]> err.no Git - linux-2.6/commitdiff
[NETFILTER]: ip_queue/nfnetlink_queue: drop bridge port references when dev disappears
authorPatrick McHardy <kaber@trash.net>
Tue, 27 Jun 2006 10:01:48 +0000 (03:01 -0700)
committerDavid S. Miller <davem@sunset.davemloft.net>
Thu, 29 Jun 2006 23:57:48 +0000 (16:57 -0700)
When a device that is acting as a bridge port is unregistered, the
ip_queue/nfnetlink_queue notifier doesn't check if its one of
physindev/physoutdev and doesn't release the references if it is.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/netfilter/ip_queue.c
net/netfilter/nfnetlink_queue.c

index b93f0494362f888785d2dd8af8524d86f67ccdc0..213d116e5bb9c5a708f3692f6bcf90933876ff47 100644 (file)
@@ -457,11 +457,19 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex)
        if (entry->info->indev)
                if (entry->info->indev->ifindex == ifindex)
                        return 1;
-                       
        if (entry->info->outdev)
                if (entry->info->outdev->ifindex == ifindex)
                        return 1;
-
+#ifdef CONFIG_BRIDGE_NETFILTER
+       if (entry->skb->nf_bridge) {
+               if (entry->skb->nf_bridge->physindev &&
+                   entry->skb->nf_bridge->physindev->ifindex == ifindex)
+                       return 1;
+               if (entry->skb->nf_bridge->physoutdev &&
+                   entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+                       return 1;
+       }
+#endif
        return 0;
 }
 
index 86a4ac33de3495791e5e465a5352afe79690c3cf..49ef41e34c48309eb3d7dc6553056a822e6fb112 100644 (file)
@@ -680,11 +680,19 @@ dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex)
        if (entinf->indev)
                if (entinf->indev->ifindex == ifindex)
                        return 1;
-                       
        if (entinf->outdev)
                if (entinf->outdev->ifindex == ifindex)
                        return 1;
-
+#ifdef CONFIG_BRIDGE_NETFILTER
+       if (entry->skb->nf_bridge) {
+               if (entry->skb->nf_bridge->physindev &&
+                   entry->skb->nf_bridge->physindev->ifindex == ifindex)
+                       return 1;
+               if (entry->skb->nf_bridge->physoutdev &&
+                   entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+                       return 1;
+       }
+#endif
        return 0;
 }