Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
linux-davinci
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
linux
linux-davinci
Commits
356d6c2d
Commit
356d6c2d
authored
May 05, 2009
by
David S. Miller
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' of
git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6
parents
86b698b8
fecc1133
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
34 additions
and
32 deletions
+34
-32
include/linux/netfilter/xt_LED.h
include/linux/netfilter/xt_LED.h
+2
-0
include/linux/netfilter/xt_cluster.h
include/linux/netfilter/xt_cluster.h
+2
-0
net/ipv6/netfilter/ip6t_ipv6header.c
net/ipv6/netfilter/ip6t_ipv6header.c
+3
-3
net/netfilter/nf_conntrack_netlink.c
net/netfilter/nf_conntrack_netlink.c
+20
-28
net/netfilter/xt_cluster.c
net/netfilter/xt_cluster.c
+7
-1
No files found.
include/linux/netfilter/xt_LED.h
View file @
356d6c2d
#ifndef _XT_LED_H
#define _XT_LED_H
#include <linux/types.h>
struct
xt_led_info
{
char
id
[
27
];
/* Unique ID for this trigger in the LED class */
__u8
always_blink
;
/* Blink even if the LED is already on */
...
...
include/linux/netfilter/xt_cluster.h
View file @
356d6c2d
...
...
@@ -12,4 +12,6 @@ struct xt_cluster_match_info {
u_int32_t
flags
;
};
#define XT_CLUSTER_NODES_MAX 32
#endif
/* _XT_CLUSTER_MATCH_H */
net/ipv6/netfilter/ip6t_ipv6header.c
View file @
356d6c2d
...
...
@@ -50,14 +50,14 @@ ipv6header_mt6(const struct sk_buff *skb, const struct xt_match_param *par)
struct
ipv6_opt_hdr
_hdr
;
int
hdrlen
;
/* Is there enough space for the next ext header? */
if
(
len
<
(
int
)
sizeof
(
struct
ipv6_opt_hdr
))
return
false
;
/* No more exthdr -> evaluate */
if
(
nexthdr
==
NEXTHDR_NONE
)
{
temp
|=
MASK_NONE
;
break
;
}
/* Is there enough space for the next ext header? */
if
(
len
<
(
int
)
sizeof
(
struct
ipv6_opt_hdr
))
return
false
;
/* ESP -> evaluate */
if
(
nexthdr
==
NEXTHDR_ESP
)
{
temp
|=
MASK_ESP
;
...
...
net/netfilter/nf_conntrack_netlink.c
View file @
356d6c2d
...
...
@@ -1186,28 +1186,6 @@ ctnetlink_change_conntrack(struct nf_conn *ct, struct nlattr *cda[])
return
0
;
}
static
inline
void
ctnetlink_event_report
(
struct
nf_conn
*
ct
,
u32
pid
,
int
report
)
{
unsigned
int
events
=
0
;
if
(
test_bit
(
IPS_EXPECTED_BIT
,
&
ct
->
status
))
events
|=
IPCT_RELATED
;
else
events
|=
IPCT_NEW
;
nf_conntrack_event_report
(
IPCT_STATUS
|
IPCT_HELPER
|
IPCT_REFRESH
|
IPCT_PROTOINFO
|
IPCT_NATSEQADJ
|
IPCT_MARK
|
events
,
ct
,
pid
,
report
);
}
static
struct
nf_conn
*
ctnetlink_create_conntrack
(
struct
nlattr
*
cda
[],
struct
nf_conntrack_tuple
*
otuple
,
...
...
@@ -1373,6 +1351,7 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
err
=
-
ENOENT
;
if
(
nlh
->
nlmsg_flags
&
NLM_F_CREATE
)
{
struct
nf_conn
*
ct
;
enum
ip_conntrack_events
events
;
ct
=
ctnetlink_create_conntrack
(
cda
,
&
otuple
,
&
rtuple
,
u3
);
...
...
@@ -1383,9 +1362,18 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
err
=
0
;
nf_conntrack_get
(
&
ct
->
ct_general
);
spin_unlock_bh
(
&
nf_conntrack_lock
);
ctnetlink_event_report
(
ct
,
NETLINK_CB
(
skb
).
pid
,
nlmsg_report
(
nlh
));
if
(
test_bit
(
IPS_EXPECTED_BIT
,
&
ct
->
status
))
events
=
IPCT_RELATED
;
else
events
=
IPCT_NEW
;
nf_conntrack_event_report
(
IPCT_STATUS
|
IPCT_HELPER
|
IPCT_PROTOINFO
|
IPCT_NATSEQADJ
|
IPCT_MARK
|
events
,
ct
,
NETLINK_CB
(
skb
).
pid
,
nlmsg_report
(
nlh
));
nf_ct_put
(
ct
);
}
else
spin_unlock_bh
(
&
nf_conntrack_lock
);
...
...
@@ -1404,9 +1392,13 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
if
(
err
==
0
)
{
nf_conntrack_get
(
&
ct
->
ct_general
);
spin_unlock_bh
(
&
nf_conntrack_lock
);
ctnetlink_event_report
(
ct
,
NETLINK_CB
(
skb
).
pid
,
nlmsg_report
(
nlh
));
nf_conntrack_event_report
(
IPCT_STATUS
|
IPCT_HELPER
|
IPCT_PROTOINFO
|
IPCT_NATSEQADJ
|
IPCT_MARK
,
ct
,
NETLINK_CB
(
skb
).
pid
,
nlmsg_report
(
nlh
));
nf_ct_put
(
ct
);
}
else
spin_unlock_bh
(
&
nf_conntrack_lock
);
...
...
net/netfilter/xt_cluster.c
View file @
356d6c2d
...
...
@@ -135,7 +135,13 @@ static bool xt_cluster_mt_checkentry(const struct xt_mtchk_param *par)
{
struct
xt_cluster_match_info
*
info
=
par
->
matchinfo
;
if
(
info
->
node_mask
>=
(
1
<<
info
->
total_nodes
))
{
if
(
info
->
total_nodes
>
XT_CLUSTER_NODES_MAX
)
{
printk
(
KERN_ERR
"xt_cluster: you have exceeded the maximum "
"number of cluster nodes (%u > %u)
\n
"
,
info
->
total_nodes
,
XT_CLUSTER_NODES_MAX
);
return
false
;
}
if
(
info
->
node_mask
>=
(
1ULL
<<
info
->
total_nodes
))
{
printk
(
KERN_ERR
"xt_cluster: this node mask cannot be "
"higher than the total number of nodes
\n
"
);
return
false
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment