Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6

author: David S. Miller <davem@davemloft.net> 2009-04-25 20:46:34 -0400
committer: David S. Miller <davem@davemloft.net> 2009-04-25 20:46:34 -0400
commit: 1c41e238e0beaac530c5c9d629e8dfbbadc4a099 (patch)
tree: 4cfada93058fe1b8902ca8cda090fa71cd332133 /net/netfilter
parent: 29fe1b481283a1bada994a69f65736db4ae6f35f (diff)
parent: 37e55cf0ceb8803256bf69a3e45bd668bf90b76f (diff)
4 files changed, 22 insertions, 8 deletions
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index 2329c5f50551..881203c4a142 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -275,6 +275,8 @@ config NF_CT_NETLINK
        help
          This option enables support for a netlink-based userspace interface
+endif # NF_CONNTRACK
 # transparent proxy support
 config NETFILTER_TPROXY
        tristate "Transparent proxying support (EXPERIMENTAL)"
@@ -290,8 +292,6 @@ config NETFILTER_TPROXY
          To compile it as a module, choose M here.  If unsure, say N.
-endif # NF_CONNTRACK
 config NETFILTER_XTABLES
        tristate "Netfilter Xtables support (required for ip_tables)"
        default m if NETFILTER_ADVANCED=n
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index 50dac8dbe7d8..8e757dd53396 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -633,6 +633,8 @@ static int dccp_to_nlattr(struct sk_buff *skb, struct nlattr *nla,
        if (!nest_parms)
                goto nla_put_failure;
        NLA_PUT_U8(skb, CTA_PROTOINFO_DCCP_STATE, ct->proto.dccp.state);
+        NLA_PUT_U8(skb, CTA_PROTOINFO_DCCP_ROLE,
+                   ct->proto.dccp.role[IP_CT_DIR_ORIGINAL]);
        nla_nest_end(skb, nest_parms);
        read_unlock_bh(&dccp_lock);
        return 0;
@@ -644,6 +646,7 @@ nla_put_failure:
 static const struct nla_policy dccp_nla_policy[CTA_PROTOINFO_DCCP_MAX + 1] = {
        [CTA_PROTOINFO_DCCP_STATE]      = { .type = NLA_U8 },
+        [CTA_PROTOINFO_DCCP_ROLE]       = { .type = NLA_U8 },
 };
 static int nlattr_to_dccp(struct nlattr *cda[], struct nf_conn *ct)
@@ -661,11 +664,21 @@ static int nlattr_to_dccp(struct nlattr *cda[], struct nf_conn *ct)
                return err;
        if (!tb[CTA_PROTOINFO_DCCP_STATE] ||
-            nla_get_u8(tb[CTA_PROTOINFO_DCCP_STATE]) >= CT_DCCP_IGNORE)
+            !tb[CTA_PROTOINFO_DCCP_ROLE] ||
+            nla_get_u8(tb[CTA_PROTOINFO_DCCP_ROLE]) > CT_DCCP_ROLE_MAX ||
+            nla_get_u8(tb[CTA_PROTOINFO_DCCP_STATE]) >= CT_DCCP_IGNORE) {
                return -EINVAL;
+        }
        write_lock_bh(&dccp_lock);
        ct->proto.dccp.state = nla_get_u8(tb[CTA_PROTOINFO_DCCP_STATE]);
+        if (nla_get_u8(tb[CTA_PROTOINFO_DCCP_ROLE]) == CT_DCCP_ROLE_CLIENT) {
+                ct->proto.dccp.role[IP_CT_DIR_ORIGINAL] = CT_DCCP_ROLE_CLIENT;
+                ct->proto.dccp.role[IP_CT_DIR_REPLY] = CT_DCCP_ROLE_SERVER;
+        } else {
+                ct->proto.dccp.role[IP_CT_DIR_ORIGINAL] = CT_DCCP_ROLE_SERVER;
+                ct->proto.dccp.role[IP_CT_DIR_REPLY] = CT_DCCP_ROLE_CLIENT;
+        }
        write_unlock_bh(&dccp_lock);
        return 0;
 }
@@ -777,6 +790,7 @@ static struct nf_conntrack_l4proto dccp_proto6 __read_mostly = {
        .print_conntrack        = dccp_print_conntrack,
 #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
        .to_nlattr              = dccp_to_nlattr,
+        .nlattr_size            = dccp_nlattr_size,
        .from_nlattr            = nlattr_to_dccp,
        .tuple_to_nlattr        = nf_ct_port_tuple_to_nlattr,
        .nlattr_tuple_size      = nf_ct_port_nlattr_tuple_size,
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index 4614696c1b88..0badedc542d3 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -204,6 +204,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_udplite6 __read_mostly =
        .error                  = udplite_error,
 #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
        .tuple_to_nlattr        = nf_ct_port_tuple_to_nlattr,
+        .nlattr_tuple_size      = nf_ct_port_nlattr_tuple_size,
        .nlattr_to_tuple        = nf_ct_port_nlattr_to_tuple,
        .nla_policy             = nf_ct_port_nla_policy,
 #endif
diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 791e030ea903..eb0ceb846527 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -474,7 +474,7 @@ static ssize_t recent_old_proc_write(struct file *file,
        struct recent_table *t = pde->data;
        struct recent_entry *e;
        char buf[sizeof("+255.255.255.255")], *c = buf;
-        __be32 addr;
+        union nf_inet_addr addr = {};
        int add;
        if (size > sizeof(buf))
@@ -506,14 +506,13 @@ static ssize_t recent_old_proc_write(struct file *file,
                add = 1;
                break;
        }
-        addr = in_aton(c);
+        addr.ip = in_aton(c);
        spin_lock_bh(&recent_lock);
-        e = recent_entry_lookup(t, (const void *)&addr, NFPROTO_IPV4, 0);
+        e = recent_entry_lookup(t, &addr, NFPROTO_IPV4, 0);
        if (e == NULL) {
                if (add)
-                        recent_entry_init(t, (const void *)&addr,
+                        recent_entry_init(t, &addr, NFPROTO_IPV4, 0);
-                                          NFPROTO_IPV4, 0);
        } else {
                if (add)
                        recent_entry_update(t, e);
author	David S. Miller <davem@davemloft.net>	2009-04-25 20:46:34 -0400
committer	David S. Miller <davem@davemloft.net>	2009-04-25 20:46:34 -0400
commit	1c41e238e0beaac530c5c9d629e8dfbbadc4a099 (patch)
tree	4cfada93058fe1b8902ca8cda090fa71cd332133 /net/netfilter
parent	29fe1b481283a1bada994a69f65736db4ae6f35f (diff)
parent	37e55cf0ceb8803256bf69a3e45bd668bf90b76f (diff)