Mercurial Mercurial > fw > nsc-linux-2.6.29 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
net/ipv4/netfilter/iptable_filter.c
changeset 2 d1f6d8b6f81c
parent 0 aa628870c1d3
equal deleted inserted replaced
1:0056487c491e 2:d1f6d8b6f81c 
    91 		   const struct net_device *out,
 
    91 		   const struct net_device *out,
 
    92 		   int (*okfn)(struct sk_buff *))
 
    92 		   int (*okfn)(struct sk_buff *))
 
    93 {
 
    93 {
 
    94 	/* root is playing with raw sockets. */
 
    94 	/* root is playing with raw sockets. */
 
    95 	if (skb->len < sizeof(struct iphdr) ||
 
    95 	if (skb->len < sizeof(struct iphdr) ||
 
    96 	    ip_hdrlen(skb) < sizeof(struct iphdr)) {
 
    96 	    ip_hdrlen(skb) < sizeof(struct iphdr))
 
    97 		if (net_ratelimit())
 
       
    98 			printk("iptable_filter: ignoring short SOCK_RAW "
 
       
    99 			       "packet.\n");
 
       
   100 		return NF_ACCEPT;
 
    97 		return NF_ACCEPT;
 
   101 	}
 
       
   102 
       
   103 	return ipt_do_table(skb, hook, in, out,
 
    98 	return ipt_do_table(skb, hook, in, out,
 
   104 			    dev_net(out)->ipv4.iptable_filter);
 
    99 			    dev_net(out)->ipv4.iptable_filter);
 
   105 }
 
   100 }
 
   106 
   101 
   107 static struct nf_hook_ops ipt_ops[] __read_mostly = {
 
   102 static struct nf_hook_ops ipt_ops[] __read_mostly = {
fw/nsc-linux-2.6.29