]> git.karo-electronics.de Git - mv-sheeva.git/blobdiff - net/bridge/br_netfilter.c
projects / mv-sheeva.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge tag 'v2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
[mv-sheeva.git] / net / bridge / br_netfilter.c
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 865fd7634b673d4233c8a6758e2426db55696514..4b5b66d07bba7d43a521d2f450386ceea1bf2ca9 100644 (file)
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -124,24 +124,25 @@ void br_netfilter_rtable_init(struct net_bridge *br)
        atomic_set(&rt->dst.__refcnt, 1);
        rt->dst.dev = br->dev;
        rt->dst.path = &rt->dst;
-       rt->dst.metrics[RTAX_MTU - 1] = 1500;
+       dst_metric_set(&rt->dst, RTAX_MTU, 1500);
        rt->dst.flags   = DST_NOXFRM;
        rt->dst.ops = &fake_dst_ops;
 }
 
 static inline struct rtable *bridge_parent_rtable(const struct net_device *dev)
 {
-       if (!br_port_exists(dev))
-               return NULL;
-       return &br_port_get_rcu(dev)->br->fake_rtable;
+       struct net_bridge_port *port;
+
+       port = br_port_get_rcu(dev);
+       return port ? &port->br->fake_rtable : NULL;
 }
 
 static inline struct net_device *bridge_parent(const struct net_device *dev)
 {
-       if (!br_port_exists(dev))
-               return NULL;
+       struct net_bridge_port *port;
 
-       return br_port_get_rcu(dev)->br->dev;
+       port = br_port_get_rcu(dev);
+       return port ? port->br->dev : NULL;
 }
 
 static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
@@ -412,13 +413,8 @@ static int br_nf_pre_routing_finish(struct sk_buff *skb)
        if (dnat_took_place(skb)) {
                if ((err = ip_route_input(skb, iph->daddr, iph->saddr, iph->tos, dev))) {
                        struct flowi fl = {
-                               .nl_u = {
-                                       .ip4_u = {
-                                                .daddr = iph->daddr,
-                                                .saddr = 0,
-                                                .tos = RT_TOS(iph->tos) },
-                               },
-                               .proto = 0,
+                               .fl4_dst = iph->daddr,
+                               .fl4_tos = RT_TOS(iph->tos),
                        };
                        struct in_device *in_dev = __in_dev_get_rcu(dev);
 
@@ -566,26 +562,26 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
        u32 pkt_len;
 
        if (skb->len < sizeof(struct ipv6hdr))
-               goto inhdr_error;
+               return NF_DROP;
 
        if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
-               goto inhdr_error;
+               return NF_DROP;
 
        hdr = ipv6_hdr(skb);
 
        if (hdr->version != 6)
-               goto inhdr_error;
+               return NF_DROP;
 
        pkt_len = ntohs(hdr->payload_len);
 
        if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) {
                if (pkt_len + sizeof(struct ipv6hdr) > skb->len)
-                       goto inhdr_error;
+                       return NF_DROP;
                if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr)))
-                       goto inhdr_error;
+                       return NF_DROP;
        }
        if (hdr->nexthdr == NEXTHDR_HOP && check_hbh_len(skb))
-               goto inhdr_error;
+               return NF_DROP;
 
        nf_bridge_put(skb->nf_bridge);
        if (!nf_bridge_alloc(skb))
@@ -598,9 +594,6 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
                br_nf_pre_routing_finish_ipv6);
 
        return NF_STOLEN;
-
-inhdr_error:
-       return NF_DROP;
 }
 
 /* Direct IPv6 traffic to br_nf_pre_routing_ipv6.
@@ -619,11 +612,11 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff *skb,
        __u32 len = nf_bridge_encap_header_len(skb);
 
        if (unlikely(!pskb_may_pull(skb, len)))
-               goto out;
+               return NF_DROP;
 
        p = br_port_get_rcu(in);
        if (p == NULL)
-               goto out;
+               return NF_DROP;
        br = p->br;
 
        if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb) ||
@@ -645,8 +638,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff *skb,
        nf_bridge_pull_encap_header_rcsum(skb);
 
        if (br_parse_ip_options(skb))
-               /* Drop invalid packet */
-               goto out;
+               return NF_DROP;
 
        nf_bridge_put(skb->nf_bridge);
        if (!nf_bridge_alloc(skb))
@@ -660,9 +652,6 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff *skb,
                br_nf_pre_routing_finish);
 
        return NF_STOLEN;
-
-out:
-       return NF_DROP;
 }
 
 
Linux for Marvell Sheeva based platforms