projects
/
powerpc.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
bridge: allow changing hardware address to any valid address
[powerpc.git]
/
net
/
bridge
/
br_netfilter.c
diff --git
a/net/bridge/br_netfilter.c
b/net/bridge/br_netfilter.c
index
7712d76
..
fd70d04
100644
(file)
--- a/
net/bridge/br_netfilter.c
+++ b/
net/bridge/br_netfilter.c
@@
-48,8
+48,8
@@
#define skb_origaddr(skb) (((struct bridge_skb_cb *) \
(skb->nf_bridge->data))->daddr.ipv4)
#define skb_origaddr(skb) (((struct bridge_skb_cb *) \
(skb->nf_bridge->data))->daddr.ipv4)
-#define store_orig_dstaddr(skb) (skb_origaddr(skb) =
(skb)->nh.iph
->daddr)
-#define dnat_took_place(skb) (skb_origaddr(skb) !=
(skb)->nh.iph
->daddr)
+#define store_orig_dstaddr(skb) (skb_origaddr(skb) =
ip_hdr(skb)
->daddr)
+#define dnat_took_place(skb) (skb_origaddr(skb) !=
ip_hdr(skb)
->daddr)
#ifdef CONFIG_SYSCTL
static struct ctl_table_header *brnf_sysctl_header;
#ifdef CONFIG_SYSCTL
static struct ctl_table_header *brnf_sysctl_header;
@@
-61,7
+61,7
@@
static int brnf_filter_vlan_tagged __read_mostly = 1;
#define brnf_filter_vlan_tagged 1
#endif
#define brnf_filter_vlan_tagged 1
#endif
-static
__be16 inline
vlan_proto(const struct sk_buff *skb)
+static
inline __be16
vlan_proto(const struct sk_buff *skb)
{
return vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
}
{
return vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
}
@@
-129,7
+129,8
@@
static inline void nf_bridge_save_header(struct sk_buff *skb)
if (skb->protocol == htons(ETH_P_8021Q))
header_size += VLAN_HLEN;
if (skb->protocol == htons(ETH_P_8021Q))
header_size += VLAN_HLEN;
- memcpy(skb->nf_bridge->data, skb->data - header_size, header_size);
+ skb_copy_from_linear_data_offset(skb, -header_size,
+ skb->nf_bridge->data, header_size);
}
/*
}
/*
@@
-148,7
+149,8
@@
int nf_bridge_copy_header(struct sk_buff *skb)
if (err)
return err;
if (err)
return err;
- memcpy(skb->data - header_size, skb->nf_bridge->data, header_size);
+ skb_copy_to_linear_data_offset(skb, -header_size,
+ skb->nf_bridge->data, header_size);
if (skb->protocol == htons(ETH_P_8021Q))
__skb_push(skb, VLAN_HLEN);
if (skb->protocol == htons(ETH_P_8021Q))
__skb_push(skb, VLAN_HLEN);
@@
-174,7
+176,7
@@
static int br_nf_pre_routing_finish_ipv6(struct sk_buff *skb)
skb->dev = nf_bridge->physindev;
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
skb->dev = nf_bridge->physindev;
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
- skb->n
h.raw
-= VLAN_HLEN;
+ skb->n
etwork_header
-= VLAN_HLEN;
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL,
br_handle_frame_finish, 1);
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL,
br_handle_frame_finish, 1);
@@
-255,7
+257,7
@@
static int br_nf_pre_routing_finish_bridge(struct sk_buff *skb)
else {
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull(skb, VLAN_HLEN);
else {
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull(skb, VLAN_HLEN);
- skb->n
h.raw
+= VLAN_HLEN;
+ skb->n
etwork_header
+= VLAN_HLEN;
}
skb->dst->output(skb);
}
}
skb->dst->output(skb);
}
@@
-265,7
+267,7
@@
static int br_nf_pre_routing_finish_bridge(struct sk_buff *skb)
static int br_nf_pre_routing_finish(struct sk_buff *skb)
{
struct net_device *dev = skb->dev;
static int br_nf_pre_routing_finish(struct sk_buff *skb)
{
struct net_device *dev = skb->dev;
- struct iphdr *iph =
skb->nh.iph
;
+ struct iphdr *iph =
ip_hdr(skb)
;
struct nf_bridge_info *nf_bridge = skb->nf_bridge;
int err;
struct nf_bridge_info *nf_bridge = skb->nf_bridge;
int err;
@@
-325,7
+327,7
@@
bridged_dnat:
if (skb->protocol ==
htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
if (skb->protocol ==
htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
- skb->n
h.raw
-= VLAN_HLEN;
+ skb->n
etwork_header
-= VLAN_HLEN;
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING,
skb, skb->dev, NULL,
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING,
skb, skb->dev, NULL,
@@
-344,7
+346,7
@@
bridged_dnat:
skb->dev = nf_bridge->physindev;
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
skb->dev = nf_bridge->physindev;
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
- skb->n
h.raw
-= VLAN_HLEN;
+ skb->n
etwork_header
-= VLAN_HLEN;
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL,
br_handle_frame_finish, 1);
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL,
br_handle_frame_finish, 1);
@@
-372,9
+374,10
@@
static struct net_device *setup_pre_routing(struct sk_buff *skb)
/* We only check the length. A bridge shouldn't do any hop-by-hop stuff anyway */
static int check_hbh_len(struct sk_buff *skb)
{
/* We only check the length. A bridge shouldn't do any hop-by-hop stuff anyway */
static int check_hbh_len(struct sk_buff *skb)
{
- unsigned char *raw = (u8 *)
(skb->nh.ipv6h
+ 1);
+ unsigned char *raw = (u8 *)
(ipv6_hdr(skb)
+ 1);
u32 pkt_len;
u32 pkt_len;
- int off = raw - skb->nh.raw;
+ const unsigned char *nh = skb_network_header(skb);
+ int off = raw - nh;
int len = (raw[1] + 1) << 3;
if ((raw + len) - skb->data > skb_headlen(skb))
int len = (raw[1] + 1) << 3;
if ((raw + len) - skb->data > skb_headlen(skb))
@@
-384,9
+387,9
@@
static int check_hbh_len(struct sk_buff *skb)
len -= 2;
while (len > 0) {
len -= 2;
while (len > 0) {
- int optlen =
skb->nh.raw
[off + 1] + 2;
+ int optlen =
nh
[off + 1] + 2;
- switch (
skb->nh.raw
[off]) {
+ switch (
nh
[off]) {
case IPV6_TLV_PAD0:
optlen = 1;
break;
case IPV6_TLV_PAD0:
optlen = 1;
break;
@@
-395,17
+398,18
@@
static int check_hbh_len(struct sk_buff *skb)
break;
case IPV6_TLV_JUMBO:
break;
case IPV6_TLV_JUMBO:
- if (
skb->nh.raw
[off + 1] != 4 || (off & 3) != 2)
+ if (
nh
[off + 1] != 4 || (off & 3) != 2)
goto bad;
goto bad;
- pkt_len = ntohl(*(__be32 *) (
skb->nh.raw
+ off + 2));
+ pkt_len = ntohl(*(__be32 *) (
nh
+ off + 2));
if (pkt_len <= IPV6_MAXPLEN ||
if (pkt_len <= IPV6_MAXPLEN ||
-
skb->nh.ipv6h
->payload_len)
+
ipv6_hdr(skb)
->payload_len)
goto bad;
if (pkt_len > skb->len - sizeof(struct ipv6hdr))
goto bad;
if (pskb_trim_rcsum(skb,
pkt_len + sizeof(struct ipv6hdr)))
goto bad;
goto bad;
if (pkt_len > skb->len - sizeof(struct ipv6hdr))
goto bad;
if (pskb_trim_rcsum(skb,
pkt_len + sizeof(struct ipv6hdr)))
goto bad;
+ nh = skb_network_header(skb);
break;
default:
if (optlen > len)
break;
default:
if (optlen > len)
@@
-439,7
+443,7
@@
static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
goto inhdr_error;
if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
goto inhdr_error;
- hdr =
skb->nh.ipv6h
;
+ hdr =
ipv6_hdr(skb)
;
if (hdr->version != 6)
goto inhdr_error;
if (hdr->version != 6)
goto inhdr_error;
@@
-495,7
+499,7
@@
static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull_rcsum(skb, VLAN_HLEN);
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull_rcsum(skb, VLAN_HLEN);
- skb->n
h.raw
+= VLAN_HLEN;
+ skb->n
etwork_header
+= VLAN_HLEN;
}
return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn);
}
}
return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn);
}
@@
-512,20
+516,20
@@
static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull_rcsum(skb, VLAN_HLEN);
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull_rcsum(skb, VLAN_HLEN);
- skb->n
h.raw
+= VLAN_HLEN;
+ skb->n
etwork_header
+= VLAN_HLEN;
}
if (!pskb_may_pull(skb, sizeof(struct iphdr)))
goto inhdr_error;
}
if (!pskb_may_pull(skb, sizeof(struct iphdr)))
goto inhdr_error;
- iph =
skb->nh.iph
;
+ iph =
ip_hdr(skb)
;
if (iph->ihl < 5 || iph->version != 4)
goto inhdr_error;
if (!pskb_may_pull(skb, 4 * iph->ihl))
goto inhdr_error;
if (iph->ihl < 5 || iph->version != 4)
goto inhdr_error;
if (!pskb_may_pull(skb, 4 * iph->ihl))
goto inhdr_error;
- iph =
skb->nh.iph
;
+ iph =
ip_hdr(skb)
;
if (ip_fast_csum((__u8 *) iph, iph->ihl) != 0)
goto inhdr_error;
if (ip_fast_csum((__u8 *) iph, iph->ihl) != 0)
goto inhdr_error;
@@
-593,7
+597,7
@@
static int br_nf_forward_finish(struct sk_buff *skb)
}
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
}
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
- skb->n
h.raw
-= VLAN_HLEN;
+ skb->n
etwork_header
-= VLAN_HLEN;
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_FORWARD, skb, in,
skb->dev, br_forward_finish, 1);
}
NF_HOOK_THRESH(PF_BRIDGE, NF_BR_FORWARD, skb, in,
skb->dev, br_forward_finish, 1);
@@
-629,7
+633,7
@@
static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb,
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull(*pskb, VLAN_HLEN);
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull(*pskb, VLAN_HLEN);
- (*pskb)->n
h.raw
+= VLAN_HLEN;
+ (*pskb)->n
etwork_header
+= VLAN_HLEN;
}
nf_bridge = skb->nf_bridge;
}
nf_bridge = skb->nf_bridge;
@@
-665,13
+669,13
@@
static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
if (!IS_VLAN_ARP(skb))
return NF_ACCEPT;
skb_pull(*pskb, VLAN_HLEN);
if (!IS_VLAN_ARP(skb))
return NF_ACCEPT;
skb_pull(*pskb, VLAN_HLEN);
- (*pskb)->n
h.raw
+= VLAN_HLEN;
+ (*pskb)->n
etwork_header
+= VLAN_HLEN;
}
}
- if (
skb->nh.arph
->ar_pln != 4) {
+ if (
arp_hdr(skb)
->ar_pln != 4) {
if (IS_VLAN_ARP(skb)) {
skb_push(*pskb, VLAN_HLEN);
if (IS_VLAN_ARP(skb)) {
skb_push(*pskb, VLAN_HLEN);
- (*pskb)->n
h.raw
-= VLAN_HLEN;
+ (*pskb)->n
etwork_header
-= VLAN_HLEN;
}
return NF_ACCEPT;
}
}
return NF_ACCEPT;
}
@@
-721,7
+725,7
@@
static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb,
}
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
}
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_push(skb, VLAN_HLEN);
- skb->n
h.raw
-= VLAN_HLEN;
+ skb->n
etwork_header
-= VLAN_HLEN;
}
NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, realindev, skb->dev,
}
NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, realindev, skb->dev,
@@
-753,7
+757,8
@@
static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
#ifdef CONFIG_NETFILTER_DEBUG
/* Be very paranoid. This probably won't happen anymore, but let's
* keep the check just to be sure... */
#ifdef CONFIG_NETFILTER_DEBUG
/* Be very paranoid. This probably won't happen anymore, but let's
* keep the check just to be sure... */
- if (skb->mac.raw < skb->head || skb->mac.raw + ETH_HLEN > skb->data) {
+ if (skb_mac_header(skb) < skb->head ||
+ skb_mac_header(skb) + ETH_HLEN > skb->data) {
printk(KERN_CRIT "br_netfilter: Argh!! br_nf_post_routing: "
"bad mac.raw pointer.\n");
goto print_error;
printk(KERN_CRIT "br_netfilter: Argh!! br_nf_post_routing: "
"bad mac.raw pointer.\n");
goto print_error;
@@
-787,7
+792,7
@@
static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull(skb, VLAN_HLEN);
if (skb->protocol == htons(ETH_P_8021Q)) {
skb_pull(skb, VLAN_HLEN);
- skb->n
h.raw
+= VLAN_HLEN;
+ skb->n
etwork_header
+= VLAN_HLEN;
}
nf_bridge_save_header(skb);
}
nf_bridge_save_header(skb);
@@
-808,7
+813,7
@@
print_error:
if (realoutdev)
printk("[%s]", realoutdev->name);
}
if (realoutdev)
printk("[%s]", realoutdev->name);
}
- printk(" head:%p, raw:%p, data:%p\n", skb->head, skb
->mac.raw
,
+ printk(" head:%p, raw:%p, data:%p\n", skb->head, skb
_mac_header(skb)
,
skb->data);
dump_stack();
return NF_ACCEPT;
skb->data);
dump_stack();
return NF_ACCEPT;