diff options
| author | Florian Westphal <fw@strlen.de> | 2018-02-09 09:52:01 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-02-14 15:05:34 -0500 |
| commit | 11f7aee2326f37f9d3abba27bb61d92ec09fbfde (patch) | |
| tree | 45493fe9e6f3089541de38e83248e96a2bb3461b | |
| parent | 1b6cd67191e16a66f69c9881d878204c3143f03f (diff) | |
netfilter: xt_CT: use pr ratelimiting
checkpatch complains about line > 80 but this would require splitting
"literal" over two lines which is worse.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | net/netfilter/xt_CT.c | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c index 5a152e2acfd5..8790190c6feb 100644 --- a/net/netfilter/xt_CT.c +++ b/net/netfilter/xt_CT.c | |||
| @@ -82,15 +82,14 @@ xt_ct_set_helper(struct nf_conn *ct, const char *helper_name, | |||
| 82 | 82 | ||
| 83 | proto = xt_ct_find_proto(par); | 83 | proto = xt_ct_find_proto(par); |
| 84 | if (!proto) { | 84 | if (!proto) { |
| 85 | pr_info("You must specify a L4 protocol, and not use " | 85 | pr_info_ratelimited("You must specify a L4 protocol and not use inversions on it\n"); |
| 86 | "inversions on it.\n"); | ||
| 87 | return -ENOENT; | 86 | return -ENOENT; |
| 88 | } | 87 | } |
| 89 | 88 | ||
| 90 | helper = nf_conntrack_helper_try_module_get(helper_name, par->family, | 89 | helper = nf_conntrack_helper_try_module_get(helper_name, par->family, |
| 91 | proto); | 90 | proto); |
| 92 | if (helper == NULL) { | 91 | if (helper == NULL) { |
| 93 | pr_info("No such helper \"%s\"\n", helper_name); | 92 | pr_info_ratelimited("No such helper \"%s\"\n", helper_name); |
| 94 | return -ENOENT; | 93 | return -ENOENT; |
| 95 | } | 94 | } |
| 96 | 95 | ||
| @@ -124,6 +123,7 @@ xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par, | |||
| 124 | const struct nf_conntrack_l4proto *l4proto; | 123 | const struct nf_conntrack_l4proto *l4proto; |
| 125 | struct ctnl_timeout *timeout; | 124 | struct ctnl_timeout *timeout; |
| 126 | struct nf_conn_timeout *timeout_ext; | 125 | struct nf_conn_timeout *timeout_ext; |
| 126 | const char *errmsg = NULL; | ||
| 127 | int ret = 0; | 127 | int ret = 0; |
| 128 | u8 proto; | 128 | u8 proto; |
| 129 | 129 | ||
| @@ -131,29 +131,29 @@ xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par, | |||
| 131 | timeout_find_get = rcu_dereference(nf_ct_timeout_find_get_hook); | 131 | timeout_find_get = rcu_dereference(nf_ct_timeout_find_get_hook); |
| 132 | if (timeout_find_get == NULL) { | 132 | if (timeout_find_get == NULL) { |
| 133 | ret = -ENOENT; | 133 | ret = -ENOENT; |
| 134 | pr_info("Timeout policy base is empty\n"); | 134 | errmsg = "Timeout policy base is empty"; |
| 135 | goto out; | 135 | goto out; |
| 136 | } | 136 | } |
| 137 | 137 | ||
| 138 | proto = xt_ct_find_proto(par); | 138 | proto = xt_ct_find_proto(par); |
| 139 | if (!proto) { | 139 | if (!proto) { |
| 140 | ret = -EINVAL; | 140 | ret = -EINVAL; |
| 141 | pr_info("You must specify a L4 protocol, and not use " | 141 | errmsg = "You must specify a L4 protocol and not use inversions on it"; |
| 142 | "inversions on it.\n"); | ||
| 143 | goto out; | 142 | goto out; |
| 144 | } | 143 | } |
| 145 | 144 | ||
| 146 | timeout = timeout_find_get(par->net, timeout_name); | 145 | timeout = timeout_find_get(par->net, timeout_name); |
| 147 | if (timeout == NULL) { | 146 | if (timeout == NULL) { |
| 148 | ret = -ENOENT; | 147 | ret = -ENOENT; |
| 149 | pr_info("No such timeout policy \"%s\"\n", timeout_name); | 148 | pr_info_ratelimited("No such timeout policy \"%s\"\n", |
| 149 | timeout_name); | ||
| 150 | goto out; | 150 | goto out; |
| 151 | } | 151 | } |
| 152 | 152 | ||
| 153 | if (timeout->l3num != par->family) { | 153 | if (timeout->l3num != par->family) { |
| 154 | ret = -EINVAL; | 154 | ret = -EINVAL; |
| 155 | pr_info("Timeout policy `%s' can only be used by L3 protocol " | 155 | pr_info_ratelimited("Timeout policy `%s' can only be used by L%d protocol number %d\n", |
| 156 | "number %d\n", timeout_name, timeout->l3num); | 156 | timeout_name, 3, timeout->l3num); |
| 157 | goto err_put_timeout; | 157 | goto err_put_timeout; |
| 158 | } | 158 | } |
| 159 | /* Make sure the timeout policy matches any existing protocol tracker, | 159 | /* Make sure the timeout policy matches any existing protocol tracker, |
| @@ -162,9 +162,8 @@ xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par, | |||
| 162 | l4proto = __nf_ct_l4proto_find(par->family, proto); | 162 | l4proto = __nf_ct_l4proto_find(par->family, proto); |
| 163 | if (timeout->l4proto->l4proto != l4proto->l4proto) { | 163 | if (timeout->l4proto->l4proto != l4proto->l4proto) { |
| 164 | ret = -EINVAL; | 164 | ret = -EINVAL; |
| 165 | pr_info("Timeout policy `%s' can only be used by L4 protocol " | 165 | pr_info_ratelimited("Timeout policy `%s' can only be used by L%d protocol number %d\n", |
| 166 | "number %d\n", | 166 | timeout_name, 4, timeout->l4proto->l4proto); |
| 167 | timeout_name, timeout->l4proto->l4proto); | ||
| 168 | goto err_put_timeout; | 167 | goto err_put_timeout; |
| 169 | } | 168 | } |
| 170 | timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC); | 169 | timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC); |
| @@ -180,6 +179,8 @@ err_put_timeout: | |||
| 180 | __xt_ct_tg_timeout_put(timeout); | 179 | __xt_ct_tg_timeout_put(timeout); |
| 181 | out: | 180 | out: |
| 182 | rcu_read_unlock(); | 181 | rcu_read_unlock(); |
| 182 | if (errmsg) | ||
| 183 | pr_info_ratelimited("%s\n", errmsg); | ||
| 183 | return ret; | 184 | return ret; |
| 184 | #else | 185 | #else |
| 185 | return -EOPNOTSUPP; | 186 | return -EOPNOTSUPP; |