diff options
-rw-r--r-- | include/net/netfilter/nf_nat.h | 1 | ||||
-rw-r--r-- | net/ipv4/netfilter/nf_nat_core.c | 3 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_helper.c | 2 | ||||
-rw-r--r-- | net/netfilter/nf_log.c | 4 |
4 files changed, 8 insertions, 2 deletions
diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h index 9dc1039ff78b..8df0b7f7fc6e 100644 --- a/include/net/netfilter/nf_nat.h +++ b/include/net/netfilter/nf_nat.h | |||
@@ -18,6 +18,7 @@ enum nf_nat_manip_type | |||
18 | #define IP_NAT_RANGE_MAP_IPS 1 | 18 | #define IP_NAT_RANGE_MAP_IPS 1 |
19 | #define IP_NAT_RANGE_PROTO_SPECIFIED 2 | 19 | #define IP_NAT_RANGE_PROTO_SPECIFIED 2 |
20 | #define IP_NAT_RANGE_PROTO_RANDOM 4 | 20 | #define IP_NAT_RANGE_PROTO_RANDOM 4 |
21 | #define IP_NAT_RANGE_PERSISTENT 8 | ||
21 | 22 | ||
22 | /* NAT sequence number modifications */ | 23 | /* NAT sequence number modifications */ |
23 | struct nf_nat_seq { | 24 | struct nf_nat_seq { |
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c index fe65187810f0..3229e0a81ba6 100644 --- a/net/ipv4/netfilter/nf_nat_core.c +++ b/net/ipv4/netfilter/nf_nat_core.c | |||
@@ -211,7 +211,8 @@ find_best_ips_proto(struct nf_conntrack_tuple *tuple, | |||
211 | minip = ntohl(range->min_ip); | 211 | minip = ntohl(range->min_ip); |
212 | maxip = ntohl(range->max_ip); | 212 | maxip = ntohl(range->max_ip); |
213 | j = jhash_2words((__force u32)tuple->src.u3.ip, | 213 | j = jhash_2words((__force u32)tuple->src.u3.ip, |
214 | (__force u32)tuple->dst.u3.ip, 0); | 214 | range->flags & IP_NAT_RANGE_PERSISTENT ? |
215 | (__force u32)tuple->dst.u3.ip : 0, 0); | ||
215 | j = ((u64)j * (maxip - minip + 1)) >> 32; | 216 | j = ((u64)j * (maxip - minip + 1)) >> 32; |
216 | *var_ipp = htonl(minip + j); | 217 | *var_ipp = htonl(minip + j); |
217 | } | 218 | } |
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c index 30b8e9009f99..0fa5a422959f 100644 --- a/net/netfilter/nf_conntrack_helper.c +++ b/net/netfilter/nf_conntrack_helper.c | |||
@@ -176,7 +176,7 @@ static void __nf_conntrack_helper_unregister(struct nf_conntrack_helper *me, | |||
176 | } | 176 | } |
177 | 177 | ||
178 | /* Get rid of expecteds, set helpers to NULL. */ | 178 | /* Get rid of expecteds, set helpers to NULL. */ |
179 | hlist_for_each_entry(h, nn, &net->ct.unconfirmed, hnnode) | 179 | hlist_nulls_for_each_entry(h, nn, &net->ct.unconfirmed, hnnode) |
180 | unhelp(h, me); | 180 | unhelp(h, me); |
181 | for (i = 0; i < nf_conntrack_htable_size; i++) { | 181 | for (i = 0; i < nf_conntrack_htable_size; i++) { |
182 | hlist_nulls_for_each_entry(h, nn, &net->ct.hash[i], hnnode) | 182 | hlist_nulls_for_each_entry(h, nn, &net->ct.hash[i], hnnode) |
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 8bb998fe098b..beb37311e1a5 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c | |||
@@ -36,10 +36,14 @@ static struct nf_logger *__find_logger(int pf, const char *str_logger) | |||
36 | int nf_log_register(u_int8_t pf, struct nf_logger *logger) | 36 | int nf_log_register(u_int8_t pf, struct nf_logger *logger) |
37 | { | 37 | { |
38 | const struct nf_logger *llog; | 38 | const struct nf_logger *llog; |
39 | int i; | ||
39 | 40 | ||
40 | if (pf >= ARRAY_SIZE(nf_loggers)) | 41 | if (pf >= ARRAY_SIZE(nf_loggers)) |
41 | return -EINVAL; | 42 | return -EINVAL; |
42 | 43 | ||
44 | for (i = 0; i < ARRAY_SIZE(logger->list); i++) | ||
45 | INIT_LIST_HEAD(&logger->list[i]); | ||
46 | |||
43 | mutex_lock(&nf_log_mutex); | 47 | mutex_lock(&nf_log_mutex); |
44 | 48 | ||
45 | if (pf == NFPROTO_UNSPEC) { | 49 | if (pf == NFPROTO_UNSPEC) { |