diff options
author | Harald Welte <laforge@netfilter.org> | 2005-06-28 15:49:30 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-06-28 15:49:30 -0400 |
commit | 4095ebf1e641b0f37ee1cd04c903bb85cf4ed25b (patch) | |
tree | ffe37949a9d27ff0b369b3e867009237f38f70ef | |
parent | 85c1937b2693a0d4e39bb2644d720ed3703b9830 (diff) |
[NETFILTER]: ipt_CLUSTERIP: fix ARP mangling
This patch adds mangling of ARP requests (in addition to replies),
since ARP caches are made from snooping both requests and replies.
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/ipv4/netfilter/ipt_CLUSTERIP.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index 9cde8c61f525..6706d3a1bc4f 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
@@ -30,7 +30,7 @@ | |||
30 | #include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> | 30 | #include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> |
31 | #include <linux/netfilter_ipv4/ip_conntrack.h> | 31 | #include <linux/netfilter_ipv4/ip_conntrack.h> |
32 | 32 | ||
33 | #define CLUSTERIP_VERSION "0.6" | 33 | #define CLUSTERIP_VERSION "0.7" |
34 | 34 | ||
35 | #define DEBUG_CLUSTERIP | 35 | #define DEBUG_CLUSTERIP |
36 | 36 | ||
@@ -524,8 +524,9 @@ arp_mangle(unsigned int hook, | |||
524 | || arp->ar_pln != 4 || arp->ar_hln != ETH_ALEN) | 524 | || arp->ar_pln != 4 || arp->ar_hln != ETH_ALEN) |
525 | return NF_ACCEPT; | 525 | return NF_ACCEPT; |
526 | 526 | ||
527 | /* we only want to mangle arp replies */ | 527 | /* we only want to mangle arp requests and replies */ |
528 | if (arp->ar_op != htons(ARPOP_REPLY)) | 528 | if (arp->ar_op != htons(ARPOP_REPLY) |
529 | && arp->ar_op != htons(ARPOP_REQUEST)) | ||
529 | return NF_ACCEPT; | 530 | return NF_ACCEPT; |
530 | 531 | ||
531 | payload = (void *)(arp+1); | 532 | payload = (void *)(arp+1); |