*** empty log message ***

8 files changed, 48 insertions, 9 deletions

diff --git a/br-nf-bds/linux2.5/include/linux/netfilter.h b/br-nf-bds/linux2.5/include/linux/netfilter.h
index b2df329..b1ae544 100644
--- a/br-nf-bds/linux2.5/include/linux/netfilter.h
+++ b/br-nf-bds/linux2.5/include/linux/netfilter.h
@@ -118,7 +118,7 @@ extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS];
    call in fast path: gcc doesn't inline (needs value tracking?). --RR */
 #ifdef CONFIG_NETFILTER_DEBUG
 #define NF_HOOK(pf, hook, skb, indev, outdev, okfn)			\
-		nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN)
+ nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN)
 #define NF_HOOK_THRESH nf_hook_slow
 #else
 #define NF_HOOK(pf, hook, skb, indev, outdev, okfn)			\
diff --git a/br-nf-bds/linux2.5/include/linux/skbuff.h b/br-nf-bds/linux2.5/include/linux/skbuff.h
index fb99584..f1efc36 100644
--- a/br-nf-bds/linux2.5/include/linux/skbuff.h
+++ b/br-nf-bds/linux2.5/include/linux/skbuff.h
@@ -177,8 +177,10 @@ struct sk_buff {
 	struct sock		*sk;
 	struct timeval		stamp;
 	struct net_device	*dev;
+#ifdef CONFIG_BRIDGE_NF
 	struct net_device	*physindev;
 	struct net_device	*physoutdev;
+#endif
 
 	union {
 		struct tcphdr	*th;
diff --git a/br-nf-bds/linux2.5/net/bridge/br_private.h b/br-nf-bds/linux2.5/net/bridge/br_private.h
index f5713c3..4be0cfc 100644
--- a/br-nf-bds/linux2.5/net/bridge/br_private.h
+++ b/br-nf-bds/linux2.5/net/bridge/br_private.h
@@ -4,7 +4,7 @@
  *	Authors:
  *	Lennert Buytenhek		<buytenh@gnu.org>
  *
- *	$Id: br_private.h,v 1.1 2002/08/24 09:28:29 bdschuym Exp $
+ *	$Id: br_private.h,v 1.2 2002/08/24 13:42:35 bdschuym Exp $
  *
  *	This program is free software; you can redistribute it and/or
  *	modify it under the terms of the GNU General Public License
@@ -120,7 +120,6 @@ extern void br_dec_use_count(void);
 extern void br_inc_use_count(void);
 
 /* br_device.c */
-extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev);
 extern void br_dev_setup(struct net_device *dev);
 extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev);
 
diff --git a/br-nf-bds/linux2.5/net/core/netfilter.c b/br-nf-bds/linux2.5/net/core/netfilter.c
index 198dad6..1a1cb88 100644
--- a/br-nf-bds/linux2.5/net/core/netfilter.c
+++ b/br-nf-bds/linux2.5/net/core/netfilter.c
@@ -418,8 +418,10 @@ static void nf_queue(struct sk_buff *skb,
 {
 	int status;
 	struct nf_info *info;
+#ifdef CONFIG_BRIDGE_NF
 	struct net_device *physindev;
 	struct net_device *physoutdev;
+#endif
 
 	if (!queue_handler[pf].outfn) {
 		kfree_skb(skb);
@@ -442,16 +444,20 @@ static void nf_queue(struct sk_buff *skb,
 	if (indev) dev_hold(indev);
 	if (outdev) dev_hold(outdev);
 
+#ifdef CONFIG_BRIDGE_NF
 	if ((physindev = skb->physindev)) dev_hold(physindev);
 	if ((physoutdev = skb->physoutdev)) dev_hold(physoutdev);
+#endif
 
 	status = queue_handler[pf].outfn(skb, info, queue_handler[pf].data);
 	if (status < 0) {
 		/* James M doesn't say fuck enough. */
 		if (indev) dev_put(indev);
 		if (outdev) dev_put(outdev);
+#ifdef CONFIG_BRIDGE_NF
 		if (physindev) dev_put(physindev);
 		if (physoutdev) dev_put(physoutdev);
+#endif
 		kfree(info);
 		kfree_skb(skb);
 		return;
diff --git a/br-nf-bds/linux2.5/net/core/skbuff.c b/br-nf-bds/linux2.5/net/core/skbuff.c
index eecc16e..b8ffeb6 100644
--- a/br-nf-bds/linux2.5/net/core/skbuff.c
+++ b/br-nf-bds/linux2.5/net/core/skbuff.c
@@ -4,7 +4,7 @@
  *	Authors:	Alan Cox <iiitac@pyr.swan.ac.uk>
  *			Florian La Roche <rzsfl@rz.uni-sb.de>
  *
- *	Version:	$Id: skbuff.c,v 1.1 2002/08/24 09:27:04 bdschuym Exp $
+ *	Version:	$Id: skbuff.c,v 1.2 2002/08/24 13:43:15 bdschuym Exp $
  *
  *	Fixes:
  *		Alan Cox	:	Fixed the worst of the load
@@ -232,8 +232,10 @@ static inline void skb_headerinit(void *p, kmem_cache_t *cache,
 	skb->sk		  = NULL;
 	skb->stamp.tv_sec = 0;	/* No idea about time */
 	skb->dev	  = NULL;
+#ifdef CONFIG_BRIDGE_NF
 	skb->physindev	  = NULL;
 	skb->physoutdev	  = NULL;
+#endif
 	skb->dst	  = NULL;
 	memset(skb->cb, 0, sizeof(skb->cb));
 	skb->pkt_type	  = PACKET_HOST;	/* Default type */
@@ -363,10 +365,10 @@ struct sk_buff *skb_clone(struct sk_buff *skb, int gfp_mask)
 	n->sk = NULL;
 	C(stamp);
 	C(dev);
+#ifdef CONFIG_BRIDGE_NF
 	C(physindev);
 	C(physoutdev);
-	C(physindev);
-	C(physoutdev);
+#endif
 	C(h);
 	C(nh);
 	C(mac);
@@ -422,8 +424,10 @@ static void copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
 	new->list	= NULL;
 	new->sk		= NULL;
 	new->dev	= old->dev;
+#ifdef CONFIG_BRIDGE_NF
 	new->physindev	= old->physindev;
 	new->physoutdev	= old->physoutdev;
+#endif
 	new->priority	= old->priority;
 	new->protocol	= old->protocol;
 	new->dst	= dst_clone(old->dst);
diff --git a/br-nf-bds/linux2.5/net/ipv4/ip_output.c b/br-nf-bds/linux2.5/net/ipv4/ip_output.c
index 130d631..c457da7 100644
--- a/br-nf-bds/linux2.5/net/ipv4/ip_output.c
+++ b/br-nf-bds/linux2.5/net/ipv4/ip_output.c
@@ -5,7 +5,7 @@
  *
  *		The Internet Protocol (IP) output module.
  *
- * Version:	$Id: ip_output.c,v 1.1 2002/08/24 09:25:29 bdschuym Exp $
+ * Version:	$Id: ip_output.c,v 1.2 2002/08/24 13:43:43 bdschuym Exp $
  *
  * Authors:	Ross Biro, <bir7@leland.Stanford.Edu>
  *		Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
@@ -835,8 +835,10 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
 			skb_set_owner_w(skb2, skb->sk);
 		skb2->dst = dst_clone(skb->dst);
 		skb2->dev = skb->dev;
+#ifdef CONFIG_BRIDGE_NF
 		skb2->physindev = skb->physindev;
 		skb2->physoutdev = skb->physoutdev;
+#endif
 
 		/*
 		 *	Copy the packet header into the new buffer.
@@ -900,7 +902,9 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
 		iph->tot_len = htons(len + hlen);
 
 		ip_send_check(iph);
+#ifdef CONFIG_BRIDGE_NF
 		memcpy(skb2->data - 16, skb->data - 16, 16);
+#endif
 
 		err = output(skb2);
 		if (err)
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
index 928e67a..f898455 100644
--- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
+++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
@@ -122,15 +122,19 @@ static LIST_HEAD(ipt_tables);
 static inline int
 ip_packet_match(const struct iphdr *ip,
 		const char *indev,
+#ifdef CONFIG_BRIDGE_NF
 		const char *physindev,
+#endif
 		const char *outdev,
+#ifdef CONFIG_BRIDGE_NF
 		const char *physoutdev,
+#endif
 		const struct ipt_ip *ipinfo,
 		int isfrag)
 {
 	size_t i;
 	unsigned long ret;
-	unsigned long ret2;
+	unsigned long ret2 = 1;
 
 #define FWINV(bool,invflg) ((bool) ^ !!(ipinfo->invflags & invflg))
 
@@ -160,11 +164,13 @@ ip_packet_match(const struct iphdr *ip,
 			& ((const unsigned long *)ipinfo->iniface_mask)[i];
 	}
 
+#ifdef CONFIG_BRIDGE_NF
 	for (i = 0, ret2 = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) {
 		ret2 |= (((const unsigned long *)physindev)[i]
 			^ ((const unsigned long *)ipinfo->iniface)[i])
 			& ((const unsigned long *)ipinfo->iniface_mask)[i];
 	}
+#endif
 
 	if (FWINV(ret != 0 && ret2 != 0, IPT_INV_VIA_IN)) {
 		dprintf("VIA in mismatch (%s vs %s).%s\n",
@@ -179,11 +185,13 @@ ip_packet_match(const struct iphdr *ip,
 			& ((const unsigned long *)ipinfo->outiface_mask)[i];
 	}
 
+#ifdef CONFIG_BRIDGE_NF
 	for (i = 0, ret2 = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) {
 		ret2 |= (((const unsigned long *)physoutdev)[i]
 			^ ((const unsigned long *)ipinfo->outiface)[i])
 			& ((const unsigned long *)ipinfo->outiface_mask)[i];
 	}
+#endif
 
 	if (FWINV(ret != 0 && ret2 != 0, IPT_INV_VIA_OUT)) {
 		dprintf("VIA out mismatch (%s vs %s).%s\n",
@@ -284,7 +292,9 @@ ipt_do_table(struct sk_buff **pskb,
 	/* Initializing verdict to NF_DROP keeps gcc happy. */
 	unsigned int verdict = NF_DROP;
 	const char *indev, *outdev;
+#ifdef CONFIG_BRIDGE_NF
 	const char *physindev, *physoutdev;
+#endif
 	void *table_base;
 	struct ipt_entry *e, *back;
 
@@ -294,8 +304,10 @@ ipt_do_table(struct sk_buff **pskb,
 	datalen = (*pskb)->len - ip->ihl * 4;
 	indev = in ? in->name : nulldevname;
 	outdev = out ? out->name : nulldevname;
+#ifdef CONFIG_BRIDGE_NF
 	physindev = (*pskb)->physindev ? (*pskb)->physindev->name : nulldevname;
 	physoutdev = (*pskb)->physoutdev ? (*pskb)->physoutdev->name : nulldevname;
+#endif
 
 	/* We handle fragments by dealing with the first fragment as
 	 * if it was a normal packet.  All other fragments are treated
@@ -331,7 +343,15 @@ ipt_do_table(struct sk_buff **pskb,
 		IP_NF_ASSERT(e);
 		IP_NF_ASSERT(back);
 		(*pskb)->nfcache |= e->nfcache;
-		if (ip_packet_match(ip, indev, physindev, outdev, physoutdev, &e->ip, offset)) {
+		if (ip_packet_match(ip, indev,
+#ifdef CONFIG_BRIDGE_NF
+		    physindev,
+#endif
+		    outdev,
+#ifdef CONFIG_BRIDGE_NF
+		    physoutdev,
+#endif
+		    &e->ip, offset)) {
 			struct ipt_entry_target *t;
 
 			if (IPT_MATCH_ITERATE(e, do_match,
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
index 48bb12f..2c90f1b 100644
--- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
+++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
@@ -286,11 +286,15 @@ ipt_log_target(struct sk_buff **pskb,
 	spin_lock_bh(&log_lock);
 	printk(level_string);
 	printk("%sIN=%s ", loginfo->prefix, in ? in->name : "");
+#ifdef CONFIG_BRIDGE_NF
 	if ((*pskb)->physindev && in != (*pskb)->physindev)
 		printk("PHYSIN=%s ", (*pskb)->physindev->name);
+#endif
 	printk("OUT=%s ", out ? out->name : "");
+#ifdef CONFIG_BRIDGE_NF
 	if ((*pskb)->physoutdev && out != (*pskb)->physoutdev)
 		printk("PHYSOUT=%s ", (*pskb)->physoutdev->name);
+#endif
 
 	if (in && !out) {
 		/* MAC logging for input chain only. */