diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/bridge/netfilter/ebt_log.c | 29 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 8 |
2 files changed, 11 insertions, 26 deletions
diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c index a94f3cc377c0..e4ea3fdd1d41 100644 --- a/net/bridge/netfilter/ebt_log.c +++ b/net/bridge/netfilter/ebt_log.c | |||
| @@ -50,14 +50,6 @@ struct arppayload | |||
| 50 | unsigned char ip_dst[4]; | 50 | unsigned char ip_dst[4]; |
| 51 | }; | 51 | }; |
| 52 | 52 | ||
| 53 | static void print_MAC(const unsigned char *p) | ||
| 54 | { | ||
| 55 | int i; | ||
| 56 | |||
| 57 | for (i = 0; i < ETH_ALEN; i++, p++) | ||
| 58 | printk("%02x%c", *p, i == ETH_ALEN - 1 ? ' ':':'); | ||
| 59 | } | ||
| 60 | |||
| 61 | static void | 53 | static void |
| 62 | print_ports(const struct sk_buff *skb, uint8_t protocol, int offset) | 54 | print_ports(const struct sk_buff *skb, uint8_t protocol, int offset) |
| 63 | { | 55 | { |
| @@ -88,14 +80,11 @@ ebt_log_packet(u_int8_t pf, unsigned int hooknum, | |||
| 88 | unsigned int bitmask; | 80 | unsigned int bitmask; |
| 89 | 81 | ||
| 90 | spin_lock_bh(&ebt_log_lock); | 82 | spin_lock_bh(&ebt_log_lock); |
| 91 | printk("<%c>%s IN=%s OUT=%s MAC source = ", '0' + loginfo->u.log.level, | 83 | printk("<%c>%s IN=%s OUT=%s MAC source = %pM MAC dest = %pM proto = 0x%04x", |
| 92 | prefix, in ? in->name : "", out ? out->name : ""); | 84 | '0' + loginfo->u.log.level, prefix, |
| 93 | 85 | in ? in->name : "", out ? out->name : "", | |
| 94 | print_MAC(eth_hdr(skb)->h_source); | 86 | eth_hdr(skb)->h_source, eth_hdr(skb)->h_dest, |
| 95 | printk("MAC dest = "); | 87 | ntohs(eth_hdr(skb)->h_proto)); |
| 96 | print_MAC(eth_hdr(skb)->h_dest); | ||
| 97 | |||
| 98 | printk("proto = 0x%04x", ntohs(eth_hdr(skb)->h_proto)); | ||
| 99 | 88 | ||
| 100 | if (loginfo->type == NF_LOG_TYPE_LOG) | 89 | if (loginfo->type == NF_LOG_TYPE_LOG) |
| 101 | bitmask = loginfo->u.log.logflags; | 90 | bitmask = loginfo->u.log.logflags; |
| @@ -171,12 +160,8 @@ ebt_log_packet(u_int8_t pf, unsigned int hooknum, | |||
| 171 | printk(" INCOMPLETE ARP payload"); | 160 | printk(" INCOMPLETE ARP payload"); |
| 172 | goto out; | 161 | goto out; |
| 173 | } | 162 | } |
| 174 | printk(" ARP MAC SRC="); | 163 | printk(" ARP MAC SRC=%pM ARP IP SRC=%pI4 ARP MAC DST=%pM ARP IP DST=%pI4", |
| 175 | print_MAC(ap->mac_src); | 164 | ap->mac_src, ap->ip_src, ap->mac_dst, ap->ip_dst); |
| 176 | printk(" ARP IP SRC=%pI4", ap->ip_src); | ||
| 177 | printk(" ARP MAC DST="); | ||
| 178 | print_MAC(ap->mac_dst); | ||
| 179 | printk(" ARP IP DST=%pI4", ap->ip_dst); | ||
| 180 | } | 165 | } |
| 181 | } | 166 | } |
| 182 | out: | 167 | out: |
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 8905cc76e0be..9ac2fdc36ecc 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | |||
| @@ -256,11 +256,11 @@ getorigdst(struct sock *sk, int optval, void __user *user, int *len) | |||
| 256 | tuple.dst.u3.ip = inet->daddr; | 256 | tuple.dst.u3.ip = inet->daddr; |
| 257 | tuple.dst.u.tcp.port = inet->dport; | 257 | tuple.dst.u.tcp.port = inet->dport; |
| 258 | tuple.src.l3num = PF_INET; | 258 | tuple.src.l3num = PF_INET; |
| 259 | tuple.dst.protonum = IPPROTO_TCP; | 259 | tuple.dst.protonum = sk->sk_protocol; |
| 260 | 260 | ||
| 261 | /* We only do TCP at the moment: is there a better way? */ | 261 | /* We only do TCP and SCTP at the moment: is there a better way? */ |
| 262 | if (strcmp(sk->sk_prot->name, "TCP")) { | 262 | if (sk->sk_protocol != IPPROTO_TCP && sk->sk_protocol != IPPROTO_SCTP) { |
| 263 | pr_debug("SO_ORIGINAL_DST: Not a TCP socket\n"); | 263 | pr_debug("SO_ORIGINAL_DST: Not a TCP/SCTP socket\n"); |
| 264 | return -ENOPROTOOPT; | 264 | return -ENOPROTOOPT; |
| 265 | } | 265 | } |
| 266 | 266 | ||