diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/bridge/br_netfilter.c | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index 6fc9ecc4eb39..f29450b788be 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c | |||
@@ -113,6 +113,25 @@ static inline struct net_device *bridge_parent(const struct net_device *dev) | |||
113 | return port ? port->br->dev : NULL; | 113 | return port ? port->br->dev : NULL; |
114 | } | 114 | } |
115 | 115 | ||
116 | static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb) | ||
117 | { | ||
118 | skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC); | ||
119 | if (likely(skb->nf_bridge)) | ||
120 | atomic_set(&(skb->nf_bridge->use), 1); | ||
121 | |||
122 | return skb->nf_bridge; | ||
123 | } | ||
124 | |||
125 | static inline void nf_bridge_save_header(struct sk_buff *skb) | ||
126 | { | ||
127 | int header_size = 16; | ||
128 | |||
129 | if (skb->protocol == htons(ETH_P_8021Q)) | ||
130 | header_size = 18; | ||
131 | |||
132 | memcpy(skb->nf_bridge->data, skb->data - header_size, header_size); | ||
133 | } | ||
134 | |||
116 | /* PF_BRIDGE/PRE_ROUTING *********************************************/ | 135 | /* PF_BRIDGE/PRE_ROUTING *********************************************/ |
117 | /* Undo the changes made for ip6tables PREROUTING and continue the | 136 | /* Undo the changes made for ip6tables PREROUTING and continue the |
118 | * bridge PRE_ROUTING hook. */ | 137 | * bridge PRE_ROUTING hook. */ |
@@ -371,7 +390,6 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook, | |||
371 | { | 390 | { |
372 | struct ipv6hdr *hdr; | 391 | struct ipv6hdr *hdr; |
373 | u32 pkt_len; | 392 | u32 pkt_len; |
374 | struct nf_bridge_info *nf_bridge; | ||
375 | 393 | ||
376 | if (skb->len < sizeof(struct ipv6hdr)) | 394 | if (skb->len < sizeof(struct ipv6hdr)) |
377 | goto inhdr_error; | 395 | goto inhdr_error; |
@@ -400,7 +418,7 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook, | |||
400 | goto inhdr_error; | 418 | goto inhdr_error; |
401 | 419 | ||
402 | nf_bridge_put(skb->nf_bridge); | 420 | nf_bridge_put(skb->nf_bridge); |
403 | if ((nf_bridge = nf_bridge_alloc(skb)) == NULL) | 421 | if (!nf_bridge_alloc(skb)) |
404 | return NF_DROP; | 422 | return NF_DROP; |
405 | if (!setup_pre_routing(skb)) | 423 | if (!setup_pre_routing(skb)) |
406 | return NF_DROP; | 424 | return NF_DROP; |
@@ -428,7 +446,6 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, | |||
428 | struct iphdr *iph; | 446 | struct iphdr *iph; |
429 | __u32 len; | 447 | __u32 len; |
430 | struct sk_buff *skb = *pskb; | 448 | struct sk_buff *skb = *pskb; |
431 | struct nf_bridge_info *nf_bridge; | ||
432 | 449 | ||
433 | if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb)) { | 450 | if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb)) { |
434 | #ifdef CONFIG_SYSCTL | 451 | #ifdef CONFIG_SYSCTL |
@@ -485,7 +502,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, | |||
485 | } | 502 | } |
486 | 503 | ||
487 | nf_bridge_put(skb->nf_bridge); | 504 | nf_bridge_put(skb->nf_bridge); |
488 | if ((nf_bridge = nf_bridge_alloc(skb)) == NULL) | 505 | if (!nf_bridge_alloc(skb)) |
489 | return NF_DROP; | 506 | return NF_DROP; |
490 | if (!setup_pre_routing(skb)) | 507 | if (!setup_pre_routing(skb)) |
491 | return NF_DROP; | 508 | return NF_DROP; |