Le lundi 10 mai 2010 à 22:18 +0200, kaber@xxxxxxxxx a écrit : > From: Jan Engelhardt <jengelh@xxxxxxxxxx> > > xt_TEE can be used to clone and reroute a packet. This can for > example be used to copy traffic at a router for logging purposes > to another dedicated machine. > > References: http://www.gossamer-threads.com/lists/iptables/devel/68781 > Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx> > Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> > --- > +static bool tee_tg_route_oif(struct flowi *f, struct net *net, > + const struct xt_tee_tginfo *info) > +{ > + const struct net_device *dev; > + > + if (*info->oif != '\0') > + return true; > + dev = dev_get_by_name(net, info->oif); > + if (dev == NULL) > + return false; > + f->oif = dev->ifindex; > + return true; > +} > + This leaks a refcount on device. But I see patch 76/84 replaces the whole thing, so this is probably harmless. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
