mirror of https://gitee.com/openkylin/linux.git
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
This commit is contained in:
commit
58dc125a66
|
@ -669,11 +669,13 @@ printk("NONONONOO!!!!\n");
|
|||
u32 *put;
|
||||
int i;
|
||||
|
||||
dsc = (u32 *) kmalloc(uPD98401_TXPD_SIZE*2+
|
||||
uPD98401_TXBD_SIZE*ATM_SKB(skb)->iovcnt,GFP_ATOMIC);
|
||||
dsc = kmalloc(uPD98401_TXPD_SIZE * 2 +
|
||||
uPD98401_TXBD_SIZE * ATM_SKB(skb)->iovcnt, GFP_ATOMIC);
|
||||
if (!dsc) {
|
||||
if (vcc->pop) vcc->pop(vcc,skb);
|
||||
else dev_kfree_skb_irq(skb);
|
||||
if (vcc->pop)
|
||||
vcc->pop(vcc, skb);
|
||||
else
|
||||
dev_kfree_skb_irq(skb);
|
||||
return -EAGAIN;
|
||||
}
|
||||
/* @@@ should check alignment */
|
||||
|
@ -683,7 +685,7 @@ printk("NONONONOO!!!!\n");
|
|||
(ATM_SKB(skb)->atm_options & ATM_ATMOPT_CLP ?
|
||||
uPD98401_CLPM_1 : uPD98401_CLPM_0));
|
||||
dsc[1] = 0;
|
||||
dsc[2] = ATM_SKB(skb)->iovcnt*uPD98401_TXBD_SIZE;
|
||||
dsc[2] = ATM_SKB(skb)->iovcnt * uPD98401_TXBD_SIZE;
|
||||
dsc[3] = virt_to_bus(put);
|
||||
for (i = 0; i < ATM_SKB(skb)->iovcnt; i++) {
|
||||
*put++ = ((struct iovec *) skb->data)[i].iov_len;
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
menu "Infrared-port device drivers"
|
||||
depends on IRDA!=n
|
||||
|
||||
|
@ -156,7 +155,7 @@ comment "Old Serial dongle support"
|
|||
|
||||
config DONGLE_OLD
|
||||
bool "Old Serial dongle support"
|
||||
depends on (IRTTY_OLD || IRPORT_SIR) && BROKEN_ON_SMP
|
||||
depends on IRPORT_SIR && BROKEN_ON_SMP
|
||||
help
|
||||
Say Y here if you have an infrared device that connects to your
|
||||
computer's serial port. These devices are called dongles. Then say Y
|
||||
|
|
|
@ -45,4 +45,4 @@ obj-$(CONFIG_ACT200L_DONGLE) += act200l-sir.o
|
|||
obj-$(CONFIG_MA600_DONGLE) += ma600-sir.o
|
||||
|
||||
# The SIR helper module
|
||||
sir-dev-objs := sir_core.o sir_dev.o sir_dongle.o sir_kthread.o
|
||||
sir-dev-objs := sir_dev.o sir_dongle.o sir_kthread.o
|
||||
|
|
|
@ -133,8 +133,6 @@ extern int sirdev_put_dongle(struct sir_dev *self);
|
|||
|
||||
extern void sirdev_enable_rx(struct sir_dev *dev);
|
||||
extern int sirdev_schedule_request(struct sir_dev *dev, int state, unsigned param);
|
||||
extern int __init irda_thread_create(void);
|
||||
extern void __exit irda_thread_join(void);
|
||||
|
||||
/* inline helpers */
|
||||
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
/*********************************************************************
|
||||
*
|
||||
* sir_core.c: module core for irda-sir abstraction layer
|
||||
*
|
||||
* Copyright (c) 2002 Martin Diehl
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation; either version 2 of
|
||||
* the License, or (at your option) any later version.
|
||||
*
|
||||
********************************************************************/
|
||||
|
||||
#include <linux/module.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/init.h>
|
||||
|
||||
#include <net/irda/irda.h>
|
||||
|
||||
#include "sir-dev.h"
|
||||
|
||||
/***************************************************************************/
|
||||
|
||||
MODULE_AUTHOR("Martin Diehl <info@mdiehl.de>");
|
||||
MODULE_DESCRIPTION("IrDA SIR core");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
/***************************************************************************/
|
||||
|
||||
EXPORT_SYMBOL(irda_register_dongle);
|
||||
EXPORT_SYMBOL(irda_unregister_dongle);
|
||||
|
||||
EXPORT_SYMBOL(sirdev_get_instance);
|
||||
EXPORT_SYMBOL(sirdev_put_instance);
|
||||
|
||||
EXPORT_SYMBOL(sirdev_set_dongle);
|
||||
EXPORT_SYMBOL(sirdev_write_complete);
|
||||
EXPORT_SYMBOL(sirdev_receive);
|
||||
|
||||
EXPORT_SYMBOL(sirdev_raw_write);
|
||||
EXPORT_SYMBOL(sirdev_raw_read);
|
||||
EXPORT_SYMBOL(sirdev_set_dtr_rts);
|
||||
|
||||
static int __init sir_core_init(void)
|
||||
{
|
||||
return irda_thread_create();
|
||||
}
|
||||
|
||||
static void __exit sir_core_exit(void)
|
||||
{
|
||||
irda_thread_join();
|
||||
}
|
||||
|
||||
module_init(sir_core_init);
|
||||
module_exit(sir_core_exit);
|
||||
|
|
@ -60,6 +60,7 @@ int sirdev_set_dongle(struct sir_dev *dev, IRDA_DONGLE type)
|
|||
up(&dev->fsm.sem);
|
||||
return err;
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_set_dongle);
|
||||
|
||||
/* used by dongle drivers for dongle programming */
|
||||
|
||||
|
@ -94,6 +95,7 @@ int sirdev_raw_write(struct sir_dev *dev, const char *buf, int len)
|
|||
spin_unlock_irqrestore(&dev->tx_lock, flags);
|
||||
return ret;
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_raw_write);
|
||||
|
||||
/* seems some dongle drivers may need this */
|
||||
|
||||
|
@ -116,6 +118,7 @@ int sirdev_raw_read(struct sir_dev *dev, char *buf, int len)
|
|||
|
||||
return count;
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_raw_read);
|
||||
|
||||
int sirdev_set_dtr_rts(struct sir_dev *dev, int dtr, int rts)
|
||||
{
|
||||
|
@ -124,7 +127,8 @@ int sirdev_set_dtr_rts(struct sir_dev *dev, int dtr, int rts)
|
|||
ret = dev->drv->set_dtr_rts(dev, dtr, rts);
|
||||
return ret;
|
||||
}
|
||||
|
||||
EXPORT_SYMBOL(sirdev_set_dtr_rts);
|
||||
|
||||
/**********************************************************************/
|
||||
|
||||
/* called from client driver - likely with bh-context - to indicate
|
||||
|
@ -227,6 +231,7 @@ void sirdev_write_complete(struct sir_dev *dev)
|
|||
done:
|
||||
spin_unlock_irqrestore(&dev->tx_lock, flags);
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_write_complete);
|
||||
|
||||
/* called from client driver - likely with bh-context - to give us
|
||||
* some more received bytes. We put them into the rx-buffer,
|
||||
|
@ -279,6 +284,7 @@ int sirdev_receive(struct sir_dev *dev, const unsigned char *cp, size_t count)
|
|||
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_receive);
|
||||
|
||||
/**********************************************************************/
|
||||
|
||||
|
@ -641,6 +647,7 @@ struct sir_dev * sirdev_get_instance(const struct sir_driver *drv, const char *n
|
|||
out:
|
||||
return NULL;
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_get_instance);
|
||||
|
||||
int sirdev_put_instance(struct sir_dev *dev)
|
||||
{
|
||||
|
@ -673,4 +680,5 @@ int sirdev_put_instance(struct sir_dev *dev)
|
|||
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL(sirdev_put_instance);
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ int irda_register_dongle(struct dongle_driver *new)
|
|||
up(&dongle_list_lock);
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL(irda_register_dongle);
|
||||
|
||||
int irda_unregister_dongle(struct dongle_driver *drv)
|
||||
{
|
||||
|
@ -58,6 +59,7 @@ int irda_unregister_dongle(struct dongle_driver *drv)
|
|||
up(&dongle_list_lock);
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL(irda_unregister_dongle);
|
||||
|
||||
int sirdev_get_dongle(struct sir_dev *dev, IRDA_DONGLE type)
|
||||
{
|
||||
|
|
|
@ -466,7 +466,7 @@ int sirdev_schedule_request(struct sir_dev *dev, int initial_state, unsigned par
|
|||
return 0;
|
||||
}
|
||||
|
||||
int __init irda_thread_create(void)
|
||||
static int __init irda_thread_create(void)
|
||||
{
|
||||
struct completion startup;
|
||||
int pid;
|
||||
|
@ -488,7 +488,7 @@ int __init irda_thread_create(void)
|
|||
return 0;
|
||||
}
|
||||
|
||||
void __exit irda_thread_join(void)
|
||||
static void __exit irda_thread_join(void)
|
||||
{
|
||||
if (irda_rq_queue.thread) {
|
||||
flush_irda_queue();
|
||||
|
@ -499,3 +499,10 @@ void __exit irda_thread_join(void)
|
|||
}
|
||||
}
|
||||
|
||||
module_init(irda_thread_create);
|
||||
module_exit(irda_thread_join);
|
||||
|
||||
MODULE_AUTHOR("Martin Diehl <info@mdiehl.de>");
|
||||
MODULE_DESCRIPTION("IrDA SIR core");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
|
|
|
@ -42,13 +42,6 @@ struct ip_nat_protocol
|
|||
enum ip_nat_manip_type maniptype,
|
||||
const struct ip_conntrack *conntrack);
|
||||
|
||||
unsigned int (*print)(char *buffer,
|
||||
const struct ip_conntrack_tuple *match,
|
||||
const struct ip_conntrack_tuple *mask);
|
||||
|
||||
unsigned int (*print_range)(char *buffer,
|
||||
const struct ip_nat_range *range);
|
||||
|
||||
int (*range_to_nfattr)(struct sk_buff *skb,
|
||||
const struct ip_nat_range *range);
|
||||
|
||||
|
|
|
@ -72,7 +72,12 @@ enum nf_ip6_hook_priorities {
|
|||
NF_IP6_PRI_LAST = INT_MAX,
|
||||
};
|
||||
|
||||
#ifdef CONFIG_NETFILTER
|
||||
extern int ipv6_netfilter_init(void);
|
||||
extern void ipv6_netfilter_fini(void);
|
||||
#else /* CONFIG_NETFILTER */
|
||||
static inline int ipv6_netfilter_init(void) { return 0; }
|
||||
static inline void ipv6_netfilter_fini(void) { return; }
|
||||
#endif /* CONFIG_NETFILTER */
|
||||
|
||||
#endif /*__LINUX_IP6_NETFILTER_H*/
|
||||
|
|
|
@ -83,8 +83,8 @@ struct inet_connection_sock {
|
|||
struct timer_list icsk_delack_timer;
|
||||
__u32 icsk_rto;
|
||||
__u32 icsk_pmtu_cookie;
|
||||
struct tcp_congestion_ops *icsk_ca_ops;
|
||||
struct inet_connection_sock_af_ops *icsk_af_ops;
|
||||
const struct tcp_congestion_ops *icsk_ca_ops;
|
||||
const struct inet_connection_sock_af_ops *icsk_af_ops;
|
||||
unsigned int (*icsk_sync_mss)(struct sock *sk, u32 pmtu);
|
||||
__u8 icsk_ca_state;
|
||||
__u8 icsk_retransmits;
|
||||
|
|
|
@ -214,7 +214,7 @@ int vlan_skb_recv(struct sk_buff *skb, struct net_device *dev,
|
|||
* This allows the VLAN to have a different MAC than the underlying
|
||||
* device, and still route correctly.
|
||||
*/
|
||||
if (memcmp(eth_hdr(skb)->h_dest, skb->dev->dev_addr, ETH_ALEN) == 0) {
|
||||
if (!compare_ether_addr(eth_hdr(skb)->h_dest, skb->dev->dev_addr)) {
|
||||
/* It is for our (changed) MAC-address! */
|
||||
skb->pkt_type = PACKET_HOST;
|
||||
}
|
||||
|
|
|
@ -296,13 +296,13 @@ static inline __be16 br_type_trans(struct sk_buff *skb, struct net_device *dev)
|
|||
eth = eth_hdr(skb);
|
||||
|
||||
if (is_multicast_ether_addr(eth->h_dest)) {
|
||||
if (memcmp(eth->h_dest, dev->broadcast, ETH_ALEN) == 0)
|
||||
if (!compare_ether_addr(eth->h_dest, dev->broadcast))
|
||||
skb->pkt_type = PACKET_BROADCAST;
|
||||
else
|
||||
skb->pkt_type = PACKET_MULTICAST;
|
||||
}
|
||||
|
||||
else if (memcmp(eth->h_dest, dev->dev_addr, ETH_ALEN))
|
||||
else if (compare_ether_addr(eth->h_dest, dev->dev_addr))
|
||||
skb->pkt_type = PACKET_OTHERHOST;
|
||||
|
||||
if (ntohs(eth->h_proto) >= 1536)
|
||||
|
|
|
@ -1321,7 +1321,7 @@ static int lane2_associate_req (struct net_device *dev, u8 *lan_dst,
|
|||
struct sk_buff *skb;
|
||||
struct lec_priv *priv = (struct lec_priv*)dev->priv;
|
||||
|
||||
if ( memcmp(lan_dst, dev->dev_addr, ETH_ALEN) != 0 )
|
||||
if (compare_ether_addr(lan_dst, dev->dev_addr))
|
||||
return (0); /* not our mac address */
|
||||
|
||||
kfree(priv->tlvs); /* NULL if there was no previous association */
|
||||
|
@ -1798,7 +1798,7 @@ lec_arp_find(struct lec_priv *priv,
|
|||
|
||||
to_return = priv->lec_arp_tables[place];
|
||||
while(to_return) {
|
||||
if (memcmp(mac_addr, to_return->mac_addr, ETH_ALEN) == 0) {
|
||||
if (!compare_ether_addr(mac_addr, to_return->mac_addr)) {
|
||||
return to_return;
|
||||
}
|
||||
to_return = to_return->next;
|
||||
|
@ -2002,7 +2002,7 @@ lec_arp_resolve(struct lec_priv *priv, unsigned char *mac_to_find,
|
|||
return priv->mcast_vcc;
|
||||
break;
|
||||
case 2: /* LANE2 wants arp for multicast addresses */
|
||||
if ( memcmp(mac_to_find, bus_mac, ETH_ALEN) == 0)
|
||||
if (!compare_ether_addr(mac_to_find, bus_mac))
|
||||
return priv->mcast_vcc;
|
||||
break;
|
||||
default:
|
||||
|
|
|
@ -552,7 +552,7 @@ static int mpc_send_packet(struct sk_buff *skb, struct net_device *dev)
|
|||
goto non_ip; /* Multi-Protocol Over ATM :-) */
|
||||
|
||||
while (i < mpc->number_of_mps_macs) {
|
||||
if (memcmp(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN), ETH_ALEN) == 0)
|
||||
if (!compare_ether_addr(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN)))
|
||||
if ( send_via_shortcut(skb, mpc) == 0 ) /* try shortcut */
|
||||
return 0; /* success! */
|
||||
i++;
|
||||
|
|
|
@ -75,7 +75,7 @@ static struct bnep_session *__bnep_get_session(u8 *dst)
|
|||
|
||||
list_for_each(p, &bnep_session_list) {
|
||||
s = list_entry(p, struct bnep_session, list);
|
||||
if (!memcmp(dst, s->eh.h_source, ETH_ALEN))
|
||||
if (!compare_ether_addr(dst, s->eh.h_source))
|
||||
return s;
|
||||
}
|
||||
return NULL;
|
||||
|
@ -420,10 +420,10 @@ static inline int bnep_tx_frame(struct bnep_session *s, struct sk_buff *skb)
|
|||
iv[il++] = (struct kvec) { &type, 1 };
|
||||
len++;
|
||||
|
||||
if (!memcmp(eh->h_dest, s->eh.h_source, ETH_ALEN))
|
||||
if (!compare_ether_addr(eh->h_dest, s->eh.h_source))
|
||||
type |= 0x01;
|
||||
|
||||
if (!memcmp(eh->h_source, s->eh.h_dest, ETH_ALEN))
|
||||
if (!compare_ether_addr(eh->h_source, s->eh.h_dest))
|
||||
type |= 0x02;
|
||||
|
||||
if (type)
|
||||
|
|
|
@ -403,7 +403,7 @@ int hci_get_conn_list(void __user *arg)
|
|||
|
||||
size = sizeof(req) + req.conn_num * sizeof(*ci);
|
||||
|
||||
if (!(cl = (void *) kmalloc(size, GFP_KERNEL)))
|
||||
if (!(cl = kmalloc(size, GFP_KERNEL)))
|
||||
return -ENOMEM;
|
||||
|
||||
if (!(hdev = hci_dev_get(req.dev_id))) {
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
#include <linux/netfilter_bridge/ebtables.h>
|
||||
#include <linux/netfilter_bridge/ebt_ip.h>
|
||||
#include <linux/ip.h>
|
||||
#include <net/ip.h>
|
||||
#include <linux/in.h>
|
||||
#include <linux/module.h>
|
||||
|
||||
|
@ -51,6 +52,8 @@ static int ebt_filter_ip(const struct sk_buff *skb, const struct net_device *in,
|
|||
if (!(info->bitmask & EBT_IP_DPORT) &&
|
||||
!(info->bitmask & EBT_IP_SPORT))
|
||||
return EBT_MATCH;
|
||||
if (ntohs(ih->frag_off) & IP_OFFSET)
|
||||
return EBT_NOMATCH;
|
||||
pptr = skb_header_pointer(skb, ih->ihl*4,
|
||||
sizeof(_ports), &_ports);
|
||||
if (pptr == NULL)
|
||||
|
|
|
@ -164,8 +164,8 @@ static int ebt_stp_check(const char *tablename, unsigned int hookmask,
|
|||
if (datalen != len)
|
||||
return -EINVAL;
|
||||
/* Make sure the match only receives stp frames */
|
||||
if (memcmp(e->destmac, bridge_ula, ETH_ALEN) ||
|
||||
memcmp(e->destmsk, msk, ETH_ALEN) || !(e->bitmask & EBT_DESTMAC))
|
||||
if (compare_ether_addr(e->destmac, bridge_ula) ||
|
||||
compare_ether_addr(e->destmsk, msk) || !(e->bitmask & EBT_DESTMAC))
|
||||
return -EINVAL;
|
||||
|
||||
return 0;
|
||||
|
|
|
@ -457,7 +457,7 @@ void divert_frame(struct sk_buff *skb)
|
|||
unsigned char *skb_data_end = skb->data + skb->len;
|
||||
|
||||
/* Packet is already aimed at us, return */
|
||||
if (!memcmp(eth, skb->dev->dev_addr, ETH_ALEN))
|
||||
if (!compare_ether_addr(eth, skb->dev->dev_addr))
|
||||
return;
|
||||
|
||||
/* proto is not IP, do nothing */
|
||||
|
|
|
@ -1506,7 +1506,7 @@ void wireless_spy_update(struct net_device * dev,
|
|||
|
||||
/* Update all records that match */
|
||||
for(i = 0; i < spydata->spy_number; i++)
|
||||
if(!memcmp(address, spydata->spy_address[i], ETH_ALEN)) {
|
||||
if(!compare_ether_addr(address, spydata->spy_address[i])) {
|
||||
memcpy(&(spydata->spy_stat[i]), wstats,
|
||||
sizeof(struct iw_quality));
|
||||
match = i;
|
||||
|
|
|
@ -76,8 +76,8 @@ static struct ieee80211_frag_entry *ieee80211_frag_cache_find(struct
|
|||
|
||||
if (entry->skb != NULL && entry->seq == seq &&
|
||||
(entry->last_frag + 1 == frag || frag == -1) &&
|
||||
memcmp(entry->src_addr, src, ETH_ALEN) == 0 &&
|
||||
memcmp(entry->dst_addr, dst, ETH_ALEN) == 0)
|
||||
!compare_ether_addr(entry->src_addr, src) &&
|
||||
!compare_ether_addr(entry->dst_addr, dst))
|
||||
return entry;
|
||||
}
|
||||
|
||||
|
@ -243,12 +243,12 @@ static int ieee80211_is_eapol_frame(struct ieee80211_device *ieee,
|
|||
/* check that the frame is unicast frame to us */
|
||||
if ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
|
||||
IEEE80211_FCTL_TODS &&
|
||||
memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0 &&
|
||||
memcmp(hdr->addr3, dev->dev_addr, ETH_ALEN) == 0) {
|
||||
!compare_ether_addr(hdr->addr1, dev->dev_addr) &&
|
||||
!compare_ether_addr(hdr->addr3, dev->dev_addr)) {
|
||||
/* ToDS frame with own addr BSSID and DA */
|
||||
} else if ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
|
||||
IEEE80211_FCTL_FROMDS &&
|
||||
memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0) {
|
||||
!compare_ether_addr(hdr->addr1, dev->dev_addr)) {
|
||||
/* FromDS frame with own addr as DA */
|
||||
} else
|
||||
return 0;
|
||||
|
@ -505,7 +505,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
|
|||
if (ieee->iw_mode == IW_MODE_MASTER && !wds &&
|
||||
(fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
|
||||
IEEE80211_FCTL_FROMDS && ieee->stadev
|
||||
&& memcmp(hdr->addr2, ieee->assoc_ap_addr, ETH_ALEN) == 0) {
|
||||
&& !compare_ether_addr(hdr->addr2, ieee->assoc_ap_addr)) {
|
||||
/* Frame from BSSID of the AP for which we are a client */
|
||||
skb->dev = dev = ieee->stadev;
|
||||
stats = hostap_get_stats(dev);
|
||||
|
@ -1231,7 +1231,7 @@ static inline int is_same_network(struct ieee80211_network *src,
|
|||
* as one network */
|
||||
return ((src->ssid_len == dst->ssid_len) &&
|
||||
(src->channel == dst->channel) &&
|
||||
!memcmp(src->bssid, dst->bssid, ETH_ALEN) &&
|
||||
!compare_ether_addr(src->bssid, dst->bssid) &&
|
||||
!memcmp(src->ssid, dst->ssid, src->ssid_len));
|
||||
}
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ obj-y := route.o inetpeer.o protocol.o \
|
|||
tcp.o tcp_input.o tcp_output.o tcp_timer.o tcp_ipv4.o \
|
||||
tcp_minisocks.o tcp_cong.o \
|
||||
datagram.o raw.o udp.o arp.o icmp.o devinet.o af_inet.o igmp.o \
|
||||
sysctl_net_ipv4.o fib_frontend.o fib_semantics.o netfilter.o
|
||||
sysctl_net_ipv4.o fib_frontend.o fib_semantics.o
|
||||
|
||||
obj-$(CONFIG_IP_FIB_HASH) += fib_hash.o
|
||||
obj-$(CONFIG_IP_FIB_TRIE) += fib_trie.o
|
||||
|
@ -28,7 +28,7 @@ obj-$(CONFIG_IP_ROUTE_MULTIPATH_RR) += multipath_rr.o
|
|||
obj-$(CONFIG_IP_ROUTE_MULTIPATH_RANDOM) += multipath_random.o
|
||||
obj-$(CONFIG_IP_ROUTE_MULTIPATH_WRANDOM) += multipath_wrandom.o
|
||||
obj-$(CONFIG_IP_ROUTE_MULTIPATH_DRR) += multipath_drr.o
|
||||
obj-$(CONFIG_NETFILTER) += netfilter/
|
||||
obj-$(CONFIG_NETFILTER) += netfilter.o netfilter/
|
||||
obj-$(CONFIG_IP_VS) += ipvs/
|
||||
obj-$(CONFIG_INET_DIAG) += inet_diag.o
|
||||
obj-$(CONFIG_IP_ROUTE_MULTIPATH_CACHED) += multipath.o
|
||||
|
|
|
@ -1,16 +1,8 @@
|
|||
/* IPv4 specific functions of netfilter core */
|
||||
|
||||
#include <linux/config.h>
|
||||
#ifdef CONFIG_NETFILTER
|
||||
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/netfilter.h>
|
||||
#include <linux/netfilter_ipv4.h>
|
||||
|
||||
#include <linux/ip.h>
|
||||
#include <linux/tcp.h>
|
||||
#include <linux/udp.h>
|
||||
#include <linux/icmp.h>
|
||||
#include <net/route.h>
|
||||
#include <net/xfrm.h>
|
||||
#include <net/ip.h>
|
||||
|
@ -146,5 +138,3 @@ static void fini(void)
|
|||
|
||||
module_init(init);
|
||||
module_exit(fini);
|
||||
|
||||
#endif /* CONFIG_NETFILTER */
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
#include <linux/netfilter.h>
|
||||
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
|
||||
|
||||
unsigned long ip_ct_generic_timeout = 600*HZ;
|
||||
unsigned int ip_ct_generic_timeout = 600*HZ;
|
||||
|
||||
static int generic_pkt_to_tuple(const struct sk_buff *skb,
|
||||
unsigned int dataoff,
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
#include <linux/netfilter_ipv4/ip_conntrack_core.h>
|
||||
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
|
||||
|
||||
unsigned long ip_ct_icmp_timeout = 30*HZ;
|
||||
unsigned int ip_ct_icmp_timeout = 30*HZ;
|
||||
|
||||
#if 0
|
||||
#define DEBUGP printk
|
||||
|
|
|
@ -58,15 +58,15 @@ static const char *sctp_conntrack_names[] = {
|
|||
#define HOURS * 60 MINS
|
||||
#define DAYS * 24 HOURS
|
||||
|
||||
static unsigned long ip_ct_sctp_timeout_closed = 10 SECS;
|
||||
static unsigned long ip_ct_sctp_timeout_cookie_wait = 3 SECS;
|
||||
static unsigned long ip_ct_sctp_timeout_cookie_echoed = 3 SECS;
|
||||
static unsigned long ip_ct_sctp_timeout_established = 5 DAYS;
|
||||
static unsigned long ip_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
|
||||
static unsigned long ip_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
|
||||
static unsigned long ip_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
|
||||
static unsigned int ip_ct_sctp_timeout_closed = 10 SECS;
|
||||
static unsigned int ip_ct_sctp_timeout_cookie_wait = 3 SECS;
|
||||
static unsigned int ip_ct_sctp_timeout_cookie_echoed = 3 SECS;
|
||||
static unsigned int ip_ct_sctp_timeout_established = 5 DAYS;
|
||||
static unsigned int ip_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
|
||||
static unsigned int ip_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
|
||||
static unsigned int ip_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
|
||||
|
||||
static const unsigned long * sctp_timeouts[]
|
||||
static const unsigned int * sctp_timeouts[]
|
||||
= { NULL, /* SCTP_CONNTRACK_NONE */
|
||||
&ip_ct_sctp_timeout_closed, /* SCTP_CONNTRACK_CLOSED */
|
||||
&ip_ct_sctp_timeout_cookie_wait, /* SCTP_CONNTRACK_COOKIE_WAIT */
|
||||
|
|
|
@ -85,21 +85,21 @@ static const char *tcp_conntrack_names[] = {
|
|||
#define HOURS * 60 MINS
|
||||
#define DAYS * 24 HOURS
|
||||
|
||||
unsigned long ip_ct_tcp_timeout_syn_sent = 2 MINS;
|
||||
unsigned long ip_ct_tcp_timeout_syn_recv = 60 SECS;
|
||||
unsigned long ip_ct_tcp_timeout_established = 5 DAYS;
|
||||
unsigned long ip_ct_tcp_timeout_fin_wait = 2 MINS;
|
||||
unsigned long ip_ct_tcp_timeout_close_wait = 60 SECS;
|
||||
unsigned long ip_ct_tcp_timeout_last_ack = 30 SECS;
|
||||
unsigned long ip_ct_tcp_timeout_time_wait = 2 MINS;
|
||||
unsigned long ip_ct_tcp_timeout_close = 10 SECS;
|
||||
unsigned int ip_ct_tcp_timeout_syn_sent = 2 MINS;
|
||||
unsigned int ip_ct_tcp_timeout_syn_recv = 60 SECS;
|
||||
unsigned int ip_ct_tcp_timeout_established = 5 DAYS;
|
||||
unsigned int ip_ct_tcp_timeout_fin_wait = 2 MINS;
|
||||
unsigned int ip_ct_tcp_timeout_close_wait = 60 SECS;
|
||||
unsigned int ip_ct_tcp_timeout_last_ack = 30 SECS;
|
||||
unsigned int ip_ct_tcp_timeout_time_wait = 2 MINS;
|
||||
unsigned int ip_ct_tcp_timeout_close = 10 SECS;
|
||||
|
||||
/* RFC1122 says the R2 limit should be at least 100 seconds.
|
||||
Linux uses 15 packets as limit, which corresponds
|
||||
to ~13-30min depending on RTO. */
|
||||
unsigned long ip_ct_tcp_timeout_max_retrans = 5 MINS;
|
||||
unsigned int ip_ct_tcp_timeout_max_retrans = 5 MINS;
|
||||
|
||||
static const unsigned long * tcp_timeouts[]
|
||||
static const unsigned int * tcp_timeouts[]
|
||||
= { NULL, /* TCP_CONNTRACK_NONE */
|
||||
&ip_ct_tcp_timeout_syn_sent, /* TCP_CONNTRACK_SYN_SENT, */
|
||||
&ip_ct_tcp_timeout_syn_recv, /* TCP_CONNTRACK_SYN_RECV, */
|
||||
|
|
|
@ -19,8 +19,8 @@
|
|||
#include <linux/netfilter_ipv4.h>
|
||||
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
|
||||
|
||||
unsigned long ip_ct_udp_timeout = 30*HZ;
|
||||
unsigned long ip_ct_udp_timeout_stream = 180*HZ;
|
||||
unsigned int ip_ct_udp_timeout = 30*HZ;
|
||||
unsigned int ip_ct_udp_timeout_stream = 180*HZ;
|
||||
|
||||
static int udp_pkt_to_tuple(const struct sk_buff *skb,
|
||||
unsigned int dataoff,
|
||||
|
|
|
@ -544,28 +544,28 @@ extern int ip_conntrack_max;
|
|||
extern unsigned int ip_conntrack_htable_size;
|
||||
|
||||
/* From ip_conntrack_proto_tcp.c */
|
||||
extern unsigned long ip_ct_tcp_timeout_syn_sent;
|
||||
extern unsigned long ip_ct_tcp_timeout_syn_recv;
|
||||
extern unsigned long ip_ct_tcp_timeout_established;
|
||||
extern unsigned long ip_ct_tcp_timeout_fin_wait;
|
||||
extern unsigned long ip_ct_tcp_timeout_close_wait;
|
||||
extern unsigned long ip_ct_tcp_timeout_last_ack;
|
||||
extern unsigned long ip_ct_tcp_timeout_time_wait;
|
||||
extern unsigned long ip_ct_tcp_timeout_close;
|
||||
extern unsigned long ip_ct_tcp_timeout_max_retrans;
|
||||
extern unsigned int ip_ct_tcp_timeout_syn_sent;
|
||||
extern unsigned int ip_ct_tcp_timeout_syn_recv;
|
||||
extern unsigned int ip_ct_tcp_timeout_established;
|
||||
extern unsigned int ip_ct_tcp_timeout_fin_wait;
|
||||
extern unsigned int ip_ct_tcp_timeout_close_wait;
|
||||
extern unsigned int ip_ct_tcp_timeout_last_ack;
|
||||
extern unsigned int ip_ct_tcp_timeout_time_wait;
|
||||
extern unsigned int ip_ct_tcp_timeout_close;
|
||||
extern unsigned int ip_ct_tcp_timeout_max_retrans;
|
||||
extern int ip_ct_tcp_loose;
|
||||
extern int ip_ct_tcp_be_liberal;
|
||||
extern int ip_ct_tcp_max_retrans;
|
||||
|
||||
/* From ip_conntrack_proto_udp.c */
|
||||
extern unsigned long ip_ct_udp_timeout;
|
||||
extern unsigned long ip_ct_udp_timeout_stream;
|
||||
extern unsigned int ip_ct_udp_timeout;
|
||||
extern unsigned int ip_ct_udp_timeout_stream;
|
||||
|
||||
/* From ip_conntrack_proto_icmp.c */
|
||||
extern unsigned long ip_ct_icmp_timeout;
|
||||
extern unsigned int ip_ct_icmp_timeout;
|
||||
|
||||
/* From ip_conntrack_proto_icmp.c */
|
||||
extern unsigned long ip_ct_generic_timeout;
|
||||
extern unsigned int ip_ct_generic_timeout;
|
||||
|
||||
/* Log invalid packets of a given protocol */
|
||||
static int log_invalid_proto_min = 0;
|
||||
|
|
|
@ -148,14 +148,14 @@ pptp_outbound_pkt(struct sk_buff **pskb,
|
|||
{
|
||||
struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info;
|
||||
struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
|
||||
|
||||
u_int16_t msg, *cid = NULL, new_callid;
|
||||
u_int16_t msg, new_callid;
|
||||
unsigned int cid_off;
|
||||
|
||||
new_callid = htons(ct_pptp_info->pns_call_id);
|
||||
|
||||
switch (msg = ntohs(ctlh->messageType)) {
|
||||
case PPTP_OUT_CALL_REQUEST:
|
||||
cid = &pptpReq->ocreq.callID;
|
||||
cid_off = offsetof(union pptp_ctrl_union, ocreq.callID);
|
||||
/* FIXME: ideally we would want to reserve a call ID
|
||||
* here. current netfilter NAT core is not able to do
|
||||
* this :( For now we use TCP source port. This breaks
|
||||
|
@ -172,10 +172,10 @@ pptp_outbound_pkt(struct sk_buff **pskb,
|
|||
ct_pptp_info->pns_call_id = ntohs(new_callid);
|
||||
break;
|
||||
case PPTP_IN_CALL_REPLY:
|
||||
cid = &pptpReq->icreq.callID;
|
||||
cid_off = offsetof(union pptp_ctrl_union, icreq.callID);
|
||||
break;
|
||||
case PPTP_CALL_CLEAR_REQUEST:
|
||||
cid = &pptpReq->clrreq.callID;
|
||||
cid_off = offsetof(union pptp_ctrl_union, clrreq.callID);
|
||||
break;
|
||||
default:
|
||||
DEBUGP("unknown outbound packet 0x%04x:%s\n", msg,
|
||||
|
@ -197,18 +197,15 @@ pptp_outbound_pkt(struct sk_buff **pskb,
|
|||
|
||||
/* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass
|
||||
* down to here */
|
||||
|
||||
IP_NF_ASSERT(cid);
|
||||
|
||||
DEBUGP("altering call id from 0x%04x to 0x%04x\n",
|
||||
ntohs(*cid), ntohs(new_callid));
|
||||
ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_callid));
|
||||
|
||||
/* mangle packet */
|
||||
if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
|
||||
(void *)cid - ((void *)ctlh - sizeof(struct pptp_pkt_hdr)),
|
||||
sizeof(new_callid),
|
||||
(char *)&new_callid,
|
||||
sizeof(new_callid)) == 0)
|
||||
cid_off + sizeof(struct pptp_pkt_hdr) +
|
||||
sizeof(struct PptpControlHeader),
|
||||
sizeof(new_callid), (char *)&new_callid,
|
||||
sizeof(new_callid)) == 0)
|
||||
return NF_DROP;
|
||||
|
||||
return NF_ACCEPT;
|
||||
|
@ -299,31 +296,30 @@ pptp_inbound_pkt(struct sk_buff **pskb,
|
|||
union pptp_ctrl_union *pptpReq)
|
||||
{
|
||||
struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
|
||||
u_int16_t msg, new_cid = 0, new_pcid, *pcid = NULL, *cid = NULL;
|
||||
|
||||
int ret = NF_ACCEPT, rv;
|
||||
u_int16_t msg, new_cid = 0, new_pcid;
|
||||
unsigned int pcid_off, cid_off = 0;
|
||||
|
||||
new_pcid = htons(nat_pptp_info->pns_call_id);
|
||||
|
||||
switch (msg = ntohs(ctlh->messageType)) {
|
||||
case PPTP_OUT_CALL_REPLY:
|
||||
pcid = &pptpReq->ocack.peersCallID;
|
||||
cid = &pptpReq->ocack.callID;
|
||||
pcid_off = offsetof(union pptp_ctrl_union, ocack.peersCallID);
|
||||
cid_off = offsetof(union pptp_ctrl_union, ocack.callID);
|
||||
break;
|
||||
case PPTP_IN_CALL_CONNECT:
|
||||
pcid = &pptpReq->iccon.peersCallID;
|
||||
pcid_off = offsetof(union pptp_ctrl_union, iccon.peersCallID);
|
||||
break;
|
||||
case PPTP_IN_CALL_REQUEST:
|
||||
/* only need to nat in case PAC is behind NAT box */
|
||||
break;
|
||||
return NF_ACCEPT;
|
||||
case PPTP_WAN_ERROR_NOTIFY:
|
||||
pcid = &pptpReq->wanerr.peersCallID;
|
||||
pcid_off = offsetof(union pptp_ctrl_union, wanerr.peersCallID);
|
||||
break;
|
||||
case PPTP_CALL_DISCONNECT_NOTIFY:
|
||||
pcid = &pptpReq->disc.callID;
|
||||
pcid_off = offsetof(union pptp_ctrl_union, disc.callID);
|
||||
break;
|
||||
case PPTP_SET_LINK_INFO:
|
||||
pcid = &pptpReq->setlink.peersCallID;
|
||||
pcid_off = offsetof(union pptp_ctrl_union, setlink.peersCallID);
|
||||
break;
|
||||
|
||||
default:
|
||||
|
@ -345,35 +341,26 @@ pptp_inbound_pkt(struct sk_buff **pskb,
|
|||
* WAN_ERROR_NOTIFY, CALL_DISCONNECT_NOTIFY pass down here */
|
||||
|
||||
/* mangle packet */
|
||||
IP_NF_ASSERT(pcid);
|
||||
DEBUGP("altering peer call id from 0x%04x to 0x%04x\n",
|
||||
ntohs(*pcid), ntohs(new_pcid));
|
||||
|
||||
rv = ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
|
||||
(void *)pcid - ((void *)ctlh - sizeof(struct pptp_pkt_hdr)),
|
||||
sizeof(new_pcid), (char *)&new_pcid,
|
||||
sizeof(new_pcid));
|
||||
if (rv != NF_ACCEPT)
|
||||
return rv;
|
||||
ntohs(*(u_int16_t *)pptpReq + pcid_off), ntohs(new_pcid));
|
||||
|
||||
if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
|
||||
pcid_off + sizeof(struct pptp_pkt_hdr) +
|
||||
sizeof(struct PptpControlHeader),
|
||||
sizeof(new_pcid), (char *)&new_pcid,
|
||||
sizeof(new_pcid)) == 0)
|
||||
return NF_DROP;
|
||||
|
||||
if (new_cid) {
|
||||
IP_NF_ASSERT(cid);
|
||||
DEBUGP("altering call id from 0x%04x to 0x%04x\n",
|
||||
ntohs(*cid), ntohs(new_cid));
|
||||
rv = ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
|
||||
(void *)cid - ((void *)ctlh - sizeof(struct pptp_pkt_hdr)),
|
||||
sizeof(new_cid),
|
||||
(char *)&new_cid,
|
||||
sizeof(new_cid));
|
||||
if (rv != NF_ACCEPT)
|
||||
return rv;
|
||||
ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_cid));
|
||||
if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
|
||||
cid_off + sizeof(struct pptp_pkt_hdr) +
|
||||
sizeof(struct PptpControlHeader),
|
||||
sizeof(new_cid), (char *)&new_cid,
|
||||
sizeof(new_cid)) == 0)
|
||||
return NF_DROP;
|
||||
}
|
||||
|
||||
/* check for earlier return value of 'switch' above */
|
||||
if (ret != NF_ACCEPT)
|
||||
return ret;
|
||||
|
||||
/* great, at least we don't need to resize packets */
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
|
||||
|
|
|
@ -151,42 +151,6 @@ gre_manip_pkt(struct sk_buff **pskb,
|
|||
return 1;
|
||||
}
|
||||
|
||||
/* print out a nat tuple */
|
||||
static unsigned int
|
||||
gre_print(char *buffer,
|
||||
const struct ip_conntrack_tuple *match,
|
||||
const struct ip_conntrack_tuple *mask)
|
||||
{
|
||||
unsigned int len = 0;
|
||||
|
||||
if (mask->src.u.gre.key)
|
||||
len += sprintf(buffer + len, "srckey=0x%x ",
|
||||
ntohl(match->src.u.gre.key));
|
||||
|
||||
if (mask->dst.u.gre.key)
|
||||
len += sprintf(buffer + len, "dstkey=0x%x ",
|
||||
ntohl(match->src.u.gre.key));
|
||||
|
||||
return len;
|
||||
}
|
||||
|
||||
/* print a range of keys */
|
||||
static unsigned int
|
||||
gre_print_range(char *buffer, const struct ip_nat_range *range)
|
||||
{
|
||||
if (range->min.gre.key != 0
|
||||
|| range->max.gre.key != 0xFFFF) {
|
||||
if (range->min.gre.key == range->max.gre.key)
|
||||
return sprintf(buffer, "key 0x%x ",
|
||||
ntohl(range->min.gre.key));
|
||||
else
|
||||
return sprintf(buffer, "keys 0x%u-0x%u ",
|
||||
ntohl(range->min.gre.key),
|
||||
ntohl(range->max.gre.key));
|
||||
} else
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* nat helper struct */
|
||||
static struct ip_nat_protocol gre = {
|
||||
.name = "GRE",
|
||||
|
@ -194,8 +158,6 @@ static struct ip_nat_protocol gre = {
|
|||
.manip_pkt = gre_manip_pkt,
|
||||
.in_range = gre_in_range,
|
||||
.unique_tuple = gre_unique_tuple,
|
||||
.print = gre_print,
|
||||
.print_range = gre_print_range,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
.range_to_nfattr = ip_nat_port_range_to_nfattr,
|
||||
|
|
|
@ -74,38 +74,6 @@ icmp_manip_pkt(struct sk_buff **pskb,
|
|||
return 1;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
icmp_print(char *buffer,
|
||||
const struct ip_conntrack_tuple *match,
|
||||
const struct ip_conntrack_tuple *mask)
|
||||
{
|
||||
unsigned int len = 0;
|
||||
|
||||
if (mask->src.u.icmp.id)
|
||||
len += sprintf(buffer + len, "id=%u ",
|
||||
ntohs(match->src.u.icmp.id));
|
||||
|
||||
if (mask->dst.u.icmp.type)
|
||||
len += sprintf(buffer + len, "type=%u ",
|
||||
ntohs(match->dst.u.icmp.type));
|
||||
|
||||
if (mask->dst.u.icmp.code)
|
||||
len += sprintf(buffer + len, "code=%u ",
|
||||
ntohs(match->dst.u.icmp.code));
|
||||
|
||||
return len;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
icmp_print_range(char *buffer, const struct ip_nat_range *range)
|
||||
{
|
||||
if (range->min.icmp.id != 0 || range->max.icmp.id != 0xFFFF)
|
||||
return sprintf(buffer, "id %u-%u ",
|
||||
ntohs(range->min.icmp.id),
|
||||
ntohs(range->max.icmp.id));
|
||||
else return 0;
|
||||
}
|
||||
|
||||
struct ip_nat_protocol ip_nat_protocol_icmp = {
|
||||
.name = "ICMP",
|
||||
.protonum = IPPROTO_ICMP,
|
||||
|
@ -113,8 +81,6 @@ struct ip_nat_protocol ip_nat_protocol_icmp = {
|
|||
.manip_pkt = icmp_manip_pkt,
|
||||
.in_range = icmp_in_range,
|
||||
.unique_tuple = icmp_unique_tuple,
|
||||
.print = icmp_print,
|
||||
.print_range = icmp_print_range,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
.range_to_nfattr = ip_nat_port_range_to_nfattr,
|
||||
|
|
|
@ -136,40 +136,6 @@ tcp_manip_pkt(struct sk_buff **pskb,
|
|||
return 1;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
tcp_print(char *buffer,
|
||||
const struct ip_conntrack_tuple *match,
|
||||
const struct ip_conntrack_tuple *mask)
|
||||
{
|
||||
unsigned int len = 0;
|
||||
|
||||
if (mask->src.u.tcp.port)
|
||||
len += sprintf(buffer + len, "srcpt=%u ",
|
||||
ntohs(match->src.u.tcp.port));
|
||||
|
||||
|
||||
if (mask->dst.u.tcp.port)
|
||||
len += sprintf(buffer + len, "dstpt=%u ",
|
||||
ntohs(match->dst.u.tcp.port));
|
||||
|
||||
return len;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
tcp_print_range(char *buffer, const struct ip_nat_range *range)
|
||||
{
|
||||
if (range->min.tcp.port != 0 || range->max.tcp.port != 0xFFFF) {
|
||||
if (range->min.tcp.port == range->max.tcp.port)
|
||||
return sprintf(buffer, "port %u ",
|
||||
ntohs(range->min.tcp.port));
|
||||
else
|
||||
return sprintf(buffer, "ports %u-%u ",
|
||||
ntohs(range->min.tcp.port),
|
||||
ntohs(range->max.tcp.port));
|
||||
}
|
||||
else return 0;
|
||||
}
|
||||
|
||||
struct ip_nat_protocol ip_nat_protocol_tcp = {
|
||||
.name = "TCP",
|
||||
.protonum = IPPROTO_TCP,
|
||||
|
@ -177,8 +143,6 @@ struct ip_nat_protocol ip_nat_protocol_tcp = {
|
|||
.manip_pkt = tcp_manip_pkt,
|
||||
.in_range = tcp_in_range,
|
||||
.unique_tuple = tcp_unique_tuple,
|
||||
.print = tcp_print,
|
||||
.print_range = tcp_print_range,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
.range_to_nfattr = ip_nat_port_range_to_nfattr,
|
||||
|
|
|
@ -122,40 +122,6 @@ udp_manip_pkt(struct sk_buff **pskb,
|
|||
return 1;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
udp_print(char *buffer,
|
||||
const struct ip_conntrack_tuple *match,
|
||||
const struct ip_conntrack_tuple *mask)
|
||||
{
|
||||
unsigned int len = 0;
|
||||
|
||||
if (mask->src.u.udp.port)
|
||||
len += sprintf(buffer + len, "srcpt=%u ",
|
||||
ntohs(match->src.u.udp.port));
|
||||
|
||||
|
||||
if (mask->dst.u.udp.port)
|
||||
len += sprintf(buffer + len, "dstpt=%u ",
|
||||
ntohs(match->dst.u.udp.port));
|
||||
|
||||
return len;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
udp_print_range(char *buffer, const struct ip_nat_range *range)
|
||||
{
|
||||
if (range->min.udp.port != 0 || range->max.udp.port != 0xFFFF) {
|
||||
if (range->min.udp.port == range->max.udp.port)
|
||||
return sprintf(buffer, "port %u ",
|
||||
ntohs(range->min.udp.port));
|
||||
else
|
||||
return sprintf(buffer, "ports %u-%u ",
|
||||
ntohs(range->min.udp.port),
|
||||
ntohs(range->max.udp.port));
|
||||
}
|
||||
else return 0;
|
||||
}
|
||||
|
||||
struct ip_nat_protocol ip_nat_protocol_udp = {
|
||||
.name = "UDP",
|
||||
.protonum = IPPROTO_UDP,
|
||||
|
@ -163,8 +129,6 @@ struct ip_nat_protocol ip_nat_protocol_udp = {
|
|||
.manip_pkt = udp_manip_pkt,
|
||||
.in_range = udp_in_range,
|
||||
.unique_tuple = udp_unique_tuple,
|
||||
.print = udp_print,
|
||||
.print_range = udp_print_range,
|
||||
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
|
||||
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
|
||||
.range_to_nfattr = ip_nat_port_range_to_nfattr,
|
||||
|
|
|
@ -46,26 +46,10 @@ unknown_manip_pkt(struct sk_buff **pskb,
|
|||
return 1;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
unknown_print(char *buffer,
|
||||
const struct ip_conntrack_tuple *match,
|
||||
const struct ip_conntrack_tuple *mask)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
unknown_print_range(char *buffer, const struct ip_nat_range *range)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
struct ip_nat_protocol ip_nat_unknown_protocol = {
|
||||
.name = "unknown",
|
||||
/* .me isn't set: getting a ref to this cannot fail. */
|
||||
.manip_pkt = unknown_manip_pkt,
|
||||
.in_range = unknown_in_range,
|
||||
.unique_tuple = unknown_unique_tuple,
|
||||
.print = unknown_print,
|
||||
.print_range = unknown_print_range
|
||||
};
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/if_ether.h>
|
||||
#include <linux/etherdevice.h>
|
||||
|
||||
#include <linux/netfilter_ipv4/ipt_mac.h>
|
||||
#include <linux/netfilter_ipv4/ip_tables.h>
|
||||
|
@ -33,8 +34,8 @@ match(const struct sk_buff *skb,
|
|||
return (skb->mac.raw >= skb->head
|
||||
&& (skb->mac.raw + ETH_HLEN) <= skb->data
|
||||
/* If so, compare... */
|
||||
&& ((memcmp(eth_hdr(skb)->h_source, info->srcaddr, ETH_ALEN)
|
||||
== 0) ^ info->invert));
|
||||
&& ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr))
|
||||
^ info->invert));
|
||||
}
|
||||
|
||||
static int
|
||||
|
|
|
@ -277,7 +277,7 @@ static struct nf_hook_ops ipv4_conntrack_local_in_ops = {
|
|||
|
||||
#ifdef CONFIG_SYSCTL
|
||||
/* From nf_conntrack_proto_icmp.c */
|
||||
extern unsigned long nf_ct_icmp_timeout;
|
||||
extern unsigned int nf_ct_icmp_timeout;
|
||||
static struct ctl_table_header *nf_ct_ipv4_sysctl_header;
|
||||
|
||||
static ctl_table nf_ct_sysctl_table[] = {
|
||||
|
|
|
@ -8,8 +8,7 @@ ipv6-objs := af_inet6.o anycast.o ip6_output.o ip6_input.o addrconf.o sit.o \
|
|||
route.o ip6_fib.o ipv6_sockglue.o ndisc.o udp.o raw.o \
|
||||
protocol.o icmp.o mcast.o reassembly.o tcp_ipv6.o \
|
||||
exthdrs.o sysctl_net_ipv6.o datagram.o proc.o \
|
||||
ip6_flowlabel.o ipv6_syms.o netfilter.o \
|
||||
inet6_connection_sock.o
|
||||
ip6_flowlabel.o ipv6_syms.o inet6_connection_sock.o
|
||||
|
||||
ipv6-$(CONFIG_XFRM) += xfrm6_policy.o xfrm6_state.o xfrm6_input.o \
|
||||
xfrm6_output.o
|
||||
|
@ -19,7 +18,7 @@ obj-$(CONFIG_INET6_AH) += ah6.o
|
|||
obj-$(CONFIG_INET6_ESP) += esp6.o
|
||||
obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o
|
||||
obj-$(CONFIG_INET6_TUNNEL) += xfrm6_tunnel.o
|
||||
obj-$(CONFIG_NETFILTER) += netfilter/
|
||||
obj-$(CONFIG_NETFILTER) += netfilter.o netfilter/
|
||||
|
||||
obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o
|
||||
|
||||
|
|
|
@ -1,9 +1,5 @@
|
|||
#include <linux/config.h>
|
||||
#include <linux/init.h>
|
||||
|
||||
#ifdef CONFIG_NETFILTER
|
||||
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/init.h>
|
||||
#include <linux/ipv6.h>
|
||||
#include <linux/netfilter.h>
|
||||
#include <linux/netfilter_ipv6.h>
|
||||
|
@ -94,18 +90,7 @@ int __init ipv6_netfilter_init(void)
|
|||
return nf_register_queue_rerouter(PF_INET6, &ip6_reroute);
|
||||
}
|
||||
|
||||
void ipv6_netfilter_fini(void)
|
||||
void __exit ipv6_netfilter_fini(void)
|
||||
{
|
||||
nf_unregister_queue_rerouter(PF_INET6);
|
||||
}
|
||||
|
||||
#else /* CONFIG_NETFILTER */
|
||||
int __init ipv6_netfilter_init(void)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
void ipv6_netfilter_fini(void)
|
||||
{
|
||||
}
|
||||
#endif /* CONFIG_NETFILTER */
|
||||
|
|
|
@ -34,8 +34,8 @@ match(const struct sk_buff *skb,
|
|||
return (skb->mac.raw >= skb->head
|
||||
&& (skb->mac.raw + ETH_HLEN) <= skb->data
|
||||
/* If so, compare... */
|
||||
&& ((memcmp(eth_hdr(skb)->h_source, info->srcaddr, ETH_ALEN)
|
||||
== 0) ^ info->invert));
|
||||
&& ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr))
|
||||
^ info->invert));
|
||||
}
|
||||
|
||||
static int
|
||||
|
|
|
@ -335,10 +335,10 @@ static struct nf_hook_ops ipv6_conntrack_local_in_ops = {
|
|||
#ifdef CONFIG_SYSCTL
|
||||
|
||||
/* From nf_conntrack_proto_icmpv6.c */
|
||||
extern unsigned long nf_ct_icmpv6_timeout;
|
||||
extern unsigned int nf_ct_icmpv6_timeout;
|
||||
|
||||
/* From nf_conntrack_frag6.c */
|
||||
extern unsigned long nf_ct_frag6_timeout;
|
||||
extern unsigned int nf_ct_frag6_timeout;
|
||||
extern unsigned int nf_ct_frag6_low_thresh;
|
||||
extern unsigned int nf_ct_frag6_high_thresh;
|
||||
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
#include <linux/netfilter.h>
|
||||
#include <net/netfilter/nf_conntrack_protocol.h>
|
||||
|
||||
unsigned long nf_ct_generic_timeout = 600*HZ;
|
||||
unsigned int nf_ct_generic_timeout = 600*HZ;
|
||||
|
||||
static int generic_pkt_to_tuple(const struct sk_buff *skb,
|
||||
unsigned int dataoff,
|
||||
|
|
|
@ -62,15 +62,15 @@ static const char *sctp_conntrack_names[] = {
|
|||
#define HOURS * 60 MINS
|
||||
#define DAYS * 24 HOURS
|
||||
|
||||
static unsigned long nf_ct_sctp_timeout_closed = 10 SECS;
|
||||
static unsigned long nf_ct_sctp_timeout_cookie_wait = 3 SECS;
|
||||
static unsigned long nf_ct_sctp_timeout_cookie_echoed = 3 SECS;
|
||||
static unsigned long nf_ct_sctp_timeout_established = 5 DAYS;
|
||||
static unsigned long nf_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
|
||||
static unsigned long nf_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
|
||||
static unsigned long nf_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
|
||||
static unsigned int nf_ct_sctp_timeout_closed = 10 SECS;
|
||||
static unsigned int nf_ct_sctp_timeout_cookie_wait = 3 SECS;
|
||||
static unsigned int nf_ct_sctp_timeout_cookie_echoed = 3 SECS;
|
||||
static unsigned int nf_ct_sctp_timeout_established = 5 DAYS;
|
||||
static unsigned int nf_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
|
||||
static unsigned int nf_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
|
||||
static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
|
||||
|
||||
static unsigned long * sctp_timeouts[]
|
||||
static unsigned int * sctp_timeouts[]
|
||||
= { NULL, /* SCTP_CONNTRACK_NONE */
|
||||
&nf_ct_sctp_timeout_closed, /* SCTP_CONNTRACK_CLOSED */
|
||||
&nf_ct_sctp_timeout_cookie_wait, /* SCTP_CONNTRACK_COOKIE_WAIT */
|
||||
|
|
|
@ -93,21 +93,21 @@ static const char *tcp_conntrack_names[] = {
|
|||
#define HOURS * 60 MINS
|
||||
#define DAYS * 24 HOURS
|
||||
|
||||
unsigned long nf_ct_tcp_timeout_syn_sent = 2 MINS;
|
||||
unsigned long nf_ct_tcp_timeout_syn_recv = 60 SECS;
|
||||
unsigned long nf_ct_tcp_timeout_established = 5 DAYS;
|
||||
unsigned long nf_ct_tcp_timeout_fin_wait = 2 MINS;
|
||||
unsigned long nf_ct_tcp_timeout_close_wait = 60 SECS;
|
||||
unsigned long nf_ct_tcp_timeout_last_ack = 30 SECS;
|
||||
unsigned long nf_ct_tcp_timeout_time_wait = 2 MINS;
|
||||
unsigned long nf_ct_tcp_timeout_close = 10 SECS;
|
||||
unsigned int nf_ct_tcp_timeout_syn_sent = 2 MINS;
|
||||
unsigned int nf_ct_tcp_timeout_syn_recv = 60 SECS;
|
||||
unsigned int nf_ct_tcp_timeout_established = 5 DAYS;
|
||||
unsigned int nf_ct_tcp_timeout_fin_wait = 2 MINS;
|
||||
unsigned int nf_ct_tcp_timeout_close_wait = 60 SECS;
|
||||
unsigned int nf_ct_tcp_timeout_last_ack = 30 SECS;
|
||||
unsigned int nf_ct_tcp_timeout_time_wait = 2 MINS;
|
||||
unsigned int nf_ct_tcp_timeout_close = 10 SECS;
|
||||
|
||||
/* RFC1122 says the R2 limit should be at least 100 seconds.
|
||||
Linux uses 15 packets as limit, which corresponds
|
||||
to ~13-30min depending on RTO. */
|
||||
unsigned long nf_ct_tcp_timeout_max_retrans = 5 MINS;
|
||||
unsigned int nf_ct_tcp_timeout_max_retrans = 5 MINS;
|
||||
|
||||
static unsigned long * tcp_timeouts[]
|
||||
static unsigned int * tcp_timeouts[]
|
||||
= { NULL, /* TCP_CONNTRACK_NONE */
|
||||
&nf_ct_tcp_timeout_syn_sent, /* TCP_CONNTRACK_SYN_SENT, */
|
||||
&nf_ct_tcp_timeout_syn_recv, /* TCP_CONNTRACK_SYN_RECV, */
|
||||
|
|
|
@ -27,8 +27,8 @@
|
|||
#include <linux/netfilter_ipv6.h>
|
||||
#include <net/netfilter/nf_conntrack_protocol.h>
|
||||
|
||||
unsigned long nf_ct_udp_timeout = 30*HZ;
|
||||
unsigned long nf_ct_udp_timeout_stream = 180*HZ;
|
||||
unsigned int nf_ct_udp_timeout = 30*HZ;
|
||||
unsigned int nf_ct_udp_timeout_stream = 180*HZ;
|
||||
|
||||
static int udp_pkt_to_tuple(const struct sk_buff *skb,
|
||||
unsigned int dataoff,
|
||||
|
|
|
@ -431,25 +431,25 @@ extern int nf_conntrack_max;
|
|||
extern unsigned int nf_conntrack_htable_size;
|
||||
|
||||
/* From nf_conntrack_proto_tcp.c */
|
||||
extern unsigned long nf_ct_tcp_timeout_syn_sent;
|
||||
extern unsigned long nf_ct_tcp_timeout_syn_recv;
|
||||
extern unsigned long nf_ct_tcp_timeout_established;
|
||||
extern unsigned long nf_ct_tcp_timeout_fin_wait;
|
||||
extern unsigned long nf_ct_tcp_timeout_close_wait;
|
||||
extern unsigned long nf_ct_tcp_timeout_last_ack;
|
||||
extern unsigned long nf_ct_tcp_timeout_time_wait;
|
||||
extern unsigned long nf_ct_tcp_timeout_close;
|
||||
extern unsigned long nf_ct_tcp_timeout_max_retrans;
|
||||
extern unsigned int nf_ct_tcp_timeout_syn_sent;
|
||||
extern unsigned int nf_ct_tcp_timeout_syn_recv;
|
||||
extern unsigned int nf_ct_tcp_timeout_established;
|
||||
extern unsigned int nf_ct_tcp_timeout_fin_wait;
|
||||
extern unsigned int nf_ct_tcp_timeout_close_wait;
|
||||
extern unsigned int nf_ct_tcp_timeout_last_ack;
|
||||
extern unsigned int nf_ct_tcp_timeout_time_wait;
|
||||
extern unsigned int nf_ct_tcp_timeout_close;
|
||||
extern unsigned int nf_ct_tcp_timeout_max_retrans;
|
||||
extern int nf_ct_tcp_loose;
|
||||
extern int nf_ct_tcp_be_liberal;
|
||||
extern int nf_ct_tcp_max_retrans;
|
||||
|
||||
/* From nf_conntrack_proto_udp.c */
|
||||
extern unsigned long nf_ct_udp_timeout;
|
||||
extern unsigned long nf_ct_udp_timeout_stream;
|
||||
extern unsigned int nf_ct_udp_timeout;
|
||||
extern unsigned int nf_ct_udp_timeout_stream;
|
||||
|
||||
/* From nf_conntrack_proto_generic.c */
|
||||
extern unsigned long nf_ct_generic_timeout;
|
||||
extern unsigned int nf_ct_generic_timeout;
|
||||
|
||||
/* Log invalid packets of a given protocol */
|
||||
static int log_invalid_proto_min = 0;
|
||||
|
|
|
@ -1422,7 +1422,7 @@ static int netlink_rcv_skb(struct sk_buff *skb, int (*cb)(struct sk_buff *,
|
|||
while (skb->len >= nlmsg_total_size(0)) {
|
||||
nlh = (struct nlmsghdr *) skb->data;
|
||||
|
||||
if (skb->len < nlh->nlmsg_len)
|
||||
if (nlh->nlmsg_len < NLMSG_HDRLEN || skb->len < nlh->nlmsg_len)
|
||||
return 0;
|
||||
|
||||
total_len = min(NLMSG_ALIGN(nlh->nlmsg_len), skb->len);
|
||||
|
|
|
@ -220,6 +220,7 @@ int rxrpc_connection_lookup(struct rxrpc_peer *peer,
|
|||
{
|
||||
struct rxrpc_connection *conn, *candidate = NULL;
|
||||
struct list_head *_p;
|
||||
struct sk_buff *pkt = msg->pkt;
|
||||
int ret, fresh = 0;
|
||||
__be32 x_epoch, x_connid;
|
||||
__be16 x_port, x_servid;
|
||||
|
@ -229,10 +230,10 @@ int rxrpc_connection_lookup(struct rxrpc_peer *peer,
|
|||
_enter("%p{{%hu}},%u,%hu",
|
||||
peer,
|
||||
peer->trans->port,
|
||||
ntohs(msg->pkt->h.uh->source),
|
||||
ntohs(pkt->h.uh->source),
|
||||
ntohs(msg->hdr.serviceId));
|
||||
|
||||
x_port = msg->pkt->h.uh->source;
|
||||
x_port = pkt->h.uh->source;
|
||||
x_epoch = msg->hdr.epoch;
|
||||
x_clflag = msg->hdr.flags & RXRPC_CLIENT_INITIATED;
|
||||
x_connid = htonl(ntohl(msg->hdr.cid) & RXRPC_CIDMASK);
|
||||
|
@ -267,7 +268,7 @@ int rxrpc_connection_lookup(struct rxrpc_peer *peer,
|
|||
/* fill in the specifics */
|
||||
candidate->addr.sin_family = AF_INET;
|
||||
candidate->addr.sin_port = x_port;
|
||||
candidate->addr.sin_addr.s_addr = msg->pkt->nh.iph->saddr;
|
||||
candidate->addr.sin_addr.s_addr = pkt->nh.iph->saddr;
|
||||
candidate->in_epoch = x_epoch;
|
||||
candidate->out_epoch = x_epoch;
|
||||
candidate->in_clientflag = RXRPC_CLIENT_INITIATED;
|
||||
|
@ -675,6 +676,7 @@ int rxrpc_conn_receive_call_packet(struct rxrpc_connection *conn,
|
|||
struct rxrpc_message *msg)
|
||||
{
|
||||
struct rxrpc_message *pmsg;
|
||||
struct dst_entry *dst;
|
||||
struct list_head *_p;
|
||||
unsigned cix, seq;
|
||||
int ret = 0;
|
||||
|
@ -710,10 +712,10 @@ int rxrpc_conn_receive_call_packet(struct rxrpc_connection *conn,
|
|||
|
||||
call->pkt_rcv_count++;
|
||||
|
||||
if (msg->pkt->dst && msg->pkt->dst->dev)
|
||||
dst = msg->pkt->dst;
|
||||
if (dst && dst->dev)
|
||||
conn->peer->if_mtu =
|
||||
msg->pkt->dst->dev->mtu -
|
||||
msg->pkt->dst->dev->hard_header_len;
|
||||
dst->dev->mtu - dst->dev->hard_header_len;
|
||||
|
||||
/* queue on the call in seq order */
|
||||
rxrpc_get_message(msg);
|
||||
|
|
|
@ -166,8 +166,8 @@ svc_create_thread(svc_thread_fn func, struct svc_serv *serv)
|
|||
memset(rqstp, 0, sizeof(*rqstp));
|
||||
init_waitqueue_head(&rqstp->rq_wait);
|
||||
|
||||
if (!(rqstp->rq_argp = (u32 *) kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|
||||
|| !(rqstp->rq_resp = (u32 *) kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|
||||
if (!(rqstp->rq_argp = kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|
||||
|| !(rqstp->rq_resp = kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|
||||
|| !svc_init_buffer(rqstp, serv->sv_bufsz))
|
||||
goto out_thread;
|
||||
|
||||
|
|
Loading…
Reference in New Issue