git.baikalelectronics.ru Git - kernel.git/commit

author	Taehee Yoo <ap420073@gmail.com>
	Sun, 7 Jan 2018 15:10:33 +0000 (00:10 +0900)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 19 Jan 2018 12:59:07 +0000 (13:59 +0100)
commit	2425d145b020d264ca2f42b9dd751435a694f4f8
tree	9afca85e29fd84fd8768c162066a3ce8dd2ec3f9	tree \| snapshot
parent	d4c7fa9a5a67cbf8aa3921fa4fa48c31ba497d48	commit \| diff

netfilter: nf_nat_snmp_basic: use asn1 decoder library

The basic SNMP ALG parse snmp ASN.1 payload
however, since 2012 linux kernel provide ASN.1 decoder library.
If we use ASN.1 decoder in the /lib/asn1_decoder.c, we can remove
about 1000 line of ASN.1 parsing routine.

To use asn1_decoder.c, we should write mib file(nf_nat_snmp_basic.asn1)
then /script/asn1_compiler.c makes *-asn1.c and *-asn1.h file
at the compiletime.(nf_nat_snmp_basic-asn1.c, nf_nat_snmp_basic-asn1.h)
The nf_nat_snmp_basic.asn1 is made by RFC1155, RFC1157, RFC1902, RFC1905,
RFC2578, RFC3416. of course that mib file supports only the basic SNMP ALG.

Previous SNMP ALG mangles only first octet of IPv4 address.
but after this patch, the SNMP ALG mangles whole IPv4 Address.
And SNMPv3 is not supported.

I tested with snmp commands such ans snmpd, snmpwalk, snmptrap.

Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/ipv4/netfilter/Kconfig		diff \| blob \| history
net/ipv4/netfilter/Makefile		diff \| blob \| history
net/ipv4/netfilter/nf_nat_snmp_basic.asn1	[new file with mode: 0644]	blob
net/ipv4/netfilter/nf_nat_snmp_basic.c	[deleted file]	blob \| history
net/ipv4/netfilter/nf_nat_snmp_basic_main.c	[new file with mode: 0644]	blob