Patchwork [v2,6/6] netfilter: Enable fail-open support.

login
register
mail settings
Submitter Krishna Kumar
Date May 8, 2012, 9:44 a.m.
Message ID <20120508094456.19531.96964.sendpatchset@localhost.localdomain>
Download mbox | patch
Permalink /patch/157653/
State Superseded
Headers show

Comments

Krishna Kumar - May 8, 2012, 9:44 a.m.
Process NFQA_CFG_FAIL_OPEN and enable fail-open support.

Signed-off-by: Krishna Kumar <krkumar2@in.ibm.com>
Signed-off-by: Vivek Kashyap <vivk@us.ibm.com>
Signed-off-by: Sridhar Samudrala <samudrala@us.ibm.com>
---
 net/netfilter/nfnetlink_queue.c |   13 +++++++++++++
 1 file changed, 13 insertions(+)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff -ruNp org/net/netfilter/nfnetlink_queue.c new/net/netfilter/nfnetlink_queue.c
--- org/net/netfilter/nfnetlink_queue.c	2012-05-08 12:58:49.844754291 +0530
+++ new/net/netfilter/nfnetlink_queue.c	2012-05-08 12:59:03.280923680 +0530
@@ -867,6 +867,19 @@  nfqnl_recv_config(struct sock *ctnl, str
 		spin_unlock_bh(&queue->lock);
 	}
 
+	if (nfqa[NFQA_CFG_FAIL_OPEN]) {
+		u_int8_t *fail_open;
+
+		if (!queue) {
+			ret = -ENODEV;
+			goto err_out_unlock;
+		}
+		fail_open = nla_data(nfqa[NFQA_CFG_FAIL_OPEN]);
+		spin_lock_bh(&queue->lock);
+		queue->fail_open = *fail_open;
+		spin_unlock_bh(&queue->lock);
+	}
+
 err_out_unlock:
 	rcu_read_unlock();
 	return ret;