[v2,6/6] netfilter: Enable fail-open support.

Details

Message ID	20120508094456.19531.96964.sendpatchset@localhost.localdomain
State	Superseded
Headers	show Return-Path: <netfilter-devel-owner@vger.kernel.org> Gateway: Authorized Use Only! Violators will be prosecuted for <netfilter-devel@vger.kernel.org> from <krkumar2@in.ibm.com>; Tue, 8 May 2012 15:15:34 +0530 Gateway: Authorized Use Only! Violators will be prosecuted; Tue, 8 May 2012 15:15:22 +0530 From: Krishna Kumar <krkumar2@in.ibm.com> To: kaber@trash.net, pablo@netfilter.org Cc: vivk@us.ibm.com, svajipay@in.ibm.com, fw@strlen.de, netfilter-devel@vger.kernel.org, Krishna Kumar <krkumar2@in.ibm.com>, sri@us.ibm.com Date: Tue, 08 May 2012 15:14:56 +0530 Message-Id: <20120508094456.19531.96964.sendpatchset@localhost.localdomain> In-Reply-To: <20120508094342.19531.51351.sendpatchset@localhost.localdomain> References: <20120508094342.19531.51351.sendpatchset@localhost.localdomain> Subject: [v2 PATCH 6/6] netfilter: Enable fail-open support. Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk

Message ID

20120508094456.19531.96964.sendpatchset@localhost.localdomain

State

Superseded

Headers

From: Krishna Kumar <krkumar2@in.ibm.com>
To: kaber@trash.net, pablo@netfilter.org
Cc: vivk@us.ibm.com, svajipay@in.ibm.com, fw@strlen.de,
	netfilter-devel@vger.kernel.org,
	Krishna Kumar <krkumar2@in.ibm.com>, sri@us.ibm.com
Date: Tue, 08 May 2012 15:14:56 +0530
Message-Id: <20120508094456.19531.96964.sendpatchset@localhost.localdomain>
In-Reply-To: <20120508094342.19531.51351.sendpatchset@localhost.localdomain>
References: <20120508094342.19531.51351.sendpatchset@localhost.localdomain>
Subject: [v2 PATCH 6/6] netfilter: Enable fail-open support.
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk

Commit Message

Krishna Kumar May 8, 2012, 9:44 a.m.

Process NFQA_CFG_FAIL_OPEN and enable fail-open support.

Signed-off-by: Krishna Kumar <krkumar2@in.ibm.com>
Signed-off-by: Vivek Kashyap <vivk@us.ibm.com>
Signed-off-by: Sridhar Samudrala <samudrala@us.ibm.com>
---
 net/netfilter/nfnetlink_queue.c |   13 +++++++++++++
 1 file changed, 13 insertions(+)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch hide | download patch | download mbox

diff -ruNp org/net/netfilter/nfnetlink_queue.c new/net/netfilter/nfnetlink_queue.c
--- org/net/netfilter/nfnetlink_queue.c	2012-05-08 12:58:49.844754291 +0530
+++ new/net/netfilter/nfnetlink_queue.c	2012-05-08 12:59:03.280923680 +0530
@@ -867,6 +867,19 @@  nfqnl_recv_config(struct sock *ctnl, str
 		spin_unlock_bh(&queue->lock);
 	}
 
+	if (nfqa[NFQA_CFG_FAIL_OPEN]) {
+		u_int8_t *fail_open;
+
+		if (!queue) {
+			ret = -ENODEV;
+			goto err_out_unlock;
+		}
+		fail_open = nla_data(nfqa[NFQA_CFG_FAIL_OPEN]);
+		spin_lock_bh(&queue->lock);
+		queue->fail_open = *fail_open;
+		spin_unlock_bh(&queue->lock);
+	}
+
 err_out_unlock:
 	rcu_read_unlock();
 	return ret;