diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2009-04-15 15:40:13 -0400 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2009-05-08 04:30:49 -0400 |
| commit | bb70dfa5f8ab4a0f1c699ddb3ef0276d91219b7c (patch) | |
| tree | 23c091d2be214b26d87d7800ca363288510311a3 /net/ipv6 | |
| parent | 7a6b1c46e28ab0511be26c238d552c00b51b88c5 (diff) | |
netfilter: xtables: consolidate comefrom debug cast access
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/netfilter/ip6_tables.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 5a178be6c8cc..5164e0bf3bcc 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
| @@ -343,6 +343,8 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 343 | const struct net_device *out, | 343 | const struct net_device *out, |
| 344 | struct xt_table *table) | 344 | struct xt_table *table) |
| 345 | { | 345 | { |
| 346 | #define tb_comefrom ((struct ip6t_entry *)table_base)->comefrom | ||
| 347 | |||
| 346 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); | 348 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); |
| 347 | bool hotdrop = false; | 349 | bool hotdrop = false; |
| 348 | /* Initializing verdict to NF_DROP keeps gcc happy. */ | 350 | /* Initializing verdict to NF_DROP keeps gcc happy. */ |
| @@ -440,18 +442,17 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 440 | tgpar.targinfo = t->data; | 442 | tgpar.targinfo = t->data; |
| 441 | 443 | ||
| 442 | #ifdef CONFIG_NETFILTER_DEBUG | 444 | #ifdef CONFIG_NETFILTER_DEBUG |
| 443 | ((struct ip6t_entry *)table_base)->comefrom = 0xeeeeeeec; | 445 | tb_comefrom = 0xeeeeeeec; |
| 444 | #endif | 446 | #endif |
| 445 | verdict = t->u.kernel.target->target(skb, &tgpar); | 447 | verdict = t->u.kernel.target->target(skb, &tgpar); |
| 446 | 448 | ||
| 447 | #ifdef CONFIG_NETFILTER_DEBUG | 449 | #ifdef CONFIG_NETFILTER_DEBUG |
| 448 | if (((struct ip6t_entry *)table_base)->comefrom != 0xeeeeeeec && | 450 | if (tb_comefrom != 0xeeeeeeec && verdict == IP6T_CONTINUE) { |
| 449 | verdict == IP6T_CONTINUE) { | ||
| 450 | printk("Target %s reentered!\n", | 451 | printk("Target %s reentered!\n", |
| 451 | t->u.kernel.target->name); | 452 | t->u.kernel.target->name); |
| 452 | verdict = NF_DROP; | 453 | verdict = NF_DROP; |
| 453 | } | 454 | } |
| 454 | ((struct ip6t_entry *)table_base)->comefrom = 0x57acc001; | 455 | tb_comefrom = 0x57acc001; |
| 455 | #endif | 456 | #endif |
| 456 | if (verdict == IP6T_CONTINUE) | 457 | if (verdict == IP6T_CONTINUE) |
| 457 | e = ip6t_next_entry(e); | 458 | e = ip6t_next_entry(e); |
| @@ -461,7 +462,7 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 461 | } while (!hotdrop); | 462 | } while (!hotdrop); |
| 462 | 463 | ||
| 463 | #ifdef CONFIG_NETFILTER_DEBUG | 464 | #ifdef CONFIG_NETFILTER_DEBUG |
| 464 | ((struct ip6t_entry *)table_base)->comefrom = NETFILTER_LINK_POISON; | 465 | tb_comefrom = NETFILTER_LINK_POISON; |
| 465 | #endif | 466 | #endif |
| 466 | xt_info_rdunlock_bh(); | 467 | xt_info_rdunlock_bh(); |
| 467 | 468 | ||
| @@ -472,6 +473,8 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 472 | return NF_DROP; | 473 | return NF_DROP; |
| 473 | else return verdict; | 474 | else return verdict; |
| 474 | #endif | 475 | #endif |
| 476 | |||
| 477 | #undef tb_comefrom | ||
| 475 | } | 478 | } |
| 476 | 479 | ||
| 477 | /* Figures out from what hook each rule can be called: returns 0 if | 480 | /* Figures out from what hook each rule can be called: returns 0 if |