List Info

Thread: : Netfilter fixes/cleanup
: Netfilter fixes/cleanup
country flaguser name
Switzerland		 2007-07-24 10:54:12 
These patches fix a log target regression in 2.6.22, causing
failures to
load ipt_LOG/ ipt_ULOG when the other one is already loaded
and clean
up a couple of duplicate includes. I'll send the regression
fix to -stable
once its upstream.

Please apply, thanks.


 net/bridge/netfilter/ebt_log.c             |    7 ++-----
 net/bridge/netfilter/ebt_ulog.c            |    9
++-------
 net/ipv4/netfilter/ipt_LOG.c               |    6 ++----
 net/ipv6/netfilter/ip6t_LOG.c              |    6 ++----
 net/netfilter/nf_conntrack_proto_tcp.c     |    1 -
 net/netfilter/nf_conntrack_proto_udp.c     |    1 -
 net/netfilter/nf_conntrack_proto_udplite.c |    1 -
 net/netfilter/xt_physdev.c                 |    1 -
 8 files changed, 8 insertions(+), 24 deletions(-)

Jesper Juhl (2):
      [NETFILTER]: Clean up duplicate includes in
net/bridge/
      [NETFILTER]: Clean up duplicate includes in
net/netfilter/

Patrick McHardy (1):
      [NETFILTER]: Fix logging regression
: Fix logging regression
country flaguser name
Switzerland		 2007-07-24 10:54:13 
[NETFILTER]: Fix logging regression

Loading one of the LOG target fails if a different target
has already
registered itself as backend for the same family. This can
affect the
ipt_LOG and ipt_ULOG modules when both are loaded.

Reported and tested by: <t.artemmailcity.com>

Signed-off-by: Patrick McHardy <kabertrash.net>

---
commit 01e8429f5fcc78ccdf3a9bc785fd7bfec86f5eef
tree e93083bbfa6b1aefda551f318525824a3cdb5f6e
parent 8324cebeed865164db4c35a86f8608078bdb0609
author Patrick McHardy <kabertrash.net> Tue, 24 Jul
2007 16:34:04 +0200
committer Patrick McHardy <kabertrash.net> Tue, 24 Jul
2007 16:34:04 +0200

 net/bridge/netfilter/ebt_log.c  |    6 ++----
 net/bridge/netfilter/ebt_ulog.c |    8 ++------
 net/ipv4/netfilter/ipt_LOG.c    |    6 ++----
 net/ipv6/netfilter/ip6t_LOG.c   |    6 ++----
 4 files changed, 8 insertions(+), 18 deletions(-)

diff --git a/net/bridge/netfilter/ebt_log.c
b/net/bridge/netfilter/ebt_log.c
index 031bfa4..984e9c6 100644
--- a/net/bridge/netfilter/ebt_log.c
+++ b/net/bridge/netfilter/ebt_log.c
 -196,10
+196,8  static int __init ebt_log_init(void)
 	ret = ebt_register_watcher(&log);
 	if (ret < 0)
 		return ret;
-	ret = nf_log_register(PF_BRIDGE, &ebt_log_logger);
-	if (ret < 0 && ret != -EEXIST)
-		ebt_unregister_watcher(&log);
-	return ret;
+	nf_log_register(PF_BRIDGE, &ebt_log_logger);
+	return 0;
 }
 
 static void __exit ebt_log_fini(void)
diff --git a/net/bridge/netfilter/ebt_ulog.c
b/net/bridge/netfilter/ebt_ulog.c
index 9411db6..6fec352 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
 -308,12
+308,8  static int __init ebt_ulog_init(void)
 	else if ((ret = ebt_register_watcher(&ulog)))
 		sock_release(ebtulognl->sk_socket);
 
-	if (nf_log_register(PF_BRIDGE, &ebt_ulog_logger) <
0) {
-		printk(KERN_WARNING "ebt_ulog: not logging via ulog
"
-		       "since somebody else already registered for
PF_BRIDGEn");
-		/* we cannot make module load fail here, since otherwise
-		 * ebtables userspace would abort */
-	}
+	if (ret == 0)
+		nf_log_register(PF_BRIDGE, &ebt_ulog_logger);
 
 	return ret;
 }
diff --git a/net/ipv4/netfilter/ipt_LOG.c
b/net/ipv4/netfilter/ipt_LOG.c
index 5937ad1..127a5e8 100644
--- a/net/ipv4/netfilter/ipt_LOG.c
+++ b/net/ipv4/netfilter/ipt_LOG.c
 -479,10
+479,8  static int __init ipt_log_init(void)
 	ret = xt_register_target(&ipt_log_reg);
 	if (ret < 0)
 		return ret;
-	ret = nf_log_register(PF_INET, &ipt_log_logger);
-	if (ret < 0 && ret != -EEXIST)
-		xt_unregister_target(&ipt_log_reg);
-	return ret;
+	nf_log_register(PF_INET, &ipt_log_logger);
+	return 0;
 }
 
 static void __exit ipt_log_fini(void)
diff --git a/net/ipv6/netfilter/ip6t_LOG.c
b/net/ipv6/netfilter/ip6t_LOG.c
index b05327e..6ab9900 100644
--- a/net/ipv6/netfilter/ip6t_LOG.c
+++ b/net/ipv6/netfilter/ip6t_LOG.c
 -493,10
+493,8  static int __init ip6t_log_init(void)
 	ret = xt_register_target(&ip6t_log_reg);
 	if (ret < 0)
 		return ret;
-	ret = nf_log_register(PF_INET6, &ip6t_logger);
-	if (ret < 0 && ret != -EEXIST)
-		xt_unregister_target(&ip6t_log_reg);
-	return ret;
+	nf_log_register(PF_INET6, &ip6t_logger);
+	return 0;
 }
 
 static void __exit ip6t_log_fini(void)
: Clean up duplicate includes in net/bridge/
country flaguser name
Switzerland		 2007-07-24 10:54:15 
[NETFILTER]: Clean up duplicate includes in net/bridge/

This patch cleans up duplicate includes in
	net/bridge/

Signed-off-by: Jesper Juhl <jesper.juhlgmail.com>
Signed-off-by: Patrick McHardy <kabertrash.net>

---
commit 1d99f5a08243ed513a0250943a4c092bc0b9eeba
tree e80db45eca5c67d6a9bf660e5d3c3bf09c2fe305
parent 01e8429f5fcc78ccdf3a9bc785fd7bfec86f5eef
author Jesper Juhl <jesper.juhlgmail.com> Tue, 24 Jul
2007 17:28:18 +0200
committer Patrick McHardy <kabertrash.net> Tue, 24 Jul
2007 17:28:18 +0200

 net/bridge/netfilter/ebt_log.c  |    1 -
 net/bridge/netfilter/ebt_ulog.c |    1 -
 2 files changed, 0 insertions(+), 2 deletions(-)

diff --git a/net/bridge/netfilter/ebt_log.c
b/net/bridge/netfilter/ebt_log.c
index 984e9c6..457815f 100644
--- a/net/bridge/netfilter/ebt_log.c
+++ b/net/bridge/netfilter/ebt_log.c
 -9,7
+9,6 
  *
  */
 
-#include <linux/in.h>
 #include <linux/netfilter_bridge/ebtables.h>
 #include <linux/netfilter_bridge/ebt_log.h>
 #include <linux/netfilter.h>
diff --git a/net/bridge/netfilter/ebt_ulog.c
b/net/bridge/netfilter/ebt_ulog.c
index 6fec352..204c968 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
 -36,7
+36,6 
 #include <linux/timer.h>
 #include <linux/netlink.h>
 #include <linux/netdevice.h>
-#include <linux/module.h>
 #include <linux/netfilter_bridge/ebtables.h>
 #include <linux/netfilter_bridge/ebt_ulog.h>
 #include <net/sock.h>
: Clean up duplicate includes in net/netfilter/
country flaguser name
Switzerland		 2007-07-24 10:54:16 
[NETFILTER]: Clean up duplicate includes in net/netfilter/

This patch cleans up duplicate includes in
	net/netfilter/

Signed-off-by: Jesper Juhl <jesper.juhlgmail.com>
Signed-off-by: Patrick McHardy <kabertrash.net>

---
commit 910ff48fe7571e72bd2b8519cbd6383d81319b26
tree 88176f444ea5e6fef4259aca0b0df0af2766516d
parent 1d99f5a08243ed513a0250943a4c092bc0b9eeba
author Jesper Juhl <jesper.juhlgmail.com> Tue, 24 Jul
2007 17:29:06 +0200
committer Patrick McHardy <kabertrash.net> Tue, 24 Jul
2007 17:29:06 +0200

 net/netfilter/nf_conntrack_proto_tcp.c     |    1 -
 net/netfilter/nf_conntrack_proto_udp.c     |    1 -
 net/netfilter/nf_conntrack_proto_udplite.c |    1 -
 net/netfilter/xt_physdev.c                 |    1 -
 4 files changed, 0 insertions(+), 4 deletions(-)

diff --git a/net/netfilter/nf_conntrack_proto_tcp.c
b/net/netfilter/nf_conntrack_proto_tcp.c
index 87ad3cc..eb3fe74 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
 -8,7
+8,6 
 
 #include <linux/types.h>
 #include <linux/timer.h>
-#include <linux/netfilter.h>
 #include <linux/module.h>
 #include <linux/in.h>
 #include <linux/tcp.h>
diff --git a/net/netfilter/nf_conntrack_proto_udp.c
b/net/netfilter/nf_conntrack_proto_udp.c
index 13d94a0..2a2fd1a 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
 -9,7
+9,6 
 #include <linux/types.h>
 #include <linux/timer.h>
 #include <linux/module.h>
-#include <linux/netfilter.h>
 #include <linux/udp.h>
 #include <linux/seq_file.h>
 #include <linux/skbuff.h>
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c
b/net/netfilter/nf_conntrack_proto_udplite.c
index 93e747b..b906b41 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
 -10,7
+10,6 
 #include <linux/types.h>
 #include <linux/timer.h>
 #include <linux/module.h>
-#include <linux/netfilter.h>
 #include <linux/udp.h>
 #include <linux/seq_file.h>
 #include <linux/skbuff.h>
diff --git a/net/netfilter/xt_physdev.c
b/net/netfilter/xt_physdev.c
index f47cab7..a4bab04 100644
--- a/net/netfilter/xt_physdev.c
+++ b/net/netfilter/xt_physdev.c
 -13,7
+13,6 
 #include <linux/netfilter_bridge.h>
 #include <linux/netfilter/xt_physdev.h>
 #include <linux/netfilter/x_tables.h>
-#include <linux/netfilter_bridge.h>
 
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Bart De Schuymer <bdschuympandora.be>");
Re: : Netfilter fixes/cleanup
country flaguser name
United States		 2007-07-24 17:31:19 
From: Patrick McHardy <kabertrash.net>
Date: Tue, 24 Jul 2007 17:54:12 +0200 (MEST)

> These patches fix a log target regression in 2.6.22,
causing failures to
> load ipt_LOG/ ipt_ULOG when the other one is already
loaded and clean
> up a couple of duplicate includes. I'll send the
regression fix to -stable
> once its upstream.
> 
> Please apply, thanks.

Applied, thanks Patrick.
[1-5]

about | contact  Other archives ( Real Estate discussion Medical topics )