Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
0bc0be7f
Commit
0bc0be7f
authored
Feb 02, 2011
by
David S. Miller
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' of
git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6
parents
34a6ef38
3db7e93d
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
14 additions
and
15 deletions
+14
-15
include/net/netfilter/nf_conntrack_ecache.h
include/net/netfilter/nf_conntrack_ecache.h
+0
-3
net/ipv4/netfilter/arpt_mangle.c
net/ipv4/netfilter/arpt_mangle.c
+3
-3
net/netfilter/nf_conntrack_ecache.c
net/netfilter/nf_conntrack_ecache.c
+3
-0
net/netfilter/nf_conntrack_netlink.c
net/netfilter/nf_conntrack_netlink.c
+1
-0
net/netfilter/xt_iprange.c
net/netfilter/xt_iprange.c
+7
-9
No files found.
include/net/netfilter/nf_conntrack_ecache.h
View file @
0bc0be7f
...
...
@@ -77,9 +77,6 @@ nf_conntrack_event_cache(enum ip_conntrack_events event, struct nf_conn *ct)
if
(
e
==
NULL
)
return
;
if
(
!
(
e
->
ctmask
&
(
1
<<
event
)))
return
;
set_bit
(
event
,
&
e
->
cache
);
}
...
...
net/ipv4/netfilter/arpt_mangle.c
View file @
0bc0be7f
...
...
@@ -60,12 +60,12 @@ static int checkentry(const struct xt_tgchk_param *par)
if
(
mangle
->
flags
&
~
ARPT_MANGLE_MASK
||
!
(
mangle
->
flags
&
ARPT_MANGLE_MASK
))
return
false
;
return
-
EINVAL
;
if
(
mangle
->
target
!=
NF_DROP
&&
mangle
->
target
!=
NF_ACCEPT
&&
mangle
->
target
!=
XT_CONTINUE
)
return
false
;
return
true
;
return
-
EINVAL
;
return
0
;
}
static
struct
xt_target
arpt_mangle_reg
__read_mostly
=
{
...
...
net/netfilter/nf_conntrack_ecache.c
View file @
0bc0be7f
...
...
@@ -63,6 +63,9 @@ void nf_ct_deliver_cached_events(struct nf_conn *ct)
* this does not harm and it happens very rarely. */
unsigned
long
missed
=
e
->
missed
;
if
(
!
((
events
|
missed
)
&
e
->
ctmask
))
goto
out_unlock
;
ret
=
notify
->
fcn
(
events
|
missed
,
&
item
);
if
(
unlikely
(
ret
<
0
||
missed
))
{
spin_lock_bh
(
&
ct
->
lock
);
...
...
net/netfilter/nf_conntrack_netlink.c
View file @
0bc0be7f
...
...
@@ -667,6 +667,7 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
if
(
ctnetlink_fill_info
(
skb
,
NETLINK_CB
(
cb
->
skb
).
pid
,
cb
->
nlh
->
nlmsg_seq
,
IPCTNL_MSG_CT_NEW
,
ct
)
<
0
)
{
nf_conntrack_get
(
&
ct
->
ct_general
);
cb
->
args
[
1
]
=
(
unsigned
long
)
ct
;
goto
out
;
}
...
...
net/netfilter/xt_iprange.c
View file @
0bc0be7f
...
...
@@ -53,15 +53,13 @@ iprange_mt4(const struct sk_buff *skb, struct xt_action_param *par)
}
static
inline
int
iprange_ipv6_
sub
(
const
struct
in6_addr
*
a
,
const
struct
in6_addr
*
b
)
iprange_ipv6_
lt
(
const
struct
in6_addr
*
a
,
const
struct
in6_addr
*
b
)
{
unsigned
int
i
;
int
r
;
for
(
i
=
0
;
i
<
4
;
++
i
)
{
r
=
ntohl
(
a
->
s6_addr32
[
i
])
-
ntohl
(
b
->
s6_addr32
[
i
]);
if
(
r
!=
0
)
return
r
;
if
(
a
->
s6_addr32
[
i
]
!=
b
->
s6_addr32
[
i
])
return
ntohl
(
a
->
s6_addr32
[
i
])
<
ntohl
(
b
->
s6_addr32
[
i
]);
}
return
0
;
...
...
@@ -75,15 +73,15 @@ iprange_mt6(const struct sk_buff *skb, struct xt_action_param *par)
bool
m
;
if
(
info
->
flags
&
IPRANGE_SRC
)
{
m
=
iprange_ipv6_
sub
(
&
iph
->
saddr
,
&
info
->
src_min
.
in6
)
<
0
;
m
|=
iprange_ipv6_
sub
(
&
iph
->
saddr
,
&
info
->
src_max
.
in6
)
>
0
;
m
=
iprange_ipv6_
lt
(
&
iph
->
saddr
,
&
info
->
src_min
.
in6
)
;
m
|=
iprange_ipv6_
lt
(
&
info
->
src_max
.
in6
,
&
iph
->
saddr
)
;
m
^=
!!
(
info
->
flags
&
IPRANGE_SRC_INV
);
if
(
m
)
return
false
;
}
if
(
info
->
flags
&
IPRANGE_DST
)
{
m
=
iprange_ipv6_
sub
(
&
iph
->
daddr
,
&
info
->
dst_min
.
in6
)
<
0
;
m
|=
iprange_ipv6_
sub
(
&
iph
->
daddr
,
&
info
->
dst_max
.
in6
)
>
0
;
m
=
iprange_ipv6_
lt
(
&
iph
->
daddr
,
&
info
->
dst_min
.
in6
)
;
m
|=
iprange_ipv6_
lt
(
&
info
->
dst_max
.
in6
,
&
iph
->
daddr
)
;
m
^=
!!
(
info
->
flags
&
IPRANGE_DST_INV
);
if
(
m
)
return
false
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment