X-Git-Url: http://developer.intra2net.com/git/?p=ipt_ACCOUNT;a=blobdiff_plain;f=linux-2.6%2Fnet%2Fipv4%2Fnetfilter%2Fipt_ACCOUNT.c;h=671c1c4d782d1e134003d2224e80098888bb796e;hp=5a5f03ffa5d6f67285c81503dcd58504d5a08251;hb=41fb32ab48248f206e11e1bde8d2298cf4824829;hpb=32efca6f6d8fa23b3654a875a33fefa121982d08 diff --git a/linux-2.6/net/ipv4/netfilter/ipt_ACCOUNT.c b/linux-2.6/net/ipv4/netfilter/ipt_ACCOUNT.c index 5a5f03f..671c1c4 100644 --- a/linux-2.6/net/ipv4/netfilter/ipt_ACCOUNT.c +++ b/linux-2.6/net/ipv4/netfilter/ipt_ACCOUNT.c @@ -2,8 +2,8 @@ * This is a module which is used for counting packets. * * See http://www.intra2net.com/opensource/ipt_account * * for further information * - * * - * Copyright (C) 2004-2006 by Intra2net AG * + * * + * Copyright (C) 2004-2008 by Intra2net AG * * opensource@intra2net.com * * * * This program is free software; you can redistribute it and/or modify * @@ -20,7 +20,13 @@ #include #include #include -#include + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,27) + #include +#else + #include +#endif + #include #include #include @@ -49,6 +55,18 @@ static DEFINE_SPINLOCK(ipt_acc_lock); /* Mutex (semaphore) used for manipulating userspace handles/snapshot data */ static struct semaphore ipt_acc_userspace_mutex; +/* Allocates a page and clears it */ +static void *ipt_acc_zalloc_page(void) +{ + // Don't use get_zeroed_page until it's fixed in the kernel. + // get_zeroed_page(GFP_ATOMIC) + void *mem = (void *)__get_free_page(GFP_ATOMIC); + if (mem) { + memset (mem, 0, PAGE_SIZE); + } + + return mem; +} /* Recursive free of all data structures */ static void ipt_acc_data_free(void *data, unsigned char depth) @@ -171,7 +189,7 @@ static int ipt_acc_table_insert(char *name, u_int32_t ip, u_int32_t netmask) ipt_acc_tables[i].refcount++; if ((ipt_acc_tables[i].data - = (void *)get_zeroed_page(GFP_ATOMIC)) == NULL) { + = ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: out of memory for data of table: %s\n", name); memset(&ipt_acc_tables[i], 0, sizeof(struct ipt_acc_table)); @@ -188,7 +206,14 @@ static int ipt_acc_table_insert(char *name, u_int32_t ip, u_int32_t netmask) return -1; } +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) +static bool ipt_acc_checkentry(const struct xt_tgchk_param *par) +#else +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) +static bool ipt_acc_checkentry(const char *tablename, +#else static int ipt_acc_checkentry(const char *tablename, +#endif #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16) const void *e, #else @@ -202,8 +227,13 @@ static int ipt_acc_checkentry(const char *tablename, unsigned int targinfosize, #endif unsigned int hook_mask) +#endif /* >= 2.6.28 */ { +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) + struct ipt_acc_info *info = par->targinfo; +#else struct ipt_acc_info *info = targinfo; +#endif int table_nr; #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) @@ -221,15 +251,26 @@ static int ipt_acc_checkentry(const char *tablename, if (table_nr == -1) { printk("ACCOUNT: Table insert problem. Aborting\n"); +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) + return false; +#else return 0; +#endif } /* Table nr caching so we don't have to do an extra string compare for every packet */ info->table_nr = table_nr; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23) + return true; +#else return 1; +#endif } +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) +static void ipt_acc_destroy(const struct xt_tgdtor_param *par) +#else static void ipt_acc_destroy( #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17) const struct xt_target *target, @@ -240,9 +281,14 @@ static void ipt_acc_destroy( void *targinfo, unsigned int targinfosize) #endif +#endif /* >= 2.6.28 */ { unsigned int i; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) + struct ipt_acc_info *info = par->targinfo; +#else struct ipt_acc_info *info = targinfo; +#endif #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) if (targinfosize != IPT_ALIGN(sizeof(struct ipt_acc_info))) { @@ -373,7 +419,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16, /* Do we need to create a new mask_24 bucket? */ if (!mask_16->mask_24[slot] && (mask_16->mask_24[slot] = - (void *)get_zeroed_page(GFP_ATOMIC)) == NULL) { + ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: Can't process packet because out of memory!\n"); return; } @@ -389,7 +435,7 @@ static void ipt_acc_depth1_insert(struct ipt_acc_mask_16 *mask_16, /* Do we need to create a new mask_24 bucket? */ if (!mask_16->mask_24[slot] && (mask_16->mask_24[slot] - = (void *)get_zeroed_page(GFP_ATOMIC)) == NULL) { + = ipt_acc_zalloc_page()) == NULL) { printk("ACCOUT: Can't process packet because out of memory!\n"); return; } @@ -411,7 +457,7 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8, /* Do we need to create a new mask_24 bucket? */ if (!mask_8->mask_16[slot] && (mask_8->mask_16[slot] - = (void *)get_zeroed_page(GFP_ATOMIC)) == NULL) { + = ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: Can't process packet because out of memory!\n"); return; } @@ -427,7 +473,7 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8, /* Do we need to create a new mask_24 bucket? */ if (!mask_8->mask_16[slot] && (mask_8->mask_16[slot] - = (void *)get_zeroed_page(GFP_ATOMIC)) == NULL) { + = ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: Can't process packet because out of memory!\n"); return; } @@ -437,7 +483,14 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8, } } +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) +static unsigned int ipt_acc_target(struct sk_buff *skb, const struct xt_target_param *par) +#else +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24) +static unsigned int ipt_acc_target(struct sk_buff *skb, +#else static unsigned int ipt_acc_target(struct sk_buff **pskb, +#endif const struct net_device *in, const struct net_device *out, unsigned int hooknum, @@ -450,9 +503,20 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb, const void *targinfo, void *userinfo) #endif +#endif /* 2.6.28 */ { - const struct ipt_acc_info *info = + const struct ipt_acc_info *info = +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) + par->targinfo; +#else (const struct ipt_acc_info *)targinfo; +#endif + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24) + u_int32_t src_ip = ip_hdr(skb)->saddr; + u_int32_t dst_ip = ip_hdr(skb)->daddr; + u_int32_t size = ntohs(ip_hdr(skb)->tot_len); +#else #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) u_int32_t src_ip = ip_hdr(*pskb)->saddr; u_int32_t dst_ip = ip_hdr(*pskb)->daddr; @@ -462,6 +526,7 @@ static unsigned int ipt_acc_target(struct sk_buff **pskb, u_int32_t dst_ip = (*pskb)->nh.iph->daddr; u_int32_t size = ntohs((*pskb)->nh.iph->tot_len); #endif +#endif spin_lock_bh(&ipt_acc_lock); @@ -591,7 +656,7 @@ static int ipt_acc_handle_prepare_read(char *tablename, dest->itemcount = ipt_acc_tables[table_nr].itemcount; /* allocate "root" table */ - if ((dest->data = (void*)get_zeroed_page(GFP_ATOMIC)) == NULL) { + if ((dest->data = ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: out of memory for root table " "in ipt_acc_handle_prepare_read()\n"); return -1; @@ -613,7 +678,7 @@ static int ipt_acc_handle_prepare_read(char *tablename, for (b = 0; b <= 255; b++) { if (src_16->mask_24[b]) { if ((network_16->mask_24[b] = - (void*)get_zeroed_page(GFP_ATOMIC)) == NULL) { + ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: out of memory during copy of 16 bit " "network in ipt_acc_handle_prepare_read()\n"); ipt_acc_data_free(dest->data, depth); @@ -635,7 +700,7 @@ static int ipt_acc_handle_prepare_read(char *tablename, for (a = 0; a <= 255; a++) { if (src_8->mask_16[a]) { if ((network_8->mask_16[a] = - (void*)get_zeroed_page(GFP_ATOMIC)) == NULL) { + ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: out of memory during copy of 24 bit network" " in ipt_acc_handle_prepare_read()\n"); ipt_acc_data_free(dest->data, depth); @@ -651,7 +716,7 @@ static int ipt_acc_handle_prepare_read(char *tablename, for (b = 0; b <= 255; b++) { if (src_16->mask_24[b]) { if ((network_16->mask_24[b] = - (void*)get_zeroed_page(GFP_ATOMIC)) == NULL) { + ipt_acc_zalloc_page()) == NULL) { printk("ACCOUNT: out of memory during copy of 16 bit" " network in ipt_acc_handle_prepare_read()\n"); ipt_acc_data_free(dest->data, depth); @@ -690,7 +755,7 @@ static int ipt_acc_handle_prepare_read_flush(char *tablename, } /* Try to allocate memory */ - if (!(new_data_page = (void*)get_zeroed_page(GFP_ATOMIC))) { + if (!(new_data_page = ipt_acc_zalloc_page())) { printk("ACCOUNT: ipt_acc_handle_prepare_read_flush(): " "Out of memory!\n"); return -1; @@ -855,7 +920,7 @@ static int ipt_acc_set_ctl(struct sock *sk, int cmd, switch (cmd) { case IPT_SO_SET_ACCOUNT_HANDLE_FREE: if (len != sizeof(struct ipt_acc_handle_sockopt)) { - printk("ACCOUNT: ipt_acc_set_ctl: wrong data size (%u != %u) " + printk("ACCOUNT: ipt_acc_set_ctl: wrong data size (%u != %zu) " "for IPT_SO_SET_HANDLE_FREE\n", len, sizeof(struct ipt_acc_handle_sockopt)); break; @@ -901,7 +966,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len) struct ipt_acc_handle dest; if (*len < sizeof(struct ipt_acc_handle_sockopt)) { - printk("ACCOUNT: ipt_acc_get_ctl: wrong data size (%u != %u) " + printk("ACCOUNT: ipt_acc_get_ctl: wrong data size (%u != %zu) " "for IPT_SO_GET_ACCOUNT_PREPARE_READ/READ_FLUSH\n", *len, sizeof(struct ipt_acc_handle_sockopt)); break; @@ -946,7 +1011,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len) } case IPT_SO_GET_ACCOUNT_GET_DATA: if (*len < sizeof(struct ipt_acc_handle_sockopt)) { - printk("ACCOUNT: ipt_acc_get_ctl: wrong data size (%u != %u)" + printk("ACCOUNT: ipt_acc_get_ctl: wrong data size (%u != %zu)" " for IPT_SO_GET_ACCOUNT_PREPARE_READ/READ_FLUSH\n", *len, sizeof(struct ipt_acc_handle_sockopt)); break; @@ -965,7 +1030,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len) if (*len < ipt_acc_handles[handle.handle_nr].itemcount * sizeof(struct ipt_acc_handle_ip)) { - printk("ACCOUNT: ipt_acc_get_ctl: not enough space (%u < %u)" + printk("ACCOUNT: ipt_acc_get_ctl: not enough space (%u < %zu)" " to store data from IPT_SO_GET_ACCOUNT_GET_DATA\n", *len, ipt_acc_handles[handle.handle_nr].itemcount * sizeof(struct ipt_acc_handle_ip)); @@ -987,7 +1052,7 @@ static int ipt_acc_get_ctl(struct sock *sk, int cmd, void *user, int *len) case IPT_SO_GET_ACCOUNT_GET_HANDLE_USAGE: { unsigned int i; if (*len < sizeof(struct ipt_acc_handle_sockopt)) { - printk("ACCOUNT: ipt_acc_get_ctl: wrong data size (%u != %u)" + printk("ACCOUNT: ipt_acc_get_ctl: wrong data size (%u != %zu)" " for IPT_SO_GET_ACCOUNT_GET_HANDLE_USAGE\n", *len, sizeof(struct ipt_acc_handle_sockopt)); break;