static int br_nf_pre_routing_finish_ipv6(struct sk_buff *skb)
{
struct nf_bridge_info *nf_bridge = skb->nf_bridge;
+ struct rtable *rt;
if (nf_bridge->mask & BRNF_PKT_TYPE) {
skb->pkt_type = PACKET_OTHERHOST;
}
nf_bridge->mask ^= BRNF_NF_BRIDGE_PREROUTING;
- skb->rtable = bridge_parent_rtable(nf_bridge->physindev);
- if (!skb->rtable) {
+ rt = bridge_parent_rtable(nf_bridge->physindev);
+ if (!rt) {
kfree_skb(skb);
return 0;
}
- dst_hold(&skb->rtable->u.dst);
+ dst_hold(&rt->u.dst);
+ skb_dst_set(skb, &rt->u.dst);
skb->dev = nf_bridge->physindev;
nf_bridge_push_encap_header(skb);
skb->dev = bridge_parent(skb->dev);
if (skb->dev) {
- struct dst_entry *dst = skb->dst;
+ struct dst_entry *dst = skb_dst(skb);
nf_bridge_pull_encap_header(skb);
struct net_device *dev = skb->dev;
struct iphdr *iph = ip_hdr(skb);
struct nf_bridge_info *nf_bridge = skb->nf_bridge;
+ struct rtable *rt;
int err;
if (nf_bridge->mask & BRNF_PKT_TYPE) {
nf_bridge->mask ^= BRNF_NF_BRIDGE_PREROUTING;
if (dnat_took_place(skb)) {
if ((err = ip_route_input(skb, iph->daddr, iph->saddr, iph->tos, dev))) {
- struct rtable *rt;
struct flowi fl = {
.nl_u = {
.ip4_u = {
/* - Bridged-and-DNAT'ed traffic doesn't
* require ip_forwarding. */
if (((struct dst_entry *)rt)->dev == dev) {
- skb->dst = (struct dst_entry *)rt;
+ skb_dst_set(skb, (struct dst_entry *)rt);
goto bridged_dnat;
}
/* we are sure that forwarding is disabled, so printing
kfree_skb(skb);
return 0;
} else {
- if (skb->dst->dev == dev) {
+ if (skb_dst(skb)->dev == dev) {
bridged_dnat:
/* Tell br_nf_local_out this is a
* bridged frame */
skb->pkt_type = PACKET_HOST;
}
} else {
- skb->rtable = bridge_parent_rtable(nf_bridge->physindev);
- if (!skb->rtable) {
+ rt = bridge_parent_rtable(nf_bridge->physindev);
+ if (!rt) {
kfree_skb(skb);
return 0;
}
- dst_hold(&skb->rtable->u.dst);
+ dst_hold(&rt->u.dst);
+ skb_dst_set(skb, &rt->u.dst);
}
skb->dev = nf_bridge->physindev;
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- if (skb->rtable && skb->rtable == bridge_parent_rtable(in)) {
- dst_release(&skb->rtable->u.dst);
- skb->rtable = NULL;
- }
+ struct rtable *rt = skb_rtable(skb);
+
+ if (rt && rt == bridge_parent_rtable(in))
+ skb_dst_drop(skb);
return NF_ACCEPT;
}
return NF_STOLEN;
}
+#if defined(CONFIG_NF_CONNTRACK_IPV4) || defined(CONFIG_NF_CONNTRACK_IPV4_MODULE)
static int br_nf_dev_queue_xmit(struct sk_buff *skb)
{
- if (skb->protocol == htons(ETH_P_IP) &&
+ if (skb->nfct != NULL &&
+ (skb->protocol == htons(ETH_P_IP) || IS_VLAN_IP(skb)) &&
skb->len > skb->dev->mtu &&
!skb_is_gso(skb))
return ip_fragment(skb, br_dev_queue_push_xmit);
else
return br_dev_queue_push_xmit(skb);
}
+#else
+static int br_nf_dev_queue_xmit(struct sk_buff *skb)
+{
+ return br_dev_queue_push_xmit(skb);
+}
+#endif
/* PF_BRIDGE/POST_ROUTING ********************************************/
static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff *skb,
return NF_ACCEPT;
#ifdef CONFIG_NETFILTER_DEBUG
- if (skb->dst == NULL) {
+ if (skb_dst(skb) == NULL) {
printk(KERN_INFO "br_netfilter post_routing: skb->dst == NULL\n");
goto print_error;
}
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff