Commit 91eb7c08c6cb3b8eeba1c61f5753c56dcb77f018
Committed by
Patrick McHardy
Patrick McHardy
1 parent
e3f6a652fd
Exists in
master
and in
7 other branches
netfilter: ipset: SCTP, UDPLITE support added
SCTP and UDPLITE port support added to the hash:*port* set types. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Patrick McHardy <kaber@trash.net>
Showing 6 changed files with 21 additions and 5 deletions Side-by-side Diff
include/linux/netfilter/ipset/ip_set_getport.h
net/netfilter/ipset/ip_set_getport.c
| ... | ... | @@ -11,6 +11,7 @@ |
| 11 | 11 | #include <linux/skbuff.h> |
| 12 | 12 | #include <linux/icmp.h> |
| 13 | 13 | #include <linux/icmpv6.h> |
| 14 | +#include <linux/sctp.h> | |
| 14 | 15 | #include <linux/netfilter_ipv6/ip6_tables.h> |
| 15 | 16 | #include <net/ip.h> |
| 16 | 17 | #include <net/ipv6.h> |
| ... | ... | @@ -35,7 +36,20 @@ |
| 35 | 36 | *port = src ? th->source : th->dest; |
| 36 | 37 | break; |
| 37 | 38 | } |
| 38 | - case IPPROTO_UDP: { | |
| 39 | + case IPPROTO_SCTP: { | |
| 40 | + sctp_sctphdr_t _sh; | |
| 41 | + const sctp_sctphdr_t *sh; | |
| 42 | + | |
| 43 | + sh = skb_header_pointer(skb, protooff, sizeof(_sh), &_sh); | |
| 44 | + if (sh == NULL) | |
| 45 | + /* No choice either */ | |
| 46 | + return false; | |
| 47 | + | |
| 48 | + *port = src ? sh->source : sh->dest; | |
| 49 | + break; | |
| 50 | + } | |
| 51 | + case IPPROTO_UDP: | |
| 52 | + case IPPROTO_UDPLITE: { | |
| 39 | 53 | struct udphdr _udph; |
| 40 | 54 | const struct udphdr *uh; |
| 41 | 55 |
net/netfilter/ipset/ip_set_hash_ipport.c
| ... | ... | @@ -491,7 +491,7 @@ |
| 491 | 491 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, |
| 492 | 492 | .dimension = IPSET_DIM_TWO, |
| 493 | 493 | .family = AF_UNSPEC, |
| 494 | - .revision = 0, | |
| 494 | + .revision = 1, | |
| 495 | 495 | .create = hash_ipport_create, |
| 496 | 496 | .create_policy = { |
| 497 | 497 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
net/netfilter/ipset/ip_set_hash_ipportip.c
| ... | ... | @@ -509,7 +509,7 @@ |
| 509 | 509 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, |
| 510 | 510 | .dimension = IPSET_DIM_THREE, |
| 511 | 511 | .family = AF_UNSPEC, |
| 512 | - .revision = 0, | |
| 512 | + .revision = 1, | |
| 513 | 513 | .create = hash_ipportip_create, |
| 514 | 514 | .create_policy = { |
| 515 | 515 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
net/netfilter/ipset/ip_set_hash_ipportnet.c
| ... | ... | @@ -574,7 +574,7 @@ |
| 574 | 574 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, |
| 575 | 575 | .dimension = IPSET_DIM_THREE, |
| 576 | 576 | .family = AF_UNSPEC, |
| 577 | - .revision = 0, | |
| 577 | + .revision = 1, | |
| 578 | 578 | .create = hash_ipportnet_create, |
| 579 | 579 | .create_policy = { |
| 580 | 580 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
net/netfilter/ipset/ip_set_hash_netport.c
| ... | ... | @@ -526,7 +526,7 @@ |
| 526 | 526 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, |
| 527 | 527 | .dimension = IPSET_DIM_TWO, |
| 528 | 528 | .family = AF_UNSPEC, |
| 529 | - .revision = 0, | |
| 529 | + .revision = 1, | |
| 530 | 530 | .create = hash_netport_create, |
| 531 | 531 | .create_policy = { |
| 532 | 532 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |