aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--net/netfilter/nf_conntrack_ftp.c36
1 files changed, 6 insertions, 30 deletions
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c
index 5efe65d4b3c0..9ad15191bb44 100644
--- a/net/netfilter/nf_conntrack_ftp.c
+++ b/net/netfilter/nf_conntrack_ftp.c
@@ -364,6 +364,7 @@ static int help(struct sk_buff **pskb,
364 unsigned int matchlen, matchoff; 364 unsigned int matchlen, matchoff;
365 struct nf_ct_ftp_master *ct_ftp_info = &nfct_help(ct)->help.ct_ftp_info; 365 struct nf_ct_ftp_master *ct_ftp_info = &nfct_help(ct)->help.ct_ftp_info;
366 struct nf_conntrack_expect *exp; 366 struct nf_conntrack_expect *exp;
367 union nf_conntrack_address *daddr;
367 struct nf_conntrack_man cmd = {}; 368 struct nf_conntrack_man cmd = {};
368 unsigned int i; 369 unsigned int i;
369 int found = 0, ends_in_nl; 370 int found = 0, ends_in_nl;
@@ -454,7 +455,7 @@ static int help(struct sk_buff **pskb,
454 /* We refer to the reverse direction ("!dir") tuples here, 455 /* We refer to the reverse direction ("!dir") tuples here,
455 * because we're expecting something in the other direction. 456 * because we're expecting something in the other direction.
456 * Doesn't matter unless NAT is happening. */ 457 * Doesn't matter unless NAT is happening. */
457 exp->tuple.dst.u3 = ct->tuplehash[!dir].tuple.dst.u3; 458 daddr = &ct->tuplehash[!dir].tuple.dst.u3;
458 459
459 /* Update the ftp info */ 460 /* Update the ftp info */
460 if ((cmd.l3num == ct->tuplehash[dir].tuple.src.l3num) && 461 if ((cmd.l3num == ct->tuplehash[dir].tuple.src.l3num) &&
@@ -483,37 +484,12 @@ static int help(struct sk_buff **pskb,
483 ret = NF_ACCEPT; 484 ret = NF_ACCEPT;
484 goto out_put_expect; 485 goto out_put_expect;
485 } 486 }
486 memcpy(&exp->tuple.dst.u3, &cmd.u3.all, 487 daddr = &cmd.u3;
487 sizeof(exp->tuple.dst.u3));
488 } 488 }
489 489
490 exp->tuple.src.u3 = ct->tuplehash[!dir].tuple.src.u3; 490 nf_ct_expect_init(exp, cmd.l3num,
491 exp->tuple.src.l3num = cmd.l3num; 491 &ct->tuplehash[!dir].tuple.src.u3, daddr,
492 exp->tuple.src.u.tcp.port = 0; 492 IPPROTO_TCP, NULL, &cmd.u.tcp.port);
493 exp->tuple.dst.u.tcp.port = cmd.u.tcp.port;
494 exp->tuple.dst.protonum = IPPROTO_TCP;
495
496 exp->mask = (struct nf_conntrack_tuple)
497 { .src = { .l3num = 0xFFFF,
498 .u = { .tcp = { 0 }},
499 },
500 .dst = { .protonum = 0xFF,
501 .u = { .tcp = { __constant_htons(0xFFFF) }},
502 },
503 };
504 if (cmd.l3num == PF_INET) {
505 exp->mask.src.u3.ip = htonl(0xFFFFFFFF);
506 exp->mask.dst.u3.ip = htonl(0xFFFFFFFF);
507 } else {
508 memset(exp->mask.src.u3.ip6, 0xFF,
509 sizeof(exp->mask.src.u3.ip6));
510 memset(exp->mask.dst.u3.ip6, 0xFF,
511 sizeof(exp->mask.src.u3.ip6));
512 }
513
514 exp->expectfn = NULL;
515 exp->helper = NULL;
516 exp->flags = 0;
517 493
518 /* Now, NAT might want to mangle the packet, and register the 494 /* Now, NAT might want to mangle the packet, and register the
519 * (possibly changed) expectation itself. */ 495 * (possibly changed) expectation itself. */