patch-2.4.10 linux/net/ipv4/netfilter/ipchains_core.c
Next file: linux/net/ipv4/netfilter/ipfwadm_core.c
Previous file: linux/net/ipv4/netfilter/ip_tables.c
Back to the patch index
Back to the overall index
- Lines: 78
- Date:
Fri Sep 14 14:04:08 2001
- Orig file:
v2.4.9/linux/net/ipv4/netfilter/ipchains_core.c
- Orig date:
Mon Aug 27 12:41:49 2001
diff -u --recursive --new-file v2.4.9/linux/net/ipv4/netfilter/ipchains_core.c linux/net/ipv4/netfilter/ipchains_core.c
@@ -74,6 +74,7 @@
#include <linux/sched.h>
#include <linux/string.h>
#include <linux/errno.h>
+#include <linux/module.h>
#include <linux/socket.h>
#include <linux/sockios.h>
@@ -534,7 +535,7 @@
}
if (f->ipfw.fw_flg & IP_FW_F_NETLINK) {
#if defined(CONFIG_NETLINK_DEV) || defined(CONFIG_NETLINK_DEV_MODULE)
- size_t len = min(unsigned int, f->ipfw.fw_outputsize, ntohs(ip->tot_len))
+ size_t len = min_t(unsigned int, f->ipfw.fw_outputsize, ntohs(ip->tot_len))
+ sizeof(__u32) + sizeof(skb->nfmark) + IFNAMSIZ;
struct sk_buff *outskb=alloc_skb(len, GFP_ATOMIC);
@@ -1706,11 +1707,10 @@
int ipfw_init_or_cleanup(int init)
{
+ struct proc_dir_entry *proc;
int ret = 0;
unsigned long flags;
- FWC_WRITE_LOCK_IRQ(&ip_fw_lock, flags);
-
if (!init) goto cleanup;
#ifdef DEBUG_IP_FIREWALL_LOCKING
@@ -1727,17 +1727,24 @@
if (ret < 0)
goto cleanup_netlink;
- proc_net_create(IP_FW_PROC_CHAINS, S_IFREG | S_IRUSR | S_IWUSR, ip_chain_procinfo);
- proc_net_create(IP_FW_PROC_CHAIN_NAMES, S_IFREG | S_IRUSR | S_IWUSR, ip_chain_name_procinfo);
+ proc = proc_net_create(IP_FW_PROC_CHAINS, S_IFREG | S_IRUSR | S_IWUSR,
+ ip_chain_procinfo);
+ if (proc) proc->owner = THIS_MODULE;
+ proc = proc_net_create(IP_FW_PROC_CHAIN_NAMES,
+ S_IFREG | S_IRUSR | S_IWUSR,
+ ip_chain_name_procinfo);
+ if (proc) proc->owner = THIS_MODULE;
IP_FW_INPUT_CHAIN = ip_init_chain(IP_FW_LABEL_INPUT, 1, FW_ACCEPT);
IP_FW_FORWARD_CHAIN = ip_init_chain(IP_FW_LABEL_FORWARD, 1, FW_ACCEPT);
IP_FW_OUTPUT_CHAIN = ip_init_chain(IP_FW_LABEL_OUTPUT, 1, FW_ACCEPT);
- FWC_WRITE_UNLOCK_IRQ(&ip_fw_lock, flags);
return ret;
cleanup:
+ unregister_firewall(PF_INET, &ipfw_ops);
+
+ FWC_WRITE_LOCK_IRQ(&ip_fw_lock, flags);
while (ip_fw_chains) {
struct ip_chain *next = ip_fw_chains->next;
@@ -1745,18 +1752,16 @@
kfree(ip_fw_chains);
ip_fw_chains = next;
}
+ FWC_WRITE_UNLOCK_IRQ(&ip_fw_lock, flags);
proc_net_remove(IP_FW_PROC_CHAINS);
proc_net_remove(IP_FW_PROC_CHAIN_NAMES);
- unregister_firewall(PF_INET, &ipfw_ops);
-
cleanup_netlink:
#if defined(CONFIG_NETLINK_DEV) || defined(CONFIG_NETLINK_DEV_MODULE)
sock_release(ipfwsk->socket);
cleanup_nothing:
#endif
- FWC_WRITE_UNLOCK_IRQ(&ip_fw_lock, flags);
return ret;
}
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)