diff options
Diffstat (limited to 'net/core')
-rw-r--r-- | net/core/netfilter.c | 72 |
1 files changed, 0 insertions, 72 deletions
diff --git a/net/core/netfilter.c b/net/core/netfilter.c index bbf9081a6804..9849357f6129 100644 --- a/net/core/netfilter.c +++ b/net/core/netfilter.c | |||
@@ -22,12 +22,7 @@ | |||
22 | #include <linux/if.h> | 22 | #include <linux/if.h> |
23 | #include <linux/netdevice.h> | 23 | #include <linux/netdevice.h> |
24 | #include <linux/inetdevice.h> | 24 | #include <linux/inetdevice.h> |
25 | #include <linux/tcp.h> | ||
26 | #include <linux/udp.h> | ||
27 | #include <linux/icmp.h> | ||
28 | #include <net/sock.h> | 25 | #include <net/sock.h> |
29 | #include <net/route.h> | ||
30 | #include <linux/ip.h> | ||
31 | 26 | ||
32 | /* In this code, we can be waiting indefinitely for userspace to | 27 | /* In this code, we can be waiting indefinitely for userspace to |
33 | * service a packet if a hook returns NF_QUEUE. We could keep a count | 28 | * service a packet if a hook returns NF_QUEUE. We could keep a count |
@@ -447,73 +442,6 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info, | |||
447 | return; | 442 | return; |
448 | } | 443 | } |
449 | 444 | ||
450 | #ifdef CONFIG_INET | ||
451 | /* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */ | ||
452 | int ip_route_me_harder(struct sk_buff **pskb) | ||
453 | { | ||
454 | struct iphdr *iph = (*pskb)->nh.iph; | ||
455 | struct rtable *rt; | ||
456 | struct flowi fl = {}; | ||
457 | struct dst_entry *odst; | ||
458 | unsigned int hh_len; | ||
459 | |||
460 | /* some non-standard hacks like ipt_REJECT.c:send_reset() can cause | ||
461 | * packets with foreign saddr to appear on the NF_IP_LOCAL_OUT hook. | ||
462 | */ | ||
463 | if (inet_addr_type(iph->saddr) == RTN_LOCAL) { | ||
464 | fl.nl_u.ip4_u.daddr = iph->daddr; | ||
465 | fl.nl_u.ip4_u.saddr = iph->saddr; | ||
466 | fl.nl_u.ip4_u.tos = RT_TOS(iph->tos); | ||
467 | fl.oif = (*pskb)->sk ? (*pskb)->sk->sk_bound_dev_if : 0; | ||
468 | #ifdef CONFIG_IP_ROUTE_FWMARK | ||
469 | fl.nl_u.ip4_u.fwmark = (*pskb)->nfmark; | ||
470 | #endif | ||
471 | fl.proto = iph->protocol; | ||
472 | if (ip_route_output_key(&rt, &fl) != 0) | ||
473 | return -1; | ||
474 | |||
475 | /* Drop old route. */ | ||
476 | dst_release((*pskb)->dst); | ||
477 | (*pskb)->dst = &rt->u.dst; | ||
478 | } else { | ||
479 | /* non-local src, find valid iif to satisfy | ||
480 | * rp-filter when calling ip_route_input. */ | ||
481 | fl.nl_u.ip4_u.daddr = iph->saddr; | ||
482 | if (ip_route_output_key(&rt, &fl) != 0) | ||
483 | return -1; | ||
484 | |||
485 | odst = (*pskb)->dst; | ||
486 | if (ip_route_input(*pskb, iph->daddr, iph->saddr, | ||
487 | RT_TOS(iph->tos), rt->u.dst.dev) != 0) { | ||
488 | dst_release(&rt->u.dst); | ||
489 | return -1; | ||
490 | } | ||
491 | dst_release(&rt->u.dst); | ||
492 | dst_release(odst); | ||
493 | } | ||
494 | |||
495 | if ((*pskb)->dst->error) | ||
496 | return -1; | ||
497 | |||
498 | /* Change in oif may mean change in hh_len. */ | ||
499 | hh_len = (*pskb)->dst->dev->hard_header_len; | ||
500 | if (skb_headroom(*pskb) < hh_len) { | ||
501 | struct sk_buff *nskb; | ||
502 | |||
503 | nskb = skb_realloc_headroom(*pskb, hh_len); | ||
504 | if (!nskb) | ||
505 | return -1; | ||
506 | if ((*pskb)->sk) | ||
507 | skb_set_owner_w(nskb, (*pskb)->sk); | ||
508 | kfree_skb(*pskb); | ||
509 | *pskb = nskb; | ||
510 | } | ||
511 | |||
512 | return 0; | ||
513 | } | ||
514 | EXPORT_SYMBOL(ip_route_me_harder); | ||
515 | #endif /*CONFIG_INET*/ | ||
516 | |||
517 | int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len) | 445 | int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len) |
518 | { | 446 | { |
519 | struct sk_buff *nskb; | 447 | struct sk_buff *nskb; |