From f9b53953f7f406e121655d6ab372ae305ffe2c73 Mon Sep 17 00:00:00 2001 From: Fedor Kozhevnikov Date: Sun, 3 Apr 2011 09:58:15 -0400 Subject: [PATCH] BCM fast NAT: fix MARK target, clean-up. Commit 2de8d7252dfb25868df5fe954c064812c4efc33c broke MARK target by not checking 'ct' for NULL. This reverts changes to MARK and CONNMARK targets since enabling/ disabling fast NAT with QoS activated is now handled in userspace. --- .../linux/linux-2.6/net/netfilter/xt_CONNMARK.c | 22 --------------- .../src-rt/linux/linux-2.6/net/netfilter/xt_MARK.c | 33 ---------------------- 2 files changed, 55 deletions(-) diff --git a/release/src-rt/linux/linux-2.6/net/netfilter/xt_CONNMARK.c b/release/src-rt/linux/linux-2.6/net/netfilter/xt_CONNMARK.c index c18bd140b4..dcf91df513 100644 --- a/release/src-rt/linux/linux-2.6/net/netfilter/xt_CONNMARK.c +++ b/release/src-rt/linux/linux-2.6/net/netfilter/xt_CONNMARK.c @@ -30,13 +30,8 @@ MODULE_ALIAS("ipt_CONNMARK"); #include #include -#include #include -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) -extern int ipv4_conntrack_fastnat; -#endif - static unsigned int target(struct sk_buff *skb, const struct net_device *in, @@ -51,9 +46,6 @@ target(struct sk_buff *skb, u_int32_t diff; u_int32_t mark; u_int32_t newmark; -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) - struct nf_conn_nat *nat; -#endif ct = nf_ct_get(skb, &ctinfo); if (ct) { @@ -62,13 +54,6 @@ target(struct sk_buff *skb, newmark = (ct->mark & ~markinfo->mask) | markinfo->mark; if (newmark != ct->mark) { ct->mark = newmark; -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) - if (ipv4_conntrack_fastnat && (nat = nfct_nat(ct))) - nat->info.nat_type |= BCM_FASTNAT_DENY; -#endif -#ifdef HNDCTF - ct->ctf_flags |= CTF_FLAGS_EXCLUDED; -#endif /* HNDCTF */ nf_conntrack_event_cache(IPCT_MARK, skb); } break; @@ -79,13 +64,6 @@ target(struct sk_buff *skb, mark = skb->mark; if (newmark != mark) { skb->mark = newmark; -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) - if (ipv4_conntrack_fastnat && (nat = nfct_nat(ct))) - nat->info.nat_type |= BCM_FASTNAT_DENY; -#endif -#ifdef HNDCTF - ct->ctf_flags |= CTF_FLAGS_EXCLUDED; -#endif /* HNDCTF */ } return XT_RETURN; case XT_CONNMARK_SAVE: diff --git a/release/src-rt/linux/linux-2.6/net/netfilter/xt_MARK.c b/release/src-rt/linux/linux-2.6/net/netfilter/xt_MARK.c index fb919fd694..48a586b562 100644 --- a/release/src-rt/linux/linux-2.6/net/netfilter/xt_MARK.c +++ b/release/src-rt/linux/linux-2.6/net/netfilter/xt_MARK.c @@ -14,7 +14,6 @@ #include #include -#include MODULE_LICENSE("GPL"); MODULE_AUTHOR("Marc Boucher "); @@ -22,10 +21,6 @@ MODULE_DESCRIPTION("ip[6]tables MARK modification module"); MODULE_ALIAS("ipt_MARK"); MODULE_ALIAS("ip6t_MARK"); -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) -extern int ipv4_conntrack_fastnat; -#endif - static unsigned int target_v0(struct sk_buff *skb, const struct net_device *in, @@ -37,20 +32,6 @@ target_v0(struct sk_buff *skb, const struct xt_mark_target_info *markinfo = targinfo; skb->mark = markinfo->mark; -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) || defined(HNDCTF) - { - enum ip_conntrack_info ctinfo; - struct nf_conn *ct = nf_ct_get(skb, &ctinfo); - -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) - struct nf_conn_nat *nat = (ipv4_conntrack_fastnat && ct) ? nfct_nat(ct) : NULL; - if (nat) nat->info.nat_type |= BCM_FASTNAT_DENY; -#endif // BCM_NAT -#ifdef HNDCTF - ct->ctf_flags |= CTF_FLAGS_EXCLUDED; -#endif /* HNDCTF */ - } -#endif return XT_CONTINUE; } @@ -68,20 +49,6 @@ target_v1(struct sk_buff *skb, switch (markinfo->mode) { case XT_MARK_SET: mark = markinfo->mark; -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) || defined(HNDCTF) - { - enum ip_conntrack_info ctinfo; - struct nf_conn *ct = nf_ct_get(skb, &ctinfo); - -#if defined(CONFIG_BCM_NAT) || defined(CONFIG_BCM_NAT_MODULE) - struct nf_conn_nat *nat = (ipv4_conntrack_fastnat && ct) ? nfct_nat(ct) : NULL; - if (nat) nat->info.nat_type |= BCM_FASTNAT_DENY; -#endif // BCM_NAT -#ifdef HNDCTF - ct->ctf_flags |= CTF_FLAGS_EXCLUDED; -#endif /* HNDCTF */ - } -#endif break; case XT_MARK_AND: -- 2.11.4.GIT