netfilter: ebtables: use generic table checking
authorJan Engelhardt <jengelh@medozas.de>
Wed, 8 Oct 2008 09:35:15 +0000 (11:35 +0200)
committerPatrick McHardy <kaber@trash.net>
Wed, 8 Oct 2008 09:35:15 +0000 (11:35 +0200)
Ebtables ORs (1 << NF_BR_NUMHOOKS) into the hook mask to indicate that
the extension was called from a base chain. So this also needs to be
present in the extensions' ->hooks.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
net/bridge/netfilter/ebt_arpreply.c
net/bridge/netfilter/ebt_dnat.c
net/bridge/netfilter/ebt_redirect.c
net/bridge/netfilter/ebt_snat.c

index 8071b64af46f17524c386d6d2041cb49bf21b8d5..0e51c8d7e5f29632cc3282742bf62448643959a6 100644 (file)
@@ -73,8 +73,6 @@ ebt_arpreply_tg_check(const char *tablename, const void *entry,
            e->invflags & EBT_IPROTO)
                return false;
        CLEAR_BASE_CHAIN_BIT;
-       if (strcmp(tablename, "nat") || hookmask & ~(1 << NF_BR_PRE_ROUTING))
-               return false;
        return true;
 }
 
@@ -82,6 +80,8 @@ static struct xt_target ebt_arpreply_tg_reg __read_mostly = {
        .name           = "arpreply",
        .revision       = 0,
        .family         = NFPROTO_BRIDGE,
+       .table          = "nat",
+       .hooks          = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_PRE_ROUTING),
        .target         = ebt_arpreply_tg,
        .checkentry     = ebt_arpreply_tg_check,
        .targetsize     = XT_ALIGN(sizeof(struct ebt_arpreply_info)),
index d2211c4a477e4e842f7ce9a4bdadeb6757b06088..cb80101e412c8ac86eec08281cbb740c84fe3f5b 100644 (file)
@@ -51,6 +51,8 @@ static struct xt_target ebt_dnat_tg_reg __read_mostly = {
        .name           = "dnat",
        .revision       = 0,
        .family         = NFPROTO_BRIDGE,
+       .hooks          = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_PRE_ROUTING) |
+                         (1 << NF_BR_LOCAL_OUT) | (1 << NF_BR_BROUTING),
        .target         = ebt_dnat_tg,
        .checkentry     = ebt_dnat_tg_check,
        .targetsize     = XT_ALIGN(sizeof(struct ebt_nat_info)),
index 1b7684ffe4045e89b4fb7e66c606c519cf10bab8..a50ffbe0e4fb823279e60f4e2991089d4304e580 100644 (file)
@@ -56,6 +56,8 @@ static struct xt_target ebt_redirect_tg_reg __read_mostly = {
        .name           = "redirect",
        .revision       = 0,
        .family         = NFPROTO_BRIDGE,
+       .hooks          = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_PRE_ROUTING) |
+                         (1 << NF_BR_BROUTING),
        .target         = ebt_redirect_tg,
        .checkentry     = ebt_redirect_tg_check,
        .targetsize     = XT_ALIGN(sizeof(struct ebt_redirect_info)),
index c90217a4f9e117b27d855e1b3481519c35d66b8f..8a55c7d49b55be655624d364259c865c81e6a19c 100644 (file)
@@ -56,10 +56,6 @@ ebt_snat_tg_check(const char *tablename, const void *e,
        if (BASE_CHAIN && tmp == EBT_RETURN)
                return false;
        CLEAR_BASE_CHAIN_BIT;
-       if (strcmp(tablename, "nat"))
-               return false;
-       if (hookmask & ~(1 << NF_BR_POST_ROUTING))
-               return false;
 
        if (tmp < -NUM_STANDARD_TARGETS || tmp >= 0)
                return false;
@@ -73,6 +69,8 @@ static struct xt_target ebt_snat_tg_reg __read_mostly = {
        .name           = "snat",
        .revision       = 0,
        .family         = NFPROTO_BRIDGE,
+       .table          = "nat",
+       .hooks          = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_POST_ROUTING),
        .target         = ebt_snat_tg,
        .checkentry     = ebt_snat_tg_check,
        .targetsize     = XT_ALIGN(sizeof(struct ebt_nat_info)),