datalen,
+					    unsigned int matchoff,
+					    unsigned int matchlen,
+					    u_int16_t port);
+extern unsigned int (*nf_nat_sdp_session_hook)(struct sk_buff *skb,
+					       const char **dptr,
+					       unsigned int dataoff,
+					       unsigned int *datalen,
+					       const union nf_inet_addr *addr);
+extern unsigned int (*nf_nat_sdp_media_hook)(struct sk_buff *skb,
+					     const char **dptr,
+					     unsigned int *datalen,
+					     struct nf_conntrack_expect *rtp_exp,
+					     struct nf_conntrack_expect *rtcp_exp,
+					     unsigned int mediaoff,
+					     unsigned int medialen,
+					     union nf_inet_addr *rtp_addr);
+
+extern int ct_sip_parse_request(const struct nf_conn *ct,
+				const char *dptr, unsigned int datalen,
+				unsigned int *matchoff, unsigned int *matchlen,
+				union nf_inet_addr *addr, __be16 *port);
+extern int ct_sip_get_header(const struct nf_conn *ct, const char *dptr,
+			     unsigned int dataoff, unsigned int datalen,
+			     enum sip_header_types type,
+			     unsigned int *matchoff, unsigned int *matchlen);
+extern int ct_sip_parse_header_uri(const struct nf_conn *ct, const char *dptr,
+				   unsigned int *dataoff, unsigned int datalen,
+				   enum sip_header_types type, int *in_header,
+				   unsigned int *matchoff, unsigned int *matchlen,
+				   union nf_inet_addr *addr, __be16 *port);
+extern int ct_sip_parse_address_param(const struct nf_conn *ct, const char *dptr,
+				      unsigned int dataoff, unsigned int datalen,
+				      const char *name,
+				      unsigned int *matchoff, unsigned int *matchlen,
+				      union nf_inet_addr *addr);
+extern int ct_sip_parse_numerical_param(const struct nf_conn *ct, const char *dptr,
+					unsigned int off, unsigned int datalen,
+					const char *name,
+					unsigned int *matchoff, unsigned int *matchen,
+					unsigned int *val);
+
+extern int ct_sip_get_sdp_header(const struct nf_conn *ct, const char *dptr,
+				 unsigned int dataoff, unsigned int datalen,
+				 enum sdp_header_types type,
+				 enum sdp_header_types term,
+				 unsigned int *matchoff, unsigned int *matchlen);
+
 #endif /* __KERNEL__ */
 #endif /* __NF_CONNTRACK_SIP_H__ */
diff --git a/include/linux/seq_file.h b/include/linux/seq_file.h
index 67c2563961f..d870a825376 100644
--- a/include/linux/seq_file.h
+++ b/include/linux/seq_file.h
@@ -5,6 +5,7 @@
 #include <linux/types.h>
 #include <linux/string.h>
 #include <linux/mutex.h>
+#include <net/net_namespace.h>
 
 struct seq_operations;
 struct file;
@@ -64,7 +65,9 @@ extern struct list_head *seq_list_next(void *v, struct list_head *head,
 
 struct net;
 struct seq_net_private {
+#ifdef CONFIG_NET_NS
 	struct net *net;
+#endif
 };
 
 int seq_open_net(struct inode *, struct file *,
@@ -72,7 +75,11 @@ int seq_open_net(struct inode *, struct file *,
 int seq_release_net(struct inode *, struct file *);
 static inline struct net *seq_file_net(struct seq_file *seq)
 {
+#ifdef CONFIG_NET_NS
 	return ((struct seq_net_private *)seq->private)->net;
+#else
+	return &init_net;
+#endif
 }
 
 #endif