br_nf_core.c 2.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596
  1. /*
  2. * Handle firewalling core
  3. * Linux ethernet bridge
  4. *
  5. * Authors:
  6. * Lennert Buytenhek <buytenh@gnu.org>
  7. * Bart De Schuymer <bdschuym@pandora.be>
  8. *
  9. * This program is free software; you can redistribute it and/or
  10. * modify it under the terms of the GNU General Public License
  11. * as published by the Free Software Foundation; either version
  12. * 2 of the License, or (at your option) any later version.
  13. *
  14. * Lennert dedicates this file to Kerstin Wurdinger.
  15. */
  16. #include <linux/module.h>
  17. #include <linux/kernel.h>
  18. #include <linux/in_route.h>
  19. #include <linux/inetdevice.h>
  20. #include <net/route.h>
  21. #include "br_private.h"
  22. #ifdef CONFIG_SYSCTL
  23. #include <linux/sysctl.h>
  24. #endif
  25. static void fake_update_pmtu(struct dst_entry *dst, struct sock *sk,
  26. struct sk_buff *skb, u32 mtu)
  27. {
  28. }
  29. static void fake_redirect(struct dst_entry *dst, struct sock *sk,
  30. struct sk_buff *skb)
  31. {
  32. }
  33. static u32 *fake_cow_metrics(struct dst_entry *dst, unsigned long old)
  34. {
  35. return NULL;
  36. }
  37. static struct neighbour *fake_neigh_lookup(const struct dst_entry *dst,
  38. struct sk_buff *skb,
  39. const void *daddr)
  40. {
  41. return NULL;
  42. }
  43. static unsigned int fake_mtu(const struct dst_entry *dst)
  44. {
  45. return dst->dev->mtu;
  46. }
  47. static struct dst_ops fake_dst_ops = {
  48. .family = AF_INET,
  49. .update_pmtu = fake_update_pmtu,
  50. .redirect = fake_redirect,
  51. .cow_metrics = fake_cow_metrics,
  52. .neigh_lookup = fake_neigh_lookup,
  53. .mtu = fake_mtu,
  54. };
  55. /*
  56. * Initialize bogus route table used to keep netfilter happy.
  57. * Currently, we fill in the PMTU entry because netfilter
  58. * refragmentation needs it, and the rt_flags entry because
  59. * ipt_REJECT needs it. Future netfilter modules might
  60. * require us to fill additional fields.
  61. */
  62. static const u32 br_dst_default_metrics[RTAX_MAX] = {
  63. [RTAX_MTU - 1] = 1500,
  64. };
  65. void br_netfilter_rtable_init(struct net_bridge *br)
  66. {
  67. struct rtable *rt = &br->fake_rtable;
  68. atomic_set(&rt->dst.__refcnt, 1);
  69. rt->dst.dev = br->dev;
  70. rt->dst.path = &rt->dst;
  71. dst_init_metrics(&rt->dst, br_dst_default_metrics, true);
  72. rt->dst.flags = DST_NOXFRM | DST_FAKE_RTABLE;
  73. rt->dst.ops = &fake_dst_ops;
  74. }
  75. int __init br_nf_core_init(void)
  76. {
  77. return dst_entries_init(&fake_dst_ops);
  78. }
  79. void br_nf_core_fini(void)
  80. {
  81. dst_entries_destroy(&fake_dst_ops);
  82. }