[netfilter-cvslog] r3244 -
trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter
/C=DE/ST=Berlin/L=Berlin/O=Netfilter
/C=DE/ST=Berlin/L=Berlin/O=Netfilter
Wed Oct 20 18:24:30 CEST 2004
Author: /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge at netfilter.org
Date: 2004-10-20 18:24:29 +0200 (Wed, 20 Oct 2004)
New Revision: 3244
Modified:
trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c
Log:
clean up the code a bit, fix bug regarding missing struct initialization
Modified: trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c
===================================================================
--- trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c 2004-10-20 15:27:16 UTC (rev 3243)
+++ trunk/patch-o-matic-ng/hashlimit/linux-2.6/net/ipv4/netfilter/ipt_hashlimit.c 2004-10-20 16:24:29 UTC (rev 3244)
@@ -387,14 +387,6 @@
sctp_sctphdr_t sctph;
} hdr_u, *ptr_u;
-#if 0
- union {
- struct tcphdr *th;
- struct udphdr *uh;
- sctp_sctphdr_t *scth;
- } ptr_u;
-#endif
-
/* Must not be a fragment. */
if (offset)
return 1;
@@ -444,30 +436,25 @@
struct dsthash_ent *dh;
struct dsthash_dst dst;
+ /* build 'dst' according to hinfo->cfg and current packet */
+ memset(&dst, 0, sizeof(dst));
if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DIP)
dst.dst_ip = skb->nh.iph->daddr;
- else
- dst.dst_ip = 0;
-
- /* source ip only if respective hashmode */
if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SIP)
dst.src_ip = skb->nh.iph->saddr;
- else
- dst.src_ip = 0;
-
- /* ports only if respective mode */
if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT
||hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT) {
- if (get_ports(skb, offset, (u_int16_t *)&dst.src_port)) {
+ u_int16_t ports[2];
+ if (get_ports(skb, offset, &ports)) {
/* We've been asked to examine this packet, and we
can't. Hence, no choice but to drop. */
*hotdrop = 1;
return 0;
}
- if (!(hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT))
- dst.dst_port = 0;
- if (!(hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT))
- dst.src_port = 0;
+ if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT)
+ dst.src_port = ports[0];
+ if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT)
+ dst.dst_port = ports[1];
}
LOCK_BH(&hinfo->lock);
@@ -567,7 +554,6 @@
}
static struct ipt_match ipt_hashlimit = {
- .list = { .prev = NULL, .next = NULL },
.name = "hashlimit",
.match = hashlimit_match,
.checkentry = hashlimit_checkentry,
More information about the netfilter-cvslog
mailing list