diff options
author | Patrick McHardy <kaber@trash.net> | 2006-09-20 15:07:39 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-09-22 18:20:07 -0400 |
commit | edd5a329cf69c112882e03c8ab55e985062a5d2a (patch) | |
tree | bbaad0b5ccb74b6eff9a81ed6b6df99dfb674a0f /net/ipv4 | |
parent | 127f15dd659b20e722561ff8c86dc058e1a72323 (diff) |
[NETFILTER]: PPTP conntrack: fix whitespace errors
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_helper_pptp.c | 76 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_proto_gre.c | 28 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_nat_helper_pptp.c | 92 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_nat_proto_gre.c | 20 |
4 files changed, 108 insertions, 108 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c index b020a33e65e9..6c94dd5d476c 100644 --- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c +++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c | |||
@@ -20,11 +20,11 @@ | |||
20 | * - We can only support one single call within each session | 20 | * - We can only support one single call within each session |
21 | * | 21 | * |
22 | * TODO: | 22 | * TODO: |
23 | * - testing of incoming PPTP calls | 23 | * - testing of incoming PPTP calls |
24 | * | 24 | * |
25 | * Changes: | 25 | * Changes: |
26 | * 2002-02-05 - Version 1.3 | 26 | * 2002-02-05 - Version 1.3 |
27 | * - Call ip_conntrack_unexpect_related() from | 27 | * - Call ip_conntrack_unexpect_related() from |
28 | * pptp_destroy_siblings() to destroy expectations in case | 28 | * pptp_destroy_siblings() to destroy expectations in case |
29 | * CALL_DISCONNECT_NOTIFY or tcp fin packet was seen | 29 | * CALL_DISCONNECT_NOTIFY or tcp fin packet was seen |
30 | * (Philip Craig <philipc@snapgear.com>) | 30 | * (Philip Craig <philipc@snapgear.com>) |
@@ -141,7 +141,7 @@ static void pptp_expectfn(struct ip_conntrack *ct, | |||
141 | invert_tuplepr(&inv_t, &exp->tuple); | 141 | invert_tuplepr(&inv_t, &exp->tuple); |
142 | DEBUGP("trying to unexpect other dir: "); | 142 | DEBUGP("trying to unexpect other dir: "); |
143 | DUMP_TUPLE(&inv_t); | 143 | DUMP_TUPLE(&inv_t); |
144 | 144 | ||
145 | exp_other = ip_conntrack_expect_find(&inv_t); | 145 | exp_other = ip_conntrack_expect_find(&inv_t); |
146 | if (exp_other) { | 146 | if (exp_other) { |
147 | /* delete other expectation. */ | 147 | /* delete other expectation. */ |
@@ -194,7 +194,7 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct) | |||
194 | { | 194 | { |
195 | struct ip_conntrack_tuple t; | 195 | struct ip_conntrack_tuple t; |
196 | 196 | ||
197 | /* Since ct->sibling_list has literally rusted away in 2.6.11, | 197 | /* Since ct->sibling_list has literally rusted away in 2.6.11, |
198 | * we now need another way to find out about our sibling | 198 | * we now need another way to find out about our sibling |
199 | * contrack and expects... -HW */ | 199 | * contrack and expects... -HW */ |
200 | 200 | ||
@@ -264,7 +264,7 @@ exp_gre(struct ip_conntrack *master, | |||
264 | exp_orig->mask.dst.u.gre.key = htons(0xffff); | 264 | exp_orig->mask.dst.u.gre.key = htons(0xffff); |
265 | exp_orig->mask.dst.ip = 0xffffffff; | 265 | exp_orig->mask.dst.ip = 0xffffffff; |
266 | exp_orig->mask.dst.protonum = 0xff; | 266 | exp_orig->mask.dst.protonum = 0xff; |
267 | 267 | ||
268 | exp_orig->master = master; | 268 | exp_orig->master = master; |
269 | exp_orig->expectfn = pptp_expectfn; | 269 | exp_orig->expectfn = pptp_expectfn; |
270 | exp_orig->flags = 0; | 270 | exp_orig->flags = 0; |
@@ -322,7 +322,7 @@ out_unexpect_orig: | |||
322 | goto out_put_both; | 322 | goto out_put_both; |
323 | } | 323 | } |
324 | 324 | ||
325 | static inline int | 325 | static inline int |
326 | pptp_inbound_pkt(struct sk_buff **pskb, | 326 | pptp_inbound_pkt(struct sk_buff **pskb, |
327 | struct tcphdr *tcph, | 327 | struct tcphdr *tcph, |
328 | unsigned int nexthdr_off, | 328 | unsigned int nexthdr_off, |
@@ -336,7 +336,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, | |||
336 | struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info; | 336 | struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info; |
337 | u_int16_t msg; | 337 | u_int16_t msg; |
338 | __be16 *cid, *pcid; | 338 | __be16 *cid, *pcid; |
339 | u_int32_t seq; | 339 | u_int32_t seq; |
340 | 340 | ||
341 | ctlh = skb_header_pointer(*pskb, nexthdr_off, sizeof(_ctlh), &_ctlh); | 341 | ctlh = skb_header_pointer(*pskb, nexthdr_off, sizeof(_ctlh), &_ctlh); |
342 | if (!ctlh) { | 342 | if (!ctlh) { |
@@ -373,7 +373,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, | |||
373 | } | 373 | } |
374 | if (pptpReq->srep.resultCode == PPTP_START_OK) | 374 | if (pptpReq->srep.resultCode == PPTP_START_OK) |
375 | info->sstate = PPTP_SESSION_CONFIRMED; | 375 | info->sstate = PPTP_SESSION_CONFIRMED; |
376 | else | 376 | else |
377 | info->sstate = PPTP_SESSION_ERROR; | 377 | info->sstate = PPTP_SESSION_ERROR; |
378 | break; | 378 | break; |
379 | 379 | ||
@@ -420,22 +420,22 @@ pptp_inbound_pkt(struct sk_buff **pskb, | |||
420 | pcid = &pptpReq->ocack.peersCallID; | 420 | pcid = &pptpReq->ocack.peersCallID; |
421 | 421 | ||
422 | info->pac_call_id = ntohs(*cid); | 422 | info->pac_call_id = ntohs(*cid); |
423 | 423 | ||
424 | if (htons(info->pns_call_id) != *pcid) { | 424 | if (htons(info->pns_call_id) != *pcid) { |
425 | DEBUGP("%s for unknown callid %u\n", | 425 | DEBUGP("%s for unknown callid %u\n", |
426 | pptp_msg_name[msg], ntohs(*pcid)); | 426 | pptp_msg_name[msg], ntohs(*pcid)); |
427 | break; | 427 | break; |
428 | } | 428 | } |
429 | 429 | ||
430 | DEBUGP("%s, CID=%X, PCID=%X\n", pptp_msg_name[msg], | 430 | DEBUGP("%s, CID=%X, PCID=%X\n", pptp_msg_name[msg], |
431 | ntohs(*cid), ntohs(*pcid)); | 431 | ntohs(*cid), ntohs(*pcid)); |
432 | 432 | ||
433 | info->cstate = PPTP_CALL_OUT_CONF; | 433 | info->cstate = PPTP_CALL_OUT_CONF; |
434 | 434 | ||
435 | seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr) | 435 | seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr) |
436 | + sizeof(struct PptpControlHeader) | 436 | + sizeof(struct PptpControlHeader) |
437 | + ((void *)pcid - (void *)pptpReq); | 437 | + ((void *)pcid - (void *)pptpReq); |
438 | 438 | ||
439 | if (exp_gre(ct, seq, *cid, *pcid) != 0) | 439 | if (exp_gre(ct, seq, *cid, *pcid) != 0) |
440 | printk("ip_conntrack_pptp: error during exp_gre\n"); | 440 | printk("ip_conntrack_pptp: error during exp_gre\n"); |
441 | break; | 441 | break; |
@@ -479,7 +479,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, | |||
479 | cid = &info->pac_call_id; | 479 | cid = &info->pac_call_id; |
480 | 480 | ||
481 | if (info->pns_call_id != ntohs(*pcid)) { | 481 | if (info->pns_call_id != ntohs(*pcid)) { |
482 | DEBUGP("%s for unknown CallID %u\n", | 482 | DEBUGP("%s for unknown CallID %u\n", |
483 | pptp_msg_name[msg], ntohs(*pcid)); | 483 | pptp_msg_name[msg], ntohs(*pcid)); |
484 | break; | 484 | break; |
485 | } | 485 | } |
@@ -491,7 +491,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, | |||
491 | seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr) | 491 | seq = ntohl(tcph->seq) + sizeof(struct pptp_pkt_hdr) |
492 | + sizeof(struct PptpControlHeader) | 492 | + sizeof(struct PptpControlHeader) |
493 | + ((void *)pcid - (void *)pptpReq); | 493 | + ((void *)pcid - (void *)pptpReq); |
494 | 494 | ||
495 | if (exp_gre(ct, seq, *cid, *pcid) != 0) | 495 | if (exp_gre(ct, seq, *cid, *pcid) != 0) |
496 | printk("ip_conntrack_pptp: error during exp_gre\n"); | 496 | printk("ip_conntrack_pptp: error during exp_gre\n"); |
497 | 497 | ||
@@ -554,7 +554,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, | |||
554 | return NF_ACCEPT; | 554 | return NF_ACCEPT; |
555 | nexthdr_off += sizeof(_ctlh); | 555 | nexthdr_off += sizeof(_ctlh); |
556 | datalen -= sizeof(_ctlh); | 556 | datalen -= sizeof(_ctlh); |
557 | 557 | ||
558 | reqlen = datalen; | 558 | reqlen = datalen; |
559 | if (reqlen > sizeof(*pptpReq)) | 559 | if (reqlen > sizeof(*pptpReq)) |
560 | reqlen = sizeof(*pptpReq); | 560 | reqlen = sizeof(*pptpReq); |
@@ -606,7 +606,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, | |||
606 | /* client answers incoming call */ | 606 | /* client answers incoming call */ |
607 | if (info->cstate != PPTP_CALL_IN_REQ | 607 | if (info->cstate != PPTP_CALL_IN_REQ |
608 | && info->cstate != PPTP_CALL_IN_REP) { | 608 | && info->cstate != PPTP_CALL_IN_REP) { |
609 | DEBUGP("%s without incall_req\n", | 609 | DEBUGP("%s without incall_req\n", |
610 | pptp_msg_name[msg]); | 610 | pptp_msg_name[msg]); |
611 | break; | 611 | break; |
612 | } | 612 | } |
@@ -616,7 +616,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, | |||
616 | } | 616 | } |
617 | pcid = &pptpReq->icack.peersCallID; | 617 | pcid = &pptpReq->icack.peersCallID; |
618 | if (info->pac_call_id != ntohs(*pcid)) { | 618 | if (info->pac_call_id != ntohs(*pcid)) { |
619 | DEBUGP("%s for unknown call %u\n", | 619 | DEBUGP("%s for unknown call %u\n", |
620 | pptp_msg_name[msg], ntohs(*pcid)); | 620 | pptp_msg_name[msg], ntohs(*pcid)); |
621 | break; | 621 | break; |
622 | } | 622 | } |
@@ -644,12 +644,12 @@ pptp_outbound_pkt(struct sk_buff **pskb, | |||
644 | /* I don't have to explain these ;) */ | 644 | /* I don't have to explain these ;) */ |
645 | break; | 645 | break; |
646 | default: | 646 | default: |
647 | DEBUGP("invalid %s (TY=%d)\n", (msg <= PPTP_MSG_MAX)? | 647 | DEBUGP("invalid %s (TY=%d)\n", (msg <= PPTP_MSG_MAX)? |
648 | pptp_msg_name[msg]:pptp_msg_name[0], msg); | 648 | pptp_msg_name[msg]:pptp_msg_name[0], msg); |
649 | /* unknown: no need to create GRE masq table entry */ | 649 | /* unknown: no need to create GRE masq table entry */ |
650 | break; | 650 | break; |
651 | } | 651 | } |
652 | 652 | ||
653 | if (ip_nat_pptp_hook_outbound) | 653 | if (ip_nat_pptp_hook_outbound) |
654 | return ip_nat_pptp_hook_outbound(pskb, ct, ctinfo, ctlh, | 654 | return ip_nat_pptp_hook_outbound(pskb, ct, ctinfo, ctlh, |
655 | pptpReq); | 655 | pptpReq); |
@@ -659,7 +659,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, | |||
659 | 659 | ||
660 | 660 | ||
661 | /* track caller id inside control connection, call expect_related */ | 661 | /* track caller id inside control connection, call expect_related */ |
662 | static int | 662 | static int |
663 | conntrack_pptp_help(struct sk_buff **pskb, | 663 | conntrack_pptp_help(struct sk_buff **pskb, |
664 | struct ip_conntrack *ct, enum ip_conntrack_info ctinfo) | 664 | struct ip_conntrack *ct, enum ip_conntrack_info ctinfo) |
665 | 665 | ||
@@ -676,12 +676,12 @@ conntrack_pptp_help(struct sk_buff **pskb, | |||
676 | int ret; | 676 | int ret; |
677 | 677 | ||
678 | /* don't do any tracking before tcp handshake complete */ | 678 | /* don't do any tracking before tcp handshake complete */ |
679 | if (ctinfo != IP_CT_ESTABLISHED | 679 | if (ctinfo != IP_CT_ESTABLISHED |
680 | && ctinfo != IP_CT_ESTABLISHED+IP_CT_IS_REPLY) { | 680 | && ctinfo != IP_CT_ESTABLISHED+IP_CT_IS_REPLY) { |
681 | DEBUGP("ctinfo = %u, skipping\n", ctinfo); | 681 | DEBUGP("ctinfo = %u, skipping\n", ctinfo); |
682 | return NF_ACCEPT; | 682 | return NF_ACCEPT; |
683 | } | 683 | } |
684 | 684 | ||
685 | nexthdr_off = (*pskb)->nh.iph->ihl*4; | 685 | nexthdr_off = (*pskb)->nh.iph->ihl*4; |
686 | tcph = skb_header_pointer(*pskb, nexthdr_off, sizeof(_tcph), &_tcph); | 686 | tcph = skb_header_pointer(*pskb, nexthdr_off, sizeof(_tcph), &_tcph); |
687 | BUG_ON(!tcph); | 687 | BUG_ON(!tcph); |
@@ -735,28 +735,28 @@ conntrack_pptp_help(struct sk_buff **pskb, | |||
735 | } | 735 | } |
736 | 736 | ||
737 | /* control protocol helper */ | 737 | /* control protocol helper */ |
738 | static struct ip_conntrack_helper pptp = { | 738 | static struct ip_conntrack_helper pptp = { |
739 | .list = { NULL, NULL }, | 739 | .list = { NULL, NULL }, |
740 | .name = "pptp", | 740 | .name = "pptp", |
741 | .me = THIS_MODULE, | 741 | .me = THIS_MODULE, |
742 | .max_expected = 2, | 742 | .max_expected = 2, |
743 | .timeout = 5 * 60, | 743 | .timeout = 5 * 60, |
744 | .tuple = { .src = { .ip = 0, | 744 | .tuple = { .src = { .ip = 0, |
745 | .u = { .tcp = { .port = | 745 | .u = { .tcp = { .port = |
746 | __constant_htons(PPTP_CONTROL_PORT) } } | 746 | __constant_htons(PPTP_CONTROL_PORT) } } |
747 | }, | 747 | }, |
748 | .dst = { .ip = 0, | 748 | .dst = { .ip = 0, |
749 | .u = { .all = 0 }, | 749 | .u = { .all = 0 }, |
750 | .protonum = IPPROTO_TCP | 750 | .protonum = IPPROTO_TCP |
751 | } | 751 | } |
752 | }, | 752 | }, |
753 | .mask = { .src = { .ip = 0, | 753 | .mask = { .src = { .ip = 0, |
754 | .u = { .tcp = { .port = __constant_htons(0xffff) } } | 754 | .u = { .tcp = { .port = __constant_htons(0xffff) } } |
755 | }, | 755 | }, |
756 | .dst = { .ip = 0, | 756 | .dst = { .ip = 0, |
757 | .u = { .all = 0 }, | 757 | .u = { .all = 0 }, |
758 | .protonum = 0xff | 758 | .protonum = 0xff |
759 | } | 759 | } |
760 | }, | 760 | }, |
761 | .help = conntrack_pptp_help | 761 | .help = conntrack_pptp_help |
762 | }; | 762 | }; |
@@ -768,7 +768,7 @@ extern int __init ip_ct_proto_gre_init(void); | |||
768 | static int __init ip_conntrack_helper_pptp_init(void) | 768 | static int __init ip_conntrack_helper_pptp_init(void) |
769 | { | 769 | { |
770 | int retcode; | 770 | int retcode; |
771 | 771 | ||
772 | retcode = ip_ct_proto_gre_init(); | 772 | retcode = ip_ct_proto_gre_init(); |
773 | if (retcode < 0) | 773 | if (retcode < 0) |
774 | return retcode; | 774 | return retcode; |
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_gre.c b/net/ipv4/netfilter/ip_conntrack_proto_gre.c index 92c6d8b178c9..5fe026f467d3 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_gre.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_gre.c | |||
@@ -1,15 +1,15 @@ | |||
1 | /* | 1 | /* |
2 | * ip_conntrack_proto_gre.c - Version 3.0 | 2 | * ip_conntrack_proto_gre.c - Version 3.0 |
3 | * | 3 | * |
4 | * Connection tracking protocol helper module for GRE. | 4 | * Connection tracking protocol helper module for GRE. |
5 | * | 5 | * |
6 | * GRE is a generic encapsulation protocol, which is generally not very | 6 | * GRE is a generic encapsulation protocol, which is generally not very |
7 | * suited for NAT, as it has no protocol-specific part as port numbers. | 7 | * suited for NAT, as it has no protocol-specific part as port numbers. |
8 | * | 8 | * |
9 | * It has an optional key field, which may help us distinguishing two | 9 | * It has an optional key field, which may help us distinguishing two |
10 | * connections between the same two hosts. | 10 | * connections between the same two hosts. |
11 | * | 11 | * |
12 | * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 | 12 | * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 |
13 | * | 13 | * |
14 | * PPTP is built on top of a modified version of GRE, and has a mandatory | 14 | * PPTP is built on top of a modified version of GRE, and has a mandatory |
15 | * field called "CallID", which serves us for the same purpose as the key | 15 | * field called "CallID", which serves us for the same purpose as the key |
@@ -61,7 +61,7 @@ MODULE_DESCRIPTION("netfilter connection tracking protocol helper for GRE"); | |||
61 | #define DEBUGP(x, args...) | 61 | #define DEBUGP(x, args...) |
62 | #define DUMP_TUPLE_GRE(x) | 62 | #define DUMP_TUPLE_GRE(x) |
63 | #endif | 63 | #endif |
64 | 64 | ||
65 | /* GRE KEYMAP HANDLING FUNCTIONS */ | 65 | /* GRE KEYMAP HANDLING FUNCTIONS */ |
66 | static LIST_HEAD(gre_keymap_list); | 66 | static LIST_HEAD(gre_keymap_list); |
67 | 67 | ||
@@ -88,7 +88,7 @@ static __be16 gre_keymap_lookup(struct ip_conntrack_tuple *t) | |||
88 | } | 88 | } |
89 | } | 89 | } |
90 | read_unlock_bh(&ip_ct_gre_lock); | 90 | read_unlock_bh(&ip_ct_gre_lock); |
91 | 91 | ||
92 | DEBUGP("lookup src key 0x%x up key for ", key); | 92 | DEBUGP("lookup src key 0x%x up key for ", key); |
93 | DUMP_TUPLE_GRE(t); | 93 | DUMP_TUPLE_GRE(t); |
94 | 94 | ||
@@ -107,7 +107,7 @@ ip_ct_gre_keymap_add(struct ip_conntrack *ct, | |||
107 | return -1; | 107 | return -1; |
108 | } | 108 | } |
109 | 109 | ||
110 | if (!reply) | 110 | if (!reply) |
111 | exist_km = &ct->help.ct_pptp_info.keymap_orig; | 111 | exist_km = &ct->help.ct_pptp_info.keymap_orig; |
112 | else | 112 | else |
113 | exist_km = &ct->help.ct_pptp_info.keymap_reply; | 113 | exist_km = &ct->help.ct_pptp_info.keymap_reply; |
@@ -118,7 +118,7 @@ ip_ct_gre_keymap_add(struct ip_conntrack *ct, | |||
118 | if (gre_key_cmpfn(km, t) && km == *exist_km) | 118 | if (gre_key_cmpfn(km, t) && km == *exist_km) |
119 | return 0; | 119 | return 0; |
120 | } | 120 | } |
121 | DEBUGP("trying to override keymap_%s for ct %p\n", | 121 | DEBUGP("trying to override keymap_%s for ct %p\n", |
122 | reply? "reply":"orig", ct); | 122 | reply? "reply":"orig", ct); |
123 | return -EEXIST; | 123 | return -EEXIST; |
124 | } | 124 | } |
@@ -152,7 +152,7 @@ void ip_ct_gre_keymap_destroy(struct ip_conntrack *ct) | |||
152 | 152 | ||
153 | write_lock_bh(&ip_ct_gre_lock); | 153 | write_lock_bh(&ip_ct_gre_lock); |
154 | if (ct->help.ct_pptp_info.keymap_orig) { | 154 | if (ct->help.ct_pptp_info.keymap_orig) { |
155 | DEBUGP("removing %p from list\n", | 155 | DEBUGP("removing %p from list\n", |
156 | ct->help.ct_pptp_info.keymap_orig); | 156 | ct->help.ct_pptp_info.keymap_orig); |
157 | list_del(&ct->help.ct_pptp_info.keymap_orig->list); | 157 | list_del(&ct->help.ct_pptp_info.keymap_orig->list); |
158 | kfree(ct->help.ct_pptp_info.keymap_orig); | 158 | kfree(ct->help.ct_pptp_info.keymap_orig); |
@@ -220,7 +220,7 @@ static int gre_pkt_to_tuple(const struct sk_buff *skb, | |||
220 | static int gre_print_tuple(struct seq_file *s, | 220 | static int gre_print_tuple(struct seq_file *s, |
221 | const struct ip_conntrack_tuple *tuple) | 221 | const struct ip_conntrack_tuple *tuple) |
222 | { | 222 | { |
223 | return seq_printf(s, "srckey=0x%x dstkey=0x%x ", | 223 | return seq_printf(s, "srckey=0x%x dstkey=0x%x ", |
224 | ntohs(tuple->src.u.gre.key), | 224 | ntohs(tuple->src.u.gre.key), |
225 | ntohs(tuple->dst.u.gre.key)); | 225 | ntohs(tuple->dst.u.gre.key)); |
226 | } | 226 | } |
@@ -250,14 +250,14 @@ static int gre_packet(struct ip_conntrack *ct, | |||
250 | } else | 250 | } else |
251 | ip_ct_refresh_acct(ct, conntrackinfo, skb, | 251 | ip_ct_refresh_acct(ct, conntrackinfo, skb, |
252 | ct->proto.gre.timeout); | 252 | ct->proto.gre.timeout); |
253 | 253 | ||
254 | return NF_ACCEPT; | 254 | return NF_ACCEPT; |
255 | } | 255 | } |
256 | 256 | ||
257 | /* Called when a new connection for this protocol found. */ | 257 | /* Called when a new connection for this protocol found. */ |
258 | static int gre_new(struct ip_conntrack *ct, | 258 | static int gre_new(struct ip_conntrack *ct, |
259 | const struct sk_buff *skb) | 259 | const struct sk_buff *skb) |
260 | { | 260 | { |
261 | DEBUGP(": "); | 261 | DEBUGP(": "); |
262 | DUMP_TUPLE_GRE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); | 262 | DUMP_TUPLE_GRE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); |
263 | 263 | ||
@@ -283,9 +283,9 @@ static void gre_destroy(struct ip_conntrack *ct) | |||
283 | } | 283 | } |
284 | 284 | ||
285 | /* protocol helper struct */ | 285 | /* protocol helper struct */ |
286 | static struct ip_conntrack_protocol gre = { | 286 | static struct ip_conntrack_protocol gre = { |
287 | .proto = IPPROTO_GRE, | 287 | .proto = IPPROTO_GRE, |
288 | .name = "gre", | 288 | .name = "gre", |
289 | .pkt_to_tuple = gre_pkt_to_tuple, | 289 | .pkt_to_tuple = gre_pkt_to_tuple, |
290 | .invert_tuple = gre_invert_tuple, | 290 | .invert_tuple = gre_invert_tuple, |
291 | .print_tuple = gre_print_tuple, | 291 | .print_tuple = gre_print_tuple, |
@@ -323,7 +323,7 @@ void ip_ct_proto_gre_fini(void) | |||
323 | } | 323 | } |
324 | write_unlock_bh(&ip_ct_gre_lock); | 324 | write_unlock_bh(&ip_ct_gre_lock); |
325 | 325 | ||
326 | ip_conntrack_protocol_unregister(&gre); | 326 | ip_conntrack_protocol_unregister(&gre); |
327 | } | 327 | } |
328 | 328 | ||
329 | EXPORT_SYMBOL(ip_ct_gre_keymap_add); | 329 | EXPORT_SYMBOL(ip_ct_gre_keymap_add); |
diff --git a/net/ipv4/netfilter/ip_nat_helper_pptp.c b/net/ipv4/netfilter/ip_nat_helper_pptp.c index 1d149964dc38..5dde1da1c300 100644 --- a/net/ipv4/netfilter/ip_nat_helper_pptp.c +++ b/net/ipv4/netfilter/ip_nat_helper_pptp.c | |||
@@ -32,7 +32,7 @@ | |||
32 | * 2005-06-10 - Version 3.0 | 32 | * 2005-06-10 - Version 3.0 |
33 | * - kernel >= 2.6.11 version, | 33 | * - kernel >= 2.6.11 version, |
34 | * funded by Oxcoda NetBox Blue (http://www.netboxblue.com/) | 34 | * funded by Oxcoda NetBox Blue (http://www.netboxblue.com/) |
35 | * | 35 | * |
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include <linux/module.h> | 38 | #include <linux/module.h> |
@@ -93,10 +93,10 @@ static void pptp_nat_expected(struct ip_conntrack *ct, | |||
93 | DEBUGP("we are PAC->PNS\n"); | 93 | DEBUGP("we are PAC->PNS\n"); |
94 | /* build tuple for PNS->PAC */ | 94 | /* build tuple for PNS->PAC */ |
95 | t.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; | 95 | t.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; |
96 | t.src.u.gre.key = | 96 | t.src.u.gre.key = |
97 | htons(master->nat.help.nat_pptp_info.pns_call_id); | 97 | htons(master->nat.help.nat_pptp_info.pns_call_id); |
98 | t.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; | 98 | t.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; |
99 | t.dst.u.gre.key = | 99 | t.dst.u.gre.key = |
100 | htons(master->nat.help.nat_pptp_info.pac_call_id); | 100 | htons(master->nat.help.nat_pptp_info.pac_call_id); |
101 | t.dst.protonum = IPPROTO_GRE; | 101 | t.dst.protonum = IPPROTO_GRE; |
102 | } | 102 | } |
@@ -153,47 +153,47 @@ pptp_outbound_pkt(struct sk_buff **pskb, | |||
153 | unsigned int cid_off; | 153 | unsigned int cid_off; |
154 | 154 | ||
155 | new_callid = htons(ct_pptp_info->pns_call_id); | 155 | new_callid = htons(ct_pptp_info->pns_call_id); |
156 | 156 | ||
157 | switch (msg = ntohs(ctlh->messageType)) { | 157 | switch (msg = ntohs(ctlh->messageType)) { |
158 | case PPTP_OUT_CALL_REQUEST: | 158 | case PPTP_OUT_CALL_REQUEST: |
159 | cid_off = offsetof(union pptp_ctrl_union, ocreq.callID); | 159 | cid_off = offsetof(union pptp_ctrl_union, ocreq.callID); |
160 | /* FIXME: ideally we would want to reserve a call ID | 160 | /* FIXME: ideally we would want to reserve a call ID |
161 | * here. current netfilter NAT core is not able to do | 161 | * here. current netfilter NAT core is not able to do |
162 | * this :( For now we use TCP source port. This breaks | 162 | * this :( For now we use TCP source port. This breaks |
163 | * multiple calls within one control session */ | 163 | * multiple calls within one control session */ |
164 | 164 | ||
165 | /* save original call ID in nat_info */ | 165 | /* save original call ID in nat_info */ |
166 | nat_pptp_info->pns_call_id = ct_pptp_info->pns_call_id; | 166 | nat_pptp_info->pns_call_id = ct_pptp_info->pns_call_id; |
167 | 167 | ||
168 | /* don't use tcph->source since we are at a DSTmanip | 168 | /* don't use tcph->source since we are at a DSTmanip |
169 | * hook (e.g. PREROUTING) and pkt is not mangled yet */ | 169 | * hook (e.g. PREROUTING) and pkt is not mangled yet */ |
170 | new_callid = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port; | 170 | new_callid = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port; |
171 | 171 | ||
172 | /* save new call ID in ct info */ | 172 | /* save new call ID in ct info */ |
173 | ct_pptp_info->pns_call_id = ntohs(new_callid); | 173 | ct_pptp_info->pns_call_id = ntohs(new_callid); |
174 | break; | 174 | break; |
175 | case PPTP_IN_CALL_REPLY: | 175 | case PPTP_IN_CALL_REPLY: |
176 | cid_off = offsetof(union pptp_ctrl_union, icreq.callID); | 176 | cid_off = offsetof(union pptp_ctrl_union, icreq.callID); |
177 | break; | 177 | break; |
178 | case PPTP_CALL_CLEAR_REQUEST: | 178 | case PPTP_CALL_CLEAR_REQUEST: |
179 | cid_off = offsetof(union pptp_ctrl_union, clrreq.callID); | 179 | cid_off = offsetof(union pptp_ctrl_union, clrreq.callID); |
180 | break; | 180 | break; |
181 | default: | 181 | default: |
182 | DEBUGP("unknown outbound packet 0x%04x:%s\n", msg, | 182 | DEBUGP("unknown outbound packet 0x%04x:%s\n", msg, |
183 | (msg <= PPTP_MSG_MAX)? | 183 | (msg <= PPTP_MSG_MAX)? |
184 | pptp_msg_name[msg]:pptp_msg_name[0]); | 184 | pptp_msg_name[msg]:pptp_msg_name[0]); |
185 | /* fall through */ | 185 | /* fall through */ |
186 | 186 | ||
187 | case PPTP_SET_LINK_INFO: | 187 | case PPTP_SET_LINK_INFO: |
188 | /* only need to NAT in case PAC is behind NAT box */ | 188 | /* only need to NAT in case PAC is behind NAT box */ |
189 | case PPTP_START_SESSION_REQUEST: | 189 | case PPTP_START_SESSION_REQUEST: |
190 | case PPTP_START_SESSION_REPLY: | 190 | case PPTP_START_SESSION_REPLY: |
191 | case PPTP_STOP_SESSION_REQUEST: | 191 | case PPTP_STOP_SESSION_REQUEST: |
192 | case PPTP_STOP_SESSION_REPLY: | 192 | case PPTP_STOP_SESSION_REPLY: |
193 | case PPTP_ECHO_REQUEST: | 193 | case PPTP_ECHO_REQUEST: |
194 | case PPTP_ECHO_REPLY: | 194 | case PPTP_ECHO_REPLY: |
195 | /* no need to alter packet */ | 195 | /* no need to alter packet */ |
196 | return NF_ACCEPT; | 196 | return NF_ACCEPT; |
197 | } | 197 | } |
198 | 198 | ||
199 | /* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass | 199 | /* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass |
@@ -216,9 +216,9 @@ static int | |||
216 | pptp_exp_gre(struct ip_conntrack_expect *expect_orig, | 216 | pptp_exp_gre(struct ip_conntrack_expect *expect_orig, |
217 | struct ip_conntrack_expect *expect_reply) | 217 | struct ip_conntrack_expect *expect_reply) |
218 | { | 218 | { |
219 | struct ip_ct_pptp_master *ct_pptp_info = | 219 | struct ip_ct_pptp_master *ct_pptp_info = |
220 | &expect_orig->master->help.ct_pptp_info; | 220 | &expect_orig->master->help.ct_pptp_info; |
221 | struct ip_nat_pptp *nat_pptp_info = | 221 | struct ip_nat_pptp *nat_pptp_info = |
222 | &expect_orig->master->nat.help.nat_pptp_info; | 222 | &expect_orig->master->nat.help.nat_pptp_info; |
223 | 223 | ||
224 | struct ip_conntrack *ct = expect_orig->master; | 224 | struct ip_conntrack *ct = expect_orig->master; |
@@ -324,7 +324,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, | |||
324 | break; | 324 | break; |
325 | 325 | ||
326 | default: | 326 | default: |
327 | DEBUGP("unknown inbound packet %s\n", (msg <= PPTP_MSG_MAX)? | 327 | DEBUGP("unknown inbound packet %s\n", (msg <= PPTP_MSG_MAX)? |
328 | pptp_msg_name[msg]:pptp_msg_name[0]); | 328 | pptp_msg_name[msg]:pptp_msg_name[0]); |
329 | /* fall through */ | 329 | /* fall through */ |
330 | 330 | ||
diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c index 70a65372225a..a5226691f02c 100644 --- a/net/ipv4/netfilter/ip_nat_proto_gre.c +++ b/net/ipv4/netfilter/ip_nat_proto_gre.c | |||
@@ -6,10 +6,10 @@ | |||
6 | * GRE is a generic encapsulation protocol, which is generally not very | 6 | * GRE is a generic encapsulation protocol, which is generally not very |
7 | * suited for NAT, as it has no protocol-specific part as port numbers. | 7 | * suited for NAT, as it has no protocol-specific part as port numbers. |
8 | * | 8 | * |
9 | * It has an optional key field, which may help us distinguishing two | 9 | * It has an optional key field, which may help us distinguishing two |
10 | * connections between the same two hosts. | 10 | * connections between the same two hosts. |
11 | * | 11 | * |
12 | * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 | 12 | * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 |
13 | * | 13 | * |
14 | * PPTP is built on top of a modified version of GRE, and has a mandatory | 14 | * PPTP is built on top of a modified version of GRE, and has a mandatory |
15 | * field called "CallID", which serves us for the same purpose as the key | 15 | * field called "CallID", which serves us for the same purpose as the key |
@@ -60,7 +60,7 @@ gre_in_range(const struct ip_conntrack_tuple *tuple, | |||
60 | } | 60 | } |
61 | 61 | ||
62 | /* generate unique tuple ... */ | 62 | /* generate unique tuple ... */ |
63 | static int | 63 | static int |
64 | gre_unique_tuple(struct ip_conntrack_tuple *tuple, | 64 | gre_unique_tuple(struct ip_conntrack_tuple *tuple, |
65 | const struct ip_nat_range *range, | 65 | const struct ip_nat_range *range, |
66 | enum ip_nat_manip_type maniptype, | 66 | enum ip_nat_manip_type maniptype, |
@@ -84,7 +84,7 @@ gre_unique_tuple(struct ip_conntrack_tuple *tuple, | |||
84 | range_size = ntohs(range->max.gre.key) - min + 1; | 84 | range_size = ntohs(range->max.gre.key) - min + 1; |
85 | } | 85 | } |
86 | 86 | ||
87 | DEBUGP("min = %u, range_size = %u\n", min, range_size); | 87 | DEBUGP("min = %u, range_size = %u\n", min, range_size); |
88 | 88 | ||
89 | for (i = 0; i < range_size; i++, key++) { | 89 | for (i = 0; i < range_size; i++, key++) { |
90 | *keyptr = htons(min + key % range_size); | 90 | *keyptr = htons(min + key % range_size); |
@@ -117,7 +117,7 @@ gre_manip_pkt(struct sk_buff **pskb, | |||
117 | greh = (void *)(*pskb)->data + hdroff; | 117 | greh = (void *)(*pskb)->data + hdroff; |
118 | pgreh = (struct gre_hdr_pptp *) greh; | 118 | pgreh = (struct gre_hdr_pptp *) greh; |
119 | 119 | ||
120 | /* we only have destination manip of a packet, since 'source key' | 120 | /* we only have destination manip of a packet, since 'source key' |
121 | * is not present in the packet itself */ | 121 | * is not present in the packet itself */ |
122 | if (maniptype == IP_NAT_MANIP_DST) { | 122 | if (maniptype == IP_NAT_MANIP_DST) { |
123 | /* key manipulation is always dest */ | 123 | /* key manipulation is always dest */ |
@@ -129,7 +129,7 @@ gre_manip_pkt(struct sk_buff **pskb, | |||
129 | } | 129 | } |
130 | if (greh->csum) { | 130 | if (greh->csum) { |
131 | /* FIXME: Never tested this code... */ | 131 | /* FIXME: Never tested this code... */ |
132 | *(gre_csum(greh)) = | 132 | *(gre_csum(greh)) = |
133 | nf_proto_csum_update(*pskb, | 133 | nf_proto_csum_update(*pskb, |
134 | ~*(gre_key(greh)), | 134 | ~*(gre_key(greh)), |
135 | tuple->dst.u.gre.key, | 135 | tuple->dst.u.gre.key, |
@@ -138,7 +138,7 @@ gre_manip_pkt(struct sk_buff **pskb, | |||
138 | *(gre_key(greh)) = tuple->dst.u.gre.key; | 138 | *(gre_key(greh)) = tuple->dst.u.gre.key; |
139 | break; | 139 | break; |
140 | case GRE_VERSION_PPTP: | 140 | case GRE_VERSION_PPTP: |
141 | DEBUGP("call_id -> 0x%04x\n", | 141 | DEBUGP("call_id -> 0x%04x\n", |
142 | ntohs(tuple->dst.u.gre.key)); | 142 | ntohs(tuple->dst.u.gre.key)); |
143 | pgreh->call_id = tuple->dst.u.gre.key; | 143 | pgreh->call_id = tuple->dst.u.gre.key; |
144 | break; | 144 | break; |
@@ -152,8 +152,8 @@ gre_manip_pkt(struct sk_buff **pskb, | |||
152 | } | 152 | } |
153 | 153 | ||
154 | /* nat helper struct */ | 154 | /* nat helper struct */ |
155 | static struct ip_nat_protocol gre = { | 155 | static struct ip_nat_protocol gre = { |
156 | .name = "GRE", | 156 | .name = "GRE", |
157 | .protonum = IPPROTO_GRE, | 157 | .protonum = IPPROTO_GRE, |
158 | .manip_pkt = gre_manip_pkt, | 158 | .manip_pkt = gre_manip_pkt, |
159 | .in_range = gre_in_range, | 159 | .in_range = gre_in_range, |
@@ -164,7 +164,7 @@ static struct ip_nat_protocol gre = { | |||
164 | .nfattr_to_range = ip_nat_port_nfattr_to_range, | 164 | .nfattr_to_range = ip_nat_port_nfattr_to_range, |
165 | #endif | 165 | #endif |
166 | }; | 166 | }; |
167 | 167 | ||
168 | int __init ip_nat_proto_gre_init(void) | 168 | int __init ip_nat_proto_gre_init(void) |
169 | { | 169 | { |
170 | return ip_nat_protocol_register(&gre); | 170 | return ip_nat_protocol_register(&gre); |