[NETFILTER]: Add goto target
Originally written by Henrik Nordstrom <hno@marasystems.com>, taken from netfilter patch-o-matic and added ip6_tables support. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
764d8a9f24
commit
05465343bf
@ -109,7 +109,8 @@ struct ipt_counters
|
||||
|
||||
/* Values for "flag" field in struct ipt_ip (general ip structure). */
|
||||
#define IPT_F_FRAG 0x01 /* Set if rule is a fragment rule */
|
||||
#define IPT_F_MASK 0x01 /* All possible flag bits mask. */
|
||||
#define IPT_F_GOTO 0x02 /* Set if jump is a goto */
|
||||
#define IPT_F_MASK 0x03 /* All possible flag bits mask. */
|
||||
|
||||
/* Values for "inv" field in struct ipt_ip. */
|
||||
#define IPT_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */
|
||||
|
@ -111,7 +111,8 @@ struct ip6t_counters
|
||||
#define IP6T_F_PROTO 0x01 /* Set if rule cares about upper
|
||||
protocols */
|
||||
#define IP6T_F_TOS 0x02 /* Match the TOS. */
|
||||
#define IP6T_F_MASK 0x03 /* All possible flag bits mask. */
|
||||
#define IP6T_F_GOTO 0x04 /* Set if jump is a goto */
|
||||
#define IP6T_F_MASK 0x07 /* All possible flag bits mask. */
|
||||
|
||||
/* Values for "inv" field in struct ip6t_ip6. */
|
||||
#define IP6T_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */
|
||||
|
@ -340,8 +340,8 @@ ipt_do_table(struct sk_buff **pskb,
|
||||
back->comefrom);
|
||||
continue;
|
||||
}
|
||||
if (table_base + v
|
||||
!= (void *)e + e->next_offset) {
|
||||
if (table_base + v != (void *)e + e->next_offset
|
||||
&& !(e->ip.flags & IPT_F_GOTO)) {
|
||||
/* Save old back ptr in next entry */
|
||||
struct ipt_entry *next
|
||||
= (void *)e + e->next_offset;
|
||||
|
@ -433,8 +433,8 @@ ip6t_do_table(struct sk_buff **pskb,
|
||||
back->comefrom);
|
||||
continue;
|
||||
}
|
||||
if (table_base + v
|
||||
!= (void *)e + e->next_offset) {
|
||||
if (table_base + v != (void *)e + e->next_offset
|
||||
&& !(e->ipv6.flags & IP6T_F_GOTO)) {
|
||||
/* Save old back ptr in next entry */
|
||||
struct ip6t_entry *next
|
||||
= (void *)e + e->next_offset;
|
||||
|
Loading…
Reference in New Issue
Block a user