diff options
| author | Patrick McHardy <kaber@trash.net> | 2007-07-08 01:31:07 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2007-07-11 01:17:54 -0400 |
| commit | df43b4e7ca46952756b2fc039ed80469b1bff62d (patch) | |
| tree | 84fed9a5fafb0dec8695985b1db150e9b879f9eb | |
| parent | 6823645d608541c2c69e8a99454936e058c294e0 (diff) | |
[NETFILTER]: nf_conntrack_ftp: use nf_ct_expect_init
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/netfilter/nf_conntrack_ftp.c | 36 |
1 files changed, 6 insertions, 30 deletions
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c index 5efe65d4b3c0..9ad15191bb44 100644 --- a/net/netfilter/nf_conntrack_ftp.c +++ b/net/netfilter/nf_conntrack_ftp.c | |||
| @@ -364,6 +364,7 @@ static int help(struct sk_buff **pskb, | |||
| 364 | unsigned int matchlen, matchoff; | 364 | unsigned int matchlen, matchoff; |
| 365 | struct nf_ct_ftp_master *ct_ftp_info = &nfct_help(ct)->help.ct_ftp_info; | 365 | struct nf_ct_ftp_master *ct_ftp_info = &nfct_help(ct)->help.ct_ftp_info; |
| 366 | struct nf_conntrack_expect *exp; | 366 | struct nf_conntrack_expect *exp; |
| 367 | union nf_conntrack_address *daddr; | ||
| 367 | struct nf_conntrack_man cmd = {}; | 368 | struct nf_conntrack_man cmd = {}; |
| 368 | unsigned int i; | 369 | unsigned int i; |
| 369 | int found = 0, ends_in_nl; | 370 | int found = 0, ends_in_nl; |
| @@ -454,7 +455,7 @@ static int help(struct sk_buff **pskb, | |||
| 454 | /* We refer to the reverse direction ("!dir") tuples here, | 455 | /* We refer to the reverse direction ("!dir") tuples here, |
| 455 | * because we're expecting something in the other direction. | 456 | * because we're expecting something in the other direction. |
| 456 | * Doesn't matter unless NAT is happening. */ | 457 | * Doesn't matter unless NAT is happening. */ |
| 457 | exp->tuple.dst.u3 = ct->tuplehash[!dir].tuple.dst.u3; | 458 | daddr = &ct->tuplehash[!dir].tuple.dst.u3; |
| 458 | 459 | ||
| 459 | /* Update the ftp info */ | 460 | /* Update the ftp info */ |
| 460 | if ((cmd.l3num == ct->tuplehash[dir].tuple.src.l3num) && | 461 | if ((cmd.l3num == ct->tuplehash[dir].tuple.src.l3num) && |
| @@ -483,37 +484,12 @@ static int help(struct sk_buff **pskb, | |||
| 483 | ret = NF_ACCEPT; | 484 | ret = NF_ACCEPT; |
| 484 | goto out_put_expect; | 485 | goto out_put_expect; |
| 485 | } | 486 | } |
| 486 | memcpy(&exp->tuple.dst.u3, &cmd.u3.all, | 487 | daddr = &cmd.u3; |
| 487 | sizeof(exp->tuple.dst.u3)); | ||
| 488 | } | 488 | } |
| 489 | 489 | ||
| 490 | exp->tuple.src.u3 = ct->tuplehash[!dir].tuple.src.u3; | 490 | nf_ct_expect_init(exp, cmd.l3num, |
| 491 | exp->tuple.src.l3num = cmd.l3num; | 491 | &ct->tuplehash[!dir].tuple.src.u3, daddr, |
| 492 | exp->tuple.src.u.tcp.port = 0; | 492 | IPPROTO_TCP, NULL, &cmd.u.tcp.port); |
| 493 | exp->tuple.dst.u.tcp.port = cmd.u.tcp.port; | ||
| 494 | exp->tuple.dst.protonum = IPPROTO_TCP; | ||
| 495 | |||
| 496 | exp->mask = (struct nf_conntrack_tuple) | ||
| 497 | { .src = { .l3num = 0xFFFF, | ||
| 498 | .u = { .tcp = { 0 }}, | ||
| 499 | }, | ||
| 500 | .dst = { .protonum = 0xFF, | ||
| 501 | .u = { .tcp = { __constant_htons(0xFFFF) }}, | ||
| 502 | }, | ||
| 503 | }; | ||
| 504 | if (cmd.l3num == PF_INET) { | ||
| 505 | exp->mask.src.u3.ip = htonl(0xFFFFFFFF); | ||
| 506 | exp->mask.dst.u3.ip = htonl(0xFFFFFFFF); | ||
| 507 | } else { | ||
| 508 | memset(exp->mask.src.u3.ip6, 0xFF, | ||
| 509 | sizeof(exp->mask.src.u3.ip6)); | ||
| 510 | memset(exp->mask.dst.u3.ip6, 0xFF, | ||
| 511 | sizeof(exp->mask.src.u3.ip6)); | ||
| 512 | } | ||
| 513 | |||
| 514 | exp->expectfn = NULL; | ||
| 515 | exp->helper = NULL; | ||
| 516 | exp->flags = 0; | ||
| 517 | 493 | ||
| 518 | /* Now, NAT might want to mangle the packet, and register the | 494 | /* Now, NAT might want to mangle the packet, and register the |
| 519 | * (possibly changed) expectation itself. */ | 495 | * (possibly changed) expectation itself. */ |