diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2009-04-15 15:40:13 -0400 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2009-05-08 04:30:49 -0400 |
| commit | bb70dfa5f8ab4a0f1c699ddb3ef0276d91219b7c (patch) | |
| tree | 23c091d2be214b26d87d7800ca363288510311a3 /net/ipv4 | |
| parent | 7a6b1c46e28ab0511be26c238d552c00b51b88c5 (diff) | |
netfilter: xtables: consolidate comefrom debug cast access
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index d91ecd4c264e..7b35c0b3841b 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
| @@ -311,6 +311,8 @@ ipt_do_table(struct sk_buff *skb, | |||
| 311 | const struct net_device *out, | 311 | const struct net_device *out, |
| 312 | struct xt_table *table) | 312 | struct xt_table *table) |
| 313 | { | 313 | { |
| 314 | #define tb_comefrom ((struct ipt_entry *)table_base)->comefrom | ||
| 315 | |||
| 314 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); | 316 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); |
| 315 | const struct iphdr *ip; | 317 | const struct iphdr *ip; |
| 316 | u_int16_t datalen; | 318 | u_int16_t datalen; |
| @@ -409,18 +411,19 @@ ipt_do_table(struct sk_buff *skb, | |||
| 409 | abs. verdicts */ | 411 | abs. verdicts */ |
| 410 | tgpar.target = t->u.kernel.target; | 412 | tgpar.target = t->u.kernel.target; |
| 411 | tgpar.targinfo = t->data; | 413 | tgpar.targinfo = t->data; |
| 414 | |||
| 415 | |||
| 412 | #ifdef CONFIG_NETFILTER_DEBUG | 416 | #ifdef CONFIG_NETFILTER_DEBUG |
| 413 | ((struct ipt_entry *)table_base)->comefrom = 0xeeeeeeec; | 417 | tb_comefrom = 0xeeeeeeec; |
| 414 | #endif | 418 | #endif |
| 415 | verdict = t->u.kernel.target->target(skb, &tgpar); | 419 | verdict = t->u.kernel.target->target(skb, &tgpar); |
| 416 | #ifdef CONFIG_NETFILTER_DEBUG | 420 | #ifdef CONFIG_NETFILTER_DEBUG |
| 417 | if (((struct ipt_entry *)table_base)->comefrom != 0xeeeeeeec && | 421 | if (comefrom != 0xeeeeeeec && verdict == IPT_CONTINUE) { |
| 418 | verdict == IPT_CONTINUE) { | ||
| 419 | printk("Target %s reentered!\n", | 422 | printk("Target %s reentered!\n", |
| 420 | t->u.kernel.target->name); | 423 | t->u.kernel.target->name); |
| 421 | verdict = NF_DROP; | 424 | verdict = NF_DROP; |
| 422 | } | 425 | } |
| 423 | ((struct ipt_entry *)table_base)->comefrom = 0x57acc001; | 426 | tb_comefrom = 0x57acc001; |
| 424 | #endif | 427 | #endif |
| 425 | /* Target might have changed stuff. */ | 428 | /* Target might have changed stuff. */ |
| 426 | ip = ip_hdr(skb); | 429 | ip = ip_hdr(skb); |
| @@ -441,6 +444,8 @@ ipt_do_table(struct sk_buff *skb, | |||
| 441 | return NF_DROP; | 444 | return NF_DROP; |
| 442 | else return verdict; | 445 | else return verdict; |
| 443 | #endif | 446 | #endif |
| 447 | |||
| 448 | #undef tb_comefrom | ||
| 444 | } | 449 | } |
| 445 | 450 | ||
| 446 | /* Figures out from what hook each rule can be called: returns 0 if | 451 | /* Figures out from what hook each rule can be called: returns 0 if |