netfilter: conntrack: remove pkt_to_tuple callback

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

GRE is now builtin, so we can handle it via direct call and
remove the callback.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Florian Westphal and committed by

Pablo Neira Ayuso 7 years ago df5e1629 751fc301

+8 -21

5 changed files

expand all

include

linux

netfilter

nf_conntrack_proto_gre.h

net

netfilter

nf_conntrack_l4proto.h

net

netfilter

nf_conntrack_core.c

nf_conntrack_proto_generic.c

nf_conntrack_proto_gre.c

include/linux/netfilter/nf_conntrack_proto_gre.h

··· 30 30 /* delete keymap entries */ 31 31 void nf_ct_gre_keymap_destroy(struct nf_conn *ct); 32 32 33 + bool gre_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff, 34 + struct net *net, struct nf_conntrack_tuple *tuple); 33 35 #endif /* __KERNEL__ */ 34 36 #endif /* _CONNTRACK_PROTO_GRE_H */

-5

include/net/netfilter/nf_conntrack_l4proto.h

··· 27 27 /* protoinfo nlattr size, closes a hole */ 28 28 u16 nlattr_size; 29 29 30 - /* Try to fill in the third arg: dataoff is offset past network protocol 31 - hdr. Return true if possible. */ 32 - bool (*pkt_to_tuple)(const struct sk_buff *skb, unsigned int dataoff, 33 - struct net *net, struct nf_conntrack_tuple *tuple); 34 - 35 30 /* Invert the per-proto part of the tuple: ie. turn xmit into reply. 36 31 * Only used by icmp, most protocols use a generic version. 37 32 */

+4 -2

net/netfilter/nf_conntrack_core.c

··· 279 279 return icmpv6_pkt_to_tuple(skb, dataoff, net, tuple); 280 280 case IPPROTO_ICMP: 281 281 return icmp_pkt_to_tuple(skb, dataoff, net, tuple); 282 + #ifdef CONFIG_NF_CT_PROTO_GRE 283 + case IPPROTO_GRE: 284 + return gre_pkt_to_tuple(skb, dataoff, net, tuple); 285 + #endif 282 286 } 283 - if (unlikely(l4proto->pkt_to_tuple)) 284 - return l4proto->pkt_to_tuple(skb, dataoff, net, tuple); 285 287 286 288 /* Actually only need first 4 bytes to get ports. */ 287 289 inet_hdr = skb_header_pointer(skb, dataoff, sizeof(_inet_hdr), &_inet_hdr);

-11

net/netfilter/nf_conntrack_proto_generic.c

··· 27 27 } 28 28 } 29 29 30 - static bool generic_pkt_to_tuple(const struct sk_buff *skb, 31 - unsigned int dataoff, 32 - struct net *net, struct nf_conntrack_tuple *tuple) 33 - { 34 - tuple->src.u.all = 0; 35 - tuple->dst.u.all = 0; 36 - 37 - return true; 38 - } 39 - 40 30 /* Returns verdict for packet, or -1 for invalid. */ 41 31 static int generic_packet(struct nf_conn *ct, 42 32 struct sk_buff *skb, ··· 139 149 const struct nf_conntrack_l4proto nf_conntrack_l4proto_generic = 140 150 { 141 151 .l4proto = 255, 142 - .pkt_to_tuple = generic_pkt_to_tuple, 143 152 .packet = generic_packet, 144 153 #ifdef CONFIG_NF_CONNTRACK_TIMEOUT 145 154 .ctnl_timeout = {

+2 -3

net/netfilter/nf_conntrack_proto_gre.c

··· 162 162 /* PUBLIC CONNTRACK PROTO HELPER FUNCTIONS */ 163 163 164 164 /* gre hdr info to tuple */ 165 - static bool gre_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff, 166 - struct net *net, struct nf_conntrack_tuple *tuple) 165 + bool gre_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff, 166 + struct net *net, struct nf_conntrack_tuple *tuple) 167 167 { 168 168 const struct pptp_gre_header *pgrehdr; 169 169 struct pptp_gre_header _pgrehdr; ··· 368 368 /* protocol helper struct */ 369 369 const struct nf_conntrack_l4proto nf_conntrack_l4proto_gre = { 370 370 .l4proto = IPPROTO_GRE, 371 - .pkt_to_tuple = gre_pkt_to_tuple, 372 371 #ifdef CONFIG_NF_CONNTRACK_PROCFS 373 372 .print_conntrack = gre_print_conntrack, 374 373 #endif