[NETFILTER]: ip_queue/nfnetlink_queue: drop bridge port references when dev disappears

When a device that is acting as a bridge port is unregistered, the ip_queue/nfnetlink_queue notifier doesn't check if its one of physindev/physoutdev and doesn't release the references if it is. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2006-06-27 06:01:48 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2006-06-29 19:57:48 -0400
commit: ef47c6a7b8e36e3b160433673b1b68db799aabcd (patch)
tree: e79198a36e216e29bb31588b0a9d69d476399f5c /net
parent: 1c7e47726a88303e4cfa2785f0a357bf1ceecee1 (diff)
2 files changed, 20 insertions, 4 deletions
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index b93f0494362f..213d116e5bb9 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex)
        if (entry->info->indev)
                if (entry->info->indev->ifindex == ifindex)
                        return 1;
-                        
        if (entry->info->outdev)
                if (entry->info->outdev->ifindex == ifindex)
                        return 1;
+#ifdef CONFIG_BRIDGE_NETFILTER
+        if (entry->skb->nf_bridge) {
+                if (entry->skb->nf_bridge->physindev &&
+                    entry->skb->nf_bridge->physindev->ifindex == ifindex)
+                        return 1;
+                if (entry->skb->nf_bridge->physoutdev &&
+                    entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+                        return 1;
+        }
+#endif
        return 0;
 }
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 86a4ac33de34..49ef41e34c48 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -680,11 +680,19 @@ dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex)
        if (entinf->indev)
                if (entinf->indev->ifindex == ifindex)
                        return 1;
-                        
        if (entinf->outdev)
                if (entinf->outdev->ifindex == ifindex)
                        return 1;
+#ifdef CONFIG_BRIDGE_NETFILTER
+        if (entry->skb->nf_bridge) {
+                if (entry->skb->nf_bridge->physindev &&
+                    entry->skb->nf_bridge->physindev->ifindex == ifindex)
+                        return 1;
+                if (entry->skb->nf_bridge->physoutdev &&
+                    entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+                        return 1;
+        }
+#endif
        return 0;
 }
author	Patrick McHardy <kaber@trash.net>	2006-06-27 06:01:48 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2006-06-29 19:57:48 -0400
commit	ef47c6a7b8e36e3b160433673b1b68db799aabcd (patch)
tree	e79198a36e216e29bb31588b0a9d69d476399f5c /net
parent	1c7e47726a88303e4cfa2785f0a357bf1ceecee1 (diff)

diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index b93f0494362f..213d116e5bb9 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c
@@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex)
457	if (entry->info->indev)	457	if (entry->info->indev)
458	if (entry->info->indev->ifindex == ifindex)	458	if (entry->info->indev->ifindex == ifindex)
459	return 1;	459	return 1;
460
461	if (entry->info->outdev)	460	if (entry->info->outdev)
462	if (entry->info->outdev->ifindex == ifindex)	461	if (entry->info->outdev->ifindex == ifindex)
463	return 1;	462	return 1;
464		463	#ifdef CONFIG_BRIDGE_NETFILTER
		464	if (entry->skb->nf_bridge) {
		465	if (entry->skb->nf_bridge->physindev &&
		466	entry->skb->nf_bridge->physindev->ifindex == ifindex)
		467	return 1;
		468	if (entry->skb->nf_bridge->physoutdev &&
		469	entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
		470	return 1;
		471	}
		472	#endif
465	return 0;	473	return 0;
466	}	474	}
467		475


diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 86a4ac33de34..49ef41e34c48 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c
@@ -680,11 +680,19 @@ dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex)
680	if (entinf->indev)	680	if (entinf->indev)
681	if (entinf->indev->ifindex == ifindex)	681	if (entinf->indev->ifindex == ifindex)
682	return 1;	682	return 1;
683
684	if (entinf->outdev)	683	if (entinf->outdev)
685	if (entinf->outdev->ifindex == ifindex)	684	if (entinf->outdev->ifindex == ifindex)
686	return 1;	685	return 1;
687		686	#ifdef CONFIG_BRIDGE_NETFILTER
		687	if (entry->skb->nf_bridge) {
		688	if (entry->skb->nf_bridge->physindev &&
		689	entry->skb->nf_bridge->physindev->ifindex == ifindex)
		690	return 1;
		691	if (entry->skb->nf_bridge->physoutdev &&
		692	entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
		693	return 1;
		694	}
		695	#endif
688	return 0;	696	return 0;
689	}	697	}
690		698