From 5fbc5c35b3aee288f523ad06505c0035fc36f023 Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Sat, 24 Aug 2002 08:42:37 +0000 Subject: update to 2.4.20-pre4 --- br-nf-bds/linux/net/Config.in | 27 +++++++++++++++------ br-nf-bds/linux/net/bridge/Makefile | 6 +++++ br-nf-bds/linux/net/bridge/br.c | 15 +++++++++++- br-nf-bds/linux/net/bridge/br_forward.c | 8 ++----- br-nf-bds/linux/net/bridge/br_input.c | 23 ++++++++++++++---- br-nf-bds/linux/net/bridge/br_netfilter.c | 2 +- br-nf-bds/linux/net/bridge/br_private.h | 12 +++++----- br-nf-bds/linux/net/core/netfilter.c | 3 +-- br-nf-bds/linux/net/core/skbuff.c | 4 ++-- br-nf-bds/linux/net/ipv4/ip_output.c | 33 +++++++++++++++++--------- br-nf-bds/linux/net/ipv4/netfilter/ip_tables.c | 3 ++- 11 files changed, 94 insertions(+), 42 deletions(-) (limited to 'br-nf-bds') diff --git a/br-nf-bds/linux/net/Config.in b/br-nf-bds/linux/net/Config.in index 946679f..1e6279f 100644 --- a/br-nf-bds/linux/net/Config.in +++ b/br-nf-bds/linux/net/Config.in @@ -43,23 +43,31 @@ if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then if [ "$CONFIG_INET" = "y" -a "$CONFIG_ATM_LANE" != "n" ]; then tristate ' Multi-Protocol Over ATM (MPOA) support' CONFIG_ATM_MPOA fi + tristate ' RFC1483/2684 Bridged protocols' CONFIG_ATM_BR2684 + if [ "$CONFIG_ATM_BR2684" != "n" ]; then + bool ' Per-VC IP filter kludge' CONFIG_ATM_BR2684_IPFILTER + fi fi - - dep_tristate '802.1Q VLAN Support (EXPERIMENTAL)' CONFIG_VLAN_8021Q $CONFIG_EXPERIMENTAL - fi +tristate '802.1Q VLAN Support' CONFIG_VLAN_8021Q comment ' ' tristate 'The IPX protocol' CONFIG_IPX if [ "$CONFIG_IPX" != "n" ]; then source net/ipx/Config.in fi + tristate 'Appletalk protocol support' CONFIG_ATALK +source drivers/net/appletalk/Config.in + tristate 'DECnet Support' CONFIG_DECNET if [ "$CONFIG_DECNET" != "n" ]; then source net/decnet/Config.in fi dep_tristate '802.1d Ethernet Bridging' CONFIG_BRIDGE $CONFIG_INET +if [ "$CONFIG_BRIDGE" != "n" -a "$CONFIG_NETFILTER" != "n" ]; then + source net/bridge/netfilter/Config.in +fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then if [ "$CONFIG_BRIDGE" != "n" -a "$CONFIG_NETFILTER" != "n" ]; then bool ' netfilter (firewalling) support' CONFIG_BRIDGE_NF @@ -73,10 +81,10 @@ if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then # fi if [ "$CONFIG_INET" = "y" ]; then tristate 'Acorn Econet/AUN protocols (EXPERIMENTAL)' CONFIG_ECONET - fi - if [ "$CONFIG_ECONET" != "n" ]; then - bool ' AUN over UDP' CONFIG_ECONET_AUNUDP - bool ' Native Econet' CONFIG_ECONET_NATIVE + if [ "$CONFIG_ECONET" != "n" ]; then + bool ' AUN over UDP' CONFIG_ECONET_AUNUDP + bool ' Native Econet' CONFIG_ECONET_NATIVE + fi fi tristate 'WAN router' CONFIG_WAN_ROUTER bool 'Fast switching (read help!)' CONFIG_NET_FASTROUTE @@ -92,4 +100,9 @@ fi #bool 'Network code profiler' CONFIG_NET_PROFILE endmenu +mainmenu_option next_comment +comment 'Network testing' +tristate 'Packet Generator (USE WITH CAUTION)' CONFIG_NET_PKTGEN +endmenu + endmenu diff --git a/br-nf-bds/linux/net/bridge/Makefile b/br-nf-bds/linux/net/bridge/Makefile index 25c2314..d069395 100644 --- a/br-nf-bds/linux/net/bridge/Makefile +++ b/br-nf-bds/linux/net/bridge/Makefile @@ -7,6 +7,12 @@ # # Note 2! The CFLAGS definition is now in the main makefile... +ifneq ($(CONFIG_BRIDGE_EBT_BROUTE),n) +ifneq ($(CONFIG_BRIDGE_EBT_BROUTE),) +export-objs := br.o +endif +endif + O_TARGET := bridge.o obj-y := br.o br_device.o br_fdb.o br_forward.o br_if.o br_input.o \ br_ioctl.o br_notify.o br_stp.o br_stp_bpdu.o \ diff --git a/br-nf-bds/linux/net/bridge/br.c b/br-nf-bds/linux/net/bridge/br.c index 2ef8028..2109a5d 100644 --- a/br-nf-bds/linux/net/bridge/br.c +++ b/br-nf-bds/linux/net/bridge/br.c @@ -5,7 +5,7 @@ * Authors: * Lennert Buytenhek * - * $Id: br.c,v 1.1 2002/06/01 19:23:52 bdschuym Exp $ + * $Id: br.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -28,6 +28,14 @@ #include "../atm/lec.h" #endif +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) +unsigned int (*broute_decision) (unsigned int hook, struct sk_buff **pskb, + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) = NULL; +#endif + void br_dec_use_count() { MOD_DEC_USE_COUNT; @@ -82,7 +90,12 @@ static void __exit br_deinit(void) #endif } +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) +EXPORT_SYMBOL(broute_decision); +#else EXPORT_NO_SYMBOLS; +#endif module_init(br_init) module_exit(br_deinit) diff --git a/br-nf-bds/linux/net/bridge/br_forward.c b/br-nf-bds/linux/net/bridge/br_forward.c index 05d1587..69ef227 100644 --- a/br-nf-bds/linux/net/bridge/br_forward.c +++ b/br-nf-bds/linux/net/bridge/br_forward.c @@ -5,7 +5,7 @@ * Authors: * Lennert Buytenhek * - * $Id: br_forward.c,v 1.1 2002/06/01 19:23:53 bdschuym Exp $ + * $Id: br_forward.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,12 +48,8 @@ int br_forward_finish(struct sk_buff *skb) static void __br_deliver(struct net_bridge_port *to, struct sk_buff *skb) { - struct net_device *indev; - - indev = skb->dev; skb->dev = to->dev; - - NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, indev, skb->dev, + NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, br_forward_finish); } diff --git a/br-nf-bds/linux/net/bridge/br_input.c b/br-nf-bds/linux/net/bridge/br_input.c index b9487dc..d42a65d 100644 --- a/br-nf-bds/linux/net/bridge/br_input.c +++ b/br-nf-bds/linux/net/bridge/br_input.c @@ -5,7 +5,7 @@ * Authors: * Lennert Buytenhek * - * $Id: br_input.c,v 1.1 2002/06/01 19:23:53 bdschuym Exp $ + * $Id: br_input.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -19,6 +19,10 @@ #include #include #include "br_private.h" +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) +#include +#endif unsigned char bridge_ula[6] = { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x00 }; @@ -112,7 +116,7 @@ err_nolock: return 0; } -void br_handle_frame(struct sk_buff *skb) +int br_handle_frame(struct sk_buff *skb) { struct net_bridge *br; unsigned char *dest; @@ -146,23 +150,32 @@ void br_handle_frame(struct sk_buff *skb) goto handle_special_frame; if (p->state == BR_STATE_FORWARDING) { +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) + if (broute_decision && broute_decision(NF_BR_BROUTING, &skb, + skb->dev, NULL, NULL) == NF_DROP) + return -1; +#endif NF_HOOK(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL, br_handle_frame_finish); read_unlock(&br->lock); - return; + return 0; } err: read_unlock(&br->lock); err_nolock: kfree_skb(skb); - return; + return 0; handle_special_frame: if (!dest[5]) { br_stp_handle_bpdu(skb); - return; + read_unlock(&br->lock); + return 0; } + read_unlock(&br->lock); kfree_skb(skb); + return 0; } diff --git a/br-nf-bds/linux/net/bridge/br_netfilter.c b/br-nf-bds/linux/net/bridge/br_netfilter.c index 6f0981d..a41d9ed 100644 --- a/br-nf-bds/linux/net/bridge/br_netfilter.c +++ b/br-nf-bds/linux/net/bridge/br_netfilter.c @@ -6,7 +6,7 @@ * Lennert Buytenhek * Bart De Schuymer * - * $Id: br_netfilter.c,v 1.1 2002/06/01 19:23:54 bdschuym Exp $ + * $Id: br_netfilter.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/br-nf-bds/linux/net/bridge/br_private.h b/br-nf-bds/linux/net/bridge/br_private.h index 155afc9..540a330 100644 --- a/br-nf-bds/linux/net/bridge/br_private.h +++ b/br-nf-bds/linux/net/bridge/br_private.h @@ -4,7 +4,7 @@ * Authors: * Lennert Buytenhek * - * $Id: br_private.h,v 1.1 2002/06/01 19:23:55 bdschuym Exp $ + * $Id: br_private.h,v 1.2 2002/08/24 08:44:41 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -120,7 +120,7 @@ extern void br_dec_use_count(void); extern void br_inc_use_count(void); /* br_device.c */ -extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev); +extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev); extern void br_dev_setup(struct net_device *dev); extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev); @@ -145,10 +145,10 @@ extern void br_fdb_insert(struct net_bridge *br, /* br_forward.c */ extern void br_deliver(struct net_bridge_port *to, struct sk_buff *skb); -extern int br_dev_queue_push_xmit(struct sk_buff *skb); +extern int br_dev_queue_push_xmit(struct sk_buff *skb); extern void br_forward(struct net_bridge_port *to, struct sk_buff *skb); -extern int br_forward_finish(struct sk_buff *skb); +extern int br_forward_finish(struct sk_buff *skb); extern void br_flood_deliver(struct net_bridge *br, struct sk_buff *skb, int clone); @@ -169,8 +169,8 @@ extern void br_get_port_ifindices(struct net_bridge *br, int *ifindices); /* br_input.c */ -extern int br_handle_frame_finish(struct sk_buff *skb); -extern void br_handle_frame(struct sk_buff *skb); +extern int br_handle_frame_finish(struct sk_buff *skb); +extern int br_handle_frame(struct sk_buff *skb); /* br_ioctl.c */ extern void br_call_ioctl_atomic(void (*fn)(void)); diff --git a/br-nf-bds/linux/net/core/netfilter.c b/br-nf-bds/linux/net/core/netfilter.c index 573968e..198dad6 100644 --- a/br-nf-bds/linux/net/core/netfilter.c +++ b/br-nf-bds/linux/net/core/netfilter.c @@ -83,8 +83,7 @@ void nf_unregister_hook(struct nf_hook_ops *reg) /* Do exclusive ranges overlap? */ static inline int overlap(int min1, int max1, int min2, int max2) { - return (min1 >= min2 && min1 < max2) - || (max1 > min2 && max1 <= max2); + return max1 > min2 && min1 < max2; } /* Functions to register sockopt ranges (exclusive). */ diff --git a/br-nf-bds/linux/net/core/skbuff.c b/br-nf-bds/linux/net/core/skbuff.c index 3a95500..d492fed 100644 --- a/br-nf-bds/linux/net/core/skbuff.c +++ b/br-nf-bds/linux/net/core/skbuff.c @@ -4,7 +4,7 @@ * Authors: Alan Cox * Florian La Roche * - * Version: $Id: skbuff.c,v 1.1 2002/06/02 20:51:42 bdschuym Exp $ + * Version: $Id: skbuff.c,v 1.2 2002/08/24 08:45:29 bdschuym Exp $ * * Fixes: * Alan Cox : Fixed the worst of the load balancer bugs. @@ -754,7 +754,7 @@ int ___pskb_trim(struct sk_buff *skb, unsigned int len, int realloc) if (skb_cloned(skb)) { if (!realloc) BUG(); - if (!pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) + if (pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) return -ENOMEM; } if (len <= offset) { diff --git a/br-nf-bds/linux/net/ipv4/ip_output.c b/br-nf-bds/linux/net/ipv4/ip_output.c index c8d6fc4..2da82b4 100644 --- a/br-nf-bds/linux/net/ipv4/ip_output.c +++ b/br-nf-bds/linux/net/ipv4/ip_output.c @@ -5,7 +5,7 @@ * * The Internet Protocol (IP) output module. * - * Version: $Id: ip_output.c,v 1.1 2002/06/01 19:23:49 bdschuym Exp $ + * Version: $Id: ip_output.c,v 1.2 2002/08/24 08:46:04 bdschuym Exp $ * * Authors: Ross Biro, * Fred N. van Kempen, @@ -134,9 +134,10 @@ int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk, iph->version = 4; iph->ihl = 5; iph->tos = sk->protinfo.af_inet.tos; - iph->frag_off = 0; if (ip_dont_fragment(sk, &rt->u.dst)) - iph->frag_off |= htons(IP_DF); + iph->frag_off = htons(IP_DF); + else + iph->frag_off = 0; iph->ttl = sk->protinfo.af_inet.ttl; iph->daddr = rt->rt_dst; iph->saddr = rt->rt_src; @@ -307,9 +308,6 @@ static inline int ip_queue_xmit2(struct sk_buff *skb) if (skb->len > rt->u.dst.pmtu) goto fragment; - if (ip_dont_fragment(sk, &rt->u.dst)) - iph->frag_off |= __constant_htons(IP_DF); - ip_select_ident(iph, &rt->u.dst, sk); /* Add an IP checksum. */ @@ -323,8 +321,8 @@ fragment: /* Reject packet ONLY if TCP might fragment * it itself, if were careful enough. */ - iph->frag_off |= __constant_htons(IP_DF); - NETDEBUG(printk(KERN_DEBUG "sending pkt_too_big to self\n")); + NETDEBUG(printk(KERN_DEBUG "sending pkt_too_big (len[%u] pmtu[%u]) to self\n", + skb->len, rt->u.dst.pmtu)); icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(rt->u.dst.pmtu)); @@ -383,7 +381,10 @@ packet_routed: iph = (struct iphdr *) skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0)); *((__u16 *)iph) = htons((4 << 12) | (5 << 8) | (sk->protinfo.af_inet.tos & 0xff)); iph->tot_len = htons(skb->len); - iph->frag_off = 0; + if (ip_dont_fragment(sk, &rt->u.dst)) + iph->frag_off = __constant_htons(IP_DF); + else + iph->frag_off = 0; iph->ttl = sk->protinfo.af_inet.ttl; iph->protocol = sk->protocol; iph->saddr = rt->rt_src; @@ -519,8 +520,18 @@ static int ip_build_xmit_slow(struct sock *sk, /* * Get the memory we require with some space left for alignment. */ - - skb = sock_alloc_send_skb(sk, fraglen+hh_len+15, flags&MSG_DONTWAIT, &err); + if (!(flags & MSG_DONTWAIT) || nfrags == 0) { + skb = sock_alloc_send_skb(sk, fraglen + hh_len + 15, + (flags & MSG_DONTWAIT), &err); + } else { + /* On a non-blocking write, we check for send buffer + * usage on the first fragment only. + */ + skb = sock_wmalloc(sk, fraglen + hh_len + 15, 1, + sk->allocation); + if (!skb) + err = -ENOBUFS; + } if (skb == NULL) goto error; diff --git a/br-nf-bds/linux/net/ipv4/netfilter/ip_tables.c b/br-nf-bds/linux/net/ipv4/netfilter/ip_tables.c index a840f66..b9f47ea 100644 --- a/br-nf-bds/linux/net/ipv4/netfilter/ip_tables.c +++ b/br-nf-bds/linux/net/ipv4/netfilter/ip_tables.c @@ -9,6 +9,7 @@ * a table */ #include +#include #include #include #include @@ -97,7 +98,7 @@ struct ipt_table_info unsigned int underflow[NF_IP_NUMHOOKS]; /* ipt_entry tables: one per CPU */ - char entries[0] __attribute__((aligned(SMP_CACHE_BYTES))); + char entries[0] ____cacheline_aligned; }; static LIST_HEAD(ipt_target); -- cgit v1.2.3