static LIST_HEAD(queue_list);
static DEFINE_MUTEX(ipqnl_mutex);
-static void
-ipq_issue_verdict(struct nf_queue_entry *entry, int verdict)
-{
- local_bh_disable();
- nf_reinject(entry, verdict);
- local_bh_enable();
-}
-
static inline void
__ipq_enqueue_entry(struct nf_queue_entry *entry)
{
if (!cmpfn || cmpfn(entry, data)) {
list_del(&entry->list);
queue_total--;
- ipq_issue_verdict(entry, NF_DROP);
+ nf_reinject(entry, NF_DROP);
}
}
}
ipq_mangle_ipv6(ipq_verdict_msg_t *v, struct nf_queue_entry *e)
{
int diff;
- int err;
struct ipv6hdr *user_iph = (struct ipv6hdr *)v->payload;
+ struct sk_buff *nskb;
if (v->data_len < sizeof(*user_iph))
return 0;
if (v->data_len > 0xFFFF)
return -EINVAL;
if (diff > skb_tailroom(e->skb)) {
- err = pskb_expand_head(e->skb, 0,
+ nskb = skb_copy_expand(e->skb, 0,
diff - skb_tailroom(e->skb),
GFP_ATOMIC);
- if (err) {
+ if (!nskb) {
printk(KERN_WARNING "ip6_queue: OOM "
"in mangle, dropping packet\n");
- return err;
+ return -ENOMEM;
}
+ kfree_skb(e->skb);
+ e->skb = nskb;
}
skb_put(e->skb, diff);
}
if (ipq_mangle_ipv6(vmsg, entry) < 0)
verdict = NF_DROP;
- ipq_issue_verdict(entry, verdict);
+ nf_reinject(entry, verdict);
return 0;
}
}
.notifier_call = ipq_rcv_nl_event,
};
+#ifdef CONFIG_SYSCTL
static struct ctl_table_header *ipq_sysctl_header;
static ctl_table ipq_table[] = {
},
{ .ctl_name = 0 }
};
+#endif
-static ctl_table ipq_dir_table[] = {
- {
- .ctl_name = NET_IPV6,
- .procname = "ipv6",
- .mode = 0555,
- .child = ipq_table
- },
- { .ctl_name = 0 }
-};
-
-static ctl_table ipq_root_table[] = {
- {
- .ctl_name = CTL_NET,
- .procname = "net",
- .mode = 0555,
- .child = ipq_dir_table
- },
- { .ctl_name = 0 }
-};
-
+#ifdef CONFIG_PROC_FS
static int ip6_queue_show(struct seq_file *m, void *v)
{
read_lock_bh(&queue_lock);
.release = single_release,
.owner = THIS_MODULE,
};
+#endif
static const struct nf_queue_handler nfqh = {
.name = "ip6_queue",
static int __init ip6_queue_init(void)
{
int status = -ENOMEM;
- struct proc_dir_entry *proc;
+ struct proc_dir_entry *proc __maybe_unused;
netlink_register_notifier(&ipq_nl_notifier);
ipqnl = netlink_kernel_create(&init_net, NETLINK_IP6_FW, 0,
goto cleanup_netlink_notifier;
}
+#ifdef CONFIG_PROC_FS
proc = create_proc_entry(IPQ_PROC_FS_NAME, 0, init_net.proc_net);
if (proc) {
proc->owner = THIS_MODULE;
printk(KERN_ERR "ip6_queue: failed to create proc entry\n");
goto cleanup_ipqnl;
}
-
+#endif
register_netdevice_notifier(&ipq_dev_notifier);
- ipq_sysctl_header = register_sysctl_table(ipq_root_table);
-
+#ifdef CONFIG_SYSCTL
+ ipq_sysctl_header = register_sysctl_paths(net_ipv6_ctl_path, ipq_table);
+#endif
status = nf_register_queue_handler(PF_INET6, &nfqh);
if (status < 0) {
printk(KERN_ERR "ip6_queue: failed to register queue handler\n");
return status;
cleanup_sysctl:
+#ifdef CONFIG_SYSCTL
unregister_sysctl_table(ipq_sysctl_header);
+#endif
unregister_netdevice_notifier(&ipq_dev_notifier);
proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
-cleanup_ipqnl:
- sock_release(ipqnl->sk_socket);
+cleanup_ipqnl: __maybe_unused
+ netlink_kernel_release(ipqnl);
mutex_lock(&ipqnl_mutex);
mutex_unlock(&ipqnl_mutex);
synchronize_net();
ipq_flush(NULL, 0);
+#ifdef CONFIG_SYSCTL
unregister_sysctl_table(ipq_sysctl_header);
+#endif
unregister_netdevice_notifier(&ipq_dev_notifier);
proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
- sock_release(ipqnl->sk_socket);
+ netlink_kernel_release(ipqnl);
mutex_lock(&ipqnl_mutex);
mutex_unlock(&ipqnl_mutex);
projects / linux-2.6 / blobdiff