[BRIDGE]: netfilter VLAN macro cleanup

Fix the VLAN macros in bridge netfilter code. Macros should not depend on magic variables. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Stephen Hemminger <shemminger@osdl.org> 2006-03-21 01:58:05 -0500
committer: David S. Miller <davem@davemloft.net> 2006-03-21 01:58:05 -0500
commit: 8b42ec39264a1e7a508f5d80169a5fb137bcc833 (patch)
tree: 34962088422c343b4d2494c1dfadf657fc198b42
parent: f8a26028611fb93ac935ac32a72793f7fcb56a88 (diff)
1 files changed, 27 insertions, 23 deletions
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index ea34aa505af2..6fc9ecc4eb39 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -61,15 +61,25 @@ static int brnf_filter_vlan_tagged = 1;
 #define brnf_filter_vlan_tagged 1
 #endif
-#define IS_VLAN_IP (skb->protocol == htons(ETH_P_8021Q) &&    \
+static __be16 inline vlan_proto(const struct sk_buff *skb)
-        hdr->h_vlan_encapsulated_proto == htons(ETH_P_IP) &&  \
+{
-        brnf_filter_vlan_tagged)
+        return vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
-#define IS_VLAN_IPV6 (skb->protocol == htons(ETH_P_8021Q) &&    \
+}
-        hdr->h_vlan_encapsulated_proto == htons(ETH_P_IPV6) &&  \
-        brnf_filter_vlan_tagged)
+#define IS_VLAN_IP(skb) \
-#define IS_VLAN_ARP (skb->protocol == htons(ETH_P_8021Q) &&   \
+        (skb->protocol == htons(ETH_P_8021Q) && \
-        hdr->h_vlan_encapsulated_proto == htons(ETH_P_ARP) && \
+         vlan_proto(skb) == htons(ETH_P_IP) &&  \
-        brnf_filter_vlan_tagged)
+         brnf_filter_vlan_tagged)
+#define IS_VLAN_IPV6(skb) \
+        (skb->protocol == htons(ETH_P_8021Q) && \
+         vlan_proto(skb) == htons(ETH_P_IPV6) &&\
+         brnf_filter_vlan_tagged)
+#define IS_VLAN_ARP(skb) \
+        (skb->protocol == htons(ETH_P_8021Q) && \
+         vlan_proto(skb) == htons(ETH_P_ARP) && \
+         brnf_filter_vlan_tagged)
 /* We need these fake structures to make netfilter happy --
 * lots of places assume that skb->dst != NULL, which isn't
@@ -419,9 +429,8 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
        __u32 len;
        struct sk_buff *skb = *pskb;
        struct nf_bridge_info *nf_bridge;
-        struct vlan_ethhdr *hdr = vlan_eth_hdr(*pskb);
-        if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6) {
+        if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb)) {
 #ifdef CONFIG_SYSCTL
                if (!brnf_call_ip6tables)
                        return NF_ACCEPT;
@@ -440,7 +449,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
                return NF_ACCEPT;
 #endif
-        if (skb->protocol != htons(ETH_P_IP) && !IS_VLAN_IP)
+        if (skb->protocol != htons(ETH_P_IP) && !IS_VLAN_IP(skb))
                return NF_ACCEPT;
        if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL)
@@ -521,9 +530,8 @@ static int br_nf_forward_finish(struct sk_buff *skb)
 {
        struct nf_bridge_info *nf_bridge = skb->nf_bridge;
        struct net_device *in;
-        struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
-        if (skb->protocol != htons(ETH_P_ARP) && !IS_VLAN_ARP) {
+        if (skb->protocol != htons(ETH_P_ARP) && !IS_VLAN_ARP(skb)) {
                in = nf_bridge->physindev;
                if (nf_bridge->mask & BRNF_PKT_TYPE) {
                        skb->pkt_type = PACKET_OTHERHOST;
@@ -553,7 +561,6 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb,
 {
        struct sk_buff *skb = *pskb;
        struct nf_bridge_info *nf_bridge;
-        struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
        struct net_device *parent;
        int pf;
@@ -564,7 +571,7 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb,
        if (!parent)
                return NF_DROP;
-        if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP)
+        if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb))
                pf = PF_INET;
        else
                pf = PF_INET6;
@@ -596,7 +603,6 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
                                      int (*okfn)(struct sk_buff *))
 {
        struct sk_buff *skb = *pskb;
-        struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
        struct net_device **d = (struct net_device **)(skb->cb);
 #ifdef CONFIG_SYSCTL
@@ -605,14 +611,14 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
 #endif
        if (skb->protocol != htons(ETH_P_ARP)) {
-                if (!IS_VLAN_ARP)
+                if (!IS_VLAN_ARP(skb))
                        return NF_ACCEPT;
                skb_pull(*pskb, VLAN_HLEN);
                (*pskb)->nh.raw += VLAN_HLEN;
        }
        if (skb->nh.arph->ar_pln != 4) {
-                if (IS_VLAN_ARP) {
+                if (IS_VLAN_ARP(skb)) {
                        skb_push(*pskb, VLAN_HLEN);
                        (*pskb)->nh.raw -= VLAN_HLEN;
                }
@@ -667,13 +673,12 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb,
        struct net_device *realindev, *realoutdev;
        struct sk_buff *skb = *pskb;
        struct nf_bridge_info *nf_bridge;
-        struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
        int pf;
        if (!skb->nf_bridge)
                return NF_ACCEPT;
-        if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP)
+        if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb))
                pf = PF_INET;
        else
                pf = PF_INET6;
@@ -752,7 +757,6 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
 {
        struct sk_buff *skb = *pskb;
        struct nf_bridge_info *nf_bridge = (*pskb)->nf_bridge;
-        struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
        struct net_device *realoutdev = bridge_parent(skb->dev);
        int pf;
@@ -772,7 +776,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
        if (!realoutdev)
                return NF_DROP;
-        if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP)
+        if (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb))
                pf = PF_INET;
        else
                pf = PF_INET6;
author	Stephen Hemminger <shemminger@osdl.org>	2006-03-21 01:58:05 -0500
committer	David S. Miller <davem@davemloft.net>	2006-03-21 01:58:05 -0500
commit	8b42ec39264a1e7a508f5d80169a5fb137bcc833 (patch)
tree	34962088422c343b4d2494c1dfadf657fc198b42
parent	f8a26028611fb93ac935ac32a72793f7fcb56a88 (diff)

diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index ea34aa505af2..6fc9ecc4eb39 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c
@@ -61,15 +61,25 @@ static int brnf_filter_vlan_tagged = 1;
61	#define brnf_filter_vlan_tagged 1	61	#define brnf_filter_vlan_tagged 1
62	#endif	62	#endif
63		63
64	#define IS_VLAN_IP (skb->protocol == htons(ETH_P_8021Q) && \	64	static __be16 inline vlan_proto(const struct sk_buff *skb)
65	hdr->h_vlan_encapsulated_proto == htons(ETH_P_IP) && \	65	{
66	brnf_filter_vlan_tagged)	66	return vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
67	#define IS_VLAN_IPV6 (skb->protocol == htons(ETH_P_8021Q) && \	67	}
68	hdr->h_vlan_encapsulated_proto == htons(ETH_P_IPV6) && \	68
69	brnf_filter_vlan_tagged)	69	#define IS_VLAN_IP(skb) \
70	#define IS_VLAN_ARP (skb->protocol == htons(ETH_P_8021Q) && \	70	(skb->protocol == htons(ETH_P_8021Q) && \
71	hdr->h_vlan_encapsulated_proto == htons(ETH_P_ARP) && \	71	vlan_proto(skb) == htons(ETH_P_IP) && \
72	brnf_filter_vlan_tagged)	72	brnf_filter_vlan_tagged)
		73
		74	#define IS_VLAN_IPV6(skb) \
		75	(skb->protocol == htons(ETH_P_8021Q) && \
		76	vlan_proto(skb) == htons(ETH_P_IPV6) &&\
		77	brnf_filter_vlan_tagged)
		78
		79	#define IS_VLAN_ARP(skb) \
		80	(skb->protocol == htons(ETH_P_8021Q) && \
		81	vlan_proto(skb) == htons(ETH_P_ARP) && \
		82	brnf_filter_vlan_tagged)
73		83
74	/* We need these fake structures to make netfilter happy --	84	/* We need these fake structures to make netfilter happy --
75	* lots of places assume that skb->dst != NULL, which isn't	85	* lots of places assume that skb->dst != NULL, which isn't
@@ -419,9 +429,8 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
419	__u32 len;	429	__u32 len;
420	struct sk_buff skb = pskb;	430	struct sk_buff skb = pskb;
421	struct nf_bridge_info *nf_bridge;	431	struct nf_bridge_info *nf_bridge;
422	struct vlan_ethhdr hdr = vlan_eth_hdr(pskb);
423		432
424	if (skb->protocol == htons(ETH_P_IPV6) \|\| IS_VLAN_IPV6) {	433	if (skb->protocol == htons(ETH_P_IPV6) \|\| IS_VLAN_IPV6(skb)) {
425	#ifdef CONFIG_SYSCTL	434	#ifdef CONFIG_SYSCTL
426	if (!brnf_call_ip6tables)	435	if (!brnf_call_ip6tables)
427	return NF_ACCEPT;	436	return NF_ACCEPT;
@@ -440,7 +449,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
440	return NF_ACCEPT;	449	return NF_ACCEPT;
441	#endif	450	#endif
442		451
443	if (skb->protocol != htons(ETH_P_IP) && !IS_VLAN_IP)	452	if (skb->protocol != htons(ETH_P_IP) && !IS_VLAN_IP(skb))
444	return NF_ACCEPT;	453	return NF_ACCEPT;
445		454
446	if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL)	455	if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL)
@@ -521,9 +530,8 @@ static int br_nf_forward_finish(struct sk_buff *skb)
521	{	530	{
522	struct nf_bridge_info *nf_bridge = skb->nf_bridge;	531	struct nf_bridge_info *nf_bridge = skb->nf_bridge;
523	struct net_device *in;	532	struct net_device *in;
524	struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
525		533
526	if (skb->protocol != htons(ETH_P_ARP) && !IS_VLAN_ARP) {	534	if (skb->protocol != htons(ETH_P_ARP) && !IS_VLAN_ARP(skb)) {
527	in = nf_bridge->physindev;	535	in = nf_bridge->physindev;
528	if (nf_bridge->mask & BRNF_PKT_TYPE) {	536	if (nf_bridge->mask & BRNF_PKT_TYPE) {
529	skb->pkt_type = PACKET_OTHERHOST;	537	skb->pkt_type = PACKET_OTHERHOST;
@@ -553,7 +561,6 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb,
553	{	561	{
554	struct sk_buff skb = pskb;	562	struct sk_buff skb = pskb;
555	struct nf_bridge_info *nf_bridge;	563	struct nf_bridge_info *nf_bridge;
556	struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
557	struct net_device *parent;	564	struct net_device *parent;
558	int pf;	565	int pf;
559		566
@@ -564,7 +571,7 @@ static unsigned int br_nf_forward_ip(unsigned int hook, struct sk_buff **pskb,
564	if (!parent)	571	if (!parent)
565	return NF_DROP;	572	return NF_DROP;
566		573
567	if (skb->protocol == htons(ETH_P_IP) \|\| IS_VLAN_IP)	574	if (skb->protocol == htons(ETH_P_IP) \|\| IS_VLAN_IP(skb))
568	pf = PF_INET;	575	pf = PF_INET;
569	else	576	else
570	pf = PF_INET6;	577	pf = PF_INET6;
@@ -596,7 +603,6 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
596	int (okfn)(struct sk_buff ))	603	int (okfn)(struct sk_buff ))
597	{	604	{
598	struct sk_buff skb = pskb;	605	struct sk_buff skb = pskb;
599	struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
600	struct net_device d = (struct net_device )(skb->cb);	606	struct net_device d = (struct net_device )(skb->cb);
601		607
602	#ifdef CONFIG_SYSCTL	608	#ifdef CONFIG_SYSCTL
@@ -605,14 +611,14 @@ static unsigned int br_nf_forward_arp(unsigned int hook, struct sk_buff **pskb,
605	#endif	611	#endif
606		612
607	if (skb->protocol != htons(ETH_P_ARP)) {	613	if (skb->protocol != htons(ETH_P_ARP)) {
608	if (!IS_VLAN_ARP)	614	if (!IS_VLAN_ARP(skb))
609	return NF_ACCEPT;	615	return NF_ACCEPT;
610	skb_pull(*pskb, VLAN_HLEN);	616	skb_pull(*pskb, VLAN_HLEN);
611	(*pskb)->nh.raw += VLAN_HLEN;	617	(*pskb)->nh.raw += VLAN_HLEN;
612	}	618	}
613		619
614	if (skb->nh.arph->ar_pln != 4) {	620	if (skb->nh.arph->ar_pln != 4) {
615	if (IS_VLAN_ARP) {	621	if (IS_VLAN_ARP(skb)) {
616	skb_push(*pskb, VLAN_HLEN);	622	skb_push(*pskb, VLAN_HLEN);
617	(*pskb)->nh.raw -= VLAN_HLEN;	623	(*pskb)->nh.raw -= VLAN_HLEN;
618	}	624	}
@@ -667,13 +673,12 @@ static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb,
667	struct net_device realindev, realoutdev;	673	struct net_device realindev, realoutdev;
668	struct sk_buff skb = pskb;	674	struct sk_buff skb = pskb;
669	struct nf_bridge_info *nf_bridge;	675	struct nf_bridge_info *nf_bridge;
670	struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
671	int pf;	676	int pf;
672		677
673	if (!skb->nf_bridge)	678	if (!skb->nf_bridge)
674	return NF_ACCEPT;	679	return NF_ACCEPT;
675		680
676	if (skb->protocol == htons(ETH_P_IP) \|\| IS_VLAN_IP)	681	if (skb->protocol == htons(ETH_P_IP) \|\| IS_VLAN_IP(skb))
677	pf = PF_INET;	682	pf = PF_INET;
678	else	683	else
679	pf = PF_INET6;	684	pf = PF_INET6;
@@ -752,7 +757,6 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
752	{	757	{
753	struct sk_buff skb = pskb;	758	struct sk_buff skb = pskb;
754	struct nf_bridge_info nf_bridge = (pskb)->nf_bridge;	759	struct nf_bridge_info nf_bridge = (pskb)->nf_bridge;
755	struct vlan_ethhdr *hdr = vlan_eth_hdr(skb);
756	struct net_device *realoutdev = bridge_parent(skb->dev);	760	struct net_device *realoutdev = bridge_parent(skb->dev);
757	int pf;	761	int pf;
758		762
@@ -772,7 +776,7 @@ static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb,
772	if (!realoutdev)	776	if (!realoutdev)
773	return NF_DROP;	777	return NF_DROP;
774		778
775	if (skb->protocol == htons(ETH_P_IP) \|\| IS_VLAN_IP)	779	if (skb->protocol == htons(ETH_P_IP) \|\| IS_VLAN_IP(skb))
776	pf = PF_INET;	780	pf = PF_INET;
777	else	781	else
778	pf = PF_INET6;	782	pf = PF_INET6;