summaryrefslogtreecommitdiff
path: root/net/netfilter/nf_conntrack_sane.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2012-06-07 10:11:50 (GMT)
committerPablo Neira Ayuso <pablo@netfilter.org>2012-06-16 13:08:55 (GMT)
commit1afc56794e03229fa53cfa3c5012704d226e1dec (patch)
treee4182f8c9539d16d96136ca681ab1cf4a8c430ec /net/netfilter/nf_conntrack_sane.c
parent3cf4c7e381d9a98a44fd86207b950bd8fef55d20 (diff)
downloadlinux-fsl-qoriq-1afc56794e03229fa53cfa3c5012704d226e1dec.tar.xz
netfilter: nf_ct_helper: implement variable length helper private data
This patch uses the new variable length conntrack extensions. Instead of using union nf_conntrack_help that contain all the helper private data information, we allocate variable length area to store the private helper data. This patch includes the modification of all existing helpers. It also includes a couple of include header to avoid compilation warnings. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_conntrack_sane.c')
-rw-r--r--net/netfilter/nf_conntrack_sane.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/nf_conntrack_sane.c b/net/netfilter/nf_conntrack_sane.c
index ec3fc18..295429f 100644
--- a/net/netfilter/nf_conntrack_sane.c
+++ b/net/netfilter/nf_conntrack_sane.c
@@ -69,13 +69,12 @@ static int help(struct sk_buff *skb,
void *sb_ptr;
int ret = NF_ACCEPT;
int dir = CTINFO2DIR(ctinfo);
- struct nf_ct_sane_master *ct_sane_info;
+ struct nf_ct_sane_master *ct_sane_info = nfct_help_data(ct);
struct nf_conntrack_expect *exp;
struct nf_conntrack_tuple *tuple;
struct sane_request *req;
struct sane_reply_net_start *reply;
- ct_sane_info = &nfct_help(ct)->help.ct_sane_info;
/* Until there's been traffic both ways, don't look in packets. */
if (ctinfo != IP_CT_ESTABLISHED &&
ctinfo != IP_CT_ESTABLISHED_REPLY)
@@ -203,6 +202,7 @@ static int __init nf_conntrack_sane_init(void)
sane[i][0].tuple.src.l3num = PF_INET;
sane[i][1].tuple.src.l3num = PF_INET6;
for (j = 0; j < 2; j++) {
+ sane[i][j].data_len = sizeof(struct nf_ct_sane_master);
sane[i][j].tuple.src.u.tcp.port = htons(ports[i]);
sane[i][j].tuple.dst.protonum = IPPROTO_TCP;
sane[i][j].expect_policy = &sane_exp_policy;
generated by cgit v0.10.2 at 2024-09-24 18:40:18 (GMT)