Merge nuts.ninka.net:/disk1/davem/BK/network-2.6

into nuts.ninka.net:/disk1/davem/BK/net-2.6

Merge nuts.ninka.net:/disk1/davem/BK/network-2.6
into nuts.ninka.net:/disk1/davem/BK/net-2.6
2c663d3f · David S. Miller · e36a9e24 · dd7862a2 · 2c663d3f · 2c663d3f
Commit 2c663d3f authored Dec 29, 2003 by David S. Miller
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 19 deletions

include/linux/netfilter_bridge.h include/linux/netfilter_bridge.h +1 -4

net/bridge/br_netfilter.c net/bridge/br_netfilter.c +26 -14

net/core/dev.c net/core/dev.c +1 -1

No files found.
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -71,12 +71,10 @@ static inline
 void nf_bridge_maybe_copy_header(struct sk_buff *skb)
 {
 	if (skb->nf_bridge) {
-#if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE)
 		if (skb->protocol == __constant_htons(ETH_P_8021Q)) {
 			memcpy(skb->data - 18, skb->nf_bridge->hh, 18);
 			skb_push(skb, 4);
 		} else
-#endif
 			memcpy(skb->data - 16, skb->nf_bridge->hh, 16);
 	}
 }
@@ -86,10 +84,9 @@ void nf_bridge_save_header(struct sk_buff *skb)
 {
        int header_size = 16;

-#if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE)
 	if (skb->protocol == __constant_htons(ETH_P_8021Q))
 		header_size = 18;
-#endif
+
 	memcpy(skb->nf_bridge->hh, skb->data - header_size, header_size);
 }


--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -356,6 +356,7 @@ static unsigned int br_nf_local_in(unsigned int hook, struct sk_buff **pskb,
 	return NF_ACCEPT;
 }

+
 /* PF_BRIDGE/FORWARD *************************************************/
 static int br_nf_forward_finish(struct sk_buff *skb)
 {
@@ -466,6 +467,7 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
 	return NF_STOLEN;
 }

+
 /* PF_BRIDGE/LOCAL_OUT ***********************************************/
 static int br_nf_local_out_finish(struct sk_buff *skb)
 {
@@ -531,9 +533,7 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb,
 		return NF_ACCEPT;

 	nf_bridge = skb->nf_bridge;
-
 	nf_bridge->physoutdev = skb->dev;
-
 	realindev = nf_bridge->physindev;

 	/* Bridged, take PF_BRIDGE/FORWARD.
@@ -601,18 +601,15 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
 	struct vlan_ethhdr *hdr = (struct vlan_ethhdr *)(skb->mac.ethernet);
 	struct net_device *realoutdev = bridge_parent(skb->dev);

-	/* Be very paranoid. Must be a device driver bug. */
+#ifdef CONFIG_NETFILTER_DEBUG
+	/* Be very paranoid. This probably won't happen anymore, but let's
+	 * keep the check just to be sure... */
 	if (skb->mac.raw < skb->head || skb->mac.raw + ETH_HLEN > skb->data) {
 		printk(KERN_CRIT "br_netfilter: Argh!! br_nf_post_routing: "
 				 "bad mac.raw pointer.");
-		if (skb->dev != NULL) {
-			printk("[%s]", skb->dev->name);
-			if (has_bridge_parent(skb->dev))
-				printk("[%s]", bridge_parent(skb->dev)->name);
-		}
-		printk(" head:%p, raw:%p\n", skb->head, skb->mac.raw);
-		return NF_ACCEPT;
+		goto print_error;
 	}
+#endif

 #ifdef CONFIG_SYSCTL
 	if (!nf_bridge)
@@ -622,13 +619,16 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
 	if (skb->protocol != __constant_htons(ETH_P_IP) && !IS_VLAN_IP)
 		return NF_ACCEPT;

+#ifdef CONFIG_NETFILTER_DEBUG
 	/* Sometimes we get packets with NULL ->dst here (for example,
-	 * running a dhcp client daemon triggers this).
+	 * running a dhcp client daemon triggers this). This should now
+	 * be fixed, but let's keep the check around.
 	 */
-	if (skb->dst == NULL)
-		return NF_ACCEPT;
+	if (skb->dst == NULL) {
+		printk(KERN_CRIT "br_netfilter: skb->dst == NULL.");
+		goto print_error;
+	}

-#ifdef CONFIG_NETFILTER_DEBUG
 	skb->nf_debug ^= (1 << NF_IP_POST_ROUTING);
 #endif

@@ -655,6 +655,18 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
 		realoutdev, br_dev_queue_push_xmit);

 	return NF_STOLEN;
+
+#ifdef CONFIG_NETFILTER_DEBUG
+print_error:
+	if (skb->dev != NULL) {
+		printk("[%s]", skb->dev->name);
+		if (has_bridge_parent(skb->dev))
+			printk("[%s]", bridge_parent(skb->dev)->name);
+	}
+	printk(" head:%p, raw:%p, data:%p\n", skb->head, skb->mac.raw,
+					      skb->data);
+	return NF_ACCEPT;
+#endif
 }



--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1543,7 +1543,7 @@ static inline int __handle_bridge(struct sk_buff *skb,
 			struct packet_type **pt_prev, int *ret)
 {
 #if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE)
-	if (skb->dev->br_port) {
+	if (skb->dev->br_port && skb->pkt_type != PACKET_LOOPBACK) {
 		*ret = handle_bridge(skb, *pt_prev);
 		if (br_handle_frame_hook(skb) == 0)
 			return 1;