aboutsummaryrefslogtreecommitdiffstats
path: root/net/core
diff options
context:
space:
mode:
Diffstat (limited to 'net/core')
-rw-r--r--net/core/netfilter.c72
1 files changed, 0 insertions, 72 deletions
diff --git a/net/core/netfilter.c b/net/core/netfilter.c
index bbf9081a6804..9849357f6129 100644
--- a/net/core/netfilter.c
+++ b/net/core/netfilter.c
@@ -22,12 +22,7 @@
22#include <linux/if.h> 22#include <linux/if.h>
23#include <linux/netdevice.h> 23#include <linux/netdevice.h>
24#include <linux/inetdevice.h> 24#include <linux/inetdevice.h>
25#include <linux/tcp.h>
26#include <linux/udp.h>
27#include <linux/icmp.h>
28#include <net/sock.h> 25#include <net/sock.h>
29#include <net/route.h>
30#include <linux/ip.h>
31 26
32/* In this code, we can be waiting indefinitely for userspace to 27/* In this code, we can be waiting indefinitely for userspace to
33 * service a packet if a hook returns NF_QUEUE. We could keep a count 28 * service a packet if a hook returns NF_QUEUE. We could keep a count
@@ -447,73 +442,6 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info,
447 return; 442 return;
448} 443}
449 444
450#ifdef CONFIG_INET
451/* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */
452int ip_route_me_harder(struct sk_buff **pskb)
453{
454 struct iphdr *iph = (*pskb)->nh.iph;
455 struct rtable *rt;
456 struct flowi fl = {};
457 struct dst_entry *odst;
458 unsigned int hh_len;
459
460 /* some non-standard hacks like ipt_REJECT.c:send_reset() can cause
461 * packets with foreign saddr to appear on the NF_IP_LOCAL_OUT hook.
462 */
463 if (inet_addr_type(iph->saddr) == RTN_LOCAL) {
464 fl.nl_u.ip4_u.daddr = iph->daddr;
465 fl.nl_u.ip4_u.saddr = iph->saddr;
466 fl.nl_u.ip4_u.tos = RT_TOS(iph->tos);
467 fl.oif = (*pskb)->sk ? (*pskb)->sk->sk_bound_dev_if : 0;
468#ifdef CONFIG_IP_ROUTE_FWMARK
469 fl.nl_u.ip4_u.fwmark = (*pskb)->nfmark;
470#endif
471 fl.proto = iph->protocol;
472 if (ip_route_output_key(&rt, &fl) != 0)
473 return -1;
474
475 /* Drop old route. */
476 dst_release((*pskb)->dst);
477 (*pskb)->dst = &rt->u.dst;
478 } else {
479 /* non-local src, find valid iif to satisfy
480 * rp-filter when calling ip_route_input. */
481 fl.nl_u.ip4_u.daddr = iph->saddr;
482 if (ip_route_output_key(&rt, &fl) != 0)
483 return -1;
484
485 odst = (*pskb)->dst;
486 if (ip_route_input(*pskb, iph->daddr, iph->saddr,
487 RT_TOS(iph->tos), rt->u.dst.dev) != 0) {
488 dst_release(&rt->u.dst);
489 return -1;
490 }
491 dst_release(&rt->u.dst);
492 dst_release(odst);
493 }
494
495 if ((*pskb)->dst->error)
496 return -1;
497
498 /* Change in oif may mean change in hh_len. */
499 hh_len = (*pskb)->dst->dev->hard_header_len;
500 if (skb_headroom(*pskb) < hh_len) {
501 struct sk_buff *nskb;
502
503 nskb = skb_realloc_headroom(*pskb, hh_len);
504 if (!nskb)
505 return -1;
506 if ((*pskb)->sk)
507 skb_set_owner_w(nskb, (*pskb)->sk);
508 kfree_skb(*pskb);
509 *pskb = nskb;
510 }
511
512 return 0;
513}
514EXPORT_SYMBOL(ip_route_me_harder);
515#endif /*CONFIG_INET*/
516
517int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len) 445int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len)
518{ 446{
519 struct sk_buff *nskb; 447 struct sk_buff *nskb;