summaryrefslogtreecommitdiff
path: root/net/netfilter/ipvs/ip_vs_proto_sctp.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netfilter/ipvs/ip_vs_proto_sctp.c')
-rw-r--r--net/netfilter/ipvs/ip_vs_proto_sctp.c48
1 files changed, 8 insertions, 40 deletions
diff --git a/net/netfilter/ipvs/ip_vs_proto_sctp.c b/net/netfilter/ipvs/ip_vs_proto_sctp.c
index 2f7ea75..23e596e 100644
--- a/net/netfilter/ipvs/ip_vs_proto_sctp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_sctp.c
@@ -20,18 +20,13 @@ sctp_conn_schedule(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd,
sctp_sctphdr_t *sh, _sctph;
sh = skb_header_pointer(skb, iph->len, sizeof(_sctph), &_sctph);
- if (sh == NULL) {
- *verdict = NF_DROP;
+ if (sh == NULL)
return 0;
- }
sch = skb_header_pointer(skb, iph->len + sizeof(sctp_sctphdr_t),
sizeof(_schunkh), &_schunkh);
- if (sch == NULL) {
- *verdict = NF_DROP;
+ if (sch == NULL)
return 0;
- }
-
net = skb_net(skb);
ipvs = net_ipvs(net);
rcu_read_lock();
@@ -81,7 +76,6 @@ sctp_snat_handler(struct sk_buff *skb, struct ip_vs_protocol *pp,
{
sctp_sctphdr_t *sctph;
unsigned int sctphoff = iph->len;
- bool payload_csum = false;
#ifdef CONFIG_IP_VS_IPV6
if (cp->af == AF_INET6 && iph->fragoffs)
@@ -93,31 +87,19 @@ sctp_snat_handler(struct sk_buff *skb, struct ip_vs_protocol *pp,
return 0;
if (unlikely(cp->app != NULL)) {
- int ret;
-
/* Some checks before mangling */
if (pp->csum_check && !pp->csum_check(cp->af, skb, pp))
return 0;
/* Call application helper if needed */
- ret = ip_vs_app_pkt_out(cp, skb);
- if (ret == 0)
+ if (!ip_vs_app_pkt_out(cp, skb))
return 0;
- /* ret=2: csum update is needed after payload mangling */
- if (ret == 2)
- payload_csum = true;
}
sctph = (void *) skb_network_header(skb) + sctphoff;
+ sctph->source = cp->vport;
- /* Only update csum if we really have to */
- if (sctph->source != cp->vport || payload_csum ||
- skb->ip_summed == CHECKSUM_PARTIAL) {
- sctph->source = cp->vport;
- sctp_nat_csum(skb, sctph, sctphoff);
- } else {
- skb->ip_summed = CHECKSUM_UNNECESSARY;
- }
+ sctp_nat_csum(skb, sctph, sctphoff);
return 1;
}
@@ -128,7 +110,6 @@ sctp_dnat_handler(struct sk_buff *skb, struct ip_vs_protocol *pp,
{
sctp_sctphdr_t *sctph;
unsigned int sctphoff = iph->len;
- bool payload_csum = false;
#ifdef CONFIG_IP_VS_IPV6
if (cp->af == AF_INET6 && iph->fragoffs)
@@ -140,32 +121,19 @@ sctp_dnat_handler(struct sk_buff *skb, struct ip_vs_protocol *pp,
return 0;
if (unlikely(cp->app != NULL)) {
- int ret;
-
/* Some checks before mangling */
if (pp->csum_check && !pp->csum_check(cp->af, skb, pp))
return 0;
/* Call application helper if needed */
- ret = ip_vs_app_pkt_in(cp, skb);
- if (ret == 0)
+ if (!ip_vs_app_pkt_in(cp, skb))
return 0;
- /* ret=2: csum update is needed after payload mangling */
- if (ret == 2)
- payload_csum = true;
}
sctph = (void *) skb_network_header(skb) + sctphoff;
+ sctph->dest = cp->dport;
- /* Only update csum if we really have to */
- if (sctph->dest != cp->dport || payload_csum ||
- (skb->ip_summed == CHECKSUM_PARTIAL &&
- !(skb_dst(skb)->dev->features & NETIF_F_SCTP_CSUM))) {
- sctph->dest = cp->dport;
- sctp_nat_csum(skb, sctph, sctphoff);
- } else if (skb->ip_summed != CHECKSUM_PARTIAL) {
- skb->ip_summed = CHECKSUM_UNNECESSARY;
- }
+ sctp_nat_csum(skb, sctph, sctphoff);
return 1;
}
generated by cgit v0.10.2 at 2024-06-29 06:56:03 (GMT)