diff options
Diffstat (limited to 'net/ipv6/netfilter/ip6t_SYNPROXY.c')
-rw-r--r-- | net/ipv6/netfilter/ip6t_SYNPROXY.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/net/ipv6/netfilter/ip6t_SYNPROXY.c b/net/ipv6/netfilter/ip6t_SYNPROXY.c index a0d17270117..bd174540eb2 100644 --- a/net/ipv6/netfilter/ip6t_SYNPROXY.c +++ b/net/ipv6/netfilter/ip6t_SYNPROXY.c | |||
@@ -37,12 +37,13 @@ synproxy_build_ip(struct sk_buff *skb, const struct in6_addr *saddr, | |||
37 | } | 37 | } |
38 | 38 | ||
39 | static void | 39 | static void |
40 | synproxy_send_tcp(const struct sk_buff *skb, struct sk_buff *nskb, | 40 | synproxy_send_tcp(const struct synproxy_net *snet, |
41 | const struct sk_buff *skb, struct sk_buff *nskb, | ||
41 | struct nf_conntrack *nfct, enum ip_conntrack_info ctinfo, | 42 | struct nf_conntrack *nfct, enum ip_conntrack_info ctinfo, |
42 | struct ipv6hdr *niph, struct tcphdr *nth, | 43 | struct ipv6hdr *niph, struct tcphdr *nth, |
43 | unsigned int tcp_hdr_size) | 44 | unsigned int tcp_hdr_size) |
44 | { | 45 | { |
45 | struct net *net = nf_ct_net((struct nf_conn *)nfct); | 46 | struct net *net = nf_ct_net(snet->tmpl); |
46 | struct dst_entry *dst; | 47 | struct dst_entry *dst; |
47 | struct flowi6 fl6; | 48 | struct flowi6 fl6; |
48 | 49 | ||
@@ -83,7 +84,8 @@ free_nskb: | |||
83 | } | 84 | } |
84 | 85 | ||
85 | static void | 86 | static void |
86 | synproxy_send_client_synack(const struct sk_buff *skb, const struct tcphdr *th, | 87 | synproxy_send_client_synack(const struct synproxy_net *snet, |
88 | const struct sk_buff *skb, const struct tcphdr *th, | ||
87 | const struct synproxy_options *opts) | 89 | const struct synproxy_options *opts) |
88 | { | 90 | { |
89 | struct sk_buff *nskb; | 91 | struct sk_buff *nskb; |
@@ -119,7 +121,7 @@ synproxy_send_client_synack(const struct sk_buff *skb, const struct tcphdr *th, | |||
119 | 121 | ||
120 | synproxy_build_options(nth, opts); | 122 | synproxy_build_options(nth, opts); |
121 | 123 | ||
122 | synproxy_send_tcp(skb, nskb, skb->nfct, IP_CT_ESTABLISHED_REPLY, | 124 | synproxy_send_tcp(snet, skb, nskb, skb->nfct, IP_CT_ESTABLISHED_REPLY, |
123 | niph, nth, tcp_hdr_size); | 125 | niph, nth, tcp_hdr_size); |
124 | } | 126 | } |
125 | 127 | ||
@@ -163,7 +165,7 @@ synproxy_send_server_syn(const struct synproxy_net *snet, | |||
163 | 165 | ||
164 | synproxy_build_options(nth, opts); | 166 | synproxy_build_options(nth, opts); |
165 | 167 | ||
166 | synproxy_send_tcp(skb, nskb, &snet->tmpl->ct_general, IP_CT_NEW, | 168 | synproxy_send_tcp(snet, skb, nskb, &snet->tmpl->ct_general, IP_CT_NEW, |
167 | niph, nth, tcp_hdr_size); | 169 | niph, nth, tcp_hdr_size); |
168 | } | 170 | } |
169 | 171 | ||
@@ -203,7 +205,7 @@ synproxy_send_server_ack(const struct synproxy_net *snet, | |||
203 | 205 | ||
204 | synproxy_build_options(nth, opts); | 206 | synproxy_build_options(nth, opts); |
205 | 207 | ||
206 | synproxy_send_tcp(skb, nskb, NULL, 0, niph, nth, tcp_hdr_size); | 208 | synproxy_send_tcp(snet, skb, nskb, NULL, 0, niph, nth, tcp_hdr_size); |
207 | } | 209 | } |
208 | 210 | ||
209 | static void | 211 | static void |
@@ -241,7 +243,7 @@ synproxy_send_client_ack(const struct synproxy_net *snet, | |||
241 | 243 | ||
242 | synproxy_build_options(nth, opts); | 244 | synproxy_build_options(nth, opts); |
243 | 245 | ||
244 | synproxy_send_tcp(skb, nskb, NULL, 0, niph, nth, tcp_hdr_size); | 246 | synproxy_send_tcp(snet, skb, nskb, NULL, 0, niph, nth, tcp_hdr_size); |
245 | } | 247 | } |
246 | 248 | ||
247 | static bool | 249 | static bool |
@@ -301,7 +303,7 @@ synproxy_tg6(struct sk_buff *skb, const struct xt_action_param *par) | |||
301 | XT_SYNPROXY_OPT_SACK_PERM | | 303 | XT_SYNPROXY_OPT_SACK_PERM | |
302 | XT_SYNPROXY_OPT_ECN); | 304 | XT_SYNPROXY_OPT_ECN); |
303 | 305 | ||
304 | synproxy_send_client_synack(skb, th, &opts); | 306 | synproxy_send_client_synack(snet, skb, th, &opts); |
305 | return NF_DROP; | 307 | return NF_DROP; |
306 | 308 | ||
307 | } else if (th->ack && !(th->fin || th->rst || th->syn)) { | 309 | } else if (th->ack && !(th->fin || th->rst || th->syn)) { |