diff options
author | Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> | 2007-07-14 23:44:50 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2007-07-14 23:44:50 -0400 |
commit | ffc30690480bdd337e4914302b926d24870b56b2 (patch) | |
tree | 805dfdda135a6f91648aded75b1cfb754705a4b4 /net/ipv4 | |
parent | d87d8469e2dd19a3a134b99f78288d41854c614b (diff) |
[NETFILTER]: nf_conntrack: make l3proto->prepare() generic and renames it
The icmp[v6] l4proto modules parse headers in ICMP[v6] error to get tuple.
But they have to find the offset to transport protocol header before that.
Their processings are almost same as prepare() of l3proto modules.
This makes prepare() more generic to simplify icmp[v6] l4proto module
later.
Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 3c5629938487..ee29f4e9eac2 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | |||
@@ -78,21 +78,26 @@ nf_ct_ipv4_gather_frags(struct sk_buff *skb, u_int32_t user) | |||
78 | return skb; | 78 | return skb; |
79 | } | 79 | } |
80 | 80 | ||
81 | static int | 81 | static int ipv4_get_l4proto(const struct sk_buff *skb, unsigned int nhoff, |
82 | ipv4_prepare(struct sk_buff **pskb, unsigned int hooknum, unsigned int *dataoff, | 82 | unsigned int *dataoff, u_int8_t *protonum) |
83 | u_int8_t *protonum) | ||
84 | { | 83 | { |
84 | struct iphdr _iph, *iph; | ||
85 | |||
86 | iph = skb_header_pointer(skb, nhoff, sizeof(_iph), &_iph); | ||
87 | if (iph == NULL) | ||
88 | return -NF_DROP; | ||
89 | |||
85 | /* Never happen */ | 90 | /* Never happen */ |
86 | if (ip_hdr(*pskb)->frag_off & htons(IP_OFFSET)) { | 91 | if (iph->frag_off & htons(IP_OFFSET)) { |
87 | if (net_ratelimit()) { | 92 | if (net_ratelimit()) { |
88 | printk(KERN_ERR "ipv4_prepare: Frag of proto %u (hook=%u)\n", | 93 | printk(KERN_ERR "ipv4_get_l4proto: Frag of proto %u\n", |
89 | ip_hdr(*pskb)->protocol, hooknum); | 94 | iph->protocol); |
90 | } | 95 | } |
91 | return -NF_DROP; | 96 | return -NF_DROP; |
92 | } | 97 | } |
93 | 98 | ||
94 | *dataoff = skb_network_offset(*pskb) + ip_hdrlen(*pskb); | 99 | *dataoff = nhoff + (iph->ihl << 2); |
95 | *protonum = ip_hdr(*pskb)->protocol; | 100 | *protonum = iph->protocol; |
96 | 101 | ||
97 | return NF_ACCEPT; | 102 | return NF_ACCEPT; |
98 | } | 103 | } |
@@ -407,7 +412,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = { | |||
407 | .invert_tuple = ipv4_invert_tuple, | 412 | .invert_tuple = ipv4_invert_tuple, |
408 | .print_tuple = ipv4_print_tuple, | 413 | .print_tuple = ipv4_print_tuple, |
409 | .print_conntrack = ipv4_print_conntrack, | 414 | .print_conntrack = ipv4_print_conntrack, |
410 | .prepare = ipv4_prepare, | 415 | .get_l4proto = ipv4_get_l4proto, |
411 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) | 416 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
412 | .tuple_to_nfattr = ipv4_tuple_to_nfattr, | 417 | .tuple_to_nfattr = ipv4_tuple_to_nfattr, |
413 | .nfattr_to_tuple = ipv4_nfattr_to_tuple, | 418 | .nfattr_to_tuple = ipv4_nfattr_to_tuple, |