On Mon, Jan 02, 2012 at 04:06:39PM +0100, Hans Schillstrom wrote:
> Two new flags to __ipv6_find_hdr,
> One that tells us that this is a fragemnt.
> One that stops at AH if any i.e. treat it like a transport header.
> i.e. make handling of ESP and AH the same.
>
> Signed-off-by: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx>
> ---
> include/linux/netfilter_ipv6/ip6_tables.h | 16 ++++++++++++++--
> net/ipv6/netfilter/ip6_tables.c | 19 ++++++++++++++-----
> 2 files changed, 28 insertions(+), 7 deletions(-)
>
> diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h
> index f549adc..ee0c68e 100644
> --- a/include/linux/netfilter_ipv6/ip6_tables.h
> +++ b/include/linux/netfilter_ipv6/ip6_tables.h
> @@ -288,9 +288,21 @@ extern unsigned int ip6t_do_table(struct sk_buff *skb,
>
> /* Check for an extension */
> extern int ip6t_ext_hdr(u8 nexthdr);
> +enum {
> + IP6T_FH_FRAG,
> + IP6T_FH_AUTH,
> + IP6T_FH_F_FRAG = 1 << IP6T_FH_FRAG,
> + IP6T_FH_F_AUTH = 1 << IP6T_FH_AUTH,
> +};
> /* find specified header and get offset to it */
> -extern int ipv6_find_hdr(const struct sk_buff *skb, unsigned int *offset,
> - int target, unsigned short *fragoff);
> +extern int __ipv6_find_hdr(const struct sk_buff *skb, unsigned int *offset,
> + int target, unsigned short *fragoff, int *fragflg);
Please, don't do this.
the convention in the kernel is to use __function for non-locked
versions of one function.
The number of clients for this function seems small. I'll be very
happy if you send me a patch that changes this interface and that
propagates the changes to other clients of it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
