From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 01/53] netfilter: gre: Use consistent GRE_* macros instead of ones defined by netfilter.
Date: Mon, 26 Sep 2016 01:06:11 +0200 [thread overview]
Message-ID: <1474844823-2026-2-git-send-email-pablo@netfilter.org> (raw)
In-Reply-To: <1474844823-2026-1-git-send-email-pablo@netfilter.org>
From: Gao Feng <fgao@ikuai8.com>
There are already some GRE_* macros in kernel, so it is unnecessary
to define these macros. And remove some useless macros
Signed-off-by: Gao Feng <fgao@ikuai8.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
include/linux/netfilter/nf_conntrack_proto_gre.h | 22 ++--------------------
include/uapi/linux/if_tunnel.h | 1 +
net/ipv4/netfilter/nf_nat_proto_gre.c | 4 ++--
net/netfilter/nf_conntrack_proto_gre.c | 4 ++--
4 files changed, 7 insertions(+), 24 deletions(-)
diff --git a/include/linux/netfilter/nf_conntrack_proto_gre.h b/include/linux/netfilter/nf_conntrack_proto_gre.h
index df78dc2b5524..0189747f2691 100644
--- a/include/linux/netfilter/nf_conntrack_proto_gre.h
+++ b/include/linux/netfilter/nf_conntrack_proto_gre.h
@@ -1,29 +1,11 @@
#ifndef _CONNTRACK_PROTO_GRE_H
#define _CONNTRACK_PROTO_GRE_H
#include <asm/byteorder.h>
+#include <net/gre.h>
+#include <net/pptp.h>
/* GRE PROTOCOL HEADER */
-/* GRE Version field */
-#define GRE_VERSION_1701 0x0
-#define GRE_VERSION_PPTP 0x1
-
-/* GRE Protocol field */
-#define GRE_PROTOCOL_PPTP 0x880B
-
-/* GRE Flags */
-#define GRE_FLAG_C 0x80
-#define GRE_FLAG_R 0x40
-#define GRE_FLAG_K 0x20
-#define GRE_FLAG_S 0x10
-#define GRE_FLAG_A 0x80
-
-#define GRE_IS_C(f) ((f)&GRE_FLAG_C)
-#define GRE_IS_R(f) ((f)&GRE_FLAG_R)
-#define GRE_IS_K(f) ((f)&GRE_FLAG_K)
-#define GRE_IS_S(f) ((f)&GRE_FLAG_S)
-#define GRE_IS_A(f) ((f)&GRE_FLAG_A)
-
/* GRE is a mess: Four different standards */
struct gre_hdr {
#if defined(__LITTLE_ENDIAN_BITFIELD)
diff --git a/include/uapi/linux/if_tunnel.h b/include/uapi/linux/if_tunnel.h
index 9865c8caedde..fb7337d6b985 100644
--- a/include/uapi/linux/if_tunnel.h
+++ b/include/uapi/linux/if_tunnel.h
@@ -39,6 +39,7 @@
#define GRE_IS_REC(f) ((f) & GRE_REC)
#define GRE_IS_ACK(f) ((f) & GRE_ACK)
+#define GRE_VERSION_0 __cpu_to_be16(0x0000)
#define GRE_VERSION_1 __cpu_to_be16(0x0001)
#define GRE_PROTO_PPP __cpu_to_be16(0x880b)
#define GRE_PPTP_KEY_MASK __cpu_to_be32(0xffff)
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c
index 9414923f1e15..93198d71dbb6 100644
--- a/net/ipv4/netfilter/nf_nat_proto_gre.c
+++ b/net/ipv4/netfilter/nf_nat_proto_gre.c
@@ -104,11 +104,11 @@ gre_manip_pkt(struct sk_buff *skb,
if (maniptype != NF_NAT_MANIP_DST)
return true;
switch (greh->version) {
- case GRE_VERSION_1701:
+ case ntohs(GRE_VERSION_0):
/* We do not currently NAT any GREv0 packets.
* Try to behave like "nf_nat_proto_unknown" */
break;
- case GRE_VERSION_PPTP:
+ case ntohs(GRE_VERSION_1):
pr_debug("call_id -> 0x%04x\n", ntohs(tuple->dst.u.gre.key));
pgreh->call_id = tuple->dst.u.gre.key;
break;
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index a96451a7af20..deb239a014e4 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -200,7 +200,7 @@ static bool gre_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff,
/* first only delinearize old RFC1701 GRE header */
grehdr = skb_header_pointer(skb, dataoff, sizeof(_grehdr), &_grehdr);
- if (!grehdr || grehdr->version != GRE_VERSION_PPTP) {
+ if (!grehdr || grehdr->version != ntohs(GRE_VERSION_1)) {
/* try to behave like "nf_conntrack_proto_generic" */
tuple->src.u.all = 0;
tuple->dst.u.all = 0;
@@ -212,7 +212,7 @@ static bool gre_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff,
if (!pgrehdr)
return true;
- if (ntohs(grehdr->protocol) != GRE_PROTOCOL_PPTP) {
+ if (grehdr->protocol != GRE_PROTO_PPP) {
pr_debug("GRE_VERSION_PPTP but unknown proto\n");
return false;
}
--
2.1.4
next prev parent reply other threads:[~2016-09-25 23:07 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-25 23:06 [PATCH 00/53] Netfilter updates for net-next Pablo Neira Ayuso
2016-09-25 23:06 ` Pablo Neira Ayuso [this message]
2016-09-25 23:06 ` [PATCH 02/53] netfilter: gre: Use consistent GRE and PTTP header structure instead of the ones defined by netfilter Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 03/53] netfilter: nf_ct_sip: correct parsing of continuation lines in SIP headers Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 04/53] netfilter: nf_ct_sip: correct allowed characters in Call-ID SIP header Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 05/53] netfilter: ftp: Remove the useless dlen==0 condition check in find_pattern Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 06/53] netfilter: ftp: Remove the useless code Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 07/53] netfilter: nft_numgen: rename until attribute by modulus Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 08/53] netfilter: nft_quota: fix overquota logic Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 09/53] netfilter: nft_quota: introduce nft_overquota() Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 10/53] netfilter: nf_ct_sip: allow tab character in SIP headers Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 11/53] netfilter: nft_queue: check the validation of queues_total and queuenum Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 12/53] netfilter: nf_conntrack: remove unused ctl_table_path member in nf_conntrack_l3proto Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 13/53] netfilter: nft_hash: Add hash offset value Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 14/53] netfilter: nft_dynset: allow to invert match criteria Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 15/53] netfilter: nf_tables: ensure proper initialization of nft_pktinfo fields Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 16/53] netfilter: nf_tables_ipv6: setup pktinfo transport field on failure to parse Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 17/53] netfilter: introduce nft_set_pktinfo_{ipv4, ipv6}_validate() Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 18/53] netfilter: nf_tables_bridge: use nft_set_pktinfo_ipv{4, 6}_validate Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 19/53] netfilter: nf_tables: don't drop IPv6 packets that cannot parse transport Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 20/53] netfilter: nf_conntrack: simplify __nf_ct_try_assign_helper() return logic Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 21/53] netfilter: Add the missed return value check of register_netdevice_notifier Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 22/53] netfilter: Add the missed return value check of nft_register_chain_type Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 23/53] netfilter: nf_queue: get rid of dependency on IP6_NF_IPTABLES Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 24/53] netfilter: conntrack: remove packet hotpath stats Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 25/53] netfilter: nft_numgen: fix race between num generate and store it Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 26/53] netfilter: nft_hash: fix hash overflow validation Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 27/53] netfilter: nft_numgen: add number generation offset Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 28/53] netfilter: nf_tables: validate maximum value of u32 netlink attributes Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 29/53] netfilter: nft_queue: add _SREG_QNUM attr to select the queue number Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 30/53] netfilter: nf_queue: improve queue range support for bridge family Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 31/53] netfilter: nf_tables: improve nft payload fast eval Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 32/53] netfilter: nf_tables: check tprot_set first when we use xt.thoff Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 33/53] netfilter: Enhance the codes used to get random once Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 34/53] netfilter: xt_helper: Use sizeof(variable) instead of literal number Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 35/53] netfilter: nft_lookup: remove superfluous element found check Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 36/53] netfilter: xt_TCPMSS: Refactor the codes to decrease one condition check and more readable Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 37/53] netfilter: bridge: add and use br_nf_hook_thresh Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 38/53] netfilter: call nf_hook_state_init with rcu_read_lock held Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 39/53] netfilter: call nf_hook_ingress with rcu_read_lock Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 40/53] netfilter: Remove explicit rcu_read_lock in nf_hook_slow Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 41/53] netfilter: Only allow sane values in nf_register_net_hook Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 42/53] netfilter: nf_queue: whitespace cleanup Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 43/53] netfilter: replace list_head with single linked list Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 44/53] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 45/53] netfilter: nft_ct: unnecessary to require dir when use ct l3proto/protocol Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 46/53] netfilter: nft_ct: report error if mark and dir specified simultaneously Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 47/53] netfilter: xt_hashlimit: Prepare for revision 2 Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 48/53] netfilter: xt_hashlimit: Create revision 2 to support higher pps rates Pablo Neira Ayuso
2016-09-25 23:06 ` [PATCH 49/53] netfilter: evict stale entries when user reads /proc/net/nf_conntrack Pablo Neira Ayuso
2016-09-25 23:07 ` [PATCH 50/53] netfilter: xt_socket: fix transparent match for IPv6 request sockets Pablo Neira Ayuso
2016-09-25 23:07 ` [PATCH 51/53] netfilter: nf_tables: add range expression Pablo Neira Ayuso
2016-09-25 23:07 ` [PATCH 52/53] netfilter: nft_log: complete NFTA_LOG_FLAGS attr support Pablo Neira Ayuso
2016-09-25 23:07 ` [PATCH 53/53] netfilter: nf_log: get rid of XT_LOG_* macros Pablo Neira Ayuso
2016-09-26 1:05 ` [PATCH 00/53] Netfilter updates for net-next David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1474844823-2026-2-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).