[netfilter-cvslog] r4024 - in
trunk/patch-o-matic-ng/patchlets/time/linux-2.6:
include/linux/netfilter_ipv4 net/ipv4/netfilter
laforge at netfilter.org
laforge at netfilter.org
Mon Jun 27 12:52:12 CEST 2005
Author: laforge at netfilter.org
Date: 2005-06-27 12:52:11 +0200 (Mon, 27 Jun 2005)
New Revision: 4024
Modified:
trunk/patch-o-matic-ng/patchlets/time/linux-2.6/include/linux/netfilter_ipv4/ipt_time.h
trunk/patch-o-matic-ng/patchlets/time/linux-2.6/net/ipv4/netfilter/ipt_time.c
Log:
This patch fixes time match when skb->stamp.tv_sec is 0 (Krzysztof Oledzki <olenf at ans.pl>)
Modified: trunk/patch-o-matic-ng/patchlets/time/linux-2.6/include/linux/netfilter_ipv4/ipt_time.h
===================================================================
--- trunk/patch-o-matic-ng/patchlets/time/linux-2.6/include/linux/netfilter_ipv4/ipt_time.h 2005-06-27 09:18:41 UTC (rev 4023)
+++ trunk/patch-o-matic-ng/patchlets/time/linux-2.6/include/linux/netfilter_ipv4/ipt_time.h 2005-06-27 10:52:11 UTC (rev 4024)
@@ -6,7 +6,10 @@
u_int8_t days_match; /* 1 bit per day. -SMTWTFS */
u_int16_t time_start; /* 0 < time_start < 23*60+59 = 1439 */
u_int16_t time_stop; /* 0:0 < time_stat < 23:59 */
+
+ /* FIXME: Keep this one for userspace iptables binary compability: */
u_int8_t kerneltime; /* ignore skb time (and use kerneltime) or not. */
+
time_t date_start;
time_t date_stop;
};
Modified: trunk/patch-o-matic-ng/patchlets/time/linux-2.6/net/ipv4/netfilter/ipt_time.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/time/linux-2.6/net/ipv4/netfilter/ipt_time.c 2005-06-27 09:18:41 UTC (rev 4023)
+++ trunk/patch-o-matic-ng/patchlets/time/linux-2.6/net/ipv4/netfilter/ipt_time.c 2005-06-27 10:52:11 UTC (rev 4024)
@@ -54,24 +54,17 @@
struct tm currenttime; /* time human readable */
u_int8_t days_of_week[7] = {64, 32, 16, 8, 4, 2, 1};
u_int16_t packet_time;
- struct timeval kerneltimeval;
- time_t packet_local_time;
- /* if kerneltime=1, we don't read the skb->timestamp but kernel time instead */
- if (info->kerneltime)
- {
- do_gettimeofday(&kerneltimeval);
- packet_local_time = kerneltimeval.tv_sec;
- }
- else
- packet_local_time = skb->stamp.tv_sec;
+ /* We might not have a timestamp, get one */
+ if (skb->stamp.tv_sec == 0)
+ do_gettimeofday((struct timeval *)&skb->stamp);
/* First we make sure we are in the date start-stop boundaries */
- if ((packet_local_time < info->date_start) || (packet_local_time > info->date_stop))
+ if ((skb->stamp.tv_sec < info->date_start) || (skb->stamp.tv_sec > info->date_stop))
return 0; /* We are outside the date boundaries */
/* Transform the timestamp of the packet, in a human readable form */
- localtime(&packet_local_time, ¤ttime);
+ localtime(&skb->stamp.tv_sec, ¤ttime);
/* check if we match this timestamp, we start by the days... */
if ((days_of_week[currenttime.tm_wday] & info->days_match) != days_of_week[currenttime.tm_wday])
@@ -102,11 +95,6 @@
printk("ipt_time: error, only valid for PRE_ROUTING, LOCAL_IN, FORWARD and OUTPUT)\n");
return 0;
}
- /* we use the kerneltime if we are in forward or output */
- info->kerneltime = 1;
- if (hook_mask & ~((1 << NF_IP_FORWARD) | (1 << NF_IP_LOCAL_OUT)))
- /* we use the skb time */
- info->kerneltime = 0;
/* Check the size */
if (matchsize != IPT_ALIGN(sizeof(struct ipt_time_info)))
More information about the netfilter-cvslog
mailing list