openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

netfilter: Pass nf_hook_state through arpt_do_table(). 

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2015-04-03 21:18:46 -04:00
parent 073bfd5686
commit b85c3dc9bd
3 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/linux/netfilter_arp/arp_tables.h
View File

@ -54,8 +54,7 @@ extern struct xt_table *arpt_register_table(struct net *net,
extern void arpt_unregister_table(struct xt_table *table); extern void arpt_unregister_table(struct xt_table *table);
extern unsigned int arpt_do_table(struct sk_buff *skb, extern unsigned int arpt_do_table(struct sk_buff *skb,
unsigned int hook, unsigned int hook,
const struct net_device *in, const struct nf_hook_state *state,
const struct net_device *out,
struct xt_table *table); struct xt_table *table);
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT

11
net/ipv4/netfilter/arp_tables.c
View File

@ -248,8 +248,7 @@ struct arpt_entry *arpt_next_entry(const struct arpt_entry *entry)
unsigned int arpt_do_table(struct sk_buff *skb, unsigned int arpt_do_table(struct sk_buff *skb,
unsigned int hook, unsigned int hook,
const struct net_device *in, const struct nf_hook_state *state,
const struct net_device *out,
struct xt_table *table) struct xt_table *table)
{ {
static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long))));
@ -265,8 +264,8 @@ unsigned int arpt_do_table(struct sk_buff *skb,
if (!pskb_may_pull(skb, arp_hdr_len(skb->dev))) if (!pskb_may_pull(skb, arp_hdr_len(skb->dev)))
return NF_DROP; return NF_DROP;
indev = in ? in->name : nulldevname; indev = state->in ? state->in->name : nulldevname;
outdev = out ? out->name : nulldevname; outdev = state->out ? state->out->name : nulldevname;
local_bh_disable(); local_bh_disable();
addend = xt_write_recseq_begin(); addend = xt_write_recseq_begin();
@ -281,8 +280,8 @@ unsigned int arpt_do_table(struct sk_buff *skb,
e = get_entry(table_base, private->hook_entry[hook]); e = get_entry(table_base, private->hook_entry[hook]);
back = get_entry(table_base, private->underflow[hook]); back = get_entry(table_base, private->underflow[hook]);
acpar.in = in; acpar.in = state->in;
acpar.out = out; acpar.out = state->out;
acpar.hooknum = hook; acpar.hooknum = hook;
acpar.family = NFPROTO_ARP; acpar.family = NFPROTO_ARP;
acpar.hotdrop = false; acpar.hotdrop = false;

2
net/ipv4/netfilter/arptable_filter.c
View File

@ -32,7 +32,7 @@ arptable_filter_hook(const struct nf_hook_ops *ops, struct sk_buff *skb,
{ {
const struct net *net = dev_net(state->in ? state->in : state->out); const struct net *net = dev_net(state->in ? state->in : state->out);
return arpt_do_table(skb, ops->hooknum, state->in, state->out, return arpt_do_table(skb, ops->hooknum, state,
net->ipv4.arptable_filter); net->ipv4.arptable_filter);
} }