提交 b85c3dc9 编写于 作者: D David S. Miller

netfilter: Pass nf_hook_state through arpt_do_table().

Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 073bfd56
...@@ -54,8 +54,7 @@ extern struct xt_table *arpt_register_table(struct net *net, ...@@ -54,8 +54,7 @@ extern struct xt_table *arpt_register_table(struct net *net,
extern void arpt_unregister_table(struct xt_table *table); extern void arpt_unregister_table(struct xt_table *table);
extern unsigned int arpt_do_table(struct sk_buff *skb, extern unsigned int arpt_do_table(struct sk_buff *skb,
unsigned int hook, unsigned int hook,
const struct net_device *in, const struct nf_hook_state *state,
const struct net_device *out,
struct xt_table *table); struct xt_table *table);
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT
......
...@@ -248,8 +248,7 @@ struct arpt_entry *arpt_next_entry(const struct arpt_entry *entry) ...@@ -248,8 +248,7 @@ struct arpt_entry *arpt_next_entry(const struct arpt_entry *entry)
unsigned int arpt_do_table(struct sk_buff *skb, unsigned int arpt_do_table(struct sk_buff *skb,
unsigned int hook, unsigned int hook,
const struct net_device *in, const struct nf_hook_state *state,
const struct net_device *out,
struct xt_table *table) struct xt_table *table)
{ {
static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long))));
...@@ -265,8 +264,8 @@ unsigned int arpt_do_table(struct sk_buff *skb, ...@@ -265,8 +264,8 @@ unsigned int arpt_do_table(struct sk_buff *skb,
if (!pskb_may_pull(skb, arp_hdr_len(skb->dev))) if (!pskb_may_pull(skb, arp_hdr_len(skb->dev)))
return NF_DROP; return NF_DROP;
indev = in ? in->name : nulldevname; indev = state->in ? state->in->name : nulldevname;
outdev = out ? out->name : nulldevname; outdev = state->out ? state->out->name : nulldevname;
local_bh_disable(); local_bh_disable();
addend = xt_write_recseq_begin(); addend = xt_write_recseq_begin();
...@@ -281,8 +280,8 @@ unsigned int arpt_do_table(struct sk_buff *skb, ...@@ -281,8 +280,8 @@ unsigned int arpt_do_table(struct sk_buff *skb,
e = get_entry(table_base, private->hook_entry[hook]); e = get_entry(table_base, private->hook_entry[hook]);
back = get_entry(table_base, private->underflow[hook]); back = get_entry(table_base, private->underflow[hook]);
acpar.in = in; acpar.in = state->in;
acpar.out = out; acpar.out = state->out;
acpar.hooknum = hook; acpar.hooknum = hook;
acpar.family = NFPROTO_ARP; acpar.family = NFPROTO_ARP;
acpar.hotdrop = false; acpar.hotdrop = false;
......
...@@ -32,7 +32,7 @@ arptable_filter_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, ...@@ -32,7 +32,7 @@ arptable_filter_hook(const struct nf_hook_ops *ops, struct sk_buff *skb,
{ {
const struct net *net = dev_net(state->in ? state->in : state->out); const struct net *net = dev_net(state->in ? state->in : state->out);
return arpt_do_table(skb, ops->hooknum, state->in, state->out, return arpt_do_table(skb, ops->hooknum, state,
net->ipv4.arptable_filter); net->ipv4.arptable_filter);
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册