Commit 0613736e authored by Jakub Kicinski's avatar Jakub Kicinski

Merge tag 'nf-23-11-08' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for net:

1) Add missing netfilter modules description to fix W=1, from Florian Westphal.

2) Fix catch-all element GC with timeout when use with the pipapo set
   backend, this remained broken since I tried to fix it this summer,
   then another attempt to fix it recently.

3) Add missing IPVS modules descriptions to fix W=1, also from Florian.

4) xt_recent allocated a too small buffer to store an IPv4-mapped IPv6
   address which can be parsed by in6_pton(), from Maciej Zenczykowski.
   Broken for many releases.

5) Skip IPv4-mapped IPv6, IPv4-compat IPv6, site/link local scoped IPv6
   addressses to set up IPv6 NAT redirect, also from Florian. This is
   broken since 2012.

* tag 'nf-23-11-08' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses
  netfilter: xt_recent: fix (increase) ipv6 literal buffer length
  ipvs: add missing module descriptions
  netfilter: nf_tables: remove catchall element in GC sync path
  netfilter: add missing module descriptions
====================

Link: https://lore.kernel.org/r/20231108155802.84617-1-pablo@netfilter.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents 942b8b38 80abbe8a
...@@ -135,3 +135,4 @@ static void __exit ebtable_broute_fini(void) ...@@ -135,3 +135,4 @@ static void __exit ebtable_broute_fini(void)
module_init(ebtable_broute_init); module_init(ebtable_broute_init);
module_exit(ebtable_broute_fini); module_exit(ebtable_broute_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Force packets to be routed instead of bridged");
...@@ -116,3 +116,4 @@ static void __exit ebtable_filter_fini(void) ...@@ -116,3 +116,4 @@ static void __exit ebtable_filter_fini(void)
module_init(ebtable_filter_init); module_init(ebtable_filter_init);
module_exit(ebtable_filter_fini); module_exit(ebtable_filter_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ebtables legacy filter table");
...@@ -116,3 +116,4 @@ static void __exit ebtable_nat_fini(void) ...@@ -116,3 +116,4 @@ static void __exit ebtable_nat_fini(void)
module_init(ebtable_nat_init); module_init(ebtable_nat_init);
module_exit(ebtable_nat_fini); module_exit(ebtable_nat_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ebtables legacy stateless nat table");
...@@ -2595,3 +2595,4 @@ EXPORT_SYMBOL(ebt_do_table); ...@@ -2595,3 +2595,4 @@ EXPORT_SYMBOL(ebt_do_table);
module_init(ebtables_init); module_init(ebtables_init);
module_exit(ebtables_fini); module_exit(ebtables_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ebtables legacy core");
...@@ -416,3 +416,4 @@ module_exit(nf_conntrack_l3proto_bridge_fini); ...@@ -416,3 +416,4 @@ module_exit(nf_conntrack_l3proto_bridge_fini);
MODULE_ALIAS("nf_conntrack-" __stringify(AF_BRIDGE)); MODULE_ALIAS("nf_conntrack-" __stringify(AF_BRIDGE));
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Bridge IPv4 and IPv6 connection tracking");
...@@ -170,3 +170,4 @@ module_init(iptable_nat_init); ...@@ -170,3 +170,4 @@ module_init(iptable_nat_init);
module_exit(iptable_nat_exit); module_exit(iptable_nat_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("iptables legacy nat table");
...@@ -108,3 +108,4 @@ static void __exit iptable_raw_fini(void) ...@@ -108,3 +108,4 @@ static void __exit iptable_raw_fini(void)
module_init(iptable_raw_init); module_init(iptable_raw_init);
module_exit(iptable_raw_fini); module_exit(iptable_raw_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("iptables legacy raw table");
...@@ -186,3 +186,4 @@ module_init(nf_defrag_init); ...@@ -186,3 +186,4 @@ module_init(nf_defrag_init);
module_exit(nf_defrag_fini); module_exit(nf_defrag_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("IPv4 defragmentation support");
...@@ -336,3 +336,4 @@ void nf_send_unreach(struct sk_buff *skb_in, int code, int hook) ...@@ -336,3 +336,4 @@ void nf_send_unreach(struct sk_buff *skb_in, int code, int hook)
EXPORT_SYMBOL_GPL(nf_send_unreach); EXPORT_SYMBOL_GPL(nf_send_unreach);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("IPv4 packet rejection core");
...@@ -170,3 +170,4 @@ module_init(ip6table_nat_init); ...@@ -170,3 +170,4 @@ module_init(ip6table_nat_init);
module_exit(ip6table_nat_exit); module_exit(ip6table_nat_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Ip6tables legacy nat table");
...@@ -106,3 +106,4 @@ static void __exit ip6table_raw_fini(void) ...@@ -106,3 +106,4 @@ static void __exit ip6table_raw_fini(void)
module_init(ip6table_raw_init); module_init(ip6table_raw_init);
module_exit(ip6table_raw_fini); module_exit(ip6table_raw_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Ip6tables legacy raw table");
...@@ -182,3 +182,4 @@ module_init(nf_defrag_init); ...@@ -182,3 +182,4 @@ module_init(nf_defrag_init);
module_exit(nf_defrag_fini); module_exit(nf_defrag_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("IPv6 defragmentation support");
...@@ -413,3 +413,4 @@ void nf_send_unreach6(struct net *net, struct sk_buff *skb_in, ...@@ -413,3 +413,4 @@ void nf_send_unreach6(struct net *net, struct sk_buff *skb_in,
EXPORT_SYMBOL_GPL(nf_send_unreach6); EXPORT_SYMBOL_GPL(nf_send_unreach6);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("IPv6 packet rejection core");
...@@ -2450,3 +2450,4 @@ static void __exit ip_vs_cleanup(void) ...@@ -2450,3 +2450,4 @@ static void __exit ip_vs_cleanup(void)
module_init(ip_vs_init); module_init(ip_vs_init);
module_exit(ip_vs_cleanup); module_exit(ip_vs_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("IP Virtual Server");
...@@ -270,3 +270,4 @@ static void __exit ip_vs_dh_cleanup(void) ...@@ -270,3 +270,4 @@ static void __exit ip_vs_dh_cleanup(void)
module_init(ip_vs_dh_init); module_init(ip_vs_dh_init);
module_exit(ip_vs_dh_cleanup); module_exit(ip_vs_dh_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs destination hashing scheduler");
...@@ -72,3 +72,4 @@ static void __exit ip_vs_fo_cleanup(void) ...@@ -72,3 +72,4 @@ static void __exit ip_vs_fo_cleanup(void)
module_init(ip_vs_fo_init); module_init(ip_vs_fo_init);
module_exit(ip_vs_fo_cleanup); module_exit(ip_vs_fo_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs weighted failover scheduler");
...@@ -635,3 +635,4 @@ static void __exit ip_vs_ftp_exit(void) ...@@ -635,3 +635,4 @@ static void __exit ip_vs_ftp_exit(void)
module_init(ip_vs_ftp_init); module_init(ip_vs_ftp_init);
module_exit(ip_vs_ftp_exit); module_exit(ip_vs_ftp_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs ftp helper");
...@@ -632,3 +632,4 @@ static void __exit ip_vs_lblc_cleanup(void) ...@@ -632,3 +632,4 @@ static void __exit ip_vs_lblc_cleanup(void)
module_init(ip_vs_lblc_init); module_init(ip_vs_lblc_init);
module_exit(ip_vs_lblc_cleanup); module_exit(ip_vs_lblc_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs locality-based least-connection scheduler");
...@@ -817,3 +817,4 @@ static void __exit ip_vs_lblcr_cleanup(void) ...@@ -817,3 +817,4 @@ static void __exit ip_vs_lblcr_cleanup(void)
module_init(ip_vs_lblcr_init); module_init(ip_vs_lblcr_init);
module_exit(ip_vs_lblcr_cleanup); module_exit(ip_vs_lblcr_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs locality-based least-connection with replication scheduler");
...@@ -86,3 +86,4 @@ static void __exit ip_vs_lc_cleanup(void) ...@@ -86,3 +86,4 @@ static void __exit ip_vs_lc_cleanup(void)
module_init(ip_vs_lc_init); module_init(ip_vs_lc_init);
module_exit(ip_vs_lc_cleanup); module_exit(ip_vs_lc_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs least connection scheduler");
...@@ -136,3 +136,4 @@ static void __exit ip_vs_nq_cleanup(void) ...@@ -136,3 +136,4 @@ static void __exit ip_vs_nq_cleanup(void)
module_init(ip_vs_nq_init); module_init(ip_vs_nq_init);
module_exit(ip_vs_nq_cleanup); module_exit(ip_vs_nq_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs never queue scheduler");
...@@ -79,3 +79,4 @@ static void __exit ip_vs_ovf_cleanup(void) ...@@ -79,3 +79,4 @@ static void __exit ip_vs_ovf_cleanup(void)
module_init(ip_vs_ovf_init); module_init(ip_vs_ovf_init);
module_exit(ip_vs_ovf_cleanup); module_exit(ip_vs_ovf_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs overflow connection scheduler");
...@@ -185,3 +185,4 @@ static void __exit ip_vs_sip_cleanup(void) ...@@ -185,3 +185,4 @@ static void __exit ip_vs_sip_cleanup(void)
module_init(ip_vs_sip_init); module_init(ip_vs_sip_init);
module_exit(ip_vs_sip_cleanup); module_exit(ip_vs_sip_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs sip helper");
...@@ -122,4 +122,5 @@ static void __exit ip_vs_rr_cleanup(void) ...@@ -122,4 +122,5 @@ static void __exit ip_vs_rr_cleanup(void)
module_init(ip_vs_rr_init); module_init(ip_vs_rr_init);
module_exit(ip_vs_rr_cleanup); module_exit(ip_vs_rr_cleanup);
MODULE_DESCRIPTION("ipvs round-robin scheduler");
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
...@@ -137,3 +137,4 @@ static void __exit ip_vs_sed_cleanup(void) ...@@ -137,3 +137,4 @@ static void __exit ip_vs_sed_cleanup(void)
module_init(ip_vs_sed_init); module_init(ip_vs_sed_init);
module_exit(ip_vs_sed_cleanup); module_exit(ip_vs_sed_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs shortest expected delay scheduler");
...@@ -376,3 +376,4 @@ static void __exit ip_vs_sh_cleanup(void) ...@@ -376,3 +376,4 @@ static void __exit ip_vs_sh_cleanup(void)
module_init(ip_vs_sh_init); module_init(ip_vs_sh_init);
module_exit(ip_vs_sh_cleanup); module_exit(ip_vs_sh_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs source hashing scheduler");
...@@ -137,3 +137,4 @@ static void __exit ip_vs_twos_cleanup(void) ...@@ -137,3 +137,4 @@ static void __exit ip_vs_twos_cleanup(void)
module_init(ip_vs_twos_init); module_init(ip_vs_twos_init);
module_exit(ip_vs_twos_cleanup); module_exit(ip_vs_twos_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs power of twos choice scheduler");
...@@ -109,3 +109,4 @@ static void __exit ip_vs_wlc_cleanup(void) ...@@ -109,3 +109,4 @@ static void __exit ip_vs_wlc_cleanup(void)
module_init(ip_vs_wlc_init); module_init(ip_vs_wlc_init);
module_exit(ip_vs_wlc_cleanup); module_exit(ip_vs_wlc_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs weighted least connection scheduler");
...@@ -263,3 +263,4 @@ static void __exit ip_vs_wrr_cleanup(void) ...@@ -263,3 +263,4 @@ static void __exit ip_vs_wrr_cleanup(void)
module_init(ip_vs_wrr_init); module_init(ip_vs_wrr_init);
module_exit(ip_vs_wrr_cleanup); module_exit(ip_vs_wrr_cleanup);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("ipvs weighted round-robin scheduler");
...@@ -82,3 +82,4 @@ int nf_conntrack_broadcast_help(struct sk_buff *skb, ...@@ -82,3 +82,4 @@ int nf_conntrack_broadcast_help(struct sk_buff *skb,
EXPORT_SYMBOL_GPL(nf_conntrack_broadcast_help); EXPORT_SYMBOL_GPL(nf_conntrack_broadcast_help);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Broadcast connection tracking helper");
...@@ -57,6 +57,7 @@ ...@@ -57,6 +57,7 @@
#include "nf_internals.h" #include "nf_internals.h"
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("List and change connection tracking table");
struct ctnetlink_list_dump_ctx { struct ctnetlink_list_dump_ctx {
struct nf_conn *last; struct nf_conn *last;
......
...@@ -699,3 +699,4 @@ MODULE_ALIAS("ip_conntrack"); ...@@ -699,3 +699,4 @@ MODULE_ALIAS("ip_conntrack");
MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET)); MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET));
MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET6)); MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET6));
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("IPv4 and IPv6 connection tracking");
...@@ -1263,6 +1263,7 @@ static void __exit nf_nat_cleanup(void) ...@@ -1263,6 +1263,7 @@ static void __exit nf_nat_cleanup(void)
} }
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Network address translation core");
module_init(nf_nat_init); module_init(nf_nat_init);
module_exit(nf_nat_cleanup); module_exit(nf_nat_cleanup);
...@@ -80,6 +80,26 @@ EXPORT_SYMBOL_GPL(nf_nat_redirect_ipv4); ...@@ -80,6 +80,26 @@ EXPORT_SYMBOL_GPL(nf_nat_redirect_ipv4);
static const struct in6_addr loopback_addr = IN6ADDR_LOOPBACK_INIT; static const struct in6_addr loopback_addr = IN6ADDR_LOOPBACK_INIT;
static bool nf_nat_redirect_ipv6_usable(const struct inet6_ifaddr *ifa, unsigned int scope)
{
unsigned int ifa_addr_type = ipv6_addr_type(&ifa->addr);
if (ifa_addr_type & IPV6_ADDR_MAPPED)
return false;
if ((ifa->flags & IFA_F_TENTATIVE) && (!(ifa->flags & IFA_F_OPTIMISTIC)))
return false;
if (scope) {
unsigned int ifa_scope = ifa_addr_type & IPV6_ADDR_SCOPE_MASK;
if (!(scope & ifa_scope))
return false;
}
return true;
}
unsigned int unsigned int
nf_nat_redirect_ipv6(struct sk_buff *skb, const struct nf_nat_range2 *range, nf_nat_redirect_ipv6(struct sk_buff *skb, const struct nf_nat_range2 *range,
unsigned int hooknum) unsigned int hooknum)
...@@ -89,14 +109,19 @@ nf_nat_redirect_ipv6(struct sk_buff *skb, const struct nf_nat_range2 *range, ...@@ -89,14 +109,19 @@ nf_nat_redirect_ipv6(struct sk_buff *skb, const struct nf_nat_range2 *range,
if (hooknum == NF_INET_LOCAL_OUT) { if (hooknum == NF_INET_LOCAL_OUT) {
newdst.in6 = loopback_addr; newdst.in6 = loopback_addr;
} else { } else {
unsigned int scope = ipv6_addr_scope(&ipv6_hdr(skb)->daddr);
struct inet6_dev *idev; struct inet6_dev *idev;
struct inet6_ifaddr *ifa;
bool addr = false; bool addr = false;
idev = __in6_dev_get(skb->dev); idev = __in6_dev_get(skb->dev);
if (idev != NULL) { if (idev != NULL) {
const struct inet6_ifaddr *ifa;
read_lock_bh(&idev->lock); read_lock_bh(&idev->lock);
list_for_each_entry(ifa, &idev->addr_list, if_list) { list_for_each_entry(ifa, &idev->addr_list, if_list) {
if (!nf_nat_redirect_ipv6_usable(ifa, scope))
continue;
newdst.in6 = ifa->addr; newdst.in6 = ifa->addr;
addr = true; addr = true;
break; break;
......
...@@ -6520,6 +6520,12 @@ static int nft_setelem_deactivate(const struct net *net, ...@@ -6520,6 +6520,12 @@ static int nft_setelem_deactivate(const struct net *net,
return ret; return ret;
} }
static void nft_setelem_catchall_destroy(struct nft_set_elem_catchall *catchall)
{
list_del_rcu(&catchall->list);
kfree_rcu(catchall, rcu);
}
static void nft_setelem_catchall_remove(const struct net *net, static void nft_setelem_catchall_remove(const struct net *net,
const struct nft_set *set, const struct nft_set *set,
struct nft_elem_priv *elem_priv) struct nft_elem_priv *elem_priv)
...@@ -6528,8 +6534,7 @@ static void nft_setelem_catchall_remove(const struct net *net, ...@@ -6528,8 +6534,7 @@ static void nft_setelem_catchall_remove(const struct net *net,
list_for_each_entry_safe(catchall, next, &set->catchall_list, list) { list_for_each_entry_safe(catchall, next, &set->catchall_list, list) {
if (catchall->elem == elem_priv) { if (catchall->elem == elem_priv) {
list_del_rcu(&catchall->list); nft_setelem_catchall_destroy(catchall);
kfree_rcu(catchall, rcu);
break; break;
} }
} }
...@@ -9678,11 +9683,12 @@ static struct nft_trans_gc *nft_trans_gc_catchall(struct nft_trans_gc *gc, ...@@ -9678,11 +9683,12 @@ static struct nft_trans_gc *nft_trans_gc_catchall(struct nft_trans_gc *gc,
unsigned int gc_seq, unsigned int gc_seq,
bool sync) bool sync)
{ {
struct nft_set_elem_catchall *catchall; struct nft_set_elem_catchall *catchall, *next;
const struct nft_set *set = gc->set; const struct nft_set *set = gc->set;
struct nft_elem_priv *elem_priv;
struct nft_set_ext *ext; struct nft_set_ext *ext;
list_for_each_entry_rcu(catchall, &set->catchall_list, list) { list_for_each_entry_safe(catchall, next, &set->catchall_list, list) {
ext = nft_set_elem_ext(set, catchall->elem); ext = nft_set_elem_ext(set, catchall->elem);
if (!nft_set_elem_expired(ext)) if (!nft_set_elem_expired(ext))
...@@ -9700,7 +9706,13 @@ static struct nft_trans_gc *nft_trans_gc_catchall(struct nft_trans_gc *gc, ...@@ -9700,7 +9706,13 @@ static struct nft_trans_gc *nft_trans_gc_catchall(struct nft_trans_gc *gc,
if (!gc) if (!gc)
return NULL; return NULL;
nft_trans_gc_elem_add(gc, catchall->elem); elem_priv = catchall->elem;
if (sync) {
nft_setelem_data_deactivate(gc->net, gc->set, elem_priv);
nft_setelem_catchall_destroy(catchall);
}
nft_trans_gc_elem_add(gc, elem_priv);
} }
return gc; return gc;
...@@ -11386,4 +11398,5 @@ module_exit(nf_tables_module_exit); ...@@ -11386,4 +11398,5 @@ module_exit(nf_tables_module_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
MODULE_DESCRIPTION("Framework for packet filtering and classification");
MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_NFTABLES); MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_NFTABLES);
...@@ -447,4 +447,5 @@ module_init(nfnl_osf_init); ...@@ -447,4 +447,5 @@ module_init(nfnl_osf_init);
module_exit(nfnl_osf_fini); module_exit(nfnl_osf_fini);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Passive OS fingerprint matching");
MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_OSF); MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_OSF);
...@@ -137,6 +137,7 @@ module_init(nft_chain_nat_init); ...@@ -137,6 +137,7 @@ module_init(nft_chain_nat_init);
module_exit(nft_chain_nat_exit); module_exit(nft_chain_nat_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("nftables network address translation support");
#ifdef CONFIG_NF_TABLES_IPV4 #ifdef CONFIG_NF_TABLES_IPV4
MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat"); MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat");
#endif #endif
......
...@@ -204,4 +204,5 @@ bool nft_fib_reduce(struct nft_regs_track *track, ...@@ -204,4 +204,5 @@ bool nft_fib_reduce(struct nft_regs_track *track,
EXPORT_SYMBOL_GPL(nft_fib_reduce); EXPORT_SYMBOL_GPL(nft_fib_reduce);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Query routing table from nftables");
MODULE_AUTHOR("Florian Westphal <fw@strlen.de>"); MODULE_AUTHOR("Florian Westphal <fw@strlen.de>");
...@@ -270,4 +270,5 @@ module_exit(nft_fwd_netdev_module_exit); ...@@ -270,4 +270,5 @@ module_exit(nft_fwd_netdev_module_exit);
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_AUTHOR("Pablo Neira Ayuso <pablo@netfilter.org>"); MODULE_AUTHOR("Pablo Neira Ayuso <pablo@netfilter.org>");
MODULE_DESCRIPTION("nftables netdev packet forwarding support");
MODULE_ALIAS_NFT_AF_EXPR(5, "fwd"); MODULE_ALIAS_NFT_AF_EXPR(5, "fwd");
...@@ -561,7 +561,7 @@ recent_mt_proc_write(struct file *file, const char __user *input, ...@@ -561,7 +561,7 @@ recent_mt_proc_write(struct file *file, const char __user *input,
{ {
struct recent_table *t = pde_data(file_inode(file)); struct recent_table *t = pde_data(file_inode(file));
struct recent_entry *e; struct recent_entry *e;
char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:5afe:c0de")]; char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:255.255.255.255")];
const char *c = buf; const char *c = buf;
union nf_inet_addr addr = {}; union nf_inet_addr addr = {};
u_int16_t family; u_int16_t family;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment