Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
7775aa76
Commit
7775aa76
authored
Feb 15, 2006
by
Linus Torvalds
Browse files
Options
Browse Files
Download
Plain Diff
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
parents
93544cc6
78872ccb
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
47 additions
and
6 deletions
+47
-6
include/linux/netfilter_ipv4.h
include/linux/netfilter_ipv4.h
+1
-1
net/bridge/br_stp_if.c
net/bridge/br_stp_if.c
+2
-2
net/ipv4/netfilter.c
net/ipv4/netfilter.c
+41
-0
net/ipv4/netfilter/ip_nat_standalone.c
net/ipv4/netfilter/ip_nat_standalone.c
+3
-3
No files found.
include/linux/netfilter_ipv4.h
View file @
7775aa76
...
...
@@ -79,7 +79,7 @@ enum nf_ip_hook_priorities {
#ifdef __KERNEL__
extern
int
ip_route_me_harder
(
struct
sk_buff
**
pskb
);
extern
int
ip_xfrm_me_harder
(
struct
sk_buff
**
pskb
);
#endif
/*__KERNEL__*/
#endif
/*__LINUX_IP_NETFILTER_H*/
net/bridge/br_stp_if.c
View file @
7775aa76
...
...
@@ -67,7 +67,7 @@ void br_stp_disable_bridge(struct net_bridge *br)
{
struct
net_bridge_port
*
p
;
spin_lock
(
&
br
->
lock
);
spin_lock
_bh
(
&
br
->
lock
);
list_for_each_entry
(
p
,
&
br
->
port_list
,
list
)
{
if
(
p
->
state
!=
BR_STATE_DISABLED
)
br_stp_disable_port
(
p
);
...
...
@@ -76,7 +76,7 @@ void br_stp_disable_bridge(struct net_bridge *br)
br
->
topology_change
=
0
;
br
->
topology_change_detected
=
0
;
spin_unlock
(
&
br
->
lock
);
spin_unlock
_bh
(
&
br
->
lock
);
del_timer_sync
(
&
br
->
hello_timer
);
del_timer_sync
(
&
br
->
topology_change_timer
);
...
...
net/ipv4/netfilter.c
View file @
7775aa76
...
...
@@ -78,6 +78,47 @@ int ip_route_me_harder(struct sk_buff **pskb)
}
EXPORT_SYMBOL
(
ip_route_me_harder
);
#ifdef CONFIG_XFRM
int
ip_xfrm_me_harder
(
struct
sk_buff
**
pskb
)
{
struct
flowi
fl
;
unsigned
int
hh_len
;
struct
dst_entry
*
dst
;
if
(
IPCB
(
*
pskb
)
->
flags
&
IPSKB_XFRM_TRANSFORMED
)
return
0
;
if
(
xfrm_decode_session
(
*
pskb
,
&
fl
,
AF_INET
)
<
0
)
return
-
1
;
dst
=
(
*
pskb
)
->
dst
;
if
(
dst
->
xfrm
)
dst
=
((
struct
xfrm_dst
*
)
dst
)
->
route
;
dst_hold
(
dst
);
if
(
xfrm_lookup
(
&
dst
,
&
fl
,
(
*
pskb
)
->
sk
,
0
)
<
0
)
return
-
1
;
dst_release
((
*
pskb
)
->
dst
);
(
*
pskb
)
->
dst
=
dst
;
/* Change in oif may mean change in hh_len. */
hh_len
=
(
*
pskb
)
->
dst
->
dev
->
hard_header_len
;
if
(
skb_headroom
(
*
pskb
)
<
hh_len
)
{
struct
sk_buff
*
nskb
;
nskb
=
skb_realloc_headroom
(
*
pskb
,
hh_len
);
if
(
!
nskb
)
return
-
1
;
if
((
*
pskb
)
->
sk
)
skb_set_owner_w
(
nskb
,
(
*
pskb
)
->
sk
);
kfree_skb
(
*
pskb
);
*
pskb
=
nskb
;
}
return
0
;
}
EXPORT_SYMBOL
(
ip_xfrm_me_harder
);
#endif
void
(
*
ip_nat_decode_session
)(
struct
sk_buff
*
,
struct
flowi
*
);
EXPORT_SYMBOL
(
ip_nat_decode_session
);
...
...
net/ipv4/netfilter/ip_nat_standalone.c
View file @
7775aa76
...
...
@@ -235,19 +235,19 @@ ip_nat_out(unsigned int hooknum,
return
NF_ACCEPT
;
ret
=
ip_nat_fn
(
hooknum
,
pskb
,
in
,
out
,
okfn
);
#ifdef CONFIG_XFRM
if
(
ret
!=
NF_DROP
&&
ret
!=
NF_STOLEN
&&
(
ct
=
ip_conntrack_get
(
*
pskb
,
&
ctinfo
))
!=
NULL
)
{
enum
ip_conntrack_dir
dir
=
CTINFO2DIR
(
ctinfo
);
if
(
ct
->
tuplehash
[
dir
].
tuple
.
src
.
ip
!=
ct
->
tuplehash
[
!
dir
].
tuple
.
dst
.
ip
#ifdef CONFIG_XFRM
||
ct
->
tuplehash
[
dir
].
tuple
.
src
.
u
.
all
!=
ct
->
tuplehash
[
!
dir
].
tuple
.
dst
.
u
.
all
#endif
)
return
ip_
route
_me_harder
(
pskb
)
==
0
?
ret
:
NF_DROP
;
return
ip_
xfrm
_me_harder
(
pskb
)
==
0
?
ret
:
NF_DROP
;
}
#endif
return
ret
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment