* [PATCH 3/8] Identify expect by its ID
@ 2005-11-08 1:44 Pablo Neira
2005-11-08 14:55 ` Harald Welte
0 siblings, 1 reply; 2+ messages in thread
From: Pablo Neira @ 2005-11-08 1:44 UTC (permalink / raw)
To: Netfilter Development Mailinglist; +Cc: Harald Welte
[-- Attachment #1: Type: text/plain, Size: 259 bytes --]
Add support to identify expectations by ID's at getting.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
[-- Attachment #2: 02-expect-id.patch --]
[-- Type: text/plain, Size: 829 bytes --]
Add support to identify expectations by ID's at getting.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Index: netfilter-2.6.14.git/net/ipv4/netfilter/ip_conntrack_netlink.c
===================================================================
--- netfilter-2.6.14.git.orig/net/ipv4/netfilter/ip_conntrack_netlink.c 2005-11-06 19:29:49.000000000 +0100
+++ netfilter-2.6.14.git/net/ipv4/netfilter/ip_conntrack_netlink.c 2005-11-06 19:49:37.000000000 +0100
@@ -1299,6 +1299,14 @@ ctnetlink_get_expect(struct sock *ctnl,
if (!exp)
return -ENOENT;
+ if (cda[CTA_EXPECT_ID-1]) {
+ u_int32_t id = *(u_int32_t *)NFA_DATA(cda[CTA_EXPECT_ID-1]);
+ if (exp->id != ntohl(id)) {
+ ip_conntrack_expect_put(exp);
+ return -ENOENT;
+ }
+ }
+
err = -ENOMEM;
skb2 = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
if (!skb2)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-11-08 14:55 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-08 1:44 [PATCH 3/8] Identify expect by its ID Pablo Neira
2005-11-08 14:55 ` Harald Welte
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.