[netfilter-cvslog] r3244 - trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter

/C=DE/ST=Berlin/L=Berlin/O=Netfilter /C=DE/ST=Berlin/L=Berlin/O=Netfilter
Wed Oct 20 18:24:30 CEST 2004 

Author: /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge at netfilter.org
Date: 2004-10-20 18:24:29 +0200 (Wed, 20 Oct 2004)
New Revision: 3244

Modified:
   trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c
Log:
clean up the code a bit, fix bug regarding missing struct initialization


Modified: trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c
===================================================================
--- trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c	2004-10-20 15:27:16 UTC (rev 3243)
+++ trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c	2004-10-20 16:24:29 UTC (rev 3244)
@@ -387,14 +387,6 @@
 		sctp_sctphdr_t sctph;
 	} hdr_u, *ptr_u;
 
-#if 0
-	union {
-		struct tcphdr *th;
-		struct udphdr *uh;
-		sctp_sctphdr_t  *scth;
-	} ptr_u;
-#endif
-
 	/* Must not be a fragment. */
 	if (offset)
 		return 1;
@@ -444,30 +436,25 @@
 	struct dsthash_ent *dh;
 	struct dsthash_dst dst;
 
+	/* build 'dst' according to hinfo->cfg and current packet */
+	memset(&dst, 0, sizeof(dst));
 	if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DIP)
 		dst.dst_ip = skb->nh.iph->daddr;
-	else
-		dst.dst_ip = 0;
-
-	/* source ip only if respective hashmode */
 	if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SIP)
 		dst.src_ip = skb->nh.iph->saddr;
-	else
-		dst.src_ip = 0;
-
-	/* ports only if respective mode */
 	if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT
 	    ||hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT) {
-		if (get_ports(skb, offset, (u_int16_t *)&dst.src_port)) {
+		u_int16_t ports[2];
+		if (get_ports(skb, offset, &ports)) {
 			/* We've been asked to examine this packet, and we
 		 	  can't.  Hence, no choice but to drop. */
 			*hotdrop = 1;
 			return 0;
 		}
-		if (!(hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT))
-			dst.dst_port = 0;
-		if (!(hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT))
-			dst.src_port = 0;
+		if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT)
+			dst.src_port = ports[0];
+		if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT)
+			dst.dst_port = ports[1];
 	} 
 
 	LOCK_BH(&hinfo->lock);
@@ -567,7 +554,6 @@
 }
 
 static struct ipt_match ipt_hashlimit = { 
-	.list = { .prev = NULL, .next = NULL }, 
 	.name = "hashlimit", 
 	.match = hashlimit_match, 
 	.checkentry = hashlimit_checkentry,

More information about the netfilter-cvslog mailing list