| Message ID | 20120926120722.24804.28000.stgit@dragon |
|---|---|
| State | Not Applicable |
| Headers | show |
On Wed, Sep 26, 2012 at 02:07:33PM +0200, Jesper Dangaard Brouer wrote: > Use the nfct_reasm SKB if available. > > Based on part of a patch from: Hans Schillstrom > I have left Hans'es comment in the patch (marked /HS) > > Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> > > --- > V3: > - I have split out the SIP fragment handling into a seperate patch. > As I have not been able to test this part. > - Change the strange SKB swapping reasm = skb, reverse logic to minimize patch > > > net/netfilter/ipvs/ip_vs_pe_sip.c | 19 +++++++++++++++---- > 1 files changed, 15 insertions(+), 4 deletions(-) I realise that the commenting style used inside net/netfilter/ipvs/ is wildly inconsistent, but I think it is worth using the preffered style for network code where possible. I intend to include the follwowing changes in my tree. > > diff --git a/net/netfilter/ipvs/ip_vs_pe_sip.c b/net/netfilter/ipvs/ip_vs_pe_sip.c > index ee4e2e3..43acba6 100644 > --- a/net/netfilter/ipvs/ip_vs_pe_sip.c > +++ b/net/netfilter/ipvs/ip_vs_pe_sip.c > @@ -68,6 +68,7 @@ static int get_callid(const char *dptr, unsigned int dataoff, > static int > ip_vs_sip_fill_param(struct ip_vs_conn_param *p, struct sk_buff *skb) > { > + struct sk_buff *reasm = skb_nfct_reasm(skb); > struct ip_vs_iphdr iph; > unsigned int dataoff, datalen, matchoff, matchlen; > const char *dptr; > @@ -78,13 +79,23 @@ ip_vs_sip_fill_param(struct ip_vs_conn_param *p, struct sk_buff *skb) > /* Only useful with UDP */ > if (iph.protocol != IPPROTO_UDP) > return -EINVAL; > + /* > + * todo: IPv6 fragments: > + * I think this only should be done for the first fragment. /HS > + */ /* todo: IPv6 fragments: * I think this only should be done for the first fragment. /HS */ > + if (reasm) { > + skb = reasm; > + dataoff = iph.thoff_reasm + sizeof(struct udphdr); > + } else > + dataoff = iph.len + sizeof(struct udphdr); > > - /* No Data ? */ > - dataoff = iph.len + sizeof(struct udphdr); > if (dataoff >= skb->len) > return -EINVAL; > - > - if ((retc=skb_linearize(skb)) < 0) > + /* > + * todo: Check if this will mess-up the reasm skb !!! /HS > + */ /* todo: Check if this will mess-up the reasm skb !!! /HS */ > + retc = skb_linearize(skb); > + if (retc < 0) > return retc; > dptr = skb->data + dataoff; > datalen = skb->len - dataoff; > -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/netfilter/ipvs/ip_vs_pe_sip.c b/net/netfilter/ipvs/ip_vs_pe_sip.c index ee4e2e3..43acba6 100644 --- a/net/netfilter/ipvs/ip_vs_pe_sip.c +++ b/net/netfilter/ipvs/ip_vs_pe_sip.c @@ -68,6 +68,7 @@ static int get_callid(const char *dptr, unsigned int dataoff, static int ip_vs_sip_fill_param(struct ip_vs_conn_param *p, struct sk_buff *skb) { + struct sk_buff *reasm = skb_nfct_reasm(skb); struct ip_vs_iphdr iph; unsigned int dataoff, datalen, matchoff, matchlen; const char *dptr; @@ -78,13 +79,23 @@ ip_vs_sip_fill_param(struct ip_vs_conn_param *p, struct sk_buff *skb) /* Only useful with UDP */ if (iph.protocol != IPPROTO_UDP) return -EINVAL; + /* + * todo: IPv6 fragments: + * I think this only should be done for the first fragment. /HS + */ + if (reasm) { + skb = reasm; + dataoff = iph.thoff_reasm + sizeof(struct udphdr); + } else + dataoff = iph.len + sizeof(struct udphdr); - /* No Data ? */ - dataoff = iph.len + sizeof(struct udphdr); if (dataoff >= skb->len) return -EINVAL; - - if ((retc=skb_linearize(skb)) < 0) + /* + * todo: Check if this will mess-up the reasm skb !!! /HS + */ + retc = skb_linearize(skb); + if (retc < 0) return retc; dptr = skb->data + dataoff; datalen = skb->len - dataoff;
Use the nfct_reasm SKB if available. Based on part of a patch from: Hans Schillstrom I have left Hans'es comment in the patch (marked /HS) Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com> --- V3: - I have split out the SIP fragment handling into a seperate patch. As I have not been able to test this part. - Change the strange SKB swapping reasm = skb, reverse logic to minimize patch net/netfilter/ipvs/ip_vs_pe_sip.c | 19 +++++++++++++++---- 1 files changed, 15 insertions(+), 4 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html