From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netfilter-devel@lists.netfilter.org, Patrick McHardy <kaber@trash.net>
Subject: [NETFILTER 05/06]: ip_queue/nfnetlink_queue: drop bridge port references when dev disappears
Date: Mon, 26 Jun 2006 17:43:13 +0200 (MEST) [thread overview]
Message-ID: <20060626154313.11682.382.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20060626154307.11682.28562.sendpatchset@localhost.localdomain>
[NETFILTER]: ip_queue/nfnetlink_queue: drop bridge port references when dev disappears
When a device that is acting as a bridge port is unregistered, the
ip_queue/nfnetlink_queue notifier doesn't check if its one of
physindev/physoutdev and doesn't release the references if it is.
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 5e9d63f46ae2805245fcc9ec58f844d1347bd469
tree 96f0d37e0f70100ba2b31b7eaa5453125a4d6ac4
parent 9565b859bc682e4c208f73e83adb21a7f86d0143
author Patrick McHardy <kaber@trash.net> Mon, 26 Jun 2006 17:15:02 +0200
committer Patrick McHardy <kaber@trash.net> Mon, 26 Jun 2006 17:15:02 +0200
net/ipv4/netfilter/ip_queue.c | 12 ++++++++++--
net/netfilter/nfnetlink_queue.c | 12 ++++++++++--
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index b93f049..213d116 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, u
if (entry->info->indev)
if (entry->info->indev->ifindex == ifindex)
return 1;
-
if (entry->info->outdev)
if (entry->info->outdev->ifindex == ifindex)
return 1;
-
+#ifdef CONFIG_BRIDGE_NETFILTER
+ if (entry->skb->nf_bridge) {
+ if (entry->skb->nf_bridge->physindev &&
+ entry->skb->nf_bridge->physindev->ifindex == ifindex)
+ return 1;
+ if (entry->skb->nf_bridge->physoutdev &&
+ entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+ return 1;
+ }
+#endif
return 0;
}
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 86a4ac3..49ef41e 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -680,11 +680,19 @@ dev_cmp(struct nfqnl_queue_entry *entry,
if (entinf->indev)
if (entinf->indev->ifindex == ifindex)
return 1;
-
if (entinf->outdev)
if (entinf->outdev->ifindex == ifindex)
return 1;
-
+#ifdef CONFIG_BRIDGE_NETFILTER
+ if (entry->skb->nf_bridge) {
+ if (entry->skb->nf_bridge->physindev &&
+ entry->skb->nf_bridge->physindev->ifindex == ifindex)
+ return 1;
+ if (entry->skb->nf_bridge->physoutdev &&
+ entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+ return 1;
+ }
+#endif
return 0;
}
next prev parent reply other threads:[~2006-06-26 15:43 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-26 15:43 [NETFILTER 00/06]: Netfilter Update Patrick McHardy
2006-06-26 15:43 ` [NETFILTER 01/06]: x_tables: fix xt_register_table error propagation Patrick McHardy
2006-06-26 15:43 ` [NETFILTER 02/06]: nf_conntrack: Fix undefined references to local_bh_* Patrick McHardy
2006-06-26 15:43 ` [NETFILTER 03/06]: xt_tcpudp: fix double unregistration in error path Patrick McHardy
2006-06-26 15:43 ` [NETFILTER 04/06]: xt_sctp: fix --chunk-types matching Patrick McHardy
2006-06-26 15:43 ` Patrick McHardy [this message]
2006-06-26 15:43 ` [NETFILTER 06/06]: statistic match: add missing Kconfig help text Patrick McHardy
2006-06-27 10:02 ` [NETFILTER 00/06]: Netfilter Update David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060626154313.11682.382.sendpatchset@localhost.localdomain \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.