iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[NETFILTER] bridge: code rearrangement for clarity

Browse Source 
Cleanup and rearrangement for better style and clarity:
	Split the function nf_bridge_maybe_copy_header into two pieces
	Move copy portion out of line.
	Use Ethernet header size macros.
	Use header file to handle CONFIG_NETFILTER_BRIDGE differences

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Stephen Hemminger 2006-08-29 17:48:17 -07:00 committed by David S. Miller
parent cd360007a0
commit 07317621d0
3 changed files with 33 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/linux/netfilter_bridge.h
View File

@ -47,26 +47,12 @@ enum nf_br_hook_priorities {
/* Only used in br_forward.c */ /* Only used in br_forward.c */
static inline extern int nf_bridge_copy_header(struct sk_buff *skb);
int nf_bridge_maybe_copy_header(struct sk_buff *skb) static inline int nf_bridge_maybe_copy_header(struct sk_buff *skb)
{ {
int err; if (skb->nf_bridge)
return nf_bridge_copy_header(skb);
if (skb->nf_bridge) { return 0;
if (skb->protocol == __constant_htons(ETH_P_8021Q)) {
err = skb_cow(skb, 18);
if (err)
return err;
memcpy(skb->data - 18, skb->nf_bridge->data, 18);
skb_push(skb, 4);
} else {
err = skb_cow(skb, 16);
if (err)
return err;
memcpy(skb->data - 16, skb->nf_bridge->data, 16);
}
}
return 0;
} }
/* This is called by the IP fragmenting code and it ensures there is /* This is called by the IP fragmenting code and it ensures there is
@ -90,6 +76,8 @@ struct bridge_skb_cb {
}; };
extern int brnf_deferred_hooks; extern int brnf_deferred_hooks;
#else
#define nf_bridge_maybe_copy_header(skb) (0)
#endif /* CONFIG_BRIDGE_NETFILTER */ #endif /* CONFIG_BRIDGE_NETFILTER */
#endif /* __KERNEL__ */ #endif /* __KERNEL__ */

5
net/bridge/br_forward.c
View File

@ -38,13 +38,10 @@ int br_dev_queue_push_xmit(struct sk_buff *skb)
if (packet_length(skb) > skb->dev->mtu && !skb_is_gso(skb)) if (packet_length(skb) > skb->dev->mtu && !skb_is_gso(skb))
kfree_skb(skb); kfree_skb(skb);
else { else {
#ifdef CONFIG_BRIDGE_NETFILTER
/* ip_refrag calls ip_fragment, doesn't copy the MAC header. */ /* ip_refrag calls ip_fragment, doesn't copy the MAC header. */
if (nf_bridge_maybe_copy_header(skb)) if (nf_bridge_maybe_copy_header(skb))
kfree_skb(skb); kfree_skb(skb);
else else {
#endif
{
skb_push(skb, ETH_HLEN); skb_push(skb, ETH_HLEN);
dev_queue_xmit(skb); dev_queue_xmit(skb);

27
net/bridge/br_netfilter.c
View File

@ -127,14 +127,37 @@ static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
static inline void nf_bridge_save_header(struct sk_buff *skb) static inline void nf_bridge_save_header(struct sk_buff *skb)
{ {
int header_size = 16; int header_size = ETH_HLEN;
if (skb->protocol == htons(ETH_P_8021Q)) if (skb->protocol == htons(ETH_P_8021Q))
header_size = 18; header_size += VLAN_HLEN;
memcpy(skb->nf_bridge->data, skb->data - header_size, header_size); memcpy(skb->nf_bridge->data, skb->data - header_size, header_size);
} }
/*
* When forwarding bridge frames, we save a copy of the original
* header before processing.
*/
int nf_bridge_copy_header(struct sk_buff *skb)
{
int err;
int header_size = ETH_HLEN;
if (skb->protocol == htons(ETH_P_8021Q))
header_size += VLAN_HLEN;
err = skb_cow(skb, header_size);
if (err)
return err;
memcpy(skb->data - header_size, skb->nf_bridge->data, header_size);
if (skb->protocol == htons(ETH_P_8021Q))
__skb_push(skb, VLAN_HLEN);
return 0;
}
/* PF_BRIDGE/PRE_ROUTING *********************************************/ /* PF_BRIDGE/PRE_ROUTING *********************************************/
/* Undo the changes made for ip6tables PREROUTING and continue the /* Undo the changes made for ip6tables PREROUTING and continue the
* bridge PRE_ROUTING hook. */ * bridge PRE_ROUTING hook. */