diff options
Diffstat (limited to 'br-nf-bds/linux/net/bridge')
| -rw-r--r-- | br-nf-bds/linux/net/bridge/Makefile | 6 | ||||
| -rw-r--r-- | br-nf-bds/linux/net/bridge/br.c | 15 | ||||
| -rw-r--r-- | br-nf-bds/linux/net/bridge/br_forward.c | 8 | ||||
| -rw-r--r-- | br-nf-bds/linux/net/bridge/br_input.c | 23 | ||||
| -rw-r--r-- | br-nf-bds/linux/net/bridge/br_netfilter.c | 2 | ||||
| -rw-r--r-- | br-nf-bds/linux/net/bridge/br_private.h | 12 |
6 files changed, 47 insertions, 19 deletions
diff --git a/br-nf-bds/linux/net/bridge/Makefile b/br-nf-bds/linux/net/bridge/Makefile index 25c2314..d069395 100644 --- a/br-nf-bds/linux/net/bridge/Makefile +++ b/br-nf-bds/linux/net/bridge/Makefile @@ -7,6 +7,12 @@ # # Note 2! The CFLAGS definition is now in the main makefile... +ifneq ($(CONFIG_BRIDGE_EBT_BROUTE),n) +ifneq ($(CONFIG_BRIDGE_EBT_BROUTE),) +export-objs := br.o +endif +endif + O_TARGET := bridge.o obj-y := br.o br_device.o br_fdb.o br_forward.o br_if.o br_input.o \ br_ioctl.o br_notify.o br_stp.o br_stp_bpdu.o \ diff --git a/br-nf-bds/linux/net/bridge/br.c b/br-nf-bds/linux/net/bridge/br.c index 2ef8028..2109a5d 100644 --- a/br-nf-bds/linux/net/bridge/br.c +++ b/br-nf-bds/linux/net/bridge/br.c @@ -5,7 +5,7 @@ * Authors: * Lennert Buytenhek <buytenh@gnu.org> * - * $Id: br.c,v 1.1 2002/06/01 19:23:52 bdschuym Exp $ + * $Id: br.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -28,6 +28,14 @@ #include "../atm/lec.h" #endif +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) +unsigned int (*broute_decision) (unsigned int hook, struct sk_buff **pskb, + const struct net_device *in, + const struct net_device *out, + int (*okfn)(struct sk_buff *)) = NULL; +#endif + void br_dec_use_count() { MOD_DEC_USE_COUNT; @@ -82,7 +90,12 @@ static void __exit br_deinit(void) #endif } +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) +EXPORT_SYMBOL(broute_decision); +#else EXPORT_NO_SYMBOLS; +#endif module_init(br_init) module_exit(br_deinit) diff --git a/br-nf-bds/linux/net/bridge/br_forward.c b/br-nf-bds/linux/net/bridge/br_forward.c index 05d1587..69ef227 100644 --- a/br-nf-bds/linux/net/bridge/br_forward.c +++ b/br-nf-bds/linux/net/bridge/br_forward.c @@ -5,7 +5,7 @@ * Authors: * Lennert Buytenhek <buytenh@gnu.org> * - * $Id: br_forward.c,v 1.1 2002/06/01 19:23:53 bdschuym Exp $ + * $Id: br_forward.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,12 +48,8 @@ int br_forward_finish(struct sk_buff *skb) static void __br_deliver(struct net_bridge_port *to, struct sk_buff *skb) { - struct net_device *indev; - - indev = skb->dev; skb->dev = to->dev; - - NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, indev, skb->dev, + NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, br_forward_finish); } diff --git a/br-nf-bds/linux/net/bridge/br_input.c b/br-nf-bds/linux/net/bridge/br_input.c index b9487dc..d42a65d 100644 --- a/br-nf-bds/linux/net/bridge/br_input.c +++ b/br-nf-bds/linux/net/bridge/br_input.c @@ -5,7 +5,7 @@ * Authors: * Lennert Buytenhek <buytenh@gnu.org> * - * $Id: br_input.c,v 1.1 2002/06/01 19:23:53 bdschuym Exp $ + * $Id: br_input.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -19,6 +19,10 @@ #include <linux/if_bridge.h> #include <linux/netfilter_bridge.h> #include "br_private.h" +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) +#include <linux/netfilter.h> +#endif unsigned char bridge_ula[6] = { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x00 }; @@ -112,7 +116,7 @@ err_nolock: return 0; } -void br_handle_frame(struct sk_buff *skb) +int br_handle_frame(struct sk_buff *skb) { struct net_bridge *br; unsigned char *dest; @@ -146,23 +150,32 @@ void br_handle_frame(struct sk_buff *skb) goto handle_special_frame; if (p->state == BR_STATE_FORWARDING) { +#if defined(CONFIG_BRIDGE_EBT_BROUTE) || \ + defined(CONFIG_BRIDGE_EBT_BROUTE_MODULE) + if (broute_decision && broute_decision(NF_BR_BROUTING, &skb, + skb->dev, NULL, NULL) == NF_DROP) + return -1; +#endif NF_HOOK(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL, br_handle_frame_finish); read_unlock(&br->lock); - return; + return 0; } err: read_unlock(&br->lock); err_nolock: kfree_skb(skb); - return; + return 0; handle_special_frame: if (!dest[5]) { br_stp_handle_bpdu(skb); - return; + read_unlock(&br->lock); + return 0; } + read_unlock(&br->lock); kfree_skb(skb); + return 0; } diff --git a/br-nf-bds/linux/net/bridge/br_netfilter.c b/br-nf-bds/linux/net/bridge/br_netfilter.c index 6f0981d..a41d9ed 100644 --- a/br-nf-bds/linux/net/bridge/br_netfilter.c +++ b/br-nf-bds/linux/net/bridge/br_netfilter.c @@ -6,7 +6,7 @@ * Lennert Buytenhek <buytenh@gnu.org> * Bart De Schuymer <bart.de.schuymer@pandora.be> * - * $Id: br_netfilter.c,v 1.1 2002/06/01 19:23:54 bdschuym Exp $ + * $Id: br_netfilter.c,v 1.2 2002/08/24 08:44:40 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/br-nf-bds/linux/net/bridge/br_private.h b/br-nf-bds/linux/net/bridge/br_private.h index 155afc9..540a330 100644 --- a/br-nf-bds/linux/net/bridge/br_private.h +++ b/br-nf-bds/linux/net/bridge/br_private.h @@ -4,7 +4,7 @@ * Authors: * Lennert Buytenhek <buytenh@gnu.org> * - * $Id: br_private.h,v 1.1 2002/06/01 19:23:55 bdschuym Exp $ + * $Id: br_private.h,v 1.2 2002/08/24 08:44:41 bdschuym Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -120,7 +120,7 @@ extern void br_dec_use_count(void); extern void br_inc_use_count(void); /* br_device.c */ -extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev); +extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev); extern void br_dev_setup(struct net_device *dev); extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev); @@ -145,10 +145,10 @@ extern void br_fdb_insert(struct net_bridge *br, /* br_forward.c */ extern void br_deliver(struct net_bridge_port *to, struct sk_buff *skb); -extern int br_dev_queue_push_xmit(struct sk_buff *skb); +extern int br_dev_queue_push_xmit(struct sk_buff *skb); extern void br_forward(struct net_bridge_port *to, struct sk_buff *skb); -extern int br_forward_finish(struct sk_buff *skb); +extern int br_forward_finish(struct sk_buff *skb); extern void br_flood_deliver(struct net_bridge *br, struct sk_buff *skb, int clone); @@ -169,8 +169,8 @@ extern void br_get_port_ifindices(struct net_bridge *br, int *ifindices); /* br_input.c */ -extern int br_handle_frame_finish(struct sk_buff *skb); -extern void br_handle_frame(struct sk_buff *skb); +extern int br_handle_frame_finish(struct sk_buff *skb); +extern int br_handle_frame(struct sk_buff *skb); /* br_ioctl.c */ extern void br_call_ioctl_atomic(void (*fn)(void)); |