提交 e7fa1bd9 编写于 作者: P Patrick McHardy 提交者: David S. Miller

[NETFILTER]: Simplify netbios helper

Don't parse the packet, the data is already available in the conntrack
structure.
Signed-off-by: NPatrick McHardy <kaber@trash.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 5cb30640
...@@ -23,7 +23,6 @@ ...@@ -23,7 +23,6 @@
#include <linux/inetdevice.h> #include <linux/inetdevice.h>
#include <linux/in.h> #include <linux/in.h>
#include <linux/ip.h> #include <linux/ip.h>
#include <linux/udp.h>
#include <net/route.h> #include <net/route.h>
#include <linux/netfilter.h> #include <linux/netfilter.h>
...@@ -31,6 +30,8 @@ ...@@ -31,6 +30,8 @@
#include <linux/netfilter_ipv4/ip_conntrack.h> #include <linux/netfilter_ipv4/ip_conntrack.h>
#include <linux/netfilter_ipv4/ip_conntrack_helper.h> #include <linux/netfilter_ipv4/ip_conntrack_helper.h>
#define NMBD_PORT 137
MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
MODULE_DESCRIPTION("NetBIOS name service broadcast connection tracking helper"); MODULE_DESCRIPTION("NetBIOS name service broadcast connection tracking helper");
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
...@@ -44,7 +45,6 @@ static int help(struct sk_buff **pskb, ...@@ -44,7 +45,6 @@ static int help(struct sk_buff **pskb,
{ {
struct ip_conntrack_expect *exp; struct ip_conntrack_expect *exp;
struct iphdr *iph = (*pskb)->nh.iph; struct iphdr *iph = (*pskb)->nh.iph;
struct udphdr _uh, *uh;
struct rtable *rt = (struct rtable *)(*pskb)->dst; struct rtable *rt = (struct rtable *)(*pskb)->dst;
struct in_device *in_dev; struct in_device *in_dev;
u_int32_t mask = 0; u_int32_t mask = 0;
...@@ -72,20 +72,15 @@ static int help(struct sk_buff **pskb, ...@@ -72,20 +72,15 @@ static int help(struct sk_buff **pskb,
if (mask == 0) if (mask == 0)
goto out; goto out;
uh = skb_header_pointer(*pskb, iph->ihl * 4, sizeof(_uh), &_uh);
BUG_ON(uh == NULL);
exp = ip_conntrack_expect_alloc(ct); exp = ip_conntrack_expect_alloc(ct);
if (exp == NULL) if (exp == NULL)
goto out; goto out;
memset(&exp->tuple, 0, sizeof(exp->tuple));
exp->tuple.src.ip = iph->daddr & mask;
exp->tuple.dst.ip = iph->saddr;
exp->tuple.dst.u.udp.port = uh->source;
exp->tuple.dst.protonum = IPPROTO_UDP;
memset(&exp->mask, 0, sizeof(exp->mask)); exp->tuple = ct->tuplehash[IP_CT_DIR_REPLY].tuple;
exp->tuple.src.u.udp.port = ntohs(NMBD_PORT);
exp->mask.src.ip = mask; exp->mask.src.ip = mask;
exp->mask.src.u.udp.port = 0xFFFF;
exp->mask.dst.ip = 0xFFFFFFFF; exp->mask.dst.ip = 0xFFFFFFFF;
exp->mask.dst.u.udp.port = 0xFFFF; exp->mask.dst.u.udp.port = 0xFFFF;
exp->mask.dst.protonum = 0xFF; exp->mask.dst.protonum = 0xFF;
...@@ -107,7 +102,7 @@ static struct ip_conntrack_helper helper = { ...@@ -107,7 +102,7 @@ static struct ip_conntrack_helper helper = {
.src = { .src = {
.u = { .u = {
.udp = { .udp = {
.port = __constant_htons(137), .port = __constant_htons(NMBD_PORT),
} }
} }
}, },
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册