| act_ipt.c (14f0290ba44de6ed435fea24bba26e7868421c66) | act_ipt.c (cc7ec456f82da7f89a5b376e613b3ac4311b3e9a) |
|---|---|
| 1/* 2 * net/sched/ipt.c iptables target interface 3 * 4 *TODO: Add other tables. For now we only support the ipv4 table targets 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 124 unchanged lines hidden (view full) --- 133 if (tb[TCA_IPT_INDEX] != NULL) 134 index = nla_get_u32(tb[TCA_IPT_INDEX]); 135 136 pc = tcf_hash_check(index, a, bind, &ipt_hash_info); 137 if (!pc) { 138 pc = tcf_hash_create(index, est, a, sizeof(*ipt), bind, 139 &ipt_idx_gen, &ipt_hash_info); 140 if (IS_ERR(pc)) | 1/* 2 * net/sched/ipt.c iptables target interface 3 * 4 *TODO: Add other tables. For now we only support the ipv4 table targets 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 124 unchanged lines hidden (view full) --- 133 if (tb[TCA_IPT_INDEX] != NULL) 134 index = nla_get_u32(tb[TCA_IPT_INDEX]); 135 136 pc = tcf_hash_check(index, a, bind, &ipt_hash_info); 137 if (!pc) { 138 pc = tcf_hash_create(index, est, a, sizeof(*ipt), bind, 139 &ipt_idx_gen, &ipt_hash_info); 140 if (IS_ERR(pc)) |
| 141 return PTR_ERR(pc); | 141 return PTR_ERR(pc); |
| 142 ret = ACT_P_CREATED; 143 } else { 144 if (!ovr) { 145 tcf_ipt_release(to_ipt(pc), bind); 146 return -EEXIST; 147 } 148 } 149 ipt = to_ipt(pc); --- 7 unchanged lines hidden (view full) --- 157 if (tb[TCA_IPT_TABLE] == NULL || 158 nla_strlcpy(tname, tb[TCA_IPT_TABLE], IFNAMSIZ) >= IFNAMSIZ) 159 strcpy(tname, "mangle"); 160 161 t = kmemdup(td, td->u.target_size, GFP_KERNEL); 162 if (unlikely(!t)) 163 goto err2; 164 | 142 ret = ACT_P_CREATED; 143 } else { 144 if (!ovr) { 145 tcf_ipt_release(to_ipt(pc), bind); 146 return -EEXIST; 147 } 148 } 149 ipt = to_ipt(pc); --- 7 unchanged lines hidden (view full) --- 157 if (tb[TCA_IPT_TABLE] == NULL || 158 nla_strlcpy(tname, tb[TCA_IPT_TABLE], IFNAMSIZ) >= IFNAMSIZ) 159 strcpy(tname, "mangle"); 160 161 t = kmemdup(td, td->u.target_size, GFP_KERNEL); 162 if (unlikely(!t)) 163 goto err2; 164 |
| 165 if ((err = ipt_init_target(t, tname, hook)) < 0) | 165 err = ipt_init_target(t, tname, hook); 166 if (err < 0) |
| 166 goto err3; 167 168 spin_lock_bh(&ipt->tcf_lock); 169 if (ret != ACT_P_CREATED) { 170 ipt_destroy_target(ipt->tcfi_t); 171 kfree(ipt->tcfi_tname); 172 kfree(ipt->tcfi_t); 173 } --- 33 unchanged lines hidden (view full) --- 207 } 208 209 spin_lock(&ipt->tcf_lock); 210 211 ipt->tcf_tm.lastuse = jiffies; 212 bstats_update(&ipt->tcf_bstats, skb); 213 214 /* yes, we have to worry about both in and out dev | 167 goto err3; 168 169 spin_lock_bh(&ipt->tcf_lock); 170 if (ret != ACT_P_CREATED) { 171 ipt_destroy_target(ipt->tcfi_t); 172 kfree(ipt->tcfi_tname); 173 kfree(ipt->tcfi_t); 174 } --- 33 unchanged lines hidden (view full) --- 208 } 209 210 spin_lock(&ipt->tcf_lock); 211 212 ipt->tcf_tm.lastuse = jiffies; 213 bstats_update(&ipt->tcf_bstats, skb); 214 215 /* yes, we have to worry about both in and out dev |
| 215 worry later - danger - this API seems to have changed 216 from earlier kernels */ | 216 * worry later - danger - this API seems to have changed 217 * from earlier kernels 218 */ |
| 217 par.in = skb->dev; 218 par.out = NULL; 219 par.hooknum = ipt->tcfi_hook; 220 par.target = ipt->tcfi_t->u.kernel.target; 221 par.targinfo = ipt->tcfi_t->data; 222 ret = par.target->target(skb, &par); 223 224 switch (ret) { --- 23 unchanged lines hidden (view full) --- 248{ 249 unsigned char *b = skb_tail_pointer(skb); 250 struct tcf_ipt *ipt = a->priv; 251 struct xt_entry_target *t; 252 struct tcf_t tm; 253 struct tc_cnt c; 254 255 /* for simple targets kernel size == user size | 219 par.in = skb->dev; 220 par.out = NULL; 221 par.hooknum = ipt->tcfi_hook; 222 par.target = ipt->tcfi_t->u.kernel.target; 223 par.targinfo = ipt->tcfi_t->data; 224 ret = par.target->target(skb, &par); 225 226 switch (ret) { --- 23 unchanged lines hidden (view full) --- 250{ 251 unsigned char *b = skb_tail_pointer(skb); 252 struct tcf_ipt *ipt = a->priv; 253 struct xt_entry_target *t; 254 struct tcf_t tm; 255 struct tc_cnt c; 256 257 /* for simple targets kernel size == user size |
| 256 ** user name = target name 257 ** for foolproof you need to not assume this 258 */ | 258 * user name = target name 259 * for foolproof you need to not assume this 260 */ |
| 259 260 t = kmemdup(ipt->tcfi_t, ipt->tcfi_t->u.user.target_size, GFP_ATOMIC); 261 if (unlikely(!t)) 262 goto nla_put_failure; 263 264 c.bindcnt = ipt->tcf_bindcnt - bind; 265 c.refcnt = ipt->tcf_refcnt - ref; 266 strcpy(t->u.user.name, ipt->tcfi_t->u.kernel.target->name); --- 49 unchanged lines hidden --- | 261 262 t = kmemdup(ipt->tcfi_t, ipt->tcfi_t->u.user.target_size, GFP_ATOMIC); 263 if (unlikely(!t)) 264 goto nla_put_failure; 265 266 c.bindcnt = ipt->tcf_bindcnt - bind; 267 c.refcnt = ipt->tcf_refcnt - ref; 268 strcpy(t->u.user.name, ipt->tcfi_t->u.kernel.target->name); --- 49 unchanged lines hidden --- |