summaryrefslogtreecommitdiffstats
path: root/kernel/linux/net/bridge/netfilter/ebt_mark.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/linux/net/bridge/netfilter/ebt_mark.c')
-rw-r--r--kernel/linux/net/bridge/netfilter/ebt_mark.c27
1 files changed, 10 insertions, 17 deletions
diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark.c b/kernel/linux/net/bridge/netfilter/ebt_mark.c
index 75edcf7..0abb169 100644
--- a/kernel/linux/net/bridge/netfilter/ebt_mark.c
+++ b/kernel/linux/net/bridge/netfilter/ebt_mark.c
@@ -1,5 +1,5 @@
/*
- * ebt_mark_t
+ * ebt_mark
*
* Authors:
* Bart De Schuymer <bart.de.schuymer@pandora.be>
@@ -11,42 +11,35 @@
// The mark target can be used in any chain
// I believe adding a mangle table just for marking is total overkill
// Marking a frame doesn't really change anything in the frame anyway
-// The target member of the struct ebt_vlan_info provides the same
-// functionality as a separate table
#include <linux/netfilter_bridge/ebtables.h>
#include <linux/netfilter_bridge/ebt_mark_t.h>
-#include <linux/netfilter_bridge.h>
-#include <linux/skbuff.h>
#include <linux/module.h>
-#include <net/sock.h>
-#include "../br_private.h"
static int ebt_target_mark(struct sk_buff **pskb, unsigned int hooknr,
const struct net_device *in, const struct net_device *out,
const void *data, unsigned int datalen)
{
- struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data;
+ struct ebt_mark_t_info *info = (struct ebt_mark_t_info *)data;
- if ((*pskb)->nfmark != infostuff->mark) {
- (*pskb)->nfmark = infostuff->mark;
+ if ((*pskb)->nfmark != info->mark) {
+ (*pskb)->nfmark = info->mark;
(*pskb)->nfcache |= NFC_ALTERED;
}
- return infostuff->target;
+ return info->target;
}
static int ebt_target_mark_check(const char *tablename, unsigned int hookmask,
const struct ebt_entry *e, void *data, unsigned int datalen)
{
- struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data;
+ struct ebt_mark_t_info *info = (struct ebt_mark_t_info *)data;
- if ((hookmask & (1 << NF_BR_NUMHOOKS)) &&
- infostuff->target == EBT_RETURN)
- return -EINVAL;
- hookmask &= ~(1 << NF_BR_NUMHOOKS);
if (datalen != sizeof(struct ebt_mark_t_info))
return -EINVAL;
- if (infostuff->target < -NUM_STANDARD_TARGETS || infostuff->target >= 0)
+ if (BASE_CHAIN && info->target == EBT_RETURN)
+ return -EINVAL;
+ CLEAR_BASE_CHAIN_BIT;
+ if (INVALID_TARGET)
return -EINVAL;
return 0;
}