netfilter-2.6/patch-o-matic-ng/trunk: include/linux/netfilter_ipv4/ipt_recent.h net/ipv4/netfilter/i...

pluto cvs at pld-linux.org
Thu Jul 28 16:03:45 CEST 2005 

Author: pluto
Date: Thu Jul 28 16:03:41 2005
New Revision: 6264

Modified:
   netfilter-2.6/patch-o-matic-ng/trunk/include/linux/netfilter_ipv4/ipt_recent.h
   netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_realm.c
   netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_recent.c
   netfilter-2.6/patch-o-matic-ng/trunk/status
Log:
- {realm, recent} updated.


Modified: netfilter-2.6/patch-o-matic-ng/trunk/include/linux/netfilter_ipv4/ipt_recent.h
==============================================================================
--- netfilter-2.6/patch-o-matic-ng/trunk/include/linux/netfilter_ipv4/ipt_recent.h	(original)
+++ netfilter-2.6/patch-o-matic-ng/trunk/include/linux/netfilter_ipv4/ipt_recent.h	Thu Jul 28 16:03:41 2005
@@ -2,7 +2,7 @@
 #define _IPT_RECENT_H
 
 #define RECENT_NAME	"ipt_recent"
-#define RECENT_VER	"v0.3.1"
+#define RECENT_VER	"v0.3.2"
 
 #define IPT_RECENT_CHECK  1
 #define IPT_RECENT_SET    2

Modified: netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_realm.c
==============================================================================
--- netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_realm.c	(original)
+++ netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_realm.c	Thu Jul 28 16:03:41 2005
@@ -1,6 +1,6 @@
 /* IP tables module for matching the routing realm
  *
- * $Id: ipt_realm.c,v 1.3 2004/03/05 13:25:40 laforge Exp $
+ * $Id: ipt_realm.c 140 2004-03-05 13:25:40Z laforge $
  *
  * (C) 2003 by Sampsa Ranta <sampsa at netsonic.fi>
  *
@@ -19,7 +19,6 @@
 
 MODULE_AUTHOR("Sampsa Ranta <sampsa at netsonic.fi>");
 MODULE_LICENSE("GPL");
-MODULE_DESCRIPTION("iptables realm match");
 
 static int
 match(const struct sk_buff *skb,
@@ -32,6 +31,9 @@
 	const struct ipt_realm_info *info = matchinfo;
 	struct dst_entry *dst = skb->dst;
     
+	if (!dst)
+		return 0;
+
 	return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
 }
 
@@ -48,10 +50,10 @@
 		       "LOCAL_IN or FORWARD.\n");
 		return 0;
 	}
-	if (matchsize != IPT_ALIGN(sizeof(struct ipt_realm_info))) {
-		printk("ipt_realm: invalid matchsize.\n");
+
+	if (matchsize != IPT_ALIGN(sizeof(struct ipt_realm_info)))
 		return 0;
-	}
+
 	return 1;
 }
 

Modified: netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_recent.c
==============================================================================
--- netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_recent.c	(original)
+++ netfilter-2.6/patch-o-matic-ng/trunk/net/ipv4/netfilter/ipt_recent.c	Thu Jul 28 16:03:41 2005
@@ -15,6 +15,7 @@
 #include <linux/ctype.h>
 #include <linux/ip.h>
 #include <linux/vmalloc.h>
+#include <linux/time.h>
 #include <linux/moduleparam.h>
 
 #include <linux/netfilter_ipv4/ip_tables.h>
@@ -64,7 +65,7 @@
 
 struct time_info_list {
 	u_int32_t position;
-	u_int32_t time;
+	unsigned long time;
 };
 
 /* Structure of our linked list of tables of recent lists. */
@@ -418,8 +419,8 @@
 	if(debug) printk(KERN_INFO RECENT_NAME ": match(): checking table, addr: %u, ttl: %u, orig_ttl: %u\n",addr,ttl,skb->nh.iph->ttl);
 #endif
 
-	/* Get jiffies now in case they changed while we were waiting for a lock */
-	now = jiffies;
+	/* Get time now in case it changed while we were waiting for a lock */
+	now = get_seconds();
 	hash_table = curr_table->hash_table;
 	time_info = curr_table->time_info;
 
@@ -528,11 +529,11 @@
 		if(info->check_set & IPT_RECENT_CHECK || info->check_set & IPT_RECENT_UPDATE) {
 			if(!info->seconds && !info->hit_count) ans = !info->invert; else ans = info->invert;
 			if(info->seconds && !info->hit_count) {
-				if(time_before_eq(now,r_list[location].last_seen+info->seconds*HZ)) ans = !info->invert; else ans = info->invert;
+				if(now <= r_list[location].last_seen+info->seconds) ans = !info->invert; else ans = info->invert;
 			}
 			if(info->seconds && info->hit_count) {
 				for(pkt_count = 0, hits_found = 0; pkt_count < ip_pkt_list_tot; pkt_count++) {
-					if(time_before_eq(now,r_list[location].last_pkts[pkt_count]+info->seconds*HZ)) hits_found++;
+					if(now <= r_list[location].last_pkts[pkt_count]+info->seconds) hits_found++;
 				}
 				if(hits_found >= info->hit_count) ans = !info->invert; else ans = info->invert;
 			}

Modified: netfilter-2.6/patch-o-matic-ng/trunk/status
==============================================================================
--- netfilter-2.6/patch-o-matic-ng/trunk/status	(original)
+++ netfilter-2.6/patch-o-matic-ng/trunk/status	Thu Jul 28 16:03:41 2005
@@ -30,8 +30,8 @@
 psd			2005/07/27	added
 quake3-conntrack-nat	2005/07/27	added
 quota			2005/07/27	added
-realm					updated
-recent					updated		(v0.3.2)
+realm			2005/07/27	updated
+recent			2005/07/27	updated		(v0.3.2)
 REJECT			2005/07/27	added+updated	(ipv6 added, ipv4 updated)
 ROUTE			2005/07/27	added		(ipv6 / not working as a module)
 set			2005/07/27	added

More information about the pld-cvs-commit mailing list