git://git.onelab.eu / linux-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fedora core 6 1.2949 + vserver 2.2.0
[linux-2.6.git] / net / netfilter / nfnetlink_queue.c
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 49ef41e..a88a017 100644 (file)
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -349,7 +349,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
        struct sk_buff *entskb = entry->skb;
        struct net_device *indev;
        struct net_device *outdev;
-       unsigned int tmp_uint;
+       __be32 tmp_uint;
 
        QDEBUG("entered\n");
 
@@ -377,9 +377,9 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                break;
        
        case NFQNL_COPY_PACKET:
-               if (entskb->ip_summed == CHECKSUM_HW &&
-                   (*errp = skb_checksum_help(entskb,
-                                              outdev == NULL))) {
+               if ((entskb->ip_summed == CHECKSUM_PARTIAL ||
+                    entskb->ip_summed == CHECKSUM_COMPLETE) &&
+                   (*errp = skb_checksum_help(entskb))) {
                        spin_unlock_bh(&queue->lock);
                        return NULL;
                }
@@ -414,7 +414,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
        nfmsg->res_id = htons(queue->queue_num);
 
        pmsg.packet_id          = htonl(entry->id);
-       pmsg.hw_protocol        = htons(entskb->protocol);
+       pmsg.hw_protocol        = entskb->protocol;
        pmsg.hook               = entinf->hook;
 
        NFA_PUT(skb, NFQA_PACKET_HDR, sizeof(pmsg), &pmsg);
@@ -480,8 +480,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
 #endif
        }
 
-       if (entskb->nfmark) {
-               tmp_uint = htonl(entskb->nfmark);
+       if (entskb->mark) {
+               tmp_uint = htonl(entskb->mark);
                NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint);
        }
 
@@ -489,10 +489,9 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
            && entskb->dev->hard_header_parse) {
                struct nfqnl_msg_packet_hw phw;
 
-               phw.hw_addrlen =
-                       entskb->dev->hard_header_parse(entskb,
+               int len = entskb->dev->hard_header_parse(entskb,
                                                           phw.hw_addr);
-               phw.hw_addrlen = htons(phw.hw_addrlen);
+               phw.hw_addrlen = htons(len);
                NFA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw);
        }
 
@@ -584,7 +583,7 @@ nfqnl_enqueue_packet(struct sk_buff *skb, struct nf_info *info,
                 queue->queue_dropped++;
                status = -ENOSPC;
                if (net_ratelimit())
-                         printk(KERN_WARNING "ip_queue: full at %d entries, "
+                         printk(KERN_WARNING "nf_queue: full at %d entries, "
                                 "dropping packets(s). Dropped: %d\n", 
                                 queue->queue_total, queue->queue_dropped);
                goto err_out_free_nskb;
@@ -622,9 +621,10 @@ nfqnl_mangle(void *data, int data_len, struct nfqnl_queue_entry *e)
        int diff;
 
        diff = data_len - e->skb->len;
-       if (diff < 0)
-               skb_trim(e->skb, data_len);
-       else if (diff > 0) {
+       if (diff < 0) {
+               if (pskb_trim(e->skb, data_len))
+                       return -ENOMEM;
+       } else if (diff > 0) {
                if (data_len > 0xFFFF)
                        return -EINVAL;
                if (diff > skb_tailroom(e->skb)) {
@@ -635,7 +635,7 @@ nfqnl_mangle(void *data, int data_len, struct nfqnl_queue_entry *e)
                                                 diff,
                                                 GFP_ATOMIC);
                        if (newskb == NULL) {
-                               printk(KERN_WARNING "ip_queue: OOM "
+                               printk(KERN_WARNING "nf_queue: OOM "
                                      "in mangle, dropping packet\n");
                                return -ENOMEM;
                        }
@@ -834,8 +834,8 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
        }
 
        if (nfqa[NFQA_MARK-1])
-               entry->skb->nfmark = ntohl(*(u_int32_t *)
-                                          NFA_DATA(nfqa[NFQA_MARK-1]));
+               entry->skb->mark = ntohl(*(__be32 *)
+                                        NFA_DATA(nfqa[NFQA_MARK-1]));
                
        issue_verdict(entry, verdict);
        instance_put(queue);
@@ -947,6 +947,14 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
                                ntohl(params->copy_range));
        }
 
+       if (nfqa[NFQA_CFG_QUEUE_MAXLEN-1]) {
+               __be32 *queue_maxlen;
+               queue_maxlen = NFA_DATA(nfqa[NFQA_CFG_QUEUE_MAXLEN-1]);
+               spin_lock_bh(&queue->lock);
+               queue->queue_maxlen = ntohl(*queue_maxlen);
+               spin_unlock_bh(&queue->lock);
+       }
+
 out_put:
        instance_put(queue);
        return ret;
linux-2.6