[NET]: Turn nfmark into generic mark
nfmark is being used in various subsystems and has become the defacto mark field for all kinds of packets. Therefore it makes sense to rename it to `mark' and remove the dependency on CONFIG_NETFILTER. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
0afc46c468
commit
82e91ffef6
|
@ -216,7 +216,7 @@ enum {
|
||||||
* @tail: Tail pointer
|
* @tail: Tail pointer
|
||||||
* @end: End pointer
|
* @end: End pointer
|
||||||
* @destructor: Destruct function
|
* @destructor: Destruct function
|
||||||
* @nfmark: Can be used for communication between hooks
|
* @mark: Generic packet mark
|
||||||
* @nfct: Associated connection, if any
|
* @nfct: Associated connection, if any
|
||||||
* @ipvs_property: skbuff is owned by ipvs
|
* @ipvs_property: skbuff is owned by ipvs
|
||||||
* @nfctinfo: Relationship of this skb to the connection
|
* @nfctinfo: Relationship of this skb to the connection
|
||||||
|
@ -295,7 +295,6 @@ struct sk_buff {
|
||||||
#ifdef CONFIG_BRIDGE_NETFILTER
|
#ifdef CONFIG_BRIDGE_NETFILTER
|
||||||
struct nf_bridge_info *nf_bridge;
|
struct nf_bridge_info *nf_bridge;
|
||||||
#endif
|
#endif
|
||||||
__u32 nfmark;
|
|
||||||
#endif /* CONFIG_NETFILTER */
|
#endif /* CONFIG_NETFILTER */
|
||||||
#ifdef CONFIG_NET_SCHED
|
#ifdef CONFIG_NET_SCHED
|
||||||
__u16 tc_index; /* traffic control index */
|
__u16 tc_index; /* traffic control index */
|
||||||
|
@ -310,6 +309,7 @@ struct sk_buff {
|
||||||
__u32 secmark;
|
__u32 secmark;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
__u32 mark;
|
||||||
|
|
||||||
/* These elements must be at the end, see alloc_skb() for details. */
|
/* These elements must be at the end, see alloc_skb() for details. */
|
||||||
unsigned int truesize;
|
unsigned int truesize;
|
||||||
|
|
|
@ -25,13 +25,13 @@ static int ebt_target_mark(struct sk_buff **pskb, unsigned int hooknr,
|
||||||
int action = info->target & -16;
|
int action = info->target & -16;
|
||||||
|
|
||||||
if (action == MARK_SET_VALUE)
|
if (action == MARK_SET_VALUE)
|
||||||
(*pskb)->nfmark = info->mark;
|
(*pskb)->mark = info->mark;
|
||||||
else if (action == MARK_OR_VALUE)
|
else if (action == MARK_OR_VALUE)
|
||||||
(*pskb)->nfmark |= info->mark;
|
(*pskb)->mark |= info->mark;
|
||||||
else if (action == MARK_AND_VALUE)
|
else if (action == MARK_AND_VALUE)
|
||||||
(*pskb)->nfmark &= info->mark;
|
(*pskb)->mark &= info->mark;
|
||||||
else
|
else
|
||||||
(*pskb)->nfmark ^= info->mark;
|
(*pskb)->mark ^= info->mark;
|
||||||
|
|
||||||
return info->target | -16;
|
return info->target | -16;
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,8 +19,8 @@ static int ebt_filter_mark(const struct sk_buff *skb,
|
||||||
struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data;
|
struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data;
|
||||||
|
|
||||||
if (info->bitmask & EBT_MARK_OR)
|
if (info->bitmask & EBT_MARK_OR)
|
||||||
return !(!!(skb->nfmark & info->mask) ^ info->invert);
|
return !(!!(skb->mark & info->mask) ^ info->invert);
|
||||||
return !(((skb->nfmark & info->mask) == info->mark) ^ info->invert);
|
return !(((skb->mark & info->mask) == info->mark) ^ info->invert);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ebt_mark_check(const char *tablename, unsigned int hookmask,
|
static int ebt_mark_check(const char *tablename, unsigned int hookmask,
|
||||||
|
|
|
@ -168,7 +168,7 @@ static void ebt_ulog_packet(unsigned int hooknr, const struct sk_buff *skb,
|
||||||
if (ub->qlen == 1)
|
if (ub->qlen == 1)
|
||||||
skb_set_timestamp(ub->skb, &pm->stamp);
|
skb_set_timestamp(ub->skb, &pm->stamp);
|
||||||
pm->data_len = copy_len;
|
pm->data_len = copy_len;
|
||||||
pm->mark = skb->nfmark;
|
pm->mark = skb->mark;
|
||||||
pm->hook = hooknr;
|
pm->hook = hooknr;
|
||||||
if (uloginfo->prefix != NULL)
|
if (uloginfo->prefix != NULL)
|
||||||
strcpy(pm->prefix, uloginfo->prefix);
|
strcpy(pm->prefix, uloginfo->prefix);
|
||||||
|
|
|
@ -473,8 +473,8 @@ struct sk_buff *skb_clone(struct sk_buff *skb, gfp_t gfp_mask)
|
||||||
#endif
|
#endif
|
||||||
C(protocol);
|
C(protocol);
|
||||||
n->destructor = NULL;
|
n->destructor = NULL;
|
||||||
|
C(mark);
|
||||||
#ifdef CONFIG_NETFILTER
|
#ifdef CONFIG_NETFILTER
|
||||||
C(nfmark);
|
|
||||||
C(nfct);
|
C(nfct);
|
||||||
nf_conntrack_get(skb->nfct);
|
nf_conntrack_get(skb->nfct);
|
||||||
C(nfctinfo);
|
C(nfctinfo);
|
||||||
|
@ -534,8 +534,8 @@ static void copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
|
||||||
new->pkt_type = old->pkt_type;
|
new->pkt_type = old->pkt_type;
|
||||||
new->tstamp = old->tstamp;
|
new->tstamp = old->tstamp;
|
||||||
new->destructor = NULL;
|
new->destructor = NULL;
|
||||||
|
new->mark = old->mark;
|
||||||
#ifdef CONFIG_NETFILTER
|
#ifdef CONFIG_NETFILTER
|
||||||
new->nfmark = old->nfmark;
|
|
||||||
new->nfct = old->nfct;
|
new->nfct = old->nfct;
|
||||||
nf_conntrack_get(old->nfct);
|
nf_conntrack_get(old->nfct);
|
||||||
new->nfctinfo = old->nfctinfo;
|
new->nfctinfo = old->nfctinfo;
|
||||||
|
|
|
@ -1236,7 +1236,7 @@ static int dn_route_input_slow(struct sk_buff *skb)
|
||||||
.saddr = cb->src,
|
.saddr = cb->src,
|
||||||
.scope = RT_SCOPE_UNIVERSE,
|
.scope = RT_SCOPE_UNIVERSE,
|
||||||
#ifdef CONFIG_DECNET_ROUTE_FWMARK
|
#ifdef CONFIG_DECNET_ROUTE_FWMARK
|
||||||
.fwmark = skb->nfmark
|
.fwmark = skb->mark
|
||||||
#endif
|
#endif
|
||||||
} },
|
} },
|
||||||
.iif = skb->dev->ifindex };
|
.iif = skb->dev->ifindex };
|
||||||
|
@ -1458,7 +1458,7 @@ int dn_route_input(struct sk_buff *skb)
|
||||||
(rt->fl.fld_dst == cb->dst) &&
|
(rt->fl.fld_dst == cb->dst) &&
|
||||||
(rt->fl.oif == 0) &&
|
(rt->fl.oif == 0) &&
|
||||||
#ifdef CONFIG_DECNET_ROUTE_FWMARK
|
#ifdef CONFIG_DECNET_ROUTE_FWMARK
|
||||||
(rt->fl.fld_fwmark == skb->nfmark) &&
|
(rt->fl.fld_fwmark == skb->mark) &&
|
||||||
#endif
|
#endif
|
||||||
(rt->fl.iif == cb->iif)) {
|
(rt->fl.iif == cb->iif)) {
|
||||||
rt->u.dst.lastuse = jiffies;
|
rt->u.dst.lastuse = jiffies;
|
||||||
|
|
|
@ -386,6 +386,7 @@ static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
|
||||||
dst_release(to->dst);
|
dst_release(to->dst);
|
||||||
to->dst = dst_clone(from->dst);
|
to->dst = dst_clone(from->dst);
|
||||||
to->dev = from->dev;
|
to->dev = from->dev;
|
||||||
|
to->mark = from->mark;
|
||||||
|
|
||||||
/* Copy the flags to each fragment. */
|
/* Copy the flags to each fragment. */
|
||||||
IPCB(to)->flags = IPCB(from)->flags;
|
IPCB(to)->flags = IPCB(from)->flags;
|
||||||
|
@ -394,7 +395,6 @@ static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
|
||||||
to->tc_index = from->tc_index;
|
to->tc_index = from->tc_index;
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_NETFILTER
|
#ifdef CONFIG_NETFILTER
|
||||||
to->nfmark = from->nfmark;
|
|
||||||
/* Connection association is same as pre-frag packet */
|
/* Connection association is same as pre-frag packet */
|
||||||
nf_conntrack_put(to->nfct);
|
nf_conntrack_put(to->nfct);
|
||||||
to->nfct = from->nfct;
|
to->nfct = from->nfct;
|
||||||
|
|
|
@ -84,7 +84,7 @@ tcp_conn_schedule(struct sk_buff *skb,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (th->syn &&
|
if (th->syn &&
|
||||||
(svc = ip_vs_service_get(skb->nfmark, skb->nh.iph->protocol,
|
(svc = ip_vs_service_get(skb->mark, skb->nh.iph->protocol,
|
||||||
skb->nh.iph->daddr, th->dest))) {
|
skb->nh.iph->daddr, th->dest))) {
|
||||||
if (ip_vs_todrop()) {
|
if (ip_vs_todrop()) {
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -89,7 +89,7 @@ udp_conn_schedule(struct sk_buff *skb, struct ip_vs_protocol *pp,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((svc = ip_vs_service_get(skb->nfmark, skb->nh.iph->protocol,
|
if ((svc = ip_vs_service_get(skb->mark, skb->nh.iph->protocol,
|
||||||
skb->nh.iph->daddr, uh->dest))) {
|
skb->nh.iph->daddr, uh->dest))) {
|
||||||
if (ip_vs_todrop()) {
|
if (ip_vs_todrop()) {
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -28,7 +28,7 @@ int ip_route_me_harder(struct sk_buff **pskb, unsigned addr_type)
|
||||||
fl.nl_u.ip4_u.tos = RT_TOS(iph->tos);
|
fl.nl_u.ip4_u.tos = RT_TOS(iph->tos);
|
||||||
fl.oif = (*pskb)->sk ? (*pskb)->sk->sk_bound_dev_if : 0;
|
fl.oif = (*pskb)->sk ? (*pskb)->sk->sk_bound_dev_if : 0;
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
fl.nl_u.ip4_u.fwmark = (*pskb)->nfmark;
|
fl.nl_u.ip4_u.fwmark = (*pskb)->mark;
|
||||||
#endif
|
#endif
|
||||||
if (ip_route_output_key(&rt, &fl) != 0)
|
if (ip_route_output_key(&rt, &fl) != 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
@ -243,7 +243,7 @@ ipq_build_packet_message(struct ipq_queue_entry *entry, int *errp)
|
||||||
pmsg->data_len = data_len;
|
pmsg->data_len = data_len;
|
||||||
pmsg->timestamp_sec = entry->skb->tstamp.off_sec;
|
pmsg->timestamp_sec = entry->skb->tstamp.off_sec;
|
||||||
pmsg->timestamp_usec = entry->skb->tstamp.off_usec;
|
pmsg->timestamp_usec = entry->skb->tstamp.off_usec;
|
||||||
pmsg->mark = entry->skb->nfmark;
|
pmsg->mark = entry->skb->mark;
|
||||||
pmsg->hook = entry->info->hook;
|
pmsg->hook = entry->info->hook;
|
||||||
pmsg->hw_protocol = entry->skb->protocol;
|
pmsg->hw_protocol = entry->skb->protocol;
|
||||||
|
|
||||||
|
|
|
@ -76,7 +76,7 @@ static void send_reset(struct sk_buff *oldskb, int hook)
|
||||||
|
|
||||||
/* This packet will not be the same as the other: clear nf fields */
|
/* This packet will not be the same as the other: clear nf fields */
|
||||||
nf_reset(nskb);
|
nf_reset(nskb);
|
||||||
nskb->nfmark = 0;
|
nskb->mark = 0;
|
||||||
skb_init_secmark(nskb);
|
skb_init_secmark(nskb);
|
||||||
|
|
||||||
tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl);
|
tcph = (struct tcphdr *)((u_int32_t*)nskb->nh.iph + nskb->nh.iph->ihl);
|
||||||
|
|
|
@ -239,7 +239,7 @@ static void ipt_ulog_packet(unsigned int hooknum,
|
||||||
pm->data_len = copy_len;
|
pm->data_len = copy_len;
|
||||||
pm->timestamp_sec = skb->tstamp.off_sec;
|
pm->timestamp_sec = skb->tstamp.off_sec;
|
||||||
pm->timestamp_usec = skb->tstamp.off_usec;
|
pm->timestamp_usec = skb->tstamp.off_usec;
|
||||||
pm->mark = skb->nfmark;
|
pm->mark = skb->mark;
|
||||||
pm->hook = hooknum;
|
pm->hook = hooknum;
|
||||||
if (prefix != NULL)
|
if (prefix != NULL)
|
||||||
strncpy(pm->prefix, prefix, sizeof(pm->prefix));
|
strncpy(pm->prefix, prefix, sizeof(pm->prefix));
|
||||||
|
|
|
@ -132,7 +132,7 @@ ipt_local_hook(unsigned int hook,
|
||||||
unsigned int ret;
|
unsigned int ret;
|
||||||
u_int8_t tos;
|
u_int8_t tos;
|
||||||
__be32 saddr, daddr;
|
__be32 saddr, daddr;
|
||||||
unsigned long nfmark;
|
u_int32_t mark;
|
||||||
|
|
||||||
/* root is playing with raw sockets. */
|
/* root is playing with raw sockets. */
|
||||||
if ((*pskb)->len < sizeof(struct iphdr)
|
if ((*pskb)->len < sizeof(struct iphdr)
|
||||||
|
@ -143,7 +143,7 @@ ipt_local_hook(unsigned int hook,
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Save things which could affect route */
|
/* Save things which could affect route */
|
||||||
nfmark = (*pskb)->nfmark;
|
mark = (*pskb)->mark;
|
||||||
saddr = (*pskb)->nh.iph->saddr;
|
saddr = (*pskb)->nh.iph->saddr;
|
||||||
daddr = (*pskb)->nh.iph->daddr;
|
daddr = (*pskb)->nh.iph->daddr;
|
||||||
tos = (*pskb)->nh.iph->tos;
|
tos = (*pskb)->nh.iph->tos;
|
||||||
|
@ -154,7 +154,7 @@ ipt_local_hook(unsigned int hook,
|
||||||
&& ((*pskb)->nh.iph->saddr != saddr
|
&& ((*pskb)->nh.iph->saddr != saddr
|
||||||
|| (*pskb)->nh.iph->daddr != daddr
|
|| (*pskb)->nh.iph->daddr != daddr
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
|| (*pskb)->nfmark != nfmark
|
|| (*pskb)->mark != mark
|
||||||
#endif
|
#endif
|
||||||
|| (*pskb)->nh.iph->tos != tos))
|
|| (*pskb)->nh.iph->tos != tos))
|
||||||
if (ip_route_me_harder(pskb, RTN_UNSPEC))
|
if (ip_route_me_harder(pskb, RTN_UNSPEC))
|
||||||
|
|
|
@ -1644,7 +1644,7 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
|
||||||
rth->rt_dst = daddr;
|
rth->rt_dst = daddr;
|
||||||
rth->fl.fl4_tos = tos;
|
rth->fl.fl4_tos = tos;
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
rth->fl.fl4_fwmark= skb->nfmark;
|
rth->fl.fl4_fwmark= skb->mark;
|
||||||
#endif
|
#endif
|
||||||
rth->fl.fl4_src = saddr;
|
rth->fl.fl4_src = saddr;
|
||||||
rth->rt_src = saddr;
|
rth->rt_src = saddr;
|
||||||
|
@ -1790,7 +1790,7 @@ static inline int __mkroute_input(struct sk_buff *skb,
|
||||||
rth->rt_dst = daddr;
|
rth->rt_dst = daddr;
|
||||||
rth->fl.fl4_tos = tos;
|
rth->fl.fl4_tos = tos;
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
rth->fl.fl4_fwmark= skb->nfmark;
|
rth->fl.fl4_fwmark= skb->mark;
|
||||||
#endif
|
#endif
|
||||||
rth->fl.fl4_src = saddr;
|
rth->fl.fl4_src = saddr;
|
||||||
rth->rt_src = saddr;
|
rth->rt_src = saddr;
|
||||||
|
@ -1921,7 +1921,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
|
||||||
.tos = tos,
|
.tos = tos,
|
||||||
.scope = RT_SCOPE_UNIVERSE,
|
.scope = RT_SCOPE_UNIVERSE,
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
.fwmark = skb->nfmark
|
.fwmark = skb->mark
|
||||||
#endif
|
#endif
|
||||||
} },
|
} },
|
||||||
.iif = dev->ifindex };
|
.iif = dev->ifindex };
|
||||||
|
@ -2035,7 +2035,7 @@ local_input:
|
||||||
rth->rt_dst = daddr;
|
rth->rt_dst = daddr;
|
||||||
rth->fl.fl4_tos = tos;
|
rth->fl.fl4_tos = tos;
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
rth->fl.fl4_fwmark= skb->nfmark;
|
rth->fl.fl4_fwmark= skb->mark;
|
||||||
#endif
|
#endif
|
||||||
rth->fl.fl4_src = saddr;
|
rth->fl.fl4_src = saddr;
|
||||||
rth->rt_src = saddr;
|
rth->rt_src = saddr;
|
||||||
|
@ -2114,7 +2114,7 @@ int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
|
||||||
rth->fl.iif == iif &&
|
rth->fl.iif == iif &&
|
||||||
rth->fl.oif == 0 &&
|
rth->fl.oif == 0 &&
|
||||||
#ifdef CONFIG_IP_ROUTE_FWMARK
|
#ifdef CONFIG_IP_ROUTE_FWMARK
|
||||||
rth->fl.fl4_fwmark == skb->nfmark &&
|
rth->fl.fl4_fwmark == skb->mark &&
|
||||||
#endif
|
#endif
|
||||||
rth->fl.fl4_tos == tos) {
|
rth->fl.fl4_tos == tos) {
|
||||||
rth->u.dst.lastuse = jiffies;
|
rth->u.dst.lastuse = jiffies;
|
||||||
|
|
|
@ -499,12 +499,12 @@ static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from)
|
||||||
dst_release(to->dst);
|
dst_release(to->dst);
|
||||||
to->dst = dst_clone(from->dst);
|
to->dst = dst_clone(from->dst);
|
||||||
to->dev = from->dev;
|
to->dev = from->dev;
|
||||||
|
to->mark = from->mark;
|
||||||
|
|
||||||
#ifdef CONFIG_NET_SCHED
|
#ifdef CONFIG_NET_SCHED
|
||||||
to->tc_index = from->tc_index;
|
to->tc_index = from->tc_index;
|
||||||
#endif
|
#endif
|
||||||
#ifdef CONFIG_NETFILTER
|
#ifdef CONFIG_NETFILTER
|
||||||
to->nfmark = from->nfmark;
|
|
||||||
/* Connection association is same as pre-frag packet */
|
/* Connection association is same as pre-frag packet */
|
||||||
nf_conntrack_put(to->nfct);
|
nf_conntrack_put(to->nfct);
|
||||||
to->nfct = from->nfct;
|
to->nfct = from->nfct;
|
||||||
|
|
|
@ -241,7 +241,7 @@ ipq_build_packet_message(struct ipq_queue_entry *entry, int *errp)
|
||||||
pmsg->data_len = data_len;
|
pmsg->data_len = data_len;
|
||||||
pmsg->timestamp_sec = entry->skb->tstamp.off_sec;
|
pmsg->timestamp_sec = entry->skb->tstamp.off_sec;
|
||||||
pmsg->timestamp_usec = entry->skb->tstamp.off_usec;
|
pmsg->timestamp_usec = entry->skb->tstamp.off_usec;
|
||||||
pmsg->mark = entry->skb->nfmark;
|
pmsg->mark = entry->skb->mark;
|
||||||
pmsg->hook = entry->info->hook;
|
pmsg->hook = entry->info->hook;
|
||||||
pmsg->hw_protocol = entry->skb->protocol;
|
pmsg->hw_protocol = entry->skb->protocol;
|
||||||
|
|
||||||
|
|
|
@ -149,11 +149,10 @@ ip6t_local_hook(unsigned int hook,
|
||||||
int (*okfn)(struct sk_buff *))
|
int (*okfn)(struct sk_buff *))
|
||||||
{
|
{
|
||||||
|
|
||||||
unsigned long nfmark;
|
|
||||||
unsigned int ret;
|
unsigned int ret;
|
||||||
struct in6_addr saddr, daddr;
|
struct in6_addr saddr, daddr;
|
||||||
u_int8_t hop_limit;
|
u_int8_t hop_limit;
|
||||||
u_int32_t flowlabel;
|
u_int32_t flowlabel, mark;
|
||||||
|
|
||||||
#if 0
|
#if 0
|
||||||
/* root is playing with raw sockets. */
|
/* root is playing with raw sockets. */
|
||||||
|
@ -165,10 +164,10 @@ ip6t_local_hook(unsigned int hook,
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* save source/dest address, nfmark, hoplimit, flowlabel, priority, */
|
/* save source/dest address, mark, hoplimit, flowlabel, priority, */
|
||||||
memcpy(&saddr, &(*pskb)->nh.ipv6h->saddr, sizeof(saddr));
|
memcpy(&saddr, &(*pskb)->nh.ipv6h->saddr, sizeof(saddr));
|
||||||
memcpy(&daddr, &(*pskb)->nh.ipv6h->daddr, sizeof(daddr));
|
memcpy(&daddr, &(*pskb)->nh.ipv6h->daddr, sizeof(daddr));
|
||||||
nfmark = (*pskb)->nfmark;
|
mark = (*pskb)->mark;
|
||||||
hop_limit = (*pskb)->nh.ipv6h->hop_limit;
|
hop_limit = (*pskb)->nh.ipv6h->hop_limit;
|
||||||
|
|
||||||
/* flowlabel and prio (includes version, which shouldn't change either */
|
/* flowlabel and prio (includes version, which shouldn't change either */
|
||||||
|
@ -179,7 +178,7 @@ ip6t_local_hook(unsigned int hook,
|
||||||
if (ret != NF_DROP && ret != NF_STOLEN
|
if (ret != NF_DROP && ret != NF_STOLEN
|
||||||
&& (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr))
|
&& (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr))
|
||||||
|| memcmp(&(*pskb)->nh.ipv6h->daddr, &daddr, sizeof(daddr))
|
|| memcmp(&(*pskb)->nh.ipv6h->daddr, &daddr, sizeof(daddr))
|
||||||
|| (*pskb)->nfmark != nfmark
|
|| (*pskb)->mark != mark
|
||||||
|| (*pskb)->nh.ipv6h->hop_limit != hop_limit))
|
|| (*pskb)->nh.ipv6h->hop_limit != hop_limit))
|
||||||
return ip6_route_me_harder(*pskb) == 0 ? ret : NF_DROP;
|
return ip6_route_me_harder(*pskb) == 0 ? ret : NF_DROP;
|
||||||
|
|
||||||
|
|
|
@ -712,7 +712,7 @@ void ip6_route_input(struct sk_buff *skb)
|
||||||
.daddr = iph->daddr,
|
.daddr = iph->daddr,
|
||||||
.saddr = iph->saddr,
|
.saddr = iph->saddr,
|
||||||
#ifdef CONFIG_IPV6_ROUTE_FWMARK
|
#ifdef CONFIG_IPV6_ROUTE_FWMARK
|
||||||
.fwmark = skb->nfmark,
|
.fwmark = skb->mark,
|
||||||
#endif
|
#endif
|
||||||
.flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK,
|
.flowlabel = (* (__be32 *) iph)&IPV6_FLOWINFO_MASK,
|
||||||
},
|
},
|
||||||
|
|
|
@ -501,8 +501,8 @@ __build_packet_message(struct nfulnl_instance *inst,
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (skb->nfmark) {
|
if (skb->mark) {
|
||||||
tmp_uint = htonl(skb->nfmark);
|
tmp_uint = htonl(skb->mark);
|
||||||
NFA_PUT(inst->skb, NFULA_MARK, sizeof(tmp_uint), &tmp_uint);
|
NFA_PUT(inst->skb, NFULA_MARK, sizeof(tmp_uint), &tmp_uint);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -480,8 +480,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (entskb->nfmark) {
|
if (entskb->mark) {
|
||||||
tmp_uint = htonl(entskb->nfmark);
|
tmp_uint = htonl(entskb->mark);
|
||||||
NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint);
|
NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -834,8 +834,8 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nfqa[NFQA_MARK-1])
|
if (nfqa[NFQA_MARK-1])
|
||||||
entry->skb->nfmark = ntohl(*(__be32 *)
|
entry->skb->mark = ntohl(*(__be32 *)
|
||||||
NFA_DATA(nfqa[NFQA_MARK-1]));
|
NFA_DATA(nfqa[NFQA_MARK-1]));
|
||||||
|
|
||||||
issue_verdict(entry, verdict);
|
issue_verdict(entry, verdict);
|
||||||
instance_put(queue);
|
instance_put(queue);
|
||||||
|
|
|
@ -42,7 +42,7 @@ target(struct sk_buff **pskb,
|
||||||
{
|
{
|
||||||
const struct xt_connmark_target_info *markinfo = targinfo;
|
const struct xt_connmark_target_info *markinfo = targinfo;
|
||||||
u_int32_t diff;
|
u_int32_t diff;
|
||||||
u_int32_t nfmark;
|
u_int32_t mark;
|
||||||
u_int32_t newmark;
|
u_int32_t newmark;
|
||||||
u_int32_t ctinfo;
|
u_int32_t ctinfo;
|
||||||
u_int32_t *ctmark = nf_ct_get_mark(*pskb, &ctinfo);
|
u_int32_t *ctmark = nf_ct_get_mark(*pskb, &ctinfo);
|
||||||
|
@ -62,7 +62,7 @@ target(struct sk_buff **pskb,
|
||||||
break;
|
break;
|
||||||
case XT_CONNMARK_SAVE:
|
case XT_CONNMARK_SAVE:
|
||||||
newmark = (*ctmark & ~markinfo->mask) |
|
newmark = (*ctmark & ~markinfo->mask) |
|
||||||
((*pskb)->nfmark & markinfo->mask);
|
((*pskb)->mark & markinfo->mask);
|
||||||
if (*ctmark != newmark) {
|
if (*ctmark != newmark) {
|
||||||
*ctmark = newmark;
|
*ctmark = newmark;
|
||||||
#if defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE)
|
#if defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE)
|
||||||
|
@ -73,10 +73,10 @@ target(struct sk_buff **pskb,
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case XT_CONNMARK_RESTORE:
|
case XT_CONNMARK_RESTORE:
|
||||||
nfmark = (*pskb)->nfmark;
|
mark = (*pskb)->mark;
|
||||||
diff = (*ctmark ^ nfmark) & markinfo->mask;
|
diff = (*ctmark ^ mark) & markinfo->mask;
|
||||||
if (diff != 0)
|
if (diff != 0)
|
||||||
(*pskb)->nfmark = nfmark ^ diff;
|
(*pskb)->mark = mark ^ diff;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,8 +31,8 @@ target_v0(struct sk_buff **pskb,
|
||||||
{
|
{
|
||||||
const struct xt_mark_target_info *markinfo = targinfo;
|
const struct xt_mark_target_info *markinfo = targinfo;
|
||||||
|
|
||||||
if((*pskb)->nfmark != markinfo->mark)
|
if((*pskb)->mark != markinfo->mark)
|
||||||
(*pskb)->nfmark = markinfo->mark;
|
(*pskb)->mark = markinfo->mark;
|
||||||
|
|
||||||
return XT_CONTINUE;
|
return XT_CONTINUE;
|
||||||
}
|
}
|
||||||
|
@ -54,16 +54,16 @@ target_v1(struct sk_buff **pskb,
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case XT_MARK_AND:
|
case XT_MARK_AND:
|
||||||
mark = (*pskb)->nfmark & markinfo->mark;
|
mark = (*pskb)->mark & markinfo->mark;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case XT_MARK_OR:
|
case XT_MARK_OR:
|
||||||
mark = (*pskb)->nfmark | markinfo->mark;
|
mark = (*pskb)->mark | markinfo->mark;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if((*pskb)->nfmark != mark)
|
if((*pskb)->mark != mark)
|
||||||
(*pskb)->nfmark = mark;
|
(*pskb)->mark = mark;
|
||||||
|
|
||||||
return XT_CONTINUE;
|
return XT_CONTINUE;
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,7 +31,7 @@ match(const struct sk_buff *skb,
|
||||||
{
|
{
|
||||||
const struct xt_mark_info *info = matchinfo;
|
const struct xt_mark_info *info = matchinfo;
|
||||||
|
|
||||||
return ((skb->nfmark & info->mask) == info->mark) ^ info->invert;
|
return ((skb->mark & info->mask) == info->mark) ^ info->invert;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
|
|
|
@ -320,7 +320,7 @@ config CLS_U32_PERF
|
||||||
|
|
||||||
config CLS_U32_MARK
|
config CLS_U32_MARK
|
||||||
bool "Netfilter marks support"
|
bool "Netfilter marks support"
|
||||||
depends on NET_CLS_U32 && NETFILTER
|
depends on NET_CLS_U32
|
||||||
---help---
|
---help---
|
||||||
Say Y here to be able to use netfilter marks as u32 key.
|
Say Y here to be able to use netfilter marks as u32 key.
|
||||||
|
|
||||||
|
|
|
@ -101,11 +101,7 @@ static int fw_classify(struct sk_buff *skb, struct tcf_proto *tp,
|
||||||
struct fw_head *head = (struct fw_head*)tp->root;
|
struct fw_head *head = (struct fw_head*)tp->root;
|
||||||
struct fw_filter *f;
|
struct fw_filter *f;
|
||||||
int r;
|
int r;
|
||||||
#ifdef CONFIG_NETFILTER
|
u32 id = skb->mark & head->mask;
|
||||||
u32 id = skb->nfmark & head->mask;
|
|
||||||
#else
|
|
||||||
u32 id = 0;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if (head != NULL) {
|
if (head != NULL) {
|
||||||
for (f=head->ht[fw_hash(id)]; f; f=f->next) {
|
for (f=head->ht[fw_hash(id)]; f; f=f->next) {
|
||||||
|
|
|
@ -143,7 +143,7 @@ next_knode:
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_CLS_U32_MARK
|
#ifdef CONFIG_CLS_U32_MARK
|
||||||
if ((skb->nfmark & n->mark.mask) != n->mark.val) {
|
if ((skb->mark & n->mark.mask) != n->mark.val) {
|
||||||
n = n->next;
|
n = n->next;
|
||||||
goto next_knode;
|
goto next_knode;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -208,13 +208,9 @@ META_COLLECTOR(int_maclen)
|
||||||
* Netfilter
|
* Netfilter
|
||||||
**************************************************************************/
|
**************************************************************************/
|
||||||
|
|
||||||
META_COLLECTOR(int_nfmark)
|
META_COLLECTOR(int_mark)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_NETFILTER
|
dst->value = skb->mark;
|
||||||
dst->value = skb->nfmark;
|
|
||||||
#else
|
|
||||||
dst->value = 0;
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**************************************************************************
|
/**************************************************************************
|
||||||
|
@ -490,7 +486,7 @@ static struct meta_ops __meta_ops[TCF_META_TYPE_MAX+1][TCF_META_ID_MAX+1] = {
|
||||||
[META_ID(PKTLEN)] = META_FUNC(int_pktlen),
|
[META_ID(PKTLEN)] = META_FUNC(int_pktlen),
|
||||||
[META_ID(DATALEN)] = META_FUNC(int_datalen),
|
[META_ID(DATALEN)] = META_FUNC(int_datalen),
|
||||||
[META_ID(MACLEN)] = META_FUNC(int_maclen),
|
[META_ID(MACLEN)] = META_FUNC(int_maclen),
|
||||||
[META_ID(NFMARK)] = META_FUNC(int_nfmark),
|
[META_ID(NFMARK)] = META_FUNC(int_mark),
|
||||||
[META_ID(TCINDEX)] = META_FUNC(int_tcindex),
|
[META_ID(TCINDEX)] = META_FUNC(int_tcindex),
|
||||||
[META_ID(RTCLASSID)] = META_FUNC(int_rtclassid),
|
[META_ID(RTCLASSID)] = META_FUNC(int_rtclassid),
|
||||||
[META_ID(RTIIF)] = META_FUNC(int_rtiif),
|
[META_ID(RTIIF)] = META_FUNC(int_rtiif),
|
||||||
|
|
Loading…
Reference in New Issue