summaryrefslogtreecommitdiffstats
path: root/br-nf-bds/linux2.5/net/ipv4
diff options
context:
space:
mode:
Diffstat (limited to 'br-nf-bds/linux2.5/net/ipv4')
-rw-r--r--br-nf-bds/linux2.5/net/ipv4/ip_output.c8
-rw-r--r--br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c24
-rw-r--r--br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c4
3 files changed, 5 insertions, 31 deletions
diff --git a/br-nf-bds/linux2.5/net/ipv4/ip_output.c b/br-nf-bds/linux2.5/net/ipv4/ip_output.c
index c457da7..0915f26 100644
--- a/br-nf-bds/linux2.5/net/ipv4/ip_output.c
+++ b/br-nf-bds/linux2.5/net/ipv4/ip_output.c
@@ -5,7 +5,7 @@
*
* The Internet Protocol (IP) output module.
*
- * Version: $Id: ip_output.c,v 1.2 2002/08/24 13:43:43 bdschuym Exp $
+ * Version: $Id: ip_output.c,v 1.3 2002/09/18 18:32:12 bdschuym Exp $
*
* Authors: Ross Biro, <bir7@leland.Stanford.Edu>
* Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
@@ -835,10 +835,8 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
skb_set_owner_w(skb2, skb->sk);
skb2->dst = dst_clone(skb->dst);
skb2->dev = skb->dev;
-#ifdef CONFIG_BRIDGE_NF
skb2->physindev = skb->physindev;
skb2->physoutdev = skb->physoutdev;
-#endif
/*
* Copy the packet header into the new buffer.
@@ -902,9 +900,9 @@ int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
iph->tot_len = htons(len + hlen);
ip_send_check(iph);
-#ifdef CONFIG_BRIDGE_NF
+
+ // for bridge-netfilter
memcpy(skb2->data - 16, skb->data - 16, 16);
-#endif
err = output(skb2);
if (err)
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
index f898455..0b8d07c 100644
--- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
+++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ip_tables.c
@@ -122,19 +122,14 @@ static LIST_HEAD(ipt_tables);
static inline int
ip_packet_match(const struct iphdr *ip,
const char *indev,
-#ifdef CONFIG_BRIDGE_NF
const char *physindev,
-#endif
const char *outdev,
-#ifdef CONFIG_BRIDGE_NF
const char *physoutdev,
-#endif
const struct ipt_ip *ipinfo,
int isfrag)
{
size_t i;
- unsigned long ret;
- unsigned long ret2 = 1;
+ unsigned long ret, ret2;
#define FWINV(bool,invflg) ((bool) ^ !!(ipinfo->invflags & invflg))
@@ -164,13 +159,11 @@ ip_packet_match(const struct iphdr *ip,
& ((const unsigned long *)ipinfo->iniface_mask)[i];
}
-#ifdef CONFIG_BRIDGE_NF
for (i = 0, ret2 = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) {
ret2 |= (((const unsigned long *)physindev)[i]
^ ((const unsigned long *)ipinfo->iniface)[i])
& ((const unsigned long *)ipinfo->iniface_mask)[i];
}
-#endif
if (FWINV(ret != 0 && ret2 != 0, IPT_INV_VIA_IN)) {
dprintf("VIA in mismatch (%s vs %s).%s\n",
@@ -185,13 +178,11 @@ ip_packet_match(const struct iphdr *ip,
& ((const unsigned long *)ipinfo->outiface_mask)[i];
}
-#ifdef CONFIG_BRIDGE_NF
for (i = 0, ret2 = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) {
ret2 |= (((const unsigned long *)physoutdev)[i]
^ ((const unsigned long *)ipinfo->outiface)[i])
& ((const unsigned long *)ipinfo->outiface_mask)[i];
}
-#endif
if (FWINV(ret != 0 && ret2 != 0, IPT_INV_VIA_OUT)) {
dprintf("VIA out mismatch (%s vs %s).%s\n",
@@ -292,9 +283,7 @@ ipt_do_table(struct sk_buff **pskb,
/* Initializing verdict to NF_DROP keeps gcc happy. */
unsigned int verdict = NF_DROP;
const char *indev, *outdev;
-#ifdef CONFIG_BRIDGE_NF
const char *physindev, *physoutdev;
-#endif
void *table_base;
struct ipt_entry *e, *back;
@@ -304,10 +293,8 @@ ipt_do_table(struct sk_buff **pskb,
datalen = (*pskb)->len - ip->ihl * 4;
indev = in ? in->name : nulldevname;
outdev = out ? out->name : nulldevname;
-#ifdef CONFIG_BRIDGE_NF
physindev = (*pskb)->physindev ? (*pskb)->physindev->name : nulldevname;
physoutdev = (*pskb)->physoutdev ? (*pskb)->physoutdev->name : nulldevname;
-#endif
/* We handle fragments by dealing with the first fragment as
* if it was a normal packet. All other fragments are treated
@@ -343,14 +330,7 @@ ipt_do_table(struct sk_buff **pskb,
IP_NF_ASSERT(e);
IP_NF_ASSERT(back);
(*pskb)->nfcache |= e->nfcache;
- if (ip_packet_match(ip, indev,
-#ifdef CONFIG_BRIDGE_NF
- physindev,
-#endif
- outdev,
-#ifdef CONFIG_BRIDGE_NF
- physoutdev,
-#endif
+ if (ip_packet_match(ip, indev, physindev, outdev, physoutdev,
&e->ip, offset)) {
struct ipt_entry_target *t;
diff --git a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
index 2c90f1b..48bb12f 100644
--- a/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
+++ b/br-nf-bds/linux2.5/net/ipv4/netfilter/ipt_LOG.c
@@ -286,15 +286,11 @@ ipt_log_target(struct sk_buff **pskb,
spin_lock_bh(&log_lock);
printk(level_string);
printk("%sIN=%s ", loginfo->prefix, in ? in->name : "");
-#ifdef CONFIG_BRIDGE_NF
if ((*pskb)->physindev && in != (*pskb)->physindev)
printk("PHYSIN=%s ", (*pskb)->physindev->name);
-#endif
printk("OUT=%s ", out ? out->name : "");
-#ifdef CONFIG_BRIDGE_NF
if ((*pskb)->physoutdev && out != (*pskb)->physoutdev)
printk("PHYSOUT=%s ", (*pskb)->physoutdev->name);
-#endif
if (in && !out) {
/* MAC logging for input chain only. */