aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJP Abgrall2013-02-06 19:40:07 -0600
committerArve Hjønnevåg2013-02-19 19:56:20 -0600
commit579a0d25a3325bd97547ad170f2f65bb48d4e092 (patch)
tree90b123d4279aa014f35e641abee74a2cf8470638
parentae8959d7e62fc16f74cf3746f6f9378b027ed5bb (diff)
downloadkernel-common-579a0d25a3325bd97547ad170f2f65bb48d4e092.tar.gz
kernel-common-579a0d25a3325bd97547ad170f2f65bb48d4e092.tar.xz
kernel-common-579a0d25a3325bd97547ad170f2f65bb48d4e092.zip
netfilter: xt_qtaguid: Allow tracking loopback
In the past it would always ignore interfaces with loopback addresses. Now we just treat them like any other. This also helps with writing tests that check for the presence of the qtaguid module. Signed-off-by: JP Abgrall <jpa@google.com>
-rw-r--r--net/netfilter/xt_qtaguid.c19
1 files changed, 4 insertions, 15 deletions
diff --git a/net/netfilter/xt_qtaguid.c b/net/netfilter/xt_qtaguid.c
index 92e5f80bd8f..992a6e04490 100644
--- a/net/netfilter/xt_qtaguid.c
+++ b/net/netfilter/xt_qtaguid.c
@@ -1108,18 +1108,13 @@ static void iface_stat_create(struct net_device *net_dev,
1108 spin_lock_bh(&iface_stat_list_lock); 1108 spin_lock_bh(&iface_stat_list_lock);
1109 entry = get_iface_entry(ifname); 1109 entry = get_iface_entry(ifname);
1110 if (entry != NULL) { 1110 if (entry != NULL) {
1111 bool activate = !ipv4_is_loopback(ipaddr);
1112 IF_DEBUG("qtaguid: iface_stat: create(%s): entry=%p\n", 1111 IF_DEBUG("qtaguid: iface_stat: create(%s): entry=%p\n",
1113 ifname, entry); 1112 ifname, entry);
1114 iface_check_stats_reset_and_adjust(net_dev, entry); 1113 iface_check_stats_reset_and_adjust(net_dev, entry);
1115 _iface_stat_set_active(entry, net_dev, activate); 1114 _iface_stat_set_active(entry, net_dev, true);
1116 IF_DEBUG("qtaguid: %s(%s): " 1115 IF_DEBUG("qtaguid: %s(%s): "
1117 "tracking now %d on ip=%pI4\n", __func__, 1116 "tracking now %d on ip=%pI4\n", __func__,
1118 entry->ifname, activate, &ipaddr); 1117 entry->ifname, true, &ipaddr);
1119 goto done_unlock_put;
1120 } else if (ipv4_is_loopback(ipaddr)) {
1121 IF_DEBUG("qtaguid: iface_stat: create(%s): "
1122 "ignore loopback dev. ip=%pI4\n", ifname, &ipaddr);
1123 goto done_unlock_put; 1118 goto done_unlock_put;
1124 } 1119 }
1125 1120
@@ -1170,19 +1165,13 @@ static void iface_stat_create_ipv6(struct net_device *net_dev,
1170 spin_lock_bh(&iface_stat_list_lock); 1165 spin_lock_bh(&iface_stat_list_lock);
1171 entry = get_iface_entry(ifname); 1166 entry = get_iface_entry(ifname);
1172 if (entry != NULL) { 1167 if (entry != NULL) {
1173 bool activate = !(addr_type & IPV6_ADDR_LOOPBACK);
1174 IF_DEBUG("qtaguid: %s(%s): entry=%p\n", __func__, 1168 IF_DEBUG("qtaguid: %s(%s): entry=%p\n", __func__,
1175 ifname, entry); 1169 ifname, entry);
1176 iface_check_stats_reset_and_adjust(net_dev, entry); 1170 iface_check_stats_reset_and_adjust(net_dev, entry);
1177 _iface_stat_set_active(entry, net_dev, activate); 1171 _iface_stat_set_active(entry, net_dev, true);
1178 IF_DEBUG("qtaguid: %s(%s): " 1172 IF_DEBUG("qtaguid: %s(%s): "
1179 "tracking now %d on ip=%pI6c\n", __func__, 1173 "tracking now %d on ip=%pI6c\n", __func__,
1180 entry->ifname, activate, &ifa->addr); 1174 entry->ifname, true, &ifa->addr);
1181 goto done_unlock_put;
1182 } else if (addr_type & IPV6_ADDR_LOOPBACK) {
1183 IF_DEBUG("qtaguid: %s(%s): "
1184 "ignore loopback dev. ip=%pI6c\n", __func__,
1185 ifname, &ifa->addr);
1186 goto done_unlock_put; 1175 goto done_unlock_put;
1187 } 1176 }
1188 1177