summaryrefslogtreecommitdiffstats
path: root/br-nf-bds
diff options
context:
space:
mode:
authorBart De Schuymer <bdschuym@pandora.be>2002-10-19 14:29:53 +0000
committerBart De Schuymer <bdschuym@pandora.be>2002-10-19 14:29:53 +0000
commit435b14632a66d54f1aee4602b26f365b58aec518 (patch)
treedeb57a4c54fbae66356e0475166ba599f00a78a8 /br-nf-bds
parentc402ff5bbfe31c66bfe3a0910e03b103c2181510 (diff)
update to use nf_bridge
Diffstat (limited to 'br-nf-bds')
-rw-r--r--br-nf-bds/linux2.5/net/core/netfilter.c12
-rw-r--r--br-nf-bds/linux2.5/net/core/skbuff.c14
-rw-r--r--br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c16
-rw-r--r--br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c15
4 files changed, 35 insertions, 22 deletions
diff --git a/br-nf-bds/linux2.5/net/core/netfilter.c b/br-nf-bds/linux2.5/net/core/netfilter.c
index 198dad6..00ea7f9 100644
--- a/br-nf-bds/linux2.5/net/core/netfilter.c
+++ b/br-nf-bds/linux2.5/net/core/netfilter.c
@@ -418,8 +418,8 @@ static void nf_queue(struct sk_buff *skb,
{
int status;
struct nf_info *info;
- struct net_device *physindev;
- struct net_device *physoutdev;
+ struct net_device *physindev = NULL;
+ struct net_device *physoutdev = NULL;
if (!queue_handler[pf].outfn) {
kfree_skb(skb);
@@ -442,8 +442,12 @@ static void nf_queue(struct sk_buff *skb,
if (indev) dev_hold(indev);
if (outdev) dev_hold(outdev);
- if ((physindev = skb->physindev)) dev_hold(physindev);
- if ((physoutdev = skb->physoutdev)) dev_hold(physoutdev);
+ if (skb->nf_bridge) {
+ physindev = skb->nf_bridge->physindev;
+ if (physindev) dev_hold(physindev);
+ physoutdev = skb->nf_bridge->physoutdev;
+ if (physoutdev) dev_hold(physoutdev);
+ }
status = queue_handler[pf].outfn(skb, info, queue_handler[pf].data);
if (status < 0) {
diff --git a/br-nf-bds/linux2.5/net/core/skbuff.c b/br-nf-bds/linux2.5/net/core/skbuff.c
index 8b78a66..fb9fdf8 100644
--- a/br-nf-bds/linux2.5/net/core/skbuff.c
+++ b/br-nf-bds/linux2.5/net/core/skbuff.c
@@ -4,7 +4,7 @@
* Authors: Alan Cox <iiitac@pyr.swan.ac.uk>
* Florian La Roche <rzsfl@rz.uni-sb.de>
*
- * Version: $Id: skbuff.c,v 1.4 2002/09/18 20:29:33 bdschuym Exp $
+ * Version: $Id: skbuff.c,v 1.5 2002/10/19 14:30:25 bdschuym Exp $
*
* Fixes:
* Alan Cox : Fixed the worst of the load
@@ -234,8 +234,6 @@ static inline void skb_headerinit(void *p, kmem_cache_t *cache,
skb->sk = NULL;
skb->stamp.tv_sec = 0; /* No idea about time */
skb->dev = NULL;
- skb->physindev = NULL;
- skb->physoutdev = NULL;
skb->dst = NULL;
memset(skb->cb, 0, sizeof(skb->cb));
skb->pkt_type = PACKET_HOST; /* Default type */
@@ -250,6 +248,7 @@ static inline void skb_headerinit(void *p, kmem_cache_t *cache,
#ifdef CONFIG_NETFILTER_DEBUG
skb->nf_debug = 0;
#endif
+ skb->nf_bridge = NULL;
#endif
#ifdef CONFIG_NET_SCHED
skb->tc_index = 0;
@@ -329,6 +328,7 @@ void __kfree_skb(struct sk_buff *skb)
}
#ifdef CONFIG_NETFILTER
nf_conntrack_put(skb->nfct);
+ nf_bridge_put(skb->nf_bridge);
#endif
skb_headerinit(skb, NULL, 0); /* clean state */
kfree_skbmem(skb);
@@ -365,8 +365,6 @@ struct sk_buff *skb_clone(struct sk_buff *skb, int gfp_mask)
n->sk = NULL;
C(stamp);
C(dev);
- C(physindev);
- C(physoutdev);
C(h);
C(nh);
C(mac);
@@ -396,6 +394,7 @@ struct sk_buff *skb_clone(struct sk_buff *skb, int gfp_mask)
#ifdef CONFIG_NETFILTER_DEBUG
C(nf_debug);
#endif
+ C(nf_bridge);
#endif /*CONFIG_NETFILTER*/
#if defined(CONFIG_HIPPI)
C(private);
@@ -408,6 +407,7 @@ struct sk_buff *skb_clone(struct sk_buff *skb, int gfp_mask)
skb->cloned = 1;
#ifdef CONFIG_NETFILTER
nf_conntrack_get(skb->nfct);
+ nf_bridge_get(skb->nf_bridge);
#endif
return n;
}
@@ -422,8 +422,6 @@ static void copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
new->list = NULL;
new->sk = NULL;
new->dev = old->dev;
- new->physindev = old->physindev;
- new->physoutdev = old->physoutdev;
new->priority = old->priority;
new->protocol = old->protocol;
new->dst = dst_clone(old->dst);
@@ -444,6 +442,8 @@ static void copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
#ifdef CONFIG_NETFILTER_DEBUG
new->nf_debug = old->nf_debug;
#endif
+ new->nf_bridge = old->nf_bridge;
+ nf_bridge_get(new->nf_bridge);
#endif
#ifdef CONFIG_NET_SCHED
new->tc_index = old->tc_index;
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
index fb50fc0..4f59e30 100644
--- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
+++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
@@ -68,10 +68,7 @@ static DECLARE_MUTEX(ipt_mutex);
#define inline
#endif
-/* Locking is simple: we assume at worst case there will be one packet
- in user context and one from bottom halves (or soft irq if Alexey's
- softnet patch was applied).
-
+/*
We keep a set of rules for each CPU, so we can avoid write-locking
them in the softirq when updating the counters and therefore
only need to read-lock in the softirq; doing a write_lock_bh() in user
@@ -295,8 +292,15 @@ ipt_do_table(struct sk_buff **pskb,
datalen = (*pskb)->len - ip->ihl * 4;
indev = in ? in->name : nulldevname;
outdev = out ? out->name : nulldevname;
- physindev = (*pskb)->physindev ? (*pskb)->physindev->name : nulldevname;
- physoutdev = (*pskb)->physoutdev ? (*pskb)->physoutdev->name : nulldevname;
+ if ((*pskb)->nf_bridge) {
+ physindev = (*pskb)->nf_bridge->physindev ?
+ (*pskb)->nf_bridge->physindev->name : nulldevname;
+ physoutdev = (*pskb)->nf_bridge->physoutdev ?
+ (*pskb)->nf_bridge->physoutdev->name : nulldevname;
+ } else {
+ physindev = nulldevname;
+ physoutdev = nulldevname;
+ }
/* We handle fragments by dealing with the first fragment as
* if it was a normal packet. All other fragments are treated
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
index 48bb12f..07bc0e4 100644
--- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
+++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
@@ -286,11 +286,16 @@ ipt_log_target(struct sk_buff **pskb,
spin_lock_bh(&log_lock);
printk(level_string);
printk("%sIN=%s ", loginfo->prefix, in ? in->name : "");
- if ((*pskb)->physindev && in != (*pskb)->physindev)
- printk("PHYSIN=%s ", (*pskb)->physindev->name);
- printk("OUT=%s ", out ? out->name : "");
- if ((*pskb)->physoutdev && out != (*pskb)->physoutdev)
- printk("PHYSOUT=%s ", (*pskb)->physoutdev->name);
+ if ((*pskb)->nf_bridge) {
+ struct net_device *physindev = (*pskb)->nf_bridge->physindev;
+ struct net_device *physoutdev = (*pskb)->nf_bridge->physoutdev;
+
+ if (physindev && in != physindev)
+ printk("PHYSIN=%s ", physindev->name);
+ printk("OUT=%s ", out ? out->name : "");
+ if (physoutdev && out != physoutdev)
+ printk("PHYSOUT=%s ", physoutdev->name);
+ }
if (in && !out) {
/* MAC logging for input chain only. */