Skip to content

L
linux
Commit db1a75bd authored by Jan Engelhardt's avatar Jan Engelhardt Committed by David S. Miller
Browse files
Options

netfilter: xt_TCPMSS: collapse tcpmss_reverse_mtu{4,6} into one function 

Signed-off-by: default avatarJan Engelhardt <jengelh@medozas.de>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 72961ecf
Hide whitespace changes
Inline Side-by-side
Showing with 13 additions and 29 deletions
net/netfilter/xt_TCPMSS.c
View file @ db1a75bd
...@@ -147,17 +147,21 @@ tcpmss_mangle_packet(struct sk_buff *skb, ...@@ -147,17 +147,21 @@ tcpmss_mangle_packet(struct sk_buff *skb,
return TCPOLEN_MSS; return TCPOLEN_MSS;
} }
static u_int32_t tcpmss_reverse_mtu4(const struct iphdr *iph) static u_int32_t tcpmss_reverse_mtu(const struct sk_buff *skb,
unsigned int family)
{ {
struct flowi fl = { struct flowi fl = {};
.fl4_dst = iph->saddr,
};
const struct nf_afinfo *ai; const struct nf_afinfo *ai;
struct rtable *rt = NULL; struct rtable *rt = NULL;
u_int32_t mtu = ~0U; u_int32_t mtu = ~0U;
if (family == PF_INET)
fl.fl4_dst = ip_hdr(skb)->saddr;
else
fl.fl6_dst = ipv6_hdr(skb)->saddr;
rcu_read_lock(); rcu_read_lock();
ai = nf_get_afinfo(AF_INET); ai = nf_get_afinfo(family);
if (ai != NULL) if (ai != NULL)
ai->route((struct dst_entry **)&rt, &fl); ai->route((struct dst_entry **)&rt, &fl);
rcu_read_unlock(); rcu_read_unlock();
...@@ -178,7 +182,8 @@ tcpmss_tg4(struct sk_buff *skb, const struct net_device *in, ...@@ -178,7 +182,8 @@ tcpmss_tg4(struct sk_buff *skb, const struct net_device *in,
__be16 newlen; __be16 newlen;
int ret; int ret;
ret = tcpmss_mangle_packet(skb, targinfo, tcpmss_reverse_mtu4(iph), ret = tcpmss_mangle_packet(skb, targinfo,
tcpmss_reverse_mtu(skb, PF_INET),
iph->ihl * 4, iph->ihl * 4,
sizeof(*iph) + sizeof(struct tcphdr)); sizeof(*iph) + sizeof(struct tcphdr));
if (ret < 0) if (ret < 0)
...@@ -193,28 +198,6 @@ tcpmss_tg4(struct sk_buff *skb, const struct net_device *in, ...@@ -193,28 +198,6 @@ tcpmss_tg4(struct sk_buff *skb, const struct net_device *in,
} }
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE) #if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
static u_int32_t tcpmss_reverse_mtu6(const struct ipv6hdr *iph)
{
struct flowi fl = {
.fl6_dst = iph->saddr,
};
const struct nf_afinfo *ai;
struct rtable *rt = NULL;
u_int32_t mtu = ~0U;
rcu_read_lock();
ai = nf_get_afinfo(AF_INET6);
if (ai != NULL)
ai->route((struct dst_entry **)&rt, &fl);
rcu_read_unlock();
if (rt != NULL) {
mtu = dst_mtu(&rt->u.dst);
dst_release(&rt->u.dst);
}
return mtu;
}
static unsigned int static unsigned int
tcpmss_tg6(struct sk_buff *skb, const struct net_device *in, tcpmss_tg6(struct sk_buff *skb, const struct net_device *in,
const struct net_device *out, unsigned int hooknum, const struct net_device *out, unsigned int hooknum,
...@@ -229,7 +212,8 @@ tcpmss_tg6(struct sk_buff *skb, const struct net_device *in, ...@@ -229,7 +212,8 @@ tcpmss_tg6(struct sk_buff *skb, const struct net_device *in,
tcphoff = ipv6_skip_exthdr(skb, sizeof(*ipv6h), &nexthdr); tcphoff = ipv6_skip_exthdr(skb, sizeof(*ipv6h), &nexthdr);
if (tcphoff < 0) if (tcphoff < 0)
return NF_DROP; return NF_DROP;
ret = tcpmss_mangle_packet(skb, targinfo, tcpmss_reverse_mtu6(ipv6h), ret = tcpmss_mangle_packet(skb, targinfo,
tcpmss_reverse_mtu(skb, PF_INET6),
tcphoff, tcphoff,
sizeof(*ipv6h) + sizeof(struct tcphdr)); sizeof(*ipv6h) + sizeof(struct tcphdr));
if (ret < 0) if (ret < 0)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7