LXR linux/net/bridge/br_nf

   1/*
   2 *      Handle firewalling core
   3 *      Linux ethernet bridge
   4 *
   5 *      Authors:
   6 *      Lennert Buytenhek               <buytenh@gnu.org>
   7 *      Bart De Schuymer                <bdschuym@pandora.be>
   8 *
   9 *      This program is free software; you can redistribute it and/or
  10 *      modify it under the terms of the GNU General Public License
  11 *      as published by the Free Software Foundation; either version
  12 *      2 of the License, or (at your option) any later version.
  13 *
  14 *      Lennert dedicates this file to Kerstin Wurdinger.
  15 */
  16
  17#include <linux/module.h>
  18#include <linux/kernel.h>
  19#include <linux/in_route.h>
  20#include <linux/inetdevice.h>
  21#include <net/route.h>
  22
  23#include "br_private.h"
  24#ifdef CONFIG_SYSCTL
  25#include <linux/sysctl.h>
  26#endif
  27
  28static void fake_update_pmtu(struct dst_entry *dst, struct sock *sk,
  29                             struct sk_buff *skb, u32 mtu)
  30{
  31}
  32
  33static void fake_redirect(struct dst_entry *dst, struct sock *sk,
  34                          struct sk_buff *skb)
  35{
  36}
  37
  38static u32 *fake_cow_metrics(struct dst_entry *dst, unsigned long old)
  39{
  40        return NULL;
  41}
  42
  43static struct neighbour *fake_neigh_lookup(const struct dst_entry *dst,
  44                                           struct sk_buff *skb,
  45                                           const void *daddr)
  46{
  47        return NULL;
  48}
  49
  50static unsigned int fake_mtu(const struct dst_entry *dst)
  51{
  52        return dst->dev->mtu;
  53}
  54
  55static struct dst_ops fake_dst_ops = {
  56        .family         = AF_INET,
  57        .update_pmtu    = fake_update_pmtu,
  58        .redirect       = fake_redirect,
  59        .cow_metrics    = fake_cow_metrics,
  60        .neigh_lookup   = fake_neigh_lookup,
  61        .mtu            = fake_mtu,
  62};
  63
  64/*
  65 * Initialize bogus route table used to keep netfilter happy.
  66 * Currently, we fill in the PMTU entry because netfilter
  67 * refragmentation needs it, and the rt_flags entry because
  68 * ipt_REJECT needs it.  Future netfilter modules might
  69 * require us to fill additional fields.
  70 */
  71static const u32 br_dst_default_metrics[RTAX_MAX] = {
  72        [RTAX_MTU - 1] = 1500,
  73};
  74
  75void br_netfilter_rtable_init(struct net_bridge *br)
  76{
  77        struct rtable *rt = &br->fake_rtable;
  78
  79        atomic_set(&rt->dst.__refcnt, 1);
  80        rt->dst.dev = br->dev;
  81        rt->dst.path = &rt->dst;
  82        dst_init_metrics(&rt->dst, br_dst_default_metrics, true);
  83        rt->dst.flags   = DST_NOXFRM | DST_FAKE_RTABLE;
  84        rt->dst.ops = &fake_dst_ops;
  85}
  86
  87int __init br_nf_core_init(void)
  88{
  89        return dst_entries_init(&fake_dst_ops);
  90}
  91
  92void br_nf_core_fini(void)
  93{
  94        dst_entries_destroy(&fake_dst_ops);
  95}
  96