Commit c644bd79 authored by David S. Miller's avatar David S. Miller

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains two Netfilter fixes for your net tree,
they are:

1) Fix memleak from netns release path of conntrack protocol trackers,
   patch from Liping Zhang.

2) Uninitialized flags field in ebt_log, that results in unpredictable
   logging format in ebtables, also from Liping.
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 3d05035e 91af6ba7
...@@ -30,6 +30,7 @@ ebt_nflog_tg(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -30,6 +30,7 @@ ebt_nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
li.u.ulog.copy_len = info->len; li.u.ulog.copy_len = info->len;
li.u.ulog.group = info->group; li.u.ulog.group = info->group;
li.u.ulog.qthreshold = info->threshold; li.u.ulog.qthreshold = info->threshold;
li.u.ulog.flags = 0;
nf_log_packet(net, PF_BRIDGE, xt_hooknum(par), skb, xt_in(par), nf_log_packet(net, PF_BRIDGE, xt_hooknum(par), skb, xt_in(par),
xt_out(par), &li, "%s", info->prefix); xt_out(par), &li, "%s", info->prefix);
......
...@@ -872,6 +872,11 @@ static int dccp_init_net(struct net *net, u_int16_t proto) ...@@ -872,6 +872,11 @@ static int dccp_init_net(struct net *net, u_int16_t proto)
return dccp_kmemdup_sysctl_table(net, pn, dn); return dccp_kmemdup_sysctl_table(net, pn, dn);
} }
static struct nf_proto_net *dccp_get_net_proto(struct net *net)
{
return &net->ct.nf_ct_proto.dccp.pn;
}
struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp4 __read_mostly = { struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp4 __read_mostly = {
.l3proto = AF_INET, .l3proto = AF_INET,
.l4proto = IPPROTO_DCCP, .l4proto = IPPROTO_DCCP,
...@@ -904,6 +909,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp4 __read_mostly = { ...@@ -904,6 +909,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp4 __read_mostly = {
}, },
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */ #endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
.init_net = dccp_init_net, .init_net = dccp_init_net,
.get_net_proto = dccp_get_net_proto,
}; };
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_dccp4); EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_dccp4);
...@@ -939,5 +945,6 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp6 __read_mostly = { ...@@ -939,5 +945,6 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp6 __read_mostly = {
}, },
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */ #endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
.init_net = dccp_init_net, .init_net = dccp_init_net,
.get_net_proto = dccp_get_net_proto,
}; };
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_dccp6); EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_dccp6);
...@@ -783,6 +783,11 @@ static int sctp_init_net(struct net *net, u_int16_t proto) ...@@ -783,6 +783,11 @@ static int sctp_init_net(struct net *net, u_int16_t proto)
return sctp_kmemdup_sysctl_table(pn, sn); return sctp_kmemdup_sysctl_table(pn, sn);
} }
static struct nf_proto_net *sctp_get_net_proto(struct net *net)
{
return &net->ct.nf_ct_proto.sctp.pn;
}
struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = { struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
.l3proto = PF_INET, .l3proto = PF_INET,
.l4proto = IPPROTO_SCTP, .l4proto = IPPROTO_SCTP,
...@@ -816,6 +821,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = { ...@@ -816,6 +821,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
}, },
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */ #endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
.init_net = sctp_init_net, .init_net = sctp_init_net,
.get_net_proto = sctp_get_net_proto,
}; };
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_sctp4); EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_sctp4);
...@@ -852,5 +858,6 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = { ...@@ -852,5 +858,6 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */ #endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
#endif #endif
.init_net = sctp_init_net, .init_net = sctp_init_net,
.get_net_proto = sctp_get_net_proto,
}; };
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_sctp6); EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_sctp6);
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment