From patchwork Fri Mar 7 13:37:14 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Westphal X-Patchwork-Id: 327973 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 451A72C00B2 for ; Sat, 8 Mar 2014 00:41:32 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753486AbaCGNlc (ORCPT ); Fri, 7 Mar 2014 08:41:32 -0500 Received: from Chamillionaire.breakpoint.cc ([80.244.247.6]:45182 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753315AbaCGNlb (ORCPT ); Fri, 7 Mar 2014 08:41:31 -0500 Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.80) (envelope-from ) id 1WLv1m-0000Ep-Jc; Fri, 07 Mar 2014 14:41:30 +0100 From: Florian Westphal To: netfilter-devel@vger.kernel.org Cc: Florian Westphal Subject: [PATCH 6/7] netfilter: connlimit: make same_source_net signed Date: Fri, 7 Mar 2014 14:37:14 +0100 Message-Id: <1394199435-14395-7-git-send-email-fw@strlen.de> X-Mailer: git-send-email 1.8.1.5 In-Reply-To: <1394199435-14395-1-git-send-email-fw@strlen.de> References: <1394199435-14395-1-git-send-email-fw@strlen.de> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org currently returns 1 if they're the same. Make it work like mem/strcmp so it can be used as rbtree search function. Reviewed-by: Jesper Dangaard Brouer Signed-off-by: Florian Westphal --- net/netfilter/xt_connlimit.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c index 892566f..d3a83a9 100644 --- a/net/netfilter/xt_connlimit.c +++ b/net/netfilter/xt_connlimit.c @@ -78,13 +78,14 @@ static inline bool already_closed(const struct nf_conn *conn) return 0; } -static inline unsigned int +static int same_source_net(const union nf_inet_addr *addr, const union nf_inet_addr *mask, const union nf_inet_addr *u3, u_int8_t family) { if (family == NFPROTO_IPV4) { - return (addr->ip & mask->ip) == (u3->ip & mask->ip); + return ntohl(addr->ip & mask->ip) - + ntohl(u3->ip & mask->ip); } else { union nf_inet_addr lh, rh; unsigned int i; @@ -94,7 +95,7 @@ same_source_net(const union nf_inet_addr *addr, rh.ip6[i] = u3->ip6[i] & mask->ip6[i]; } - return memcmp(&lh.ip6, &rh.ip6, sizeof(lh.ip6)) == 0; + return memcmp(&lh.ip6, &rh.ip6, sizeof(lh.ip6)); } } @@ -143,7 +144,7 @@ static int count_hlist(struct net *net, continue; } - if (same_source_net(addr, mask, &conn->addr, family)) + if (same_source_net(addr, mask, &conn->addr, family) == 0) /* same source network -> be counted! */ ++matches; nf_ct_put(found_ct);