Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
cloud-kernel
提交
98e86403
cloud-kernel
项目概览
openanolis
/
cloud-kernel
1 年多 前同步成功
通知
161
Star
36
Fork
7
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
10
列表
看板
标记
里程碑
合并请求
2
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
cloud-kernel
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
10
Issue
10
列表
看板
标记
里程碑
合并请求
2
合并请求
2
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
98e86403
编写于
4月 15, 2009
作者:
J
Jan Engelhardt
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
netfilter: xtables: consolidate open-coded logic
Signed-off-by:
N
Jan Engelhardt
<
jengelh@medozas.de
>
上级
4f2f6f23
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
40 addition
and
18 deletion
+40
-18
net/bridge/netfilter/ebtables.c
net/bridge/netfilter/ebtables.c
+10
-6
net/ipv4/netfilter/arp_tables.c
net/ipv4/netfilter/arp_tables.c
+10
-4
net/ipv4/netfilter/ip_tables.c
net/ipv4/netfilter/ip_tables.c
+10
-4
net/ipv6/netfilter/ip6_tables.c
net/ipv6/netfilter/ip6_tables.c
+10
-4
未找到文件。
net/bridge/netfilter/ebtables.c
浏览文件 @
98e86403
...
...
@@ -142,6 +142,12 @@ static inline int ebt_basic_match(struct ebt_entry *e, struct ethhdr *h,
return
0
;
}
static
inline
__pure
struct
ebt_entry
*
ebt_next_entry
(
const
struct
ebt_entry
*
entry
)
{
return
(
void
*
)
entry
+
entry
->
next_offset
;
}
/* Do some firewalling */
unsigned
int
ebt_do_table
(
unsigned
int
hook
,
struct
sk_buff
*
skb
,
const
struct
net_device
*
in
,
const
struct
net_device
*
out
,
...
...
@@ -249,8 +255,7 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb,
/* jump to a udc */
cs
[
sp
].
n
=
i
+
1
;
cs
[
sp
].
chaininfo
=
chaininfo
;
cs
[
sp
].
e
=
(
struct
ebt_entry
*
)
(((
char
*
)
point
)
+
point
->
next_offset
);
cs
[
sp
].
e
=
ebt_next_entry
(
point
);
i
=
0
;
chaininfo
=
(
struct
ebt_entries
*
)
(
base
+
verdict
);
#ifdef CONFIG_NETFILTER_DEBUG
...
...
@@ -266,8 +271,7 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb,
sp
++
;
continue
;
letscontinue:
point
=
(
struct
ebt_entry
*
)
(((
char
*
)
point
)
+
point
->
next_offset
);
point
=
ebt_next_entry
(
point
);
i
++
;
}
...
...
@@ -787,7 +791,7 @@ static int check_chainloops(struct ebt_entries *chain, struct ebt_cl_stack *cl_s
/* this can't be 0, so the loop test is correct */
cl_s
[
i
].
cs
.
n
=
pos
+
1
;
pos
=
0
;
cl_s
[
i
].
cs
.
e
=
((
void
*
)
e
+
e
->
next_offset
);
cl_s
[
i
].
cs
.
e
=
ebt_next_entry
(
e
);
e
=
(
struct
ebt_entry
*
)(
hlp2
->
data
);
nentries
=
hlp2
->
nentries
;
cl_s
[
i
].
from
=
chain_nr
;
...
...
@@ -797,7 +801,7 @@ static int check_chainloops(struct ebt_entries *chain, struct ebt_cl_stack *cl_s
continue
;
}
letscontinue:
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
ebt_next_entry
(
e
)
;
pos
++
;
}
return
0
;
...
...
net/ipv4/netfilter/arp_tables.c
浏览文件 @
98e86403
...
...
@@ -231,6 +231,12 @@ static inline struct arpt_entry *get_entry(void *base, unsigned int offset)
return
(
struct
arpt_entry
*
)(
base
+
offset
);
}
static
inline
__pure
struct
arpt_entry
*
arpt_next_entry
(
const
struct
arpt_entry
*
entry
)
{
return
(
void
*
)
entry
+
entry
->
next_offset
;
}
unsigned
int
arpt_do_table
(
struct
sk_buff
*
skb
,
unsigned
int
hook
,
const
struct
net_device
*
in
,
...
...
@@ -295,10 +301,10 @@ unsigned int arpt_do_table(struct sk_buff *skb,
continue
;
}
if
(
table_base
+
v
!=
(
void
*
)
e
+
e
->
next_offset
)
{
!=
arpt_next_entry
(
e
)
)
{
/* Save old back ptr in next entry */
struct
arpt_entry
*
next
=
(
void
*
)
e
+
e
->
next_offset
;
=
arpt_next_entry
(
e
)
;
next
->
comefrom
=
(
void
*
)
back
-
table_base
;
...
...
@@ -320,13 +326,13 @@ unsigned int arpt_do_table(struct sk_buff *skb,
arp
=
arp_hdr
(
skb
);
if
(
verdict
==
ARPT_CONTINUE
)
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
arpt_next_entry
(
e
)
;
else
/* Verdict */
break
;
}
}
else
{
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
arpt_next_entry
(
e
)
;
}
}
while
(
!
hotdrop
);
xt_info_rdunlock_bh
();
...
...
net/ipv4/netfilter/ip_tables.c
浏览文件 @
98e86403
...
...
@@ -297,6 +297,12 @@ static void trace_packet(struct sk_buff *skb,
}
#endif
static
inline
__pure
struct
ipt_entry
*
ipt_next_entry
(
const
struct
ipt_entry
*
entry
)
{
return
(
void
*
)
entry
+
entry
->
next_offset
;
}
/* Returns one of the generic firewall policies, like NF_ACCEPT. */
unsigned
int
ipt_do_table
(
struct
sk_buff
*
skb
,
...
...
@@ -385,11 +391,11 @@ ipt_do_table(struct sk_buff *skb,
back
->
comefrom
);
continue
;
}
if
(
table_base
+
v
!=
(
void
*
)
e
+
e
->
next_offset
if
(
table_base
+
v
!=
ipt_next_entry
(
e
)
&&
!
(
e
->
ip
.
flags
&
IPT_F_GOTO
))
{
/* Save old back ptr in next entry */
struct
ipt_entry
*
next
=
(
void
*
)
e
+
e
->
next_offset
;
=
ipt_next_entry
(
e
)
;
next
->
comefrom
=
(
void
*
)
back
-
table_base
;
/* set back pointer to next entry */
...
...
@@ -424,7 +430,7 @@ ipt_do_table(struct sk_buff *skb,
datalen
=
skb
->
len
-
ip
->
ihl
*
4
;
if
(
verdict
==
IPT_CONTINUE
)
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
ipt_next_entry
(
e
)
;
else
/* Verdict */
break
;
...
...
@@ -432,7 +438,7 @@ ipt_do_table(struct sk_buff *skb,
}
else
{
no_match:
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
ipt_next_entry
(
e
)
;
}
}
while
(
!
hotdrop
);
xt_info_rdunlock_bh
();
...
...
net/ipv6/netfilter/ip6_tables.c
浏览文件 @
98e86403
...
...
@@ -329,6 +329,12 @@ static void trace_packet(struct sk_buff *skb,
}
#endif
static
inline
__pure
struct
ip6t_entry
*
ip6t_next_entry
(
const
struct
ip6t_entry
*
entry
)
{
return
(
void
*
)
entry
+
entry
->
next_offset
;
}
/* Returns one of the generic firewall policies, like NF_ACCEPT. */
unsigned
int
ip6t_do_table
(
struct
sk_buff
*
skb
,
...
...
@@ -414,11 +420,11 @@ ip6t_do_table(struct sk_buff *skb,
back
->
comefrom
);
continue
;
}
if
(
table_base
+
v
!=
(
void
*
)
e
+
e
->
next_offset
if
(
table_base
+
v
!=
ip6t_next_entry
(
e
)
&&
!
(
e
->
ipv6
.
flags
&
IP6T_F_GOTO
))
{
/* Save old back ptr in next entry */
struct
ip6t_entry
*
next
=
(
void
*
)
e
+
e
->
next_offset
;
=
ip6t_next_entry
(
e
)
;
next
->
comefrom
=
(
void
*
)
back
-
table_base
;
/* set back pointer to next entry */
...
...
@@ -451,7 +457,7 @@ ip6t_do_table(struct sk_buff *skb,
=
0x57acc001
;
#endif
if
(
verdict
==
IP6T_CONTINUE
)
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
ip6t_next_entry
(
e
)
;
else
/* Verdict */
break
;
...
...
@@ -459,7 +465,7 @@ ip6t_do_table(struct sk_buff *skb,
}
else
{
no_match:
e
=
(
void
*
)
e
+
e
->
next_offset
;
e
=
ip6t_next_entry
(
e
)
;
}
}
while
(
!
hotdrop
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录