[netfilter-cvslog] r4082 - branches/netfilter-ha/linux-2.6/ct_sync
laforge at netfilter.org
laforge at netfilter.org
Wed Jun 29 13:49:25 CEST 2005
Author: laforge at netfilter.org
Date: 2005-06-29 13:49:25 +0200 (Wed, 29 Jun 2005)
New Revision: 4082
Modified:
branches/netfilter-ha/linux-2.6/ct_sync/ct_sync_main.c
Log:
- fix handling of masq_index=0 (no masquerading device)
- add support of MASQUERADE as kernel module
- bump version number
- add debug printk in case an already-synced connection gets an update
with more nat manips (shouldn't happen)
Modified: branches/netfilter-ha/linux-2.6/ct_sync/ct_sync_main.c
===================================================================
--- branches/netfilter-ha/linux-2.6/ct_sync/ct_sync_main.c 2005-06-29 09:05:39 UTC (rev 4081)
+++ branches/netfilter-ha/linux-2.6/ct_sync/ct_sync_main.c 2005-06-29 11:49:25 UTC (rev 4082)
@@ -62,7 +62,7 @@
#define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_conntrack_lock)
#include <linux/netfilter_ipv4/listhelp.h>
-#define CT_SYNC_VERSION "0.19"
+#define CT_SYNC_VERSION "0.20"
MODULE_LICENSE("GPL");
MODULE_AUTHOR("KOVACS Krisztian <hidden at sch.bme.hu>, Harald Welte <laforge at netfilter.org>");
@@ -151,7 +151,9 @@
{
struct ct_sync_msghdr *hdr = buff;
struct ct_sync_conntrack *sct = buff + sizeof(*hdr);
-#ifdef CONFIG_IP_NF_TARGET_MASQUERADE
+
+#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) \
+ || defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
struct net_device *masq_dev;
#endif
@@ -212,13 +214,20 @@
sct->nat_helper[0] = '\0';
memcpy(&sct->nat_seq, &nat->seq, sizeof(sct->nat_seq));
-#ifdef CONFIG_IP_NF_TARGET_MASQUERADE
- if ((masq_dev = dev_get_by_index(ct->nat.masq_index)) != NULL) {
- memcpy(&sct->nat_masq_iface, &masq_dev->name, sizeof(masq_dev->name));
- dev_put(masq_dev);
- } else {
- CT_SYNC_ERR("unable to find device for masq_index %u\n", ct->nat.masq_index);
- sct->nat_masq_iface[0] = '\0';
+#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) \
+ || defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
+ if (ct->nat.masq_index) {
+ masq_dev = dev_get_by_index(ct->nat.masq_index);
+ if (masq_dev) {
+ memcpy(sct->nat_masq_iface, masq_dev->name,
+ sizeof(masq_dev->name));
+ dev_put(masq_dev);
+ } else {
+ CT_SYNC_ERR("unable to find device for "
+ "masq_index %u\n",
+ ct->nat.masq_index);
+ sct->nat_masq_iface[0] = '\0';
+ }
}
#endif
} else
@@ -289,10 +298,10 @@
/* if there are more manips initialized in sct than in ct, update ct */
if (unlikely(sct->nat_num_manips > ct->nat.info.num_manips)) {
int m;
+ printk(KERN_DEBUG "more manips than first sync !!!\n");
for (m = ct->nat.info.num_manips; m < sct->nat_num_manips; m++) {
- memcpy(&ct->nat.info.manips[m],
- &sct->nat_manips[m],
- sizeof(struct ip_nat_info_manip));
+ memcpy(&ct->nat.info.manips[m], &sct->nat_manips[m],
+ sizeof(struct ip_nat_info_manip));
}
ct->nat.info.num_manips = sct->nat_num_manips;
@@ -348,7 +357,8 @@
if (likely(sct->nat_initialized &&
sct->nat_num_manips <= IP_NAT_MAX_MANIPS)) {
-#ifdef CONFIG_IP_NF_TARGET_MASQUERADE
+#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) \
+ || defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
struct net_device *masq_dev;
#endif
@@ -378,13 +388,20 @@
memcpy(&nat->seq, &sct->nat_seq, sizeof(nat->seq));
}
-#ifdef CONFIG_IP_NF_TARGET_MASQUERADE
- if ((masq_dev = dev_get_by_name(sct->nat_masq_iface)) != NULL) {
- ct->nat.masq_index = masq_dev->ifindex;
- dev_put(masq_dev);
+#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) \
+ || defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE)
+ if (sct->nat_masq_iface[0] != '\0') {
+ masq_dev = dev_get_by_name(sct->nat_masq_iface);
+ if (masq_dev) {
+ ct->nat.masq_index = masq_dev->ifindex;
+ dev_put(masq_dev);
+ } else {
+ CT_SYNC_ERR("no ifindex for dev %s\n",
+ sct->nat_masq_iface);
+ ct->nat.masq_index = 0;
+ }
} else {
- /* FIXME: is 0 a valid ifindex? */
- CT_SYNC_ERR("unable to get ifindex for device %s\n", sct->nat_masq_iface);
+ /* no masquerading for this connection */
ct->nat.masq_index = 0;
}
#endif
More information about the netfilter-cvslog
mailing list