diff options
| author | Bart De Schuymer <bdschuym@pandora.be> | 2002-10-19 14:29:53 +0000 |
|---|---|---|
| committer | Bart De Schuymer <bdschuym@pandora.be> | 2002-10-19 14:29:53 +0000 |
| commit | 435b14632a66d54f1aee4602b26f365b58aec518 (patch) | |
| tree | deb57a4c54fbae66356e0475166ba599f00a78a8 /br-nf-bds/linux2.5/net/ipv4/netfilter | |
| parent | c402ff5bbfe31c66bfe3a0910e03b103c2181510 (diff) | |
update to use nf_bridge
Diffstat (limited to 'br-nf-bds/linux2.5/net/ipv4/netfilter')
| -rw-r--r-- | br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c | 16 | ||||
| -rw-r--r-- | br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c | 15 |
2 files changed, 20 insertions, 11 deletions
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c index fb50fc0..4f59e30 100644 --- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c +++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c @@ -68,10 +68,7 @@ static DECLARE_MUTEX(ipt_mutex); #define inline #endif -/* Locking is simple: we assume at worst case there will be one packet - in user context and one from bottom halves (or soft irq if Alexey's - softnet patch was applied). - +/* We keep a set of rules for each CPU, so we can avoid write-locking them in the softirq when updating the counters and therefore only need to read-lock in the softirq; doing a write_lock_bh() in user @@ -295,8 +292,15 @@ ipt_do_table(struct sk_buff **pskb, datalen = (*pskb)->len - ip->ihl * 4; indev = in ? in->name : nulldevname; outdev = out ? out->name : nulldevname; - physindev = (*pskb)->physindev ? (*pskb)->physindev->name : nulldevname; - physoutdev = (*pskb)->physoutdev ? (*pskb)->physoutdev->name : nulldevname; + if ((*pskb)->nf_bridge) { + physindev = (*pskb)->nf_bridge->physindev ? + (*pskb)->nf_bridge->physindev->name : nulldevname; + physoutdev = (*pskb)->nf_bridge->physoutdev ? + (*pskb)->nf_bridge->physoutdev->name : nulldevname; + } else { + physindev = nulldevname; + physoutdev = nulldevname; + } /* We handle fragments by dealing with the first fragment as * if it was a normal packet. All other fragments are treated diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c index 48bb12f..07bc0e4 100644 --- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c +++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c @@ -286,11 +286,16 @@ ipt_log_target(struct sk_buff **pskb, spin_lock_bh(&log_lock); printk(level_string); printk("%sIN=%s ", loginfo->prefix, in ? in->name : ""); - if ((*pskb)->physindev && in != (*pskb)->physindev) - printk("PHYSIN=%s ", (*pskb)->physindev->name); - printk("OUT=%s ", out ? out->name : ""); - if ((*pskb)->physoutdev && out != (*pskb)->physoutdev) - printk("PHYSOUT=%s ", (*pskb)->physoutdev->name); + if ((*pskb)->nf_bridge) { + struct net_device *physindev = (*pskb)->nf_bridge->physindev; + struct net_device *physoutdev = (*pskb)->nf_bridge->physoutdev; + + if (physindev && in != physindev) + printk("PHYSIN=%s ", physindev->name); + printk("OUT=%s ", out ? out->name : ""); + if (physoutdev && out != physoutdev) + printk("PHYSOUT=%s ", physoutdev->name); + } if (in && !out) { /* MAC logging for input chain only. */ |