Commit a76b11dd authored by Al Viro's avatar Al Viro Committed by David S. Miller

[NETFILTER]: NAT annotations

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent cdcb71bf
...@@ -33,7 +33,7 @@ struct ip_nat_range ...@@ -33,7 +33,7 @@ struct ip_nat_range
unsigned int flags; unsigned int flags;
/* Inclusive: network order. */ /* Inclusive: network order. */
u_int32_t min_ip, max_ip; __be32 min_ip, max_ip;
/* Inclusive: network order */ /* Inclusive: network order */
union ip_conntrack_manip_proto min, max; union ip_conntrack_manip_proto min, max;
......
...@@ -82,7 +82,7 @@ static inline unsigned int ...@@ -82,7 +82,7 @@ static inline unsigned int
hash_by_src(const struct ip_conntrack_tuple *tuple) hash_by_src(const struct ip_conntrack_tuple *tuple)
{ {
/* Original src, to ensure we map it consistently if poss. */ /* Original src, to ensure we map it consistently if poss. */
return jhash_3words(tuple->src.ip, tuple->src.u.all, return jhash_3words((__force u32)tuple->src.ip, tuple->src.u.all,
tuple->dst.protonum, 0) % ip_nat_htable_size; tuple->dst.protonum, 0) % ip_nat_htable_size;
} }
...@@ -190,7 +190,7 @@ find_best_ips_proto(struct ip_conntrack_tuple *tuple, ...@@ -190,7 +190,7 @@ find_best_ips_proto(struct ip_conntrack_tuple *tuple,
const struct ip_conntrack *conntrack, const struct ip_conntrack *conntrack,
enum ip_nat_manip_type maniptype) enum ip_nat_manip_type maniptype)
{ {
u_int32_t *var_ipp; __be32 *var_ipp;
/* Host order */ /* Host order */
u_int32_t minip, maxip, j; u_int32_t minip, maxip, j;
...@@ -217,7 +217,7 @@ find_best_ips_proto(struct ip_conntrack_tuple *tuple, ...@@ -217,7 +217,7 @@ find_best_ips_proto(struct ip_conntrack_tuple *tuple,
* like this), even across reboots. */ * like this), even across reboots. */
minip = ntohl(range->min_ip); minip = ntohl(range->min_ip);
maxip = ntohl(range->max_ip); maxip = ntohl(range->max_ip);
j = jhash_2words(tuple->src.ip, tuple->dst.ip, 0); j = jhash_2words((__force u32)tuple->src.ip, (__force u32)tuple->dst.ip, 0);
*var_ipp = htonl(minip + j % (maxip - minip + 1)); *var_ipp = htonl(minip + j % (maxip - minip + 1));
} }
...@@ -534,9 +534,9 @@ int ...@@ -534,9 +534,9 @@ int
ip_nat_port_range_to_nfattr(struct sk_buff *skb, ip_nat_port_range_to_nfattr(struct sk_buff *skb,
const struct ip_nat_range *range) const struct ip_nat_range *range)
{ {
NFA_PUT(skb, CTA_PROTONAT_PORT_MIN, sizeof(u_int16_t), NFA_PUT(skb, CTA_PROTONAT_PORT_MIN, sizeof(__be16),
&range->min.tcp.port); &range->min.tcp.port);
NFA_PUT(skb, CTA_PROTONAT_PORT_MAX, sizeof(u_int16_t), NFA_PUT(skb, CTA_PROTONAT_PORT_MAX, sizeof(__be16),
&range->max.tcp.port); &range->max.tcp.port);
return 0; return 0;
...@@ -555,7 +555,7 @@ ip_nat_port_nfattr_to_range(struct nfattr *tb[], struct ip_nat_range *range) ...@@ -555,7 +555,7 @@ ip_nat_port_nfattr_to_range(struct nfattr *tb[], struct ip_nat_range *range)
if (tb[CTA_PROTONAT_PORT_MIN-1]) { if (tb[CTA_PROTONAT_PORT_MIN-1]) {
ret = 1; ret = 1;
range->min.tcp.port = range->min.tcp.port =
*(u_int16_t *)NFA_DATA(tb[CTA_PROTONAT_PORT_MIN-1]); *(__be16 *)NFA_DATA(tb[CTA_PROTONAT_PORT_MIN-1]);
} }
if (!tb[CTA_PROTONAT_PORT_MAX-1]) { if (!tb[CTA_PROTONAT_PORT_MAX-1]) {
...@@ -564,7 +564,7 @@ ip_nat_port_nfattr_to_range(struct nfattr *tb[], struct ip_nat_range *range) ...@@ -564,7 +564,7 @@ ip_nat_port_nfattr_to_range(struct nfattr *tb[], struct ip_nat_range *range)
} else { } else {
ret = 1; ret = 1;
range->max.tcp.port = range->max.tcp.port =
*(u_int16_t *)NFA_DATA(tb[CTA_PROTONAT_PORT_MAX-1]); *(__be16 *)NFA_DATA(tb[CTA_PROTONAT_PORT_MAX-1]);
} }
return ret; return ret;
......
...@@ -34,7 +34,7 @@ MODULE_DESCRIPTION("ftp NAT helper"); ...@@ -34,7 +34,7 @@ MODULE_DESCRIPTION("ftp NAT helper");
static int static int
mangle_rfc959_packet(struct sk_buff **pskb, mangle_rfc959_packet(struct sk_buff **pskb,
u_int32_t newip, __be32 newip,
u_int16_t port, u_int16_t port,
unsigned int matchoff, unsigned int matchoff,
unsigned int matchlen, unsigned int matchlen,
...@@ -57,7 +57,7 @@ mangle_rfc959_packet(struct sk_buff **pskb, ...@@ -57,7 +57,7 @@ mangle_rfc959_packet(struct sk_buff **pskb,
/* |1|132.235.1.2|6275| */ /* |1|132.235.1.2|6275| */
static int static int
mangle_eprt_packet(struct sk_buff **pskb, mangle_eprt_packet(struct sk_buff **pskb,
u_int32_t newip, __be32 newip,
u_int16_t port, u_int16_t port,
unsigned int matchoff, unsigned int matchoff,
unsigned int matchlen, unsigned int matchlen,
...@@ -79,7 +79,7 @@ mangle_eprt_packet(struct sk_buff **pskb, ...@@ -79,7 +79,7 @@ mangle_eprt_packet(struct sk_buff **pskb,
/* |1|132.235.1.2|6275| */ /* |1|132.235.1.2|6275| */
static int static int
mangle_epsv_packet(struct sk_buff **pskb, mangle_epsv_packet(struct sk_buff **pskb,
u_int32_t newip, __be32 newip,
u_int16_t port, u_int16_t port,
unsigned int matchoff, unsigned int matchoff,
unsigned int matchlen, unsigned int matchlen,
...@@ -98,7 +98,7 @@ mangle_epsv_packet(struct sk_buff **pskb, ...@@ -98,7 +98,7 @@ mangle_epsv_packet(struct sk_buff **pskb,
matchlen, buffer, strlen(buffer)); matchlen, buffer, strlen(buffer));
} }
static int (*mangle[])(struct sk_buff **, u_int32_t, u_int16_t, static int (*mangle[])(struct sk_buff **, __be32, u_int16_t,
unsigned int, unsigned int,
unsigned int, unsigned int,
struct ip_conntrack *, struct ip_conntrack *,
...@@ -120,7 +120,7 @@ static unsigned int ip_nat_ftp(struct sk_buff **pskb, ...@@ -120,7 +120,7 @@ static unsigned int ip_nat_ftp(struct sk_buff **pskb,
struct ip_conntrack_expect *exp, struct ip_conntrack_expect *exp,
u32 *seq) u32 *seq)
{ {
u_int32_t newip; __be32 newip;
u_int16_t port; u_int16_t port;
int dir = CTINFO2DIR(ctinfo); int dir = CTINFO2DIR(ctinfo);
struct ip_conntrack *ct = exp->master; struct ip_conntrack *ct = exp->master;
......
...@@ -189,7 +189,7 @@ ip_nat_mangle_tcp_packet(struct sk_buff **pskb, ...@@ -189,7 +189,7 @@ ip_nat_mangle_tcp_packet(struct sk_buff **pskb,
datalen, 0)); datalen, 0));
} else } else
tcph->check = nf_proto_csum_update(*pskb, tcph->check = nf_proto_csum_update(*pskb,
htons(oldlen) ^ 0xFFFF, htons(oldlen) ^ htons(0xFFFF),
htons(datalen), htons(datalen),
tcph->check, 1); tcph->check, 1);
...@@ -267,7 +267,7 @@ ip_nat_mangle_udp_packet(struct sk_buff **pskb, ...@@ -267,7 +267,7 @@ ip_nat_mangle_udp_packet(struct sk_buff **pskb,
udph->check = -1; udph->check = -1;
} else } else
udph->check = nf_proto_csum_update(*pskb, udph->check = nf_proto_csum_update(*pskb,
htons(oldlen) ^ 0xFFFF, htons(oldlen) ^ htons(0xFFFF),
htons(datalen), htons(datalen),
udph->check, 1); udph->check, 1);
return 1; return 1;
...@@ -284,26 +284,24 @@ sack_adjust(struct sk_buff *skb, ...@@ -284,26 +284,24 @@ sack_adjust(struct sk_buff *skb,
{ {
while (sackoff < sackend) { while (sackoff < sackend) {
struct tcp_sack_block_wire *sack; struct tcp_sack_block_wire *sack;
u_int32_t new_start_seq, new_end_seq; __be32 new_start_seq, new_end_seq;
sack = (void *)skb->data + sackoff; sack = (void *)skb->data + sackoff;
if (after(ntohl(sack->start_seq) - natseq->offset_before, if (after(ntohl(sack->start_seq) - natseq->offset_before,
natseq->correction_pos)) natseq->correction_pos))
new_start_seq = ntohl(sack->start_seq) new_start_seq = htonl(ntohl(sack->start_seq)
- natseq->offset_after; - natseq->offset_after);
else else
new_start_seq = ntohl(sack->start_seq) new_start_seq = htonl(ntohl(sack->start_seq)
- natseq->offset_before; - natseq->offset_before);
new_start_seq = htonl(new_start_seq);
if (after(ntohl(sack->end_seq) - natseq->offset_before, if (after(ntohl(sack->end_seq) - natseq->offset_before,
natseq->correction_pos)) natseq->correction_pos))
new_end_seq = ntohl(sack->end_seq) new_end_seq = htonl(ntohl(sack->end_seq)
- natseq->offset_after; - natseq->offset_after);
else else
new_end_seq = ntohl(sack->end_seq) new_end_seq = htonl(ntohl(sack->end_seq)
- natseq->offset_before; - natseq->offset_before);
new_end_seq = htonl(new_end_seq);
DEBUGP("sack_adjust: start_seq: %d->%d, end_seq: %d->%d\n", DEBUGP("sack_adjust: start_seq: %d->%d, end_seq: %d->%d\n",
ntohl(sack->start_seq), new_start_seq, ntohl(sack->start_seq), new_start_seq,
...@@ -375,7 +373,8 @@ ip_nat_seq_adjust(struct sk_buff **pskb, ...@@ -375,7 +373,8 @@ ip_nat_seq_adjust(struct sk_buff **pskb,
enum ip_conntrack_info ctinfo) enum ip_conntrack_info ctinfo)
{ {
struct tcphdr *tcph; struct tcphdr *tcph;
int dir, newseq, newack; int dir;
__be32 newseq, newack;
struct ip_nat_seq *this_way, *other_way; struct ip_nat_seq *this_way, *other_way;
dir = CTINFO2DIR(ctinfo); dir = CTINFO2DIR(ctinfo);
...@@ -388,17 +387,15 @@ ip_nat_seq_adjust(struct sk_buff **pskb, ...@@ -388,17 +387,15 @@ ip_nat_seq_adjust(struct sk_buff **pskb,
tcph = (void *)(*pskb)->data + (*pskb)->nh.iph->ihl*4; tcph = (void *)(*pskb)->data + (*pskb)->nh.iph->ihl*4;
if (after(ntohl(tcph->seq), this_way->correction_pos)) if (after(ntohl(tcph->seq), this_way->correction_pos))
newseq = ntohl(tcph->seq) + this_way->offset_after; newseq = htonl(ntohl(tcph->seq) + this_way->offset_after);
else else
newseq = ntohl(tcph->seq) + this_way->offset_before; newseq = htonl(ntohl(tcph->seq) + this_way->offset_before);
newseq = htonl(newseq);
if (after(ntohl(tcph->ack_seq) - other_way->offset_before, if (after(ntohl(tcph->ack_seq) - other_way->offset_before,
other_way->correction_pos)) other_way->correction_pos))
newack = ntohl(tcph->ack_seq) - other_way->offset_after; newack = htonl(ntohl(tcph->ack_seq) - other_way->offset_after);
else else
newack = ntohl(tcph->ack_seq) - other_way->offset_before; newack = htonl(ntohl(tcph->ack_seq) - other_way->offset_before);
newack = htonl(newack);
tcph->check = nf_proto_csum_update(*pskb, ~tcph->seq, newseq, tcph->check = nf_proto_csum_update(*pskb, ~tcph->seq, newseq,
tcph->check, 0); tcph->check, 0);
......
...@@ -51,7 +51,7 @@ ...@@ -51,7 +51,7 @@
#define IP_NAT_PPTP_VERSION "3.0" #define IP_NAT_PPTP_VERSION "3.0"
#define REQ_CID(req, off) (*(u_int16_t *)((char *)(req) + (off))) #define REQ_CID(req, off) (*(__be16 *)((char *)(req) + (off)))
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>");
......
...@@ -67,7 +67,7 @@ icmp_manip_pkt(struct sk_buff **pskb, ...@@ -67,7 +67,7 @@ icmp_manip_pkt(struct sk_buff **pskb,
hdr = (struct icmphdr *)((*pskb)->data + hdroff); hdr = (struct icmphdr *)((*pskb)->data + hdroff);
hdr->checksum = nf_proto_csum_update(*pskb, hdr->checksum = nf_proto_csum_update(*pskb,
hdr->un.echo.id ^ 0xFFFF, hdr->un.echo.id ^ htons(0xFFFF),
tuple->src.u.icmp.id, tuple->src.u.icmp.id,
hdr->checksum, 0); hdr->checksum, 0);
hdr->un.echo.id = tuple->src.u.icmp.id; hdr->un.echo.id = tuple->src.u.icmp.id;
......
...@@ -24,7 +24,7 @@ tcp_in_range(const struct ip_conntrack_tuple *tuple, ...@@ -24,7 +24,7 @@ tcp_in_range(const struct ip_conntrack_tuple *tuple,
const union ip_conntrack_manip_proto *min, const union ip_conntrack_manip_proto *min,
const union ip_conntrack_manip_proto *max) const union ip_conntrack_manip_proto *max)
{ {
u_int16_t port; __be16 port;
if (maniptype == IP_NAT_MANIP_SRC) if (maniptype == IP_NAT_MANIP_SRC)
port = tuple->src.u.tcp.port; port = tuple->src.u.tcp.port;
...@@ -42,7 +42,7 @@ tcp_unique_tuple(struct ip_conntrack_tuple *tuple, ...@@ -42,7 +42,7 @@ tcp_unique_tuple(struct ip_conntrack_tuple *tuple,
const struct ip_conntrack *conntrack) const struct ip_conntrack *conntrack)
{ {
static u_int16_t port; static u_int16_t port;
u_int16_t *portptr; __be16 *portptr;
unsigned int range_size, min, i; unsigned int range_size, min, i;
if (maniptype == IP_NAT_MANIP_SRC) if (maniptype == IP_NAT_MANIP_SRC)
...@@ -93,8 +93,8 @@ tcp_manip_pkt(struct sk_buff **pskb, ...@@ -93,8 +93,8 @@ tcp_manip_pkt(struct sk_buff **pskb,
struct iphdr *iph = (struct iphdr *)((*pskb)->data + iphdroff); struct iphdr *iph = (struct iphdr *)((*pskb)->data + iphdroff);
struct tcphdr *hdr; struct tcphdr *hdr;
unsigned int hdroff = iphdroff + iph->ihl*4; unsigned int hdroff = iphdroff + iph->ihl*4;
u32 oldip, newip; __be32 oldip, newip;
u16 *portptr, newport, oldport; __be16 *portptr, newport, oldport;
int hdrsize = 8; /* TCP connection tracking guarantees this much */ int hdrsize = 8; /* TCP connection tracking guarantees this much */
/* this could be a inner header returned in icmp packet; in such /* this could be a inner header returned in icmp packet; in such
...@@ -130,7 +130,7 @@ tcp_manip_pkt(struct sk_buff **pskb, ...@@ -130,7 +130,7 @@ tcp_manip_pkt(struct sk_buff **pskb,
return 1; return 1;
hdr->check = nf_proto_csum_update(*pskb, ~oldip, newip, hdr->check, 1); hdr->check = nf_proto_csum_update(*pskb, ~oldip, newip, hdr->check, 1);
hdr->check = nf_proto_csum_update(*pskb, oldport ^ 0xFFFF, newport, hdr->check = nf_proto_csum_update(*pskb, oldport ^ htons(0xFFFF), newport,
hdr->check, 0); hdr->check, 0);
return 1; return 1;
} }
......
...@@ -24,7 +24,7 @@ udp_in_range(const struct ip_conntrack_tuple *tuple, ...@@ -24,7 +24,7 @@ udp_in_range(const struct ip_conntrack_tuple *tuple,
const union ip_conntrack_manip_proto *min, const union ip_conntrack_manip_proto *min,
const union ip_conntrack_manip_proto *max) const union ip_conntrack_manip_proto *max)
{ {
u_int16_t port; __be16 port;
if (maniptype == IP_NAT_MANIP_SRC) if (maniptype == IP_NAT_MANIP_SRC)
port = tuple->src.u.udp.port; port = tuple->src.u.udp.port;
...@@ -42,7 +42,7 @@ udp_unique_tuple(struct ip_conntrack_tuple *tuple, ...@@ -42,7 +42,7 @@ udp_unique_tuple(struct ip_conntrack_tuple *tuple,
const struct ip_conntrack *conntrack) const struct ip_conntrack *conntrack)
{ {
static u_int16_t port; static u_int16_t port;
u_int16_t *portptr; __be16 *portptr;
unsigned int range_size, min, i; unsigned int range_size, min, i;
if (maniptype == IP_NAT_MANIP_SRC) if (maniptype == IP_NAT_MANIP_SRC)
...@@ -91,8 +91,8 @@ udp_manip_pkt(struct sk_buff **pskb, ...@@ -91,8 +91,8 @@ udp_manip_pkt(struct sk_buff **pskb,
struct iphdr *iph = (struct iphdr *)((*pskb)->data + iphdroff); struct iphdr *iph = (struct iphdr *)((*pskb)->data + iphdroff);
struct udphdr *hdr; struct udphdr *hdr;
unsigned int hdroff = iphdroff + iph->ihl*4; unsigned int hdroff = iphdroff + iph->ihl*4;
u32 oldip, newip; __be32 oldip, newip;
u16 *portptr, newport; __be16 *portptr, newport;
if (!skb_make_writable(pskb, hdroff + sizeof(*hdr))) if (!skb_make_writable(pskb, hdroff + sizeof(*hdr)))
return 0; return 0;
...@@ -118,7 +118,7 @@ udp_manip_pkt(struct sk_buff **pskb, ...@@ -118,7 +118,7 @@ udp_manip_pkt(struct sk_buff **pskb,
hdr->check = nf_proto_csum_update(*pskb, ~oldip, newip, hdr->check = nf_proto_csum_update(*pskb, ~oldip, newip,
hdr->check, 1); hdr->check, 1);
hdr->check = nf_proto_csum_update(*pskb, hdr->check = nf_proto_csum_update(*pskb,
*portptr ^ 0xFFFF, newport, *portptr ^ htons(0xFFFF), newport,
hdr->check, 0); hdr->check, 0);
if (!hdr->check) if (!hdr->check)
hdr->check = -1; hdr->check = -1;
......
...@@ -119,7 +119,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb, ...@@ -119,7 +119,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb,
} }
/* Before 2.6.11 we did implicit source NAT if required. Warn about change. */ /* Before 2.6.11 we did implicit source NAT if required. Warn about change. */
static void warn_if_extra_mangle(u32 dstip, u32 srcip) static void warn_if_extra_mangle(__be32 dstip, __be32 srcip)
{ {
static int warned = 0; static int warned = 0;
struct flowi fl = { .nl_u = { .ip4_u = { .daddr = dstip } } }; struct flowi fl = { .nl_u = { .ip4_u = { .daddr = dstip } } };
...@@ -205,7 +205,7 @@ alloc_null_binding(struct ip_conntrack *conntrack, ...@@ -205,7 +205,7 @@ alloc_null_binding(struct ip_conntrack *conntrack,
per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED). per-proto parts (hence not IP_NAT_RANGE_PROTO_SPECIFIED).
Use reply in case it's already been mangled (eg local packet). Use reply in case it's already been mangled (eg local packet).
*/ */
u_int32_t ip __be32 ip
= (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC
? conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip ? conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip
: conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip); : conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip);
...@@ -222,7 +222,7 @@ alloc_null_binding_confirmed(struct ip_conntrack *conntrack, ...@@ -222,7 +222,7 @@ alloc_null_binding_confirmed(struct ip_conntrack *conntrack,
struct ip_nat_info *info, struct ip_nat_info *info,
unsigned int hooknum) unsigned int hooknum)
{ {
u_int32_t ip __be32 ip
= (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC
? conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip ? conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip
: conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip); : conntrack->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip);
......
...@@ -60,8 +60,8 @@ static unsigned int ip_nat_sip(struct sk_buff **pskb, ...@@ -60,8 +60,8 @@ static unsigned int ip_nat_sip(struct sk_buff **pskb,
enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
char buffer[sizeof("nnn.nnn.nnn.nnn:nnnnn")]; char buffer[sizeof("nnn.nnn.nnn.nnn:nnnnn")];
unsigned int bufflen, dataoff; unsigned int bufflen, dataoff;
u_int32_t ip; __be32 ip;
u_int16_t port; __be16 port;
dataoff = (*pskb)->nh.iph->ihl*4 + sizeof(struct udphdr); dataoff = (*pskb)->nh.iph->ihl*4 + sizeof(struct udphdr);
...@@ -159,7 +159,7 @@ static int mangle_content_len(struct sk_buff **pskb, ...@@ -159,7 +159,7 @@ static int mangle_content_len(struct sk_buff **pskb,
static unsigned int mangle_sdp(struct sk_buff **pskb, static unsigned int mangle_sdp(struct sk_buff **pskb,
enum ip_conntrack_info ctinfo, enum ip_conntrack_info ctinfo,
struct ip_conntrack *ct, struct ip_conntrack *ct,
u_int32_t newip, u_int16_t port, __be32 newip, u_int16_t port,
const char *dptr) const char *dptr)
{ {
char buffer[sizeof("nnn.nnn.nnn.nnn")]; char buffer[sizeof("nnn.nnn.nnn.nnn")];
...@@ -195,7 +195,7 @@ static unsigned int ip_nat_sdp(struct sk_buff **pskb, ...@@ -195,7 +195,7 @@ static unsigned int ip_nat_sdp(struct sk_buff **pskb,
{ {
struct ip_conntrack *ct = exp->master; struct ip_conntrack *ct = exp->master;
enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
u_int32_t newip; __be32 newip;
u_int16_t port; u_int16_t port;
DEBUGP("ip_nat_sdp():\n"); DEBUGP("ip_nat_sdp():\n");
......
...@@ -1211,7 +1211,7 @@ static int snmp_translate(struct ip_conntrack *ct, ...@@ -1211,7 +1211,7 @@ static int snmp_translate(struct ip_conntrack *ct,
struct sk_buff **pskb) struct sk_buff **pskb)
{ {
struct iphdr *iph = (*pskb)->nh.iph; struct iphdr *iph = (*pskb)->nh.iph;
struct udphdr *udph = (struct udphdr *)((u_int32_t *)iph + iph->ihl); struct udphdr *udph = (struct udphdr *)((__be32 *)iph + iph->ihl);
u_int16_t udplen = ntohs(udph->len); u_int16_t udplen = ntohs(udph->len);
u_int16_t paylen = udplen - sizeof(struct udphdr); u_int16_t paylen = udplen - sizeof(struct udphdr);
int dir = CTINFO2DIR(ctinfo); int dir = CTINFO2DIR(ctinfo);
......
...@@ -191,7 +191,7 @@ ip_nat_in(unsigned int hooknum, ...@@ -191,7 +191,7 @@ ip_nat_in(unsigned int hooknum,
int (*okfn)(struct sk_buff *)) int (*okfn)(struct sk_buff *))
{ {
unsigned int ret; unsigned int ret;
u_int32_t daddr = (*pskb)->nh.iph->daddr; __be32 daddr = (*pskb)->nh.iph->daddr;
ret = ip_nat_fn(hooknum, pskb, in, out, okfn); ret = ip_nat_fn(hooknum, pskb, in, out, okfn);
if (ret != NF_DROP && ret != NF_STOLEN if (ret != NF_DROP && ret != NF_STOLEN
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment