Skip to content

L
linux
Commit eeb76312 authored by Harald Welte's avatar Harald Welte Committed by David S. Miller
Browse files
Options

[NETFILTER]: Use in-kernel IPSEC structures in iptables ah (by Patrick McHardy).

parent 3e0a552d
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 5 deletions
net/ipv4/netfilter/ipt_ah.c
View file @ eeb76312
/* Kernel module to match AH parameters. */ /* Kernel module to match AH parameters. */
#include <linux/module.h> #include <linux/module.h>
#include <linux/skbuff.h> #include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/netfilter_ipv4/ipt_ah.h> #include <linux/netfilter_ipv4/ipt_ah.h>
#include <linux/netfilter_ipv4/ip_tables.h> #include <linux/netfilter_ipv4/ip_tables.h>
...@@ -13,10 +14,6 @@ MODULE_LICENSE("GPL"); ...@@ -13,10 +14,6 @@ MODULE_LICENSE("GPL");
#define duprintf(format, args...) #define duprintf(format, args...)
#endif #endif
struct ahhdr {
__u32 spi;
};
/* Returns 1 if the spi is matched by the range, 0 otherwise */ /* Returns 1 if the spi is matched by the range, 0 otherwise */
static inline int static inline int
spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, int invert) spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, int invert)
...@@ -37,7 +34,7 @@ match(const struct sk_buff *skb, ...@@ -37,7 +34,7 @@ match(const struct sk_buff *skb,
int offset, int offset,
int *hotdrop) int *hotdrop)
{ {
struct ahhdr ah; struct ip_auth_hdr ah;
const struct ipt_ah *ahinfo = matchinfo; const struct ipt_ah *ahinfo = matchinfo;
/* Must not be a fragment. */ /* Must not be a fragment. */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7