1 /* 2 * Handle firewalling core 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * Bart De Schuymer <bdschuym@pandora.be> 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License 11 * as published by the Free Software Foundation; either version 12 * 2 of the License, or (at your option) any later version. 13 * 14 * Lennert dedicates this file to Kerstin Wurdinger. 15 */ 16 17 #include <linux/module.h> 18 #include <linux/kernel.h> 19 #include <linux/in_route.h> 20 #include <linux/inetdevice.h> 21 #include <net/route.h> 22 23 #include "br_private.h" 24 #ifdef CONFIG_SYSCTL 25 #include <linux/sysctl.h> 26 #endif 27 28 static void fake_update_pmtu(struct dst_entry *dst, struct sock *sk, 29 struct sk_buff *skb, u32 mtu) 30 { 31 } 32 33 static void fake_redirect(struct dst_entry *dst, struct sock *sk, 34 struct sk_buff *skb) 35 { 36 } 37 38 static u32 *fake_cow_metrics(struct dst_entry *dst, unsigned long old) 39 { 40 return NULL; 41 } 42 43 static struct neighbour *fake_neigh_lookup(const struct dst_entry *dst, 44 struct sk_buff *skb, 45 const void *daddr) 46 { 47 return NULL; 48 } 49 50 static unsigned int fake_mtu(const struct dst_entry *dst) 51 { 52 return dst->dev->mtu; 53 } 54 55 static struct dst_ops fake_dst_ops = { 56 .family = AF_INET, 57 .protocol = cpu_to_be16(ETH_P_IP), 58 .update_pmtu = fake_update_pmtu, 59 .redirect = fake_redirect, 60 .cow_metrics = fake_cow_metrics, 61 .neigh_lookup = fake_neigh_lookup, 62 .mtu = fake_mtu, 63 }; 64 65 /* 66 * Initialize bogus route table used to keep netfilter happy. 67 * Currently, we fill in the PMTU entry because netfilter 68 * refragmentation needs it, and the rt_flags entry because 69 * ipt_REJECT needs it. Future netfilter modules might 70 * require us to fill additional fields. 71 */ 72 static const u32 br_dst_default_metrics[RTAX_MAX] = { 73 [RTAX_MTU - 1] = 1500, 74 }; 75 76 void br_netfilter_rtable_init(struct net_bridge *br) 77 { 78 struct rtable *rt = &br->fake_rtable; 79 80 atomic_set(&rt->dst.__refcnt, 1); 81 rt->dst.dev = br->dev; 82 rt->dst.path = &rt->dst; 83 dst_init_metrics(&rt->dst, br_dst_default_metrics, true); 84 rt->dst.flags = DST_NOXFRM | DST_FAKE_RTABLE; 85 rt->dst.ops = &fake_dst_ops; 86 } 87 88 int __init br_nf_core_init(void) 89 { 90 return dst_entries_init(&fake_dst_ops); 91 } 92 93 void br_nf_core_fini(void) 94 { 95 dst_entries_destroy(&fake_dst_ops); 96 } 97