Process NFQA_CFG_FAIL_OPEN and enable fail-open support.
Signed-off-by: Krishna Kumar <krkumar2@xxxxxxxxxx>
Signed-off-by: Vivek Kashyap <vivk@xxxxxxxxxx>
Signed-off-by: Sridhar Samudrala <samudrala@xxxxxxxxxx>
---
net/netfilter/nfnetlink_queue.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff -ruNp org/net/netfilter/nfnetlink_queue.c new/net/netfilter/nfnetlink_queue.c
--- org/net/netfilter/nfnetlink_queue.c 2012-05-08 12:58:49.844754291 +0530
+++ new/net/netfilter/nfnetlink_queue.c 2012-05-08 12:59:03.280923680 +0530
@@ -867,6 +867,19 @@ nfqnl_recv_config(struct sock *ctnl, str
spin_unlock_bh(&queue->lock);
}
+ if (nfqa[NFQA_CFG_FAIL_OPEN]) {
+ u_int8_t *fail_open;
+
+ if (!queue) {
+ ret = -ENODEV;
+ goto err_out_unlock;
+ }
+ fail_open = nla_data(nfqa[NFQA_CFG_FAIL_OPEN]);
+ spin_lock_bh(&queue->lock);
+ queue->fail_open = *fail_open;
+ spin_unlock_bh(&queue->lock);
+ }
+
err_out_unlock:
rcu_read_unlock();
return ret;
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
