summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-12-05 10:26:18 +0100
committerDavid S. Miller <davem@davemloft.net>2008-01-28 23:56:14 +0100
commit7a6c6653b3a977087ec64d76817c7ee6e1df5b60 (patch)
treeb5c2c1b0df99f6ecce5193e4d51e69e78268ad39
parent[NETFILTER]: ip6_queue: deobfuscate entry lookups (diff)
downloadlinux-7a6c6653b3a977087ec64d76817c7ee6e1df5b60.tar.xz
linux-7a6c6653b3a977087ec64d76817c7ee6e1df5b60.zip
[NETFILTER]: ip6_queue: resync dev-index based flushing
Resync dev_cmp to take bridge devices into account. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv6/netfilter/ip6_queue.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index 7d0780d02d0b..9c50cb19b39b 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -418,7 +418,16 @@ dev_cmp(struct ipq_queue_entry *entry, unsigned long ifindex)
if (entry->info->outdev)
if (entry->info->outdev->ifindex == ifindex)
return 1;
-
+#ifdef CONFIG_BRIDGE_NETFILTER
+ if (entry->skb->nf_bridge) {
+ if (entry->skb->nf_bridge->physindev &&
+ entry->skb->nf_bridge->physindev->ifindex == ifindex)
+ return 1;
+ if (entry->skb->nf_bridge->physoutdev &&
+ entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
+ return 1;
+ }
+#endif
return 0;
}