#define DEBUGP(x, args...)
#endif
-/* Standard entry. */
-struct ip6t_standard
-{
- struct ip6t_entry entry;
- struct ip6t_standard_target target;
-};
-
-struct ip6t_error_target
-{
- struct ip6t_entry_target target;
- char errorname[IP6T_FUNCTION_MAXNAMELEN];
-};
-
-struct ip6t_error
-{
- struct ip6t_entry entry;
- struct ip6t_error_target target;
-};
-
static struct
{
struct ip6t_replace repl;
0, NULL, { } },
{
/* PRE_ROUTING */
- { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
+ { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
0,
sizeof(struct ip6t_entry),
sizeof(struct ip6t_standard),
{ { { { IP6T_ALIGN(sizeof(struct ip6t_standard_target)), "" } }, { } },
-NF_ACCEPT - 1 } },
/* LOCAL_IN */
- { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
+ { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
0,
sizeof(struct ip6t_entry),
sizeof(struct ip6t_standard),
{ { { { IP6T_ALIGN(sizeof(struct ip6t_standard_target)), "" } }, { } },
-NF_ACCEPT - 1 } },
/* FORWARD */
- { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
+ { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
0,
sizeof(struct ip6t_entry),
sizeof(struct ip6t_standard),
{ { { { IP6T_ALIGN(sizeof(struct ip6t_standard_target)), "" } }, { } },
-NF_ACCEPT - 1 } },
/* LOCAL_OUT */
- { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
+ { { { { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, { { { 0 } } }, "", "", { 0 }, { 0 }, 0, 0, 0 },
0,
sizeof(struct ip6t_entry),
sizeof(struct ip6t_standard),
}
};
-static struct ip6t_table packet_mangler = {
+static struct xt_table packet_mangler = {
.name = "mangle",
.valid_hooks = MANGLE_VALID_HOOKS,
.lock = RW_LOCK_UNLOCKED,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- return ip6t_do_table(pskb, hook, in, out, &packet_mangler, NULL);
+ return ip6t_do_table(pskb, hook, in, out, &packet_mangler);
}
static unsigned int
int (*okfn)(struct sk_buff *))
{
- unsigned long nfmark;
unsigned int ret;
struct in6_addr saddr, daddr;
u_int8_t hop_limit;
- u_int32_t flowlabel;
+ u_int32_t flowlabel, mark;
#if 0
/* root is playing with raw sockets. */
}
#endif
- /* save source/dest address, nfmark, hoplimit, flowlabel, priority, */
+ /* save source/dest address, mark, hoplimit, flowlabel, priority, */
memcpy(&saddr, &(*pskb)->nh.ipv6h->saddr, sizeof(saddr));
memcpy(&daddr, &(*pskb)->nh.ipv6h->daddr, sizeof(daddr));
- nfmark = (*pskb)->nfmark;
+ mark = (*pskb)->mark;
hop_limit = (*pskb)->nh.ipv6h->hop_limit;
/* flowlabel and prio (includes version, which shouldn't change either */
flowlabel = *((u_int32_t *) (*pskb)->nh.ipv6h);
- ret = ip6t_do_table(pskb, hook, in, out, &packet_mangler, NULL);
+ ret = ip6t_do_table(pskb, hook, in, out, &packet_mangler);
- if (ret != NF_DROP && ret != NF_STOLEN
+ if (ret != NF_DROP && ret != NF_STOLEN
&& (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr))
|| memcmp(&(*pskb)->nh.ipv6h->daddr, &daddr, sizeof(daddr))
- || (*pskb)->nfmark != nfmark
- || (*pskb)->nh.ipv6h->hop_limit != hop_limit)) {
-
- /* something which could affect routing has changed */
-
- DEBUGP("ip6table_mangle: we'd need to re-route a packet\n");
- }
+ || (*pskb)->mark != mark
+ || (*pskb)->nh.ipv6h->hop_limit != hop_limit))
+ return ip6_route_me_harder(*pskb) == 0 ? ret : NF_DROP;
return ret;
}
projects / linux-drm-fsl-dcu.git / blobdiff