diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/xt_sctp.c | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index f907770fd4e9..3358273a47b7 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c | |||
| @@ -42,21 +42,21 @@ match_flags(const struct xt_sctp_flag_info *flag_info, | |||
| 42 | static inline bool | 42 | static inline bool |
| 43 | match_packet(const struct sk_buff *skb, | 43 | match_packet(const struct sk_buff *skb, |
| 44 | unsigned int offset, | 44 | unsigned int offset, |
| 45 | const u_int32_t *chunkmap, | 45 | const struct xt_sctp_info *info, |
| 46 | int chunk_match_type, | ||
| 47 | const struct xt_sctp_flag_info *flag_info, | ||
| 48 | const int flag_count, | ||
| 49 | bool *hotdrop) | 46 | bool *hotdrop) |
| 50 | { | 47 | { |
| 51 | u_int32_t chunkmapcopy[256 / sizeof (u_int32_t)]; | 48 | u_int32_t chunkmapcopy[256 / sizeof (u_int32_t)]; |
| 52 | sctp_chunkhdr_t _sch, *sch; | 49 | sctp_chunkhdr_t _sch, *sch; |
| 50 | int chunk_match_type = info->chunk_match_type; | ||
| 51 | const struct xt_sctp_flag_info *flag_info = info->flag_info; | ||
| 52 | int flag_count = info->flag_count; | ||
| 53 | 53 | ||
| 54 | #ifdef DEBUG_SCTP | 54 | #ifdef DEBUG_SCTP |
| 55 | int i = 0; | 55 | int i = 0; |
| 56 | #endif | 56 | #endif |
| 57 | 57 | ||
| 58 | if (chunk_match_type == SCTP_CHUNK_MATCH_ALL) | 58 | if (chunk_match_type == SCTP_CHUNK_MATCH_ALL) |
| 59 | SCTP_CHUNKMAP_COPY(chunkmapcopy, chunkmap); | 59 | SCTP_CHUNKMAP_COPY(chunkmapcopy, info->chunkmap); |
| 60 | 60 | ||
| 61 | do { | 61 | do { |
| 62 | sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch); | 62 | sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch); |
| @@ -73,7 +73,7 @@ match_packet(const struct sk_buff *skb, | |||
| 73 | 73 | ||
| 74 | duprintf("skb->len: %d\toffset: %d\n", skb->len, offset); | 74 | duprintf("skb->len: %d\toffset: %d\n", skb->len, offset); |
| 75 | 75 | ||
| 76 | if (SCTP_CHUNKMAP_IS_SET(chunkmap, sch->type)) { | 76 | if (SCTP_CHUNKMAP_IS_SET(info->chunkmap, sch->type)) { |
| 77 | switch (chunk_match_type) { | 77 | switch (chunk_match_type) { |
| 78 | case SCTP_CHUNK_MATCH_ANY: | 78 | case SCTP_CHUNK_MATCH_ANY: |
| 79 | if (match_flags(flag_info, flag_count, | 79 | if (match_flags(flag_info, flag_count, |
| @@ -104,7 +104,7 @@ match_packet(const struct sk_buff *skb, | |||
| 104 | 104 | ||
| 105 | switch (chunk_match_type) { | 105 | switch (chunk_match_type) { |
| 106 | case SCTP_CHUNK_MATCH_ALL: | 106 | case SCTP_CHUNK_MATCH_ALL: |
| 107 | return SCTP_CHUNKMAP_IS_CLEAR(chunkmap); | 107 | return SCTP_CHUNKMAP_IS_CLEAR(info->chunkmap); |
| 108 | case SCTP_CHUNK_MATCH_ANY: | 108 | case SCTP_CHUNK_MATCH_ANY: |
| 109 | return false; | 109 | return false; |
| 110 | case SCTP_CHUNK_MATCH_ONLY: | 110 | case SCTP_CHUNK_MATCH_ONLY: |
| @@ -148,9 +148,7 @@ match(const struct sk_buff *skb, | |||
| 148 | && ntohs(sh->dest) <= info->dpts[1], | 148 | && ntohs(sh->dest) <= info->dpts[1], |
| 149 | XT_SCTP_DEST_PORTS, info->flags, info->invflags) | 149 | XT_SCTP_DEST_PORTS, info->flags, info->invflags) |
| 150 | && SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t), | 150 | && SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t), |
| 151 | info->chunkmap, info->chunk_match_type, | 151 | info, hotdrop), |
| 152 | info->flag_info, info->flag_count, | ||
| 153 | hotdrop), | ||
| 154 | XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); | 152 | XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); |
| 155 | } | 153 | } |
| 156 | 154 | ||