git://git.onelab.eu
/
linux-2.6.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
vserver 1.9.3
[linux-2.6.git]
/
net
/
ipv4
/
netfilter
/
ip_nat_standalone.c
diff --git
a/net/ipv4/netfilter/ip_nat_standalone.c
b/net/ipv4/netfilter/ip_nat_standalone.c
index
9765fd2
..
e4e9612
100644
(file)
--- a/
net/ipv4/netfilter/ip_nat_standalone.c
+++ b/
net/ipv4/netfilter/ip_nat_standalone.c
@@
-99,11
+99,13
@@
ip_nat_fn(unsigned int hooknum,
hash table yet). We must not let this through, in
case we're doing NAT to the same network. */
if ((*pskb)->nh.iph->protocol == IPPROTO_ICMP) {
hash table yet). We must not let this through, in
case we're doing NAT to the same network. */
if ((*pskb)->nh.iph->protocol == IPPROTO_ICMP) {
- struct icmphdr
hdr
;
+ struct icmphdr
_hdr, *hp
;
- if (skb_copy_bits(*pskb, (*pskb)->nh.iph->ihl*4,
- &hdr, sizeof(hdr)) == 0
- && hdr.type == ICMP_REDIRECT)
+ hp = skb_header_pointer(*pskb,
+ (*pskb)->nh.iph->ihl*4,
+ sizeof(_hdr), &_hdr);
+ if (hp != NULL &&
+ hp->type == ICMP_REDIRECT)
return NF_DROP;
}
return NF_ACCEPT;
return NF_DROP;
}
return NF_ACCEPT;
@@
-281,18
+283,13
@@
static struct nf_hook_ops ip_nat_local_in_ops = {
int ip_nat_protocol_register(struct ip_nat_protocol *proto)
{
int ret = 0;
int ip_nat_protocol_register(struct ip_nat_protocol *proto)
{
int ret = 0;
- struct list_head *i;
WRITE_LOCK(&ip_nat_lock);
WRITE_LOCK(&ip_nat_lock);
- list_for_each(i, &protos) {
- if (((struct ip_nat_protocol *)i)->protonum
- == proto->protonum) {
- ret = -EBUSY;
- goto out;
- }
+ if (ip_nat_protos[proto->protonum] != &ip_nat_unknown_protocol) {
+ ret = -EBUSY;
+ goto out;
}
}
-
- list_prepend(&protos, proto);
+ ip_nat_protos[proto->protonum] = proto;
out:
WRITE_UNLOCK(&ip_nat_lock);
return ret;
out:
WRITE_UNLOCK(&ip_nat_lock);
return ret;
@@
-302,7
+299,7
@@
int ip_nat_protocol_register(struct ip_nat_protocol *proto)
void ip_nat_protocol_unregister(struct ip_nat_protocol *proto)
{
WRITE_LOCK(&ip_nat_lock);
void ip_nat_protocol_unregister(struct ip_nat_protocol *proto)
{
WRITE_LOCK(&ip_nat_lock);
-
LIST_DELETE(&protos, proto)
;
+
ip_nat_protos[proto->protonum] = &ip_nat_unknown_protocol
;
WRITE_UNLOCK(&ip_nat_lock);
/* Someone could be still looking at the proto in a bh. */
WRITE_UNLOCK(&ip_nat_lock);
/* Someone could be still looking at the proto in a bh. */
@@
-392,4
+389,6
@@
EXPORT_SYMBOL(ip_nat_cheat_check);
EXPORT_SYMBOL(ip_nat_mangle_tcp_packet);
EXPORT_SYMBOL(ip_nat_mangle_udp_packet);
EXPORT_SYMBOL(ip_nat_used_tuple);
EXPORT_SYMBOL(ip_nat_mangle_tcp_packet);
EXPORT_SYMBOL(ip_nat_mangle_udp_packet);
EXPORT_SYMBOL(ip_nat_used_tuple);
+EXPORT_SYMBOL(ip_nat_find_helper);
+EXPORT_SYMBOL(__ip_nat_find_helper);
MODULE_LICENSE("GPL");
MODULE_LICENSE("GPL");