[PATCH 07/09]: netfilter: nf_conntrack: pass template to l4proto ->error handler

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: netfilter-devel@vger.kernel.org
Cc: Patrick McHardy <kaber@trash.net>
Subject: [PATCH 07/09]: netfilter: nf_conntrack: pass template to l4proto ->error handler
Date: Mon, 25 Jan 2010 16:37:42 +0100 (MET)	[thread overview]
Message-ID: <20100125153741.15305.8736.sendpatchset@x2.localnet> (raw)
In-Reply-To: <20100125153732.15305.68011.sendpatchset@x2.localnet>

commit 1ce077bf1a71309d206b29a02be326013735faca
Author: Patrick McHardy <kaber@trash.net>
Date:   Mon Jan 25 15:25:04 2010 +0100

    netfilter: nf_conntrack: pass template to l4proto ->error handler
    
    The error handlers might need the template to get the conntrack zone
    introduced in the next patches to perform a conntrack lookup.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h
index ca6dcf3..e3d3ee3 100644
--- a/include/net/netfilter/nf_conntrack_l4proto.h
+++ b/include/net/netfilter/nf_conntrack_l4proto.h
@@ -49,8 +49,8 @@ struct nf_conntrack_l4proto {
 	/* Called when a conntrack entry is destroyed */
 	void (*destroy)(struct nf_conn *ct);
 
-	int (*error)(struct net *net, struct sk_buff *skb, unsigned int dataoff,
-		     enum ip_conntrack_info *ctinfo,
+	int (*error)(struct net *net, struct nf_conn *tmpl, struct sk_buff *skb,
+		     unsigned int dataoff, enum ip_conntrack_info *ctinfo,
 		     u_int8_t pf, unsigned int hooknum);
 
 	/* Print out the per-protocol part of the tuple. Return like seq_* */
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 7afd39b..327826a 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -163,7 +163,8 @@ icmp_error_message(struct net *net, struct sk_buff *skb,
 
 /* Small and modified version of icmp_rcv */
 static int
-icmp_error(struct net *net, struct sk_buff *skb, unsigned int dataoff,
+icmp_error(struct net *net, struct nf_conn *tmpl,
+	   struct sk_buff *skb, unsigned int dataoff,
 	   enum ip_conntrack_info *ctinfo, u_int8_t pf, unsigned int hooknum)
 {
 	const struct icmphdr *icmph;
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index c7b8bd1..d772dc2 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -179,7 +179,8 @@ icmpv6_error_message(struct net *net,
 }
 
 static int
-icmpv6_error(struct net *net, struct sk_buff *skb, unsigned int dataoff,
+icmpv6_error(struct net *net, struct nf_conn *tmpl,
+	     struct sk_buff *skb, unsigned int dataoff,
 	     enum ip_conntrack_info *ctinfo, u_int8_t pf, unsigned int hooknum)
 {
 	const struct icmp6hdr *icmp6h;
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 19c95ff..b8b52da 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -798,7 +798,8 @@ nf_conntrack_in(struct net *net, u_int8_t pf, unsigned int hooknum,
 	 * inverse of the return code tells to the netfilter
 	 * core what to do with the packet. */
 	if (l4proto->error != NULL) {
-		ret = l4proto->error(net, skb, dataoff, &ctinfo, pf, hooknum);
+		ret = l4proto->error(net, tmpl, skb, dataoff, &ctinfo,
+				     pf, hooknum);
 		if (ret <= 0) {
 			NF_CT_STAT_INC_ATOMIC(net, error);
 			NF_CT_STAT_INC_ATOMIC(net, invalid);
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index dd37550..9a28155 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -561,8 +561,9 @@ static int dccp_packet(struct nf_conn *ct, const struct sk_buff *skb,
 	return NF_ACCEPT;
 }
 
-static int dccp_error(struct net *net, struct sk_buff *skb,
-		      unsigned int dataoff, enum ip_conntrack_info *ctinfo,
+static int dccp_error(struct net *net, struct nf_conn *tmpl,
+		      struct sk_buff *skb, unsigned int dataoff,
+		      enum ip_conntrack_info *ctinfo,
 		      u_int8_t pf, unsigned int hooknum)
 {
 	struct dccp_hdr _dh, *dh;
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index ad11805..9dd8cd4 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -760,7 +760,7 @@ static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_ACK|TH_URG) + 1] =
 };
 
 /* Protect conntrack agaist broken packets. Code taken from ipt_unclean.c.  */
-static int tcp_error(struct net *net,
+static int tcp_error(struct net *net, struct nf_conn *tmpl,
 		     struct sk_buff *skb,
 		     unsigned int dataoff,
 		     enum ip_conntrack_info *ctinfo,
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index 8d38f9a..8289088 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -91,8 +91,8 @@ static bool udp_new(struct nf_conn *ct, const struct sk_buff *skb,
 	return true;
 }
 
-static int udp_error(struct net *net, struct sk_buff *skb, unsigned int dataoff,
-		     enum ip_conntrack_info *ctinfo,
+static int udp_error(struct net *net, struct nf_conn *tmpl, struct sk_buff *skb,
+		     unsigned int dataoff, enum ip_conntrack_info *ctinfo,
 		     u_int8_t pf,
 		     unsigned int hooknum)
 {
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index 0b1bc9b..263b5a7 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -89,7 +89,7 @@ static bool udplite_new(struct nf_conn *ct, const struct sk_buff *skb,
 	return true;
 }
 
-static int udplite_error(struct net *net,
+static int udplite_error(struct net *net, struct nf_conn *tmpl,
 			 struct sk_buff *skb,
 			 unsigned int dataoff,
 			 enum ip_conntrack_info *ctinfo,

next prev parent reply	other threads:[~2010-01-25 15:37 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-01-25 15:37 [PATCH 00/09]: netfilter: CT target/conntrack zones Patrick McHardy
2010-01-25 15:37 ` [PATCH 01/09]: netfilter: add struct net * to target parameters Patrick McHardy
2010-01-25 15:37 ` [PATCH 02/09]: netfilter: nf_conntrack: split up IPCT_STATUS event Patrick McHardy
2010-01-25 15:37 ` [PATCH 03/09]: netfilter: ctnetlink: support selective event delivery Patrick McHardy
2010-01-25 15:37 ` [PATCH 04/09]: netfilter: ctnetlink: only assign helpers for matching protocols Patrick McHardy
2010-01-25 15:37 ` [PATCH 05/09]: netfilter: nf_conntrack: support conntrack templates Patrick McHardy
2010-01-25 15:37 ` [PATCH 06/09]: netfilter: xtables: add CT target Patrick McHardy
2010-01-25 16:46   ` Jan Engelhardt
2010-01-25 16:48     ` Patrick McHardy
2010-01-25 16:53       ` Jan Engelhardt
2010-01-25 16:57         ` Patrick McHardy
2010-01-25 17:33           ` Jan Engelhardt
2010-01-25 17:36             ` Patrick McHardy
2010-01-25 15:37 ` Patrick McHardy [this message]
2010-01-25 15:37 ` [PATCH 08/09]: netfilter: nf_conntrack: add support for "conntrack zones" Patrick McHardy
2010-01-25 16:50   ` Jan Engelhardt
2010-01-25 16:51     ` Patrick McHardy
2010-01-25 15:37 ` [PATCH 09/09]: netfilter: ctnetlink: add zone support Patrick McHardy
2010-01-25 16:37 ` [PATCH 00/09]: netfilter: CT target/conntrack zones Jan Engelhardt
2010-01-25 16:47   ` Patrick McHardy
2010-01-25 16:53     ` Jan Engelhardt
2010-01-26 14:05 ` Pablo Neira Ayuso
2010-01-26 14:56   ` Patrick McHardy
2010-01-26 18:44     ` Jozsef Kadlecsik

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ca6dcf3 dfblob:e3d3ee3 dfblob:7afd39b dfblob:327826a
dfblob:c7b8bd1 dfblob:d772dc2 dfblob:19c95ff dfblob:b8b52da
dfblob:dd37550 dfblob:9a28155 dfblob:ad11805 dfblob:9dd8cd4
dfblob:8d38f9a dfblob:8289088 dfblob:0b1bc9b dfblob:263b5a7 )
 OR (
bs:"[PATCH 07/09]: netfilter: nf_conntrack: pass template to l4proto ->error handler" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100125153741.15305.8736.sendpatchset@x2.localnet \
    --to=kaber@trash.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.