96 lines
2.2 KiB
C
96 lines
2.2 KiB
C
/*
|
|
* Handle firewalling core
|
|
* Linux ethernet bridge
|
|
*
|
|
* Authors:
|
|
* Lennert Buytenhek <buytenh@gnu.org>
|
|
* Bart De Schuymer <bdschuym@pandora.be>
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the License, or (at your option) any later version.
|
|
*
|
|
* Lennert dedicates this file to Kerstin Wurdinger.
|
|
*/
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/kernel.h>
|
|
#include <linux/in_route.h>
|
|
#include <linux/inetdevice.h>
|
|
#include <net/route.h>
|
|
|
|
#include "br_private.h"
|
|
#ifdef CONFIG_SYSCTL
|
|
#include <linux/sysctl.h>
|
|
#endif
|
|
|
|
static void fake_update_pmtu(struct dst_entry *dst, struct sock *sk,
|
|
struct sk_buff *skb, u32 mtu)
|
|
{
|
|
}
|
|
|
|
static void fake_redirect(struct dst_entry *dst, struct sock *sk,
|
|
struct sk_buff *skb)
|
|
{
|
|
}
|
|
|
|
static u32 *fake_cow_metrics(struct dst_entry *dst, unsigned long old)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
static struct neighbour *fake_neigh_lookup(const struct dst_entry *dst,
|
|
struct sk_buff *skb,
|
|
const void *daddr)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
static unsigned int fake_mtu(const struct dst_entry *dst)
|
|
{
|
|
return dst->dev->mtu;
|
|
}
|
|
|
|
static struct dst_ops fake_dst_ops = {
|
|
.family = AF_INET,
|
|
.update_pmtu = fake_update_pmtu,
|
|
.redirect = fake_redirect,
|
|
.cow_metrics = fake_cow_metrics,
|
|
.neigh_lookup = fake_neigh_lookup,
|
|
.mtu = fake_mtu,
|
|
};
|
|
|
|
/*
|
|
* Initialize bogus route table used to keep netfilter happy.
|
|
* Currently, we fill in the PMTU entry because netfilter
|
|
* refragmentation needs it, and the rt_flags entry because
|
|
* ipt_REJECT needs it. Future netfilter modules might
|
|
* require us to fill additional fields.
|
|
*/
|
|
static const u32 br_dst_default_metrics[RTAX_MAX] = {
|
|
[RTAX_MTU - 1] = 1500,
|
|
};
|
|
|
|
void br_netfilter_rtable_init(struct net_bridge *br)
|
|
{
|
|
struct rtable *rt = &br->fake_rtable;
|
|
|
|
atomic_set(&rt->dst.__refcnt, 1);
|
|
rt->dst.dev = br->dev;
|
|
rt->dst.path = &rt->dst;
|
|
dst_init_metrics(&rt->dst, br_dst_default_metrics, true);
|
|
rt->dst.flags = DST_NOXFRM | DST_FAKE_RTABLE;
|
|
rt->dst.ops = &fake_dst_ops;
|
|
}
|
|
|
|
int __init br_nf_core_init(void)
|
|
{
|
|
return dst_entries_init(&fake_dst_ops);
|
|
}
|
|
|
|
void br_nf_core_fini(void)
|
|
{
|
|
dst_entries_destroy(&fake_dst_ops);
|
|
}
|