Merge branch 'master' of ../nf-2.6 · tjh.dev/kernel@e8a96f6

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

Merge branch 'master' of ../nf-2.6

Patrick McHardy 16 years ago e8a96f69 c01ae818

+13 -22

4 changed files

expand all

include

linux

netfilter

nf_conntrack_tuple_common.h

netfilter_ipv6

ip6_tables.h

net

bridge

netfilter

ebt_ip6.c

netfilter

ipvs

ip_vs_ftp.c

+1 -2

include/linux/netfilter/nf_conntrack_tuple_common.h

··· 1 1 #ifndef _NF_CONNTRACK_TUPLE_COMMON_H 2 2 #define _NF_CONNTRACK_TUPLE_COMMON_H 3 3 4 - enum ip_conntrack_dir 5 - { 4 + enum ip_conntrack_dir { 6 5 IP_CT_DIR_ORIGINAL, 7 6 IP_CT_DIR_REPLY, 8 7 IP_CT_DIR_MAX

-4

include/linux/netfilter_ipv6/ip6_tables.h

··· 316 316 extern int ipv6_find_hdr(const struct sk_buff *skb, unsigned int *offset, 317 317 int target, unsigned short *fragoff); 318 318 319 - extern int ip6_masked_addrcmp(const struct in6_addr *addr1, 320 - const struct in6_addr *mask, 321 - const struct in6_addr *addr2); 322 - 323 319 #define IP6T_ALIGN(s) XT_ALIGN(s) 324 320 325 321 #ifdef CONFIG_COMPAT

+4 -14

net/bridge/netfilter/ebt_ip6.c

··· 35 35 struct ipv6hdr _ip6h; 36 36 const struct tcpudphdr *pptr; 37 37 struct tcpudphdr _ports; 38 - struct in6_addr tmp_addr; 39 - int i; 40 38 41 39 ih6 = skb_header_pointer(skb, 0, sizeof(_ip6h), &_ip6h); 42 40 if (ih6 == NULL) ··· 42 44 if (info->bitmask & EBT_IP6_TCLASS && 43 45 FWINV(info->tclass != ipv6_get_dsfield(ih6), EBT_IP6_TCLASS)) 44 46 return false; 45 - for (i = 0; i < 4; i++) 46 - tmp_addr.in6_u.u6_addr32[i] = ih6->saddr.in6_u.u6_addr32[i] & 47 - info->smsk.in6_u.u6_addr32[i]; 48 - if (info->bitmask & EBT_IP6_SOURCE && 49 - FWINV((ipv6_addr_cmp(&tmp_addr, &info->saddr) != 0), 50 - EBT_IP6_SOURCE)) 51 - return false; 52 - for (i = 0; i < 4; i++) 53 - tmp_addr.in6_u.u6_addr32[i] = ih6->daddr.in6_u.u6_addr32[i] & 54 - info->dmsk.in6_u.u6_addr32[i]; 55 - if (info->bitmask & EBT_IP6_DEST && 56 - FWINV((ipv6_addr_cmp(&tmp_addr, &info->daddr) != 0), EBT_IP6_DEST)) 47 + if (FWINV(ipv6_masked_addr_cmp(&ih6->saddr, &info->smsk, 48 + &info->saddr), EBT_IP6_SOURCE) || 49 + FWINV(ipv6_masked_addr_cmp(&ih6->daddr, &info->dmsk, 50 + &info->daddr), EBT_IP6_DEST)) 57 51 return false; 58 52 if (info->bitmask & EBT_IP6_PROTO) { 59 53 uint8_t nexthdr = ih6->nexthdr;

+8 -2

net/netfilter/ipvs/ip_vs_ftp.c

··· 208 208 */ 209 209 from.ip = n_cp->vaddr.ip; 210 210 port = n_cp->vport; 211 - sprintf(buf, "%u,%u,%u,%u,%u,%u", NIPQUAD(from.ip), 212 - (ntohs(port)>>8)&255, ntohs(port)&255); 211 + snprintf(buf, sizeof(buf), "%u,%u,%u,%u,%u,%u", 212 + ((unsigned char *)&from.ip)[0], 213 + ((unsigned char *)&from.ip)[1], 214 + ((unsigned char *)&from.ip)[2], 215 + ((unsigned char *)&from.ip)[3], 216 + ntohs(port) >> 8, 217 + ntohs(port) & 0xFF); 218 + 213 219 buf_len = strlen(buf); 214 220 215 221 /*