Loading include/linux/netfilter_ipv4/ip_conntrack.h +1 −1 Original line number Original line Diff line number Diff line Loading @@ -157,7 +157,7 @@ struct ip_conntrack_expect unsigned int flags; unsigned int flags; #ifdef CONFIG_IP_NF_NAT_NEEDED #ifdef CONFIG_IP_NF_NAT_NEEDED u_int32_t saved_ip; __be32 saved_ip; /* This is the original per-proto part, used to map the /* This is the original per-proto part, used to map the * expected connection the way the recipient expects. */ * expected connection the way the recipient expects. */ union ip_conntrack_manip_proto saved_proto; union ip_conntrack_manip_proto saved_proto; Loading include/linux/netfilter_ipv4/ip_conntrack_tuple.h +8 −8 Original line number Original line Diff line number Diff line Loading @@ -23,13 +23,13 @@ union ip_conntrack_manip_proto __be16 port; __be16 port; } tcp; } tcp; struct { struct { u_int16_t port; __be16 port; } udp; } udp; struct { struct { u_int16_t id; __be16 id; } icmp; } icmp; struct { struct { u_int16_t port; __be16 port; } sctp; } sctp; struct { struct { __be16 key; /* key is 32bit, pptp only uses 16 */ __be16 key; /* key is 32bit, pptp only uses 16 */ Loading @@ -39,7 +39,7 @@ union ip_conntrack_manip_proto /* The manipulable part of the tuple. */ /* The manipulable part of the tuple. */ struct ip_conntrack_manip struct ip_conntrack_manip { { u_int32_t ip; __be32 ip; union ip_conntrack_manip_proto u; union ip_conntrack_manip_proto u; }; }; Loading @@ -50,22 +50,22 @@ struct ip_conntrack_tuple /* These are the parts of the tuple which are fixed. */ /* These are the parts of the tuple which are fixed. */ struct { struct { u_int32_t ip; __be32 ip; union { union { /* Add other protocols here. */ /* Add other protocols here. */ u_int16_t all; u_int16_t all; struct { struct { u_int16_t port; __be16 port; } tcp; } tcp; struct { struct { u_int16_t port; __be16 port; } udp; } udp; struct { struct { u_int8_t type, code; u_int8_t type, code; } icmp; } icmp; struct { struct { u_int16_t port; __be16 port; } sctp; } sctp; struct { struct { __be16 key; /* key is 32bit, __be16 key; /* key is 32bit, Loading net/ipv4/netfilter/ip_conntrack_amanda.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -155,11 +155,11 @@ static int help(struct sk_buff **pskb, exp->tuple.dst.protonum = IPPROTO_TCP; exp->tuple.dst.protonum = IPPROTO_TCP; exp->tuple.dst.u.tcp.port = htons(port); exp->tuple.dst.u.tcp.port = htons(port); exp->mask.src.ip = 0xFFFFFFFF; exp->mask.src.ip = htonl(0xFFFFFFFF); exp->mask.src.u.tcp.port = 0; exp->mask.src.u.tcp.port = 0; exp->mask.dst.ip = 0xFFFFFFFF; exp->mask.dst.ip = htonl(0xFFFFFFFF); exp->mask.dst.protonum = 0xFF; exp->mask.dst.protonum = 0xFF; exp->mask.dst.u.tcp.port = 0xFFFF; exp->mask.dst.u.tcp.port = htons(0xFFFF); if (ip_nat_amanda_hook) if (ip_nat_amanda_hook) ret = ip_nat_amanda_hook(pskb, ctinfo, off - dataoff, ret = ip_nat_amanda_hook(pskb, ctinfo, off - dataoff, Loading net/ipv4/netfilter/ip_conntrack_core.c +6 −6 Original line number Original line Diff line number Diff line Loading @@ -149,8 +149,8 @@ static unsigned int ip_conntrack_hash_rnd; static u_int32_t __hash_conntrack(const struct ip_conntrack_tuple *tuple, static u_int32_t __hash_conntrack(const struct ip_conntrack_tuple *tuple, unsigned int size, unsigned int rnd) unsigned int size, unsigned int rnd) { { return (jhash_3words(tuple->src.ip, return (jhash_3words((__force u32)tuple->src.ip, (tuple->dst.ip ^ tuple->dst.protonum), ((__force u32)tuple->dst.ip ^ tuple->dst.protonum), (tuple->src.u.all | (tuple->dst.u.all << 16)), (tuple->src.u.all | (tuple->dst.u.all << 16)), rnd) % size); rnd) % size); } } Loading Loading @@ -1169,9 +1169,9 @@ void __ip_ct_refresh_acct(struct ip_conntrack *ct, int ip_ct_port_tuple_to_nfattr(struct sk_buff *skb, int ip_ct_port_tuple_to_nfattr(struct sk_buff *skb, const struct ip_conntrack_tuple *tuple) const struct ip_conntrack_tuple *tuple) { { NFA_PUT(skb, CTA_PROTO_SRC_PORT, sizeof(u_int16_t), NFA_PUT(skb, CTA_PROTO_SRC_PORT, sizeof(__be16), &tuple->src.u.tcp.port); &tuple->src.u.tcp.port); NFA_PUT(skb, CTA_PROTO_DST_PORT, sizeof(u_int16_t), NFA_PUT(skb, CTA_PROTO_DST_PORT, sizeof(__be16), &tuple->dst.u.tcp.port); &tuple->dst.u.tcp.port); return 0; return 0; Loading @@ -1186,9 +1186,9 @@ int ip_ct_port_nfattr_to_tuple(struct nfattr *tb[], return -EINVAL; return -EINVAL; t->src.u.tcp.port = t->src.u.tcp.port = *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]); *(__be16 *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]); t->dst.u.tcp.port = t->dst.u.tcp.port = *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]); *(__be16 *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]); return 0; return 0; } } Loading net/ipv4/netfilter/ip_conntrack_ftp.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -425,8 +425,8 @@ static int help(struct sk_buff **pskb, exp->tuple.src.u.tcp.port = 0; /* Don't care. */ exp->tuple.src.u.tcp.port = 0; /* Don't care. */ exp->tuple.dst.protonum = IPPROTO_TCP; exp->tuple.dst.protonum = IPPROTO_TCP; exp->mask = ((struct ip_conntrack_tuple) exp->mask = ((struct ip_conntrack_tuple) { { 0xFFFFFFFF, { 0 } }, { { htonl(0xFFFFFFFF), { 0 } }, { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFF }}); { htonl(0xFFFFFFFF), { .tcp = { htons(0xFFFF) } }, 0xFF }}); exp->expectfn = NULL; exp->expectfn = NULL; exp->flags = 0; exp->flags = 0; Loading Loading @@ -488,7 +488,7 @@ static int __init ip_conntrack_ftp_init(void) for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) { ftp[i].tuple.src.u.tcp.port = htons(ports[i]); ftp[i].tuple.src.u.tcp.port = htons(ports[i]); ftp[i].tuple.dst.protonum = IPPROTO_TCP; ftp[i].tuple.dst.protonum = IPPROTO_TCP; ftp[i].mask.src.u.tcp.port = 0xFFFF; ftp[i].mask.src.u.tcp.port = htons(0xFFFF); ftp[i].mask.dst.protonum = 0xFF; ftp[i].mask.dst.protonum = 0xFF; ftp[i].max_expected = 1; ftp[i].max_expected = 1; ftp[i].timeout = 5 * 60; /* 5 minutes */ ftp[i].timeout = 5 * 60; /* 5 minutes */ Loading Loading
include/linux/netfilter_ipv4/ip_conntrack.h +1 −1 Original line number Original line Diff line number Diff line Loading @@ -157,7 +157,7 @@ struct ip_conntrack_expect unsigned int flags; unsigned int flags; #ifdef CONFIG_IP_NF_NAT_NEEDED #ifdef CONFIG_IP_NF_NAT_NEEDED u_int32_t saved_ip; __be32 saved_ip; /* This is the original per-proto part, used to map the /* This is the original per-proto part, used to map the * expected connection the way the recipient expects. */ * expected connection the way the recipient expects. */ union ip_conntrack_manip_proto saved_proto; union ip_conntrack_manip_proto saved_proto; Loading
include/linux/netfilter_ipv4/ip_conntrack_tuple.h +8 −8 Original line number Original line Diff line number Diff line Loading @@ -23,13 +23,13 @@ union ip_conntrack_manip_proto __be16 port; __be16 port; } tcp; } tcp; struct { struct { u_int16_t port; __be16 port; } udp; } udp; struct { struct { u_int16_t id; __be16 id; } icmp; } icmp; struct { struct { u_int16_t port; __be16 port; } sctp; } sctp; struct { struct { __be16 key; /* key is 32bit, pptp only uses 16 */ __be16 key; /* key is 32bit, pptp only uses 16 */ Loading @@ -39,7 +39,7 @@ union ip_conntrack_manip_proto /* The manipulable part of the tuple. */ /* The manipulable part of the tuple. */ struct ip_conntrack_manip struct ip_conntrack_manip { { u_int32_t ip; __be32 ip; union ip_conntrack_manip_proto u; union ip_conntrack_manip_proto u; }; }; Loading @@ -50,22 +50,22 @@ struct ip_conntrack_tuple /* These are the parts of the tuple which are fixed. */ /* These are the parts of the tuple which are fixed. */ struct { struct { u_int32_t ip; __be32 ip; union { union { /* Add other protocols here. */ /* Add other protocols here. */ u_int16_t all; u_int16_t all; struct { struct { u_int16_t port; __be16 port; } tcp; } tcp; struct { struct { u_int16_t port; __be16 port; } udp; } udp; struct { struct { u_int8_t type, code; u_int8_t type, code; } icmp; } icmp; struct { struct { u_int16_t port; __be16 port; } sctp; } sctp; struct { struct { __be16 key; /* key is 32bit, __be16 key; /* key is 32bit, Loading
net/ipv4/netfilter/ip_conntrack_amanda.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -155,11 +155,11 @@ static int help(struct sk_buff **pskb, exp->tuple.dst.protonum = IPPROTO_TCP; exp->tuple.dst.protonum = IPPROTO_TCP; exp->tuple.dst.u.tcp.port = htons(port); exp->tuple.dst.u.tcp.port = htons(port); exp->mask.src.ip = 0xFFFFFFFF; exp->mask.src.ip = htonl(0xFFFFFFFF); exp->mask.src.u.tcp.port = 0; exp->mask.src.u.tcp.port = 0; exp->mask.dst.ip = 0xFFFFFFFF; exp->mask.dst.ip = htonl(0xFFFFFFFF); exp->mask.dst.protonum = 0xFF; exp->mask.dst.protonum = 0xFF; exp->mask.dst.u.tcp.port = 0xFFFF; exp->mask.dst.u.tcp.port = htons(0xFFFF); if (ip_nat_amanda_hook) if (ip_nat_amanda_hook) ret = ip_nat_amanda_hook(pskb, ctinfo, off - dataoff, ret = ip_nat_amanda_hook(pskb, ctinfo, off - dataoff, Loading
net/ipv4/netfilter/ip_conntrack_core.c +6 −6 Original line number Original line Diff line number Diff line Loading @@ -149,8 +149,8 @@ static unsigned int ip_conntrack_hash_rnd; static u_int32_t __hash_conntrack(const struct ip_conntrack_tuple *tuple, static u_int32_t __hash_conntrack(const struct ip_conntrack_tuple *tuple, unsigned int size, unsigned int rnd) unsigned int size, unsigned int rnd) { { return (jhash_3words(tuple->src.ip, return (jhash_3words((__force u32)tuple->src.ip, (tuple->dst.ip ^ tuple->dst.protonum), ((__force u32)tuple->dst.ip ^ tuple->dst.protonum), (tuple->src.u.all | (tuple->dst.u.all << 16)), (tuple->src.u.all | (tuple->dst.u.all << 16)), rnd) % size); rnd) % size); } } Loading Loading @@ -1169,9 +1169,9 @@ void __ip_ct_refresh_acct(struct ip_conntrack *ct, int ip_ct_port_tuple_to_nfattr(struct sk_buff *skb, int ip_ct_port_tuple_to_nfattr(struct sk_buff *skb, const struct ip_conntrack_tuple *tuple) const struct ip_conntrack_tuple *tuple) { { NFA_PUT(skb, CTA_PROTO_SRC_PORT, sizeof(u_int16_t), NFA_PUT(skb, CTA_PROTO_SRC_PORT, sizeof(__be16), &tuple->src.u.tcp.port); &tuple->src.u.tcp.port); NFA_PUT(skb, CTA_PROTO_DST_PORT, sizeof(u_int16_t), NFA_PUT(skb, CTA_PROTO_DST_PORT, sizeof(__be16), &tuple->dst.u.tcp.port); &tuple->dst.u.tcp.port); return 0; return 0; Loading @@ -1186,9 +1186,9 @@ int ip_ct_port_nfattr_to_tuple(struct nfattr *tb[], return -EINVAL; return -EINVAL; t->src.u.tcp.port = t->src.u.tcp.port = *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]); *(__be16 *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]); t->dst.u.tcp.port = t->dst.u.tcp.port = *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]); *(__be16 *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]); return 0; return 0; } } Loading
net/ipv4/netfilter/ip_conntrack_ftp.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -425,8 +425,8 @@ static int help(struct sk_buff **pskb, exp->tuple.src.u.tcp.port = 0; /* Don't care. */ exp->tuple.src.u.tcp.port = 0; /* Don't care. */ exp->tuple.dst.protonum = IPPROTO_TCP; exp->tuple.dst.protonum = IPPROTO_TCP; exp->mask = ((struct ip_conntrack_tuple) exp->mask = ((struct ip_conntrack_tuple) { { 0xFFFFFFFF, { 0 } }, { { htonl(0xFFFFFFFF), { 0 } }, { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFF }}); { htonl(0xFFFFFFFF), { .tcp = { htons(0xFFFF) } }, 0xFF }}); exp->expectfn = NULL; exp->expectfn = NULL; exp->flags = 0; exp->flags = 0; Loading Loading @@ -488,7 +488,7 @@ static int __init ip_conntrack_ftp_init(void) for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) { ftp[i].tuple.src.u.tcp.port = htons(ports[i]); ftp[i].tuple.src.u.tcp.port = htons(ports[i]); ftp[i].tuple.dst.protonum = IPPROTO_TCP; ftp[i].tuple.dst.protonum = IPPROTO_TCP; ftp[i].mask.src.u.tcp.port = 0xFFFF; ftp[i].mask.src.u.tcp.port = htons(0xFFFF); ftp[i].mask.dst.protonum = 0xFF; ftp[i].mask.dst.protonum = 0xFF; ftp[i].max_expected = 1; ftp[i].max_expected = 1; ftp[i].timeout = 5 * 60; /* 5 minutes */ ftp[i].timeout = 5 * 60; /* 5 minutes */ Loading
Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: