diff options
| author | Patrick McHardy <kaber@trash.net> | 2006-11-28 20:35:34 -0500 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2006-12-03 00:31:30 -0500 |
| commit | d7a5c32442ed3d528b9ddfd3d5b837bad0ffa9da (patch) | |
| tree | 098596540ef78e18836fddff2c3c4bc31d7ca934 | |
| parent | 829e17a1a602572ffa3beefe582dc103ee9fb9c7 (diff) | |
[NETFILTER]: nfnetlink_log: remove useless prefix length limitation
There is no reason for limiting netlink attributes in size.
Signed-off-by: Patrick McHardy <kaber@trash.net>
| -rw-r--r-- | include/linux/netfilter/nfnetlink_log.h | 2 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_log.c | 19 |
2 files changed, 10 insertions, 11 deletions
diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h index 55a2a2b814ed..5966afa026e9 100644 --- a/include/linux/netfilter/nfnetlink_log.h +++ b/include/linux/netfilter/nfnetlink_log.h | |||
| @@ -32,8 +32,6 @@ struct nfulnl_msg_packet_timestamp { | |||
| 32 | aligned_be64 usec; | 32 | aligned_be64 usec; |
| 33 | }; | 33 | }; |
| 34 | 34 | ||
| 35 | #define NFULNL_PREFIXLEN 30 /* just like old log target */ | ||
| 36 | |||
| 37 | enum nfulnl_attr_type { | 35 | enum nfulnl_attr_type { |
| 38 | NFULA_UNSPEC, | 36 | NFULA_UNSPEC, |
| 39 | NFULA_PACKET_HDR, | 37 | NFULA_PACKET_HDR, |
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index bd3ffa6f1a6d..d1505dd25c66 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
| @@ -408,7 +408,7 @@ __build_packet_message(struct nfulnl_instance *inst, | |||
| 408 | const struct net_device *indev, | 408 | const struct net_device *indev, |
| 409 | const struct net_device *outdev, | 409 | const struct net_device *outdev, |
| 410 | const struct nf_loginfo *li, | 410 | const struct nf_loginfo *li, |
| 411 | const char *prefix) | 411 | const char *prefix, unsigned int plen) |
| 412 | { | 412 | { |
| 413 | unsigned char *old_tail; | 413 | unsigned char *old_tail; |
| 414 | struct nfulnl_msg_packet_hdr pmsg; | 414 | struct nfulnl_msg_packet_hdr pmsg; |
| @@ -432,12 +432,8 @@ __build_packet_message(struct nfulnl_instance *inst, | |||
| 432 | 432 | ||
| 433 | NFA_PUT(inst->skb, NFULA_PACKET_HDR, sizeof(pmsg), &pmsg); | 433 | NFA_PUT(inst->skb, NFULA_PACKET_HDR, sizeof(pmsg), &pmsg); |
| 434 | 434 | ||
| 435 | if (prefix) { | 435 | if (prefix) |
| 436 | int slen = strlen(prefix); | 436 | NFA_PUT(inst->skb, NFULA_PREFIX, plen, prefix); |
| 437 | if (slen > NFULNL_PREFIXLEN) | ||
| 438 | slen = NFULNL_PREFIXLEN; | ||
| 439 | NFA_PUT(inst->skb, NFULA_PREFIX, slen, prefix); | ||
| 440 | } | ||
| 441 | 437 | ||
| 442 | if (indev) { | 438 | if (indev) { |
| 443 | tmp_uint = htonl(indev->ifindex); | 439 | tmp_uint = htonl(indev->ifindex); |
| @@ -601,6 +597,7 @@ nfulnl_log_packet(unsigned int pf, | |||
| 601 | const struct nf_loginfo *li; | 597 | const struct nf_loginfo *li; |
| 602 | unsigned int qthreshold; | 598 | unsigned int qthreshold; |
| 603 | unsigned int nlbufsiz; | 599 | unsigned int nlbufsiz; |
| 600 | unsigned int plen; | ||
| 604 | 601 | ||
| 605 | if (li_user && li_user->type == NF_LOG_TYPE_ULOG) | 602 | if (li_user && li_user->type == NF_LOG_TYPE_ULOG) |
| 606 | li = li_user; | 603 | li = li_user; |
| @@ -616,6 +613,10 @@ nfulnl_log_packet(unsigned int pf, | |||
| 616 | return; | 613 | return; |
| 617 | } | 614 | } |
| 618 | 615 | ||
| 616 | plen = 0; | ||
| 617 | if (prefix) | ||
| 618 | plen = strlen(prefix); | ||
| 619 | |||
| 619 | /* all macros expand to constant values at compile time */ | 620 | /* all macros expand to constant values at compile time */ |
| 620 | /* FIXME: do we want to make the size calculation conditional based on | 621 | /* FIXME: do we want to make the size calculation conditional based on |
| 621 | * what is actually present? way more branches and checks, but more | 622 | * what is actually present? way more branches and checks, but more |
| @@ -630,7 +631,7 @@ nfulnl_log_packet(unsigned int pf, | |||
| 630 | #endif | 631 | #endif |
| 631 | + NFA_SPACE(sizeof(u_int32_t)) /* mark */ | 632 | + NFA_SPACE(sizeof(u_int32_t)) /* mark */ |
| 632 | + NFA_SPACE(sizeof(u_int32_t)) /* uid */ | 633 | + NFA_SPACE(sizeof(u_int32_t)) /* uid */ |
| 633 | + NFA_SPACE(NFULNL_PREFIXLEN) /* prefix */ | 634 | + NFA_SPACE(plen) /* prefix */ |
| 634 | + NFA_SPACE(sizeof(struct nfulnl_msg_packet_hw)) | 635 | + NFA_SPACE(sizeof(struct nfulnl_msg_packet_hw)) |
| 635 | + NFA_SPACE(sizeof(struct nfulnl_msg_packet_timestamp)); | 636 | + NFA_SPACE(sizeof(struct nfulnl_msg_packet_timestamp)); |
| 636 | 637 | ||
| @@ -701,7 +702,7 @@ nfulnl_log_packet(unsigned int pf, | |||
| 701 | inst->qlen++; | 702 | inst->qlen++; |
| 702 | 703 | ||
| 703 | __build_packet_message(inst, skb, data_len, pf, | 704 | __build_packet_message(inst, skb, data_len, pf, |
| 704 | hooknum, in, out, li, prefix); | 705 | hooknum, in, out, li, prefix, plen); |
| 705 | 706 | ||
| 706 | /* timer_pending always called within inst->lock, so there | 707 | /* timer_pending always called within inst->lock, so there |
| 707 | * is no chance of a race here */ | 708 | * is no chance of a race here */ |