aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2008-11-04 08:21:48 -0500
committerPatrick McHardy <kaber@trash.net>2008-11-04 08:21:48 -0500
commitd4ec52bae739409b2372fea30dba0e7a8d6b9181 (patch)
treeb527e6edfd6fc11483fa9eb3a783764dda07ecae /net/ipv4
parent5f7340eff8f68f41b7e5c7ad47ec4cd1ea1afb40 (diff)
netfilter: netns-aware ipt_addrtype
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/netfilter/ipt_addrtype.c16
1 files changed, 9 insertions, 7 deletions
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c
index 88762f02779d..3b216be3bc9f 100644
--- a/net/ipv4/netfilter/ipt_addrtype.c
+++ b/net/ipv4/netfilter/ipt_addrtype.c
@@ -23,24 +23,25 @@ MODULE_LICENSE("GPL");
23MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); 23MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
24MODULE_DESCRIPTION("Xtables: address type match for IPv4"); 24MODULE_DESCRIPTION("Xtables: address type match for IPv4");
25 25
26static inline bool match_type(const struct net_device *dev, __be32 addr, 26static inline bool match_type(struct net *net, const struct net_device *dev,
27 u_int16_t mask) 27 __be32 addr, u_int16_t mask)
28{ 28{
29 return !!(mask & (1 << inet_dev_addr_type(&init_net, dev, addr))); 29 return !!(mask & (1 << inet_dev_addr_type(net, dev, addr)));
30} 30}
31 31
32static bool 32static bool
33addrtype_mt_v0(const struct sk_buff *skb, const struct xt_match_param *par) 33addrtype_mt_v0(const struct sk_buff *skb, const struct xt_match_param *par)
34{ 34{
35 struct net *net = dev_net(par->in ? par->in : par->out);
35 const struct ipt_addrtype_info *info = par->matchinfo; 36 const struct ipt_addrtype_info *info = par->matchinfo;
36 const struct iphdr *iph = ip_hdr(skb); 37 const struct iphdr *iph = ip_hdr(skb);
37 bool ret = true; 38 bool ret = true;
38 39
39 if (info->source) 40 if (info->source)
40 ret &= match_type(NULL, iph->saddr, info->source) ^ 41 ret &= match_type(net, NULL, iph->saddr, info->source) ^
41 info->invert_source; 42 info->invert_source;
42 if (info->dest) 43 if (info->dest)
43 ret &= match_type(NULL, iph->daddr, info->dest) ^ 44 ret &= match_type(net, NULL, iph->daddr, info->dest) ^
44 info->invert_dest; 45 info->invert_dest;
45 46
46 return ret; 47 return ret;
@@ -49,6 +50,7 @@ addrtype_mt_v0(const struct sk_buff *skb, const struct xt_match_param *par)
49static bool 50static bool
50addrtype_mt_v1(const struct sk_buff *skb, const struct xt_match_param *par) 51addrtype_mt_v1(const struct sk_buff *skb, const struct xt_match_param *par)
51{ 52{
53 struct net *net = dev_net(par->in ? par->in : par->out);
52 const struct ipt_addrtype_info_v1 *info = par->matchinfo; 54 const struct ipt_addrtype_info_v1 *info = par->matchinfo;
53 const struct iphdr *iph = ip_hdr(skb); 55 const struct iphdr *iph = ip_hdr(skb);
54 const struct net_device *dev = NULL; 56 const struct net_device *dev = NULL;
@@ -60,10 +62,10 @@ addrtype_mt_v1(const struct sk_buff *skb, const struct xt_match_param *par)
60 dev = par->out; 62 dev = par->out;
61 63
62 if (info->source) 64 if (info->source)
63 ret &= match_type(dev, iph->saddr, info->source) ^ 65 ret &= match_type(net, dev, iph->saddr, info->source) ^
64 (info->flags & IPT_ADDRTYPE_INVERT_SOURCE); 66 (info->flags & IPT_ADDRTYPE_INVERT_SOURCE);
65 if (ret && info->dest) 67 if (ret && info->dest)
66 ret &= match_type(dev, iph->daddr, info->dest) ^ 68 ret &= match_type(net, dev, iph->daddr, info->dest) ^
67 !!(info->flags & IPT_ADDRTYPE_INVERT_DEST); 69 !!(info->flags & IPT_ADDRTYPE_INVERT_DEST);
68 return ret; 70 return ret;
69} 71}
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-01 20:33:29 -0400