Commit aa8c7cdb authored by Justin Stitt's avatar Justin Stitt Committed by Pablo Neira Ayuso

netfilter: xt_TPROXY: remove pr_debug invocations

pr_debug calls are no longer needed in this file.

Pablo suggested "a patch to remove these pr_debug calls". This patch has
some other beneficial collateral as it also silences multiple Clang
-Wformat warnings that were present in the pr_debug calls.

diff from v1 -> v2:
* converted if statement one-liner style
* x == NULL is now !x
Suggested-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Reviewed-by: default avatarNathan Chancellor <nathan@kernel.org>
Signed-off-by: default avatarJustin Stitt <justinstitt@google.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent f02e7dc4
...@@ -74,18 +74,10 @@ tproxy_tg4(struct net *net, struct sk_buff *skb, __be32 laddr, __be16 lport, ...@@ -74,18 +74,10 @@ tproxy_tg4(struct net *net, struct sk_buff *skb, __be32 laddr, __be16 lport,
/* This should be in a separate target, but we don't do multiple /* This should be in a separate target, but we don't do multiple
targets on the same rule yet */ targets on the same rule yet */
skb->mark = (skb->mark & ~mark_mask) ^ mark_value; skb->mark = (skb->mark & ~mark_mask) ^ mark_value;
pr_debug("redirecting: proto %hhu %pI4:%hu -> %pI4:%hu, mark: %x\n",
iph->protocol, &iph->daddr, ntohs(hp->dest),
&laddr, ntohs(lport), skb->mark);
nf_tproxy_assign_sock(skb, sk); nf_tproxy_assign_sock(skb, sk);
return NF_ACCEPT; return NF_ACCEPT;
} }
pr_debug("no socket, dropping: proto %hhu %pI4:%hu -> %pI4:%hu, mark: %x\n",
iph->protocol, &iph->saddr, ntohs(hp->source),
&iph->daddr, ntohs(hp->dest), skb->mark);
return NF_DROP; return NF_DROP;
} }
...@@ -122,16 +114,12 @@ tproxy_tg6_v1(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -122,16 +114,12 @@ tproxy_tg6_v1(struct sk_buff *skb, const struct xt_action_param *par)
int tproto; int tproto;
tproto = ipv6_find_hdr(skb, &thoff, -1, NULL, NULL); tproto = ipv6_find_hdr(skb, &thoff, -1, NULL, NULL);
if (tproto < 0) { if (tproto < 0)
pr_debug("unable to find transport header in IPv6 packet, dropping\n");
return NF_DROP; return NF_DROP;
}
hp = skb_header_pointer(skb, thoff, sizeof(_hdr), &_hdr); hp = skb_header_pointer(skb, thoff, sizeof(_hdr), &_hdr);
if (hp == NULL) { if (!hp)
pr_debug("unable to grab transport header contents in IPv6 packet, dropping\n");
return NF_DROP; return NF_DROP;
}
/* check if there's an ongoing connection on the packet /* check if there's an ongoing connection on the packet
* addresses, this happens if the redirect already happened * addresses, this happens if the redirect already happened
...@@ -168,19 +156,10 @@ tproxy_tg6_v1(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -168,19 +156,10 @@ tproxy_tg6_v1(struct sk_buff *skb, const struct xt_action_param *par)
/* This should be in a separate target, but we don't do multiple /* This should be in a separate target, but we don't do multiple
targets on the same rule yet */ targets on the same rule yet */
skb->mark = (skb->mark & ~tgi->mark_mask) ^ tgi->mark_value; skb->mark = (skb->mark & ~tgi->mark_mask) ^ tgi->mark_value;
pr_debug("redirecting: proto %hhu %pI6:%hu -> %pI6:%hu, mark: %x\n",
tproto, &iph->saddr, ntohs(hp->source),
laddr, ntohs(lport), skb->mark);
nf_tproxy_assign_sock(skb, sk); nf_tproxy_assign_sock(skb, sk);
return NF_ACCEPT; return NF_ACCEPT;
} }
pr_debug("no socket, dropping: proto %hhu %pI6:%hu -> %pI6:%hu, mark: %x\n",
tproto, &iph->saddr, ntohs(hp->source),
&iph->daddr, ntohs(hp->dest), skb->mark);
return NF_DROP; return NF_DROP;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment