Attached is Rusty's netfilter patch to fix the race condition in
ip_conntrack and my patch for changing net printks to print out a simple
IP instead of a 4byte number.
(repost, original didn't have patches)
-d
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/include/linux/netfilter_ipv4/ip_conntrack_protocol.h working/include/linux/netfilter_ipv4/ip_conntrack_protocol.h
- --- linux-2.3.99-pre4-2/include/linux/netfilter_ipv4/ip_conntrack_protocol.h Sat Apr 8 18:10:12 2000
+++ working/include/linux/netfilter_ipv4/ip_conntrack_protocol.h Mon Apr 3 14:47:59 2000
@@ -37,10 +37,10 @@
struct iphdr *iph, size_t len,
enum ip_conntrack_info ctinfo);
- - /* Called when a new connection for this protocol found; returns
- - * TRUE if it's OK. If so, packet() called next. */
- - int (*new)(struct ip_conntrack *conntrack,
- - struct iphdr *iph, size_t len);
+ /* Called when a new connection for this protocol found;
+ * returns timeout. If so, packet() called next. */
+ unsigned long (*new)(struct ip_conntrack *conntrack,
+ struct iphdr *iph, size_t len);
/* Module (if any) which this is connected to. */
struct module *me;
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/include/linux/netfilter_ipv4/ipt_state.h working/include/linux/netfilter_ipv4/ipt_state.h
- --- linux-2.3.99-pre4-2/include/linux/netfilter_ipv4/ipt_state.h Sat Mar 18 05:26:20 2000
+++ working/include/linux/netfilter_ipv4/ipt_state.h Mon Apr 3 14:18:20 2000
@@ -1,8 +1,7 @@
#ifndef _IPT_STATE_H
#define _IPT_STATE_H
- -#define _IPT_STATE_BIT(ctinfo) (1 << ((ctinfo)+1))
- -#define IPT_STATE_BIT(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? _IPT_STATE_BIT((ctinfo)-IP_CT_IS_REPLY) : _IPT_STATE_BIT(ctinfo))
+#define IPT_STATE_BIT(ctinfo) (1 << ((ctinfo)%IP_CT_IS_REPLY+1))
#define IPT_STATE_INVALID (1 << 0)
struct ipt_state_info
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/ip_fragment.c working/net/ipv4/ip_fragment.c
- --- linux-2.3.99-pre4-2/net/ipv4/ip_fragment.c Thu Feb 10 14:38:09 2000
+++ working/net/ipv4/ip_fragment.c Mon Apr 3 14:18:20 2000
@@ -387,8 +387,13 @@
*/
skb->security = qp->fragments->skb->security;
+#ifdef CONFIG_NETFILTER
+ /* Connection association is same as fragment (if any). */
+ skb->nfct = qp->fragments->skb->nfct;
+ nf_conntrack_get(skb->nfct);
#ifdef CONFIG_NETFILTER_DEBUG
skb->nf_debug = qp->fragments->skb->nf_debug;
+#endif
#endif
/* Done with all fragments. Fixup the new IP header. */
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_core.c working/net/ipv4/netfilter/ip_conntrack_core.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_core.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_conntrack_core.c Mon Apr 3 14:18:20 2000
@@ -343,6 +343,7 @@
size_t hash, repl_hash;
struct ip_conntrack_expect *expected;
enum ip_conntrack_info ctinfo;
+ unsigned long extra_jiffies;
int i;
if (!invert_tuple(&repl_tuple, tuple, protocol)) {
@@ -366,19 +367,24 @@
repl_hash = hash_conntrack(&repl_tuple);
memset(conntrack, 0, sizeof(struct ip_conntrack));
- - atomic_set(&conntrack->ct_general.use, 1);
+ atomic_set(&conntrack->ct_general.use, 2);
conntrack->ct_general.destroy = destroy_conntrack;
conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *tuple;
conntrack->tuplehash[IP_CT_DIR_ORIGINAL].ctrack = conntrack;
conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = repl_tuple;
conntrack->tuplehash[IP_CT_DIR_REPLY].ctrack = conntrack;
- - for(i=0; i < IP_CT_NUMBER; i++)
+ for (i=0; i < IP_CT_NUMBER; i++)
conntrack->infos[i].master = &conntrack->ct_general;
- - if (!protocol->new(conntrack, skb->nh.iph, skb->len)) {
+ extra_jiffies = protocol->new(conntrack, skb->nh.iph, skb->len);
+ if (!extra_jiffies) {
kmem_cache_free(ip_conntrack_cachep, conntrack);
return 1;
}
+ conntrack->timeout.data = (unsigned long)conntrack;
+ conntrack->timeout.function = death_by_timeout;
+ conntrack->timeout.expires = jiffies + extra_jiffies;
+ add_timer(&conntrack->timeout);
/* Sew in at head of hash list. */
WRITE_LOCK(&ip_conntrack_lock);
@@ -421,7 +427,7 @@
}
static void
- -resolve_normal_ct(struct sk_buff *skb)
+resolve_normal_ct(struct sk_buff *skb, int create)
{
struct ip_conntrack_tuple tuple;
struct ip_conntrack_tuple_hash *h;
@@ -436,7 +442,7 @@
do {
/* look for tuple match */
h = ip_conntrack_find_get(&tuple, NULL);
- - if (!h && init_conntrack(&tuple, proto, skb))
+ if (!h && (!create || init_conntrack(&tuple, proto, skb)))
return;
} while (!h);
@@ -464,13 +470,15 @@
}
/* Return conntrack and conntrack_info a given skb */
- -struct ip_conntrack *
- -ip_conntrack_get(struct sk_buff *skb, enum ip_conntrack_info *ctinfo)
+static struct ip_conntrack *
+__ip_conntrack_get(struct sk_buff *skb,
+ enum ip_conntrack_info *ctinfo,
+ int create)
{
if (!skb->nfct) {
/* It may be an icmp error... */
if (!icmp_error_track(skb))
- - resolve_normal_ct(skb);
+ resolve_normal_ct(skb, create);
}
if (skb->nfct) {
@@ -485,6 +493,12 @@
return NULL;
}
+struct ip_conntrack *
+ip_conntrack_get(struct sk_buff *skb, enum ip_conntrack_info *ctinfo)
+{
+ return __ip_conntrack_get(skb, ctinfo, 0);
+}
+
/* Netfilter hook itself. */
unsigned int ip_conntrack_in(unsigned int hooknum,
struct sk_buff **pskb,
@@ -512,13 +526,13 @@
return NF_STOLEN;
}
- - ct = ip_conntrack_get(*pskb, &ctinfo);
- - if (!ct)
+ ct = __ip_conntrack_get(*pskb, &ctinfo, 1);
+ if (!ct) {
/* Not valid part of a connection */
return NF_ACCEPT;
+ }
proto = find_proto((*pskb)->nh.iph->protocol);
- - /* If this is new, this is first time timer will be set */
ret = proto->packet(ct, (*pskb)->nh.iph, (*pskb)->len, ctinfo);
if (ret == -1) {
@@ -645,24 +659,16 @@
MOD_DEC_USE_COUNT;
}
- -/* Refresh conntrack for this many jiffies: if noone calls this,
- - conntrack will vanish with current skb. */
+/* Refresh conntrack for this many jiffies. */
void ip_ct_refresh(struct ip_conntrack *ct, unsigned long extra_jiffies)
{
+ IP_NF_ASSERT(ct->timeout.data == (unsigned long)ct);
+
WRITE_LOCK(&ip_conntrack_lock);
- - /* If this hasn't had a timer before, it's still being set up */
- - if (ct->timeout.data == 0) {
- - ct->timeout.data = (unsigned long)ct;
- - ct->timeout.function = death_by_timeout;
+ /* Need del_timer for race avoidance (may already be dying). */
+ if (del_timer(&ct->timeout)) {
ct->timeout.expires = jiffies + extra_jiffies;
- - atomic_inc(&ct->ct_general.use);
add_timer(&ct->timeout);
- - } else {
- - /* Need del_timer for race avoidance (may already be dying). */
- - if (del_timer(&ct->timeout)) {
- - ct->timeout.expires = jiffies + extra_jiffies;
- - add_timer(&ct->timeout);
- - }
}
WRITE_UNLOCK(&ip_conntrack_lock);
}
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_generic.c working/net/ipv4/netfilter/ip_conntrack_proto_generic.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_generic.c Sat Mar 18 05:26:20 2000
+++ working/net/ipv4/netfilter/ip_conntrack_proto_generic.c Mon Apr 3 14:18:20 2000
@@ -48,9 +48,10 @@
}
/* Called when a new connection for this protocol found. */
- -static int new(struct ip_conntrack *conntrack, struct iphdr *iph, size_t len)
+static unsigned long
+new(struct ip_conntrack *conntrack, struct iphdr *iph, size_t len)
{
- - return 1;
+ return GENERIC_TIMEOUT;
}
struct ip_conntrack_protocol ip_conntrack_generic_protocol
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_icmp.c working/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_icmp.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_conntrack_proto_icmp.c Mon Apr 3 14:18:20 2000
@@ -86,8 +86,8 @@
}
/* Called when a new connection for this protocol found. */
- -static int icmp_new(struct ip_conntrack *conntrack,
- - struct iphdr *iph, size_t len)
+static unsigned long icmp_new(struct ip_conntrack *conntrack,
+ struct iphdr *iph, size_t len)
{
static u_int8_t valid_new[]
= { [ICMP_ECHO] = 1,
@@ -103,7 +103,7 @@
DUMP_TUPLE(&conntrack->tuplehash[0].tuple);
return 0;
}
- - return 1;
+ return ICMP_TIMEOUT;
}
struct ip_conntrack_protocol ip_conntrack_protocol_icmp
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_tcp.c working/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Mon Apr 3 14:18:20 2000
@@ -189,14 +189,13 @@
conntrack->proto.tcp_state = newconntrack;
WRITE_UNLOCK(&tcp_lock);
- - /* Refresh: need write lock to write to conntrack. */
ip_ct_refresh(conntrack, tcp_timeouts[conntrack->proto.tcp_state]);
return NF_ACCEPT;
}
/* Called when a new connection for this protocol found. */
- -static int tcp_new(struct ip_conntrack *conntrack,
- - struct iphdr *iph, size_t len)
+static unsigned long tcp_new(struct ip_conntrack *conntrack,
+ struct iphdr *iph, size_t len)
{
enum tcp_conntrack newconntrack;
struct tcphdr *tcph = (struct tcphdr *)((u_int32_t *)iph + iph->ihl);
@@ -210,11 +209,10 @@
if (newconntrack == TCP_CONNTRACK_MAX) {
DEBUGP("ip_conntrack_tcp: invalid new deleting.\n");
return 0;
- - } else {
- - conntrack->proto.tcp_state = newconntrack;
- - ip_ct_refresh(conntrack, tcp_timeouts[conntrack->proto.tcp_state]);
}
- - return 1;
+
+ conntrack->proto.tcp_state = newconntrack;
+ return tcp_timeouts[conntrack->proto.tcp_state];
}
struct ip_conntrack_protocol ip_conntrack_protocol_tcp
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_udp.c working/net/ipv4/netfilter/ip_conntrack_proto_udp.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_proto_udp.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_conntrack_proto_udp.c Mon Apr 3 14:18:20 2000
@@ -54,10 +54,10 @@
}
/* Called when a new connection for this protocol found. */
- -static int udp_new(struct ip_conntrack *conntrack,
- - struct iphdr *iph, size_t len)
+static unsigned long udp_new(struct ip_conntrack *conntrack,
+ struct iphdr *iph, size_t len)
{
- - return 1;
+ return UDP_TIMEOUT;
}
struct ip_conntrack_protocol ip_conntrack_protocol_udp
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_standalone.c working/net/ipv4/netfilter/ip_conntrack_standalone.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_conntrack_standalone.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_conntrack_standalone.c Mon Apr 3 14:18:20 2000
@@ -169,8 +169,6 @@
interface. We degfragment them at LOCAL_OUT, however,
so we have to refragment them here. */
if ((*pskb)->len > rt->u.dst.pmtu) {
- - DEBUGP("ip_conntrack: refragm %p (size %u) to %u (okfn %p)\n",
- - *pskb, (*pskb)->len, rt->u.dst.pmtu, okfn);
/* No hook can be after us, so this should be OK. */
ip_fragment(*pskb, okfn);
return NF_STOLEN;
@@ -178,13 +176,29 @@
return NF_ACCEPT;
}
+static unsigned int ip_conntrack_local(unsigned int hooknum,
+ struct sk_buff **pskb,
+ const struct net_device *in,
+ const struct net_device *out,
+ int (*okfn)(struct sk_buff *))
+{
+ /* root is playing with raw sockets. */
+ if ((*pskb)->len < sizeof(struct iphdr)
+ || (*pskb)->nh.iph->ihl * 4 < sizeof(struct iphdr)) {
+ if (net_ratelimit())
+ printk("ipt_hook: happy cracking.\n");
+ return NF_ACCEPT;
+ }
+ return ip_conntrack_in(hooknum, pskb, in, out, okfn);
+}
+
/* Connection tracking may drop packets, but never alters them, so
make it the first hook. */
static struct nf_hook_ops ip_conntrack_in_ops
= { { NULL, NULL }, ip_conntrack_in, PF_INET, NF_IP_PRE_ROUTING,
NF_IP_PRI_CONNTRACK };
static struct nf_hook_ops ip_conntrack_local_out_ops
- -= { { NULL, NULL }, ip_conntrack_in, PF_INET, NF_IP_LOCAL_OUT,
+= { { NULL, NULL }, ip_conntrack_local, PF_INET, NF_IP_LOCAL_OUT,
NF_IP_PRI_CONNTRACK };
/* Refragmenter; last chance. */
static struct nf_hook_ops ip_conntrack_out_ops
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_nat_standalone.c working/net/ipv4/netfilter/ip_nat_standalone.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_nat_standalone.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_nat_standalone.c Mon Apr 3 14:18:20 2000
@@ -130,6 +130,11 @@
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
+ /* root is playing with raw sockets. */
+ if ((*pskb)->len < sizeof(struct iphdr)
+ || (*pskb)->nh.iph->ihl * 4 < sizeof(struct iphdr))
+ return NF_ACCEPT;
+
/* We can hit fragment here; forwarded packets get
defragmented by connection tracking coming in, then
fragmented (grr) by the forward code.
@@ -150,6 +155,21 @@
return ip_nat_fn(hooknum, pskb, in, out, okfn);
}
+static unsigned int
+ip_nat_local_fn(unsigned int hooknum,
+ struct sk_buff **pskb,
+ const struct net_device *in,
+ const struct net_device *out,
+ int (*okfn)(struct sk_buff *))
+{
+ /* root is playing with raw sockets. */
+ if ((*pskb)->len < sizeof(struct iphdr)
+ || (*pskb)->nh.iph->ihl * 4 < sizeof(struct iphdr))
+ return NF_ACCEPT;
+
+ return ip_nat_fn(hooknum, pskb, in, out, okfn);
+}
+
/* We must be after connection tracking and before packet filtering. */
/* Before packet filtering, change destination */
@@ -160,7 +180,7 @@
= { { NULL, NULL }, ip_nat_out, PF_INET, NF_IP_POST_ROUTING, NF_IP_PRI_NAT_SRC};
/* Before packet filtering, change destination */
static struct nf_hook_ops ip_nat_local_out_ops
- -= { { NULL, NULL }, ip_nat_fn, PF_INET, NF_IP_LOCAL_OUT, NF_IP_PRI_NAT_DST };
+= { { NULL, NULL }, ip_nat_local_fn, PF_INET, NF_IP_LOCAL_OUT, NF_IP_PRI_NAT_DST };
/* Protocol registration. */
int ip_nat_protocol_register(struct ip_nat_protocol *proto)
diff -urN --minimal --exclude *.lds --exclude *.sgml --exclude classlist.h --exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config --exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude modversions.h --exclude install-kernel linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_tables.c working/net/ipv4/netfilter/ip_tables.c
- --- linux-2.3.99-pre4-2/net/ipv4/netfilter/ip_tables.c Sat Apr 1 19:03:03 2000
+++ working/net/ipv4/netfilter/ip_tables.c Mon Apr 3 14:52:21 2000
@@ -39,7 +39,7 @@
#define IP_NF_ASSERT(x) \
do { \
if (!(x)) \
- - printk("IPT_ASSERT: %s:%s:%u\n", \
+ printk("IP_NF_ASSERT: %s:%s:%u\n", \
__FUNCTION__, __FILE__, __LINE__); \
} while(0)
#else
@@ -683,7 +683,6 @@
target = find_target_lock(t->u.name, &ret, &ipt_mutex);
if (!target) {
duprintf("check_entry: `%s' not found\n", t->u.name);
- - up(&ipt_mutex);
return ret;
}
if (target->me)
@@ -1283,17 +1282,16 @@
{
int ret;
+ MOD_INC_USE_COUNT;
ret = down_interruptible(&ipt_mutex);
if (ret != 0)
return ret;
- - if (list_named_insert(&ipt_target, target)) {
- - MOD_INC_USE_COUNT;
- - ret = 0;
- - } else {
+ if (!list_named_insert(&ipt_target, target)) {
duprintf("ipt_register_target: `%s' already in list!\n",
target->name);
ret = -EINVAL;
+ MOD_DEC_USE_COUNT;
}
up(&ipt_mutex);
return ret;
@@ -1313,16 +1311,18 @@
{
int ret;
+ MOD_INC_USE_COUNT;
ret = down_interruptible(&ipt_mutex);
- - if (ret != 0)
+ if (ret != 0) {
+ MOD_DEC_USE_COUNT;
return ret;
- -
+ }
if (list_named_insert(&ipt_match, match)) {
- - MOD_INC_USE_COUNT;
ret = 0;
} else {
duprintf("ipt_register_match: `%s' already in list!\n",
match->name);
+ MOD_DEC_USE_COUNT;
ret = -EINVAL;
}
up(&ipt_mutex);
@@ -1346,10 +1346,12 @@
static struct ipt_table_info bootstrap
= { 0, 0, { 0 }, { 0 }, { }, { } };
+ MOD_INC_USE_COUNT;
newinfo = vmalloc(sizeof(struct ipt_table_info)
+ SMP_ALIGN(table->table->size) * smp_num_cpus);
if (!newinfo) {
ret = -ENOMEM;
+ MOD_DEC_USE_COUNT;
return ret;
}
memcpy(newinfo->entries, table->table->entries, table->table->size);
@@ -1361,12 +1363,14 @@
table->table->underflow);
if (ret != 0) {
vfree(newinfo);
+ MOD_DEC_USE_COUNT;
return ret;
}
ret = down_interruptible(&ipt_mutex);
if (ret != 0) {
vfree(newinfo);
+ MOD_DEC_USE_COUNT;
return ret;
}
@@ -1386,7 +1390,6 @@
table->lock = RW_LOCK_UNLOCKED;
list_prepend(&ipt_tables, table);
- - MOD_INC_USE_COUNT;
unlock:
up(&ipt_mutex);
@@ -1394,6 +1397,7 @@
free_unlock:
vfree(newinfo);
+ MOD_DEC_USE_COUNT;
goto unlock;
}
diff -ruN linux/include/linux/kernel.h linux-2.3.99-pre4-5.new/include/linux/kernel.h
--- linux/include/linux/kernel.h Wed Mar 22 23:33:28 2000
+++ linux-2.3.99-pre4-5.new/include/linux/kernel.h Fri Apr 7 10:23:54 2000
@@ -83,6 +83,12 @@
((unsigned char *)&addr)[2], \
((unsigned char *)&addr)[3]
+#define HIPQUAD(addr) \
+ ((unsigned char *)&addr)[3], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[0]
+
#endif /* __KERNEL__ */
#define SI_LOAD_SHIFT 16
diff -ruN linux/net/802/tr.c linux-2.3.99-pre4-5.new/net/802/tr.c
--- linux/net/802/tr.c Wed Mar 22 09:39:38 2000
+++ linux-2.3.99-pre4-5.new/net/802/tr.c Fri Apr 7 10:27:37 2000
@@ -266,7 +266,7 @@
if(entry)
{
#if TR_SR_DEBUG
-printk("source routing for %02X %02X %02X %02X %02X %02X\n",trh->daddr[0],
+printk("source routing for %02X:%02X:%02X:%02X:%02X:%02X\n",trh->daddr[0],
trh->daddr[1],trh->daddr[2],trh->daddr[3],trh->daddr[4],trh->daddr[5]);
#endif
if(!entry->local_ring && (ntohs(entry->rcf) & TR_RCF_LEN_MASK) >> 8)
diff -ruN linux/net/atm/mpc.c linux-2.3.99-pre4-5.new/net/atm/mpc.c
--- linux/net/atm/mpc.c Tue Mar 21 23:38:26 2000
+++ linux-2.3.99-pre4-5.new/net/atm/mpc.c Fri Apr 7 12:43:13 2000
@@ -238,9 +238,9 @@
ipaddr[sizeof(ipaddr)-1] = '\0';
while (qos != NULL) {
ip = (unsigned char *)&qos->ipaddr;
- sprintf(ipaddr, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
- *len += sprintf(page + *len, "%-16s\n %-7d %-7d %-7d %-7d %-7d\n %-7d %-7d %-7d %-7d %-7d\n",
- ipaddr,
+ sprintf(ipaddr, "%u.%u.%u.%u", NIPQUAD(ip));
+ *len += sprintf(page + *len, "%%u.%u.%u.%u\n %-7d %-7d %-7d %-7d %-7d\n %-7d %-7d %-7d %-7d %-7d\n",
+ NIPQUAD(ipaddr),
qos->qos.txtp.max_pcr, qos->qos.txtp.pcr, qos->qos.txtp.min_pcr, qos->qos.txtp.max_cdv, qos->qos.txtp.max_sdu,
qos->qos.rxtp.max_pcr, qos->qos.rxtp.pcr, qos->qos.rxtp.min_pcr, qos->qos.rxtp.max_cdv, qos->qos.rxtp.max_sdu);
qos = qos->next;
@@ -1076,7 +1076,7 @@
entry->shortcut = eg_entry->shortcut;
}
if(entry->shortcut){
- dprintk("mpoa: (%s) using egress SVC to reach %d.%d.%d.%d\n",client->dev->name, ip[0], ip[1], ip[2], ip[3]);
+ dprintk("mpoa: (%s) using egress SVC to reach %u.%u.%u.%u\n",client->dev->name, NIPQUAD(ip));
return;
}
}
@@ -1099,7 +1099,7 @@
uint32_t dst_ip = msg->content.in_info.in_dst_ip;
in_cache_entry *entry = client->in_ops->search(dst_ip, client);
ip = (unsigned char *)&dst_ip;
- dprintk("mpoa: (%s) MPOA_res_reply_rcvd: ip %d.%d.%d.%d\n", client->dev->name, ip[0], ip[1], ip[2], ip[3]);
+ dprintk("mpoa: (%s) MPOA_res_reply_rcvd: ip %u.%u.%u.%u\n", client->dev->name, NIPQUAD(ip));
ddprintk("mpoa: (%s) MPOA_res_reply_rcvd() entry = %p", client->dev->name, entry);
if(entry == NULL){
printk("\nmpoa: (%s) ARGH, received res. reply for an entry that doesn't exist.\n", client->dev->name);
diff -ruN linux/net/atm/mpoa_caches.c linux-2.3.99-pre4-5.new/net/atm/mpoa_caches.c
--- linux/net/atm/mpoa_caches.c Tue Feb 8 18:23:13 2000
+++ linux-2.3.99-pre4-5.new/net/atm/mpoa_caches.c Fri Apr 7 12:43:56 2000
@@ -240,7 +240,7 @@
if((now.tv_sec - entry->tv.tv_sec)
> entry->ctrl_info.holding_time){
ip = (unsigned char*)&entry->ctrl_info.in_dst_ip;
- dprintk("mpoa: mpoa_caches.c: holding time expired, ip = %d.%d.%d.%d\n", ip[0], ip[1], ip[2], ip[3]);
+ dprintk("mpoa: mpoa_caches.c: holding time expired, ip = %u.%u.%u.%u\n", NIPQUAD(ip));
in_cache_remove(entry, client);
}
entry = next_entry;
@@ -464,7 +464,7 @@
}
ip = (unsigned char *)&msg->content.eg_info.eg_dst_ip;
- dprintk("mpoa: mpoa_caches.c: adding an egress entry, ip = %d.%d.%d.%d, this should be our IP\n", ip[0], ip[1], ip[2], ip[3]);
+ dprintk("mpoa: mpoa_caches.c: adding an egress entry, ip = %u.%u.%u.%u, this should be our IP\n", NIPQUAD(ip));
memset(entry, 0, sizeof(eg_cache_entry));
dprintk("mpoa: mpoa_caches.c: new_eg_cache_entry: about to lock\n");
@@ -483,7 +483,7 @@
entry->entry_state = EGRESS_RESOLVED;
dprintk("mpoa: mpoa_caches.c: new_eg_cache_entry cache_id %lu\n", ntohl(entry->ctrl_info.cache_id));
ip = (unsigned char *)&entry->ctrl_info.mps_ip;
- dprintk("mpoa: mpoa_caches.c: mps_ip = %d.%d.%d.%d\n", ip[0], ip[1], ip[2], ip[3]);
+ dprintk("mpoa: mpoa_caches.c: mps_ip = %u.%u.%u.%u\n", NIPQUAD(ip));
return entry;
}
diff -ruN linux/net/core/netfilter.c linux-2.3.99-pre4-5.new/net/core/netfilter.c
--- linux/net/core/netfilter.c Fri Mar 17 10:56:20 2000
+++ linux-2.3.99-pre4-5.new/net/core/netfilter.c Fri Apr 7 12:40:31 2000
@@ -186,18 +186,10 @@
dst_port = ntohs(tcp->dest);
}
- printk("PROTO=%d %d.%d.%d.%d:%hu %d.%d.%d.%d:%hu"
+ printk("PROTO=%d %u.%u.%u.%u:%hu %u.%u.%u.%u:%hu"
" L=%hu S=0x%2.2hX I=%hu F=0x%4.4hX T=%hu",
- ip->protocol,
- (ntohl(ip->saddr)>>24)&0xFF,
- (ntohl(ip->saddr)>>16)&0xFF,
- (ntohl(ip->saddr)>>8)&0xFF,
- (ntohl(ip->saddr))&0xFF,
- src_port,
- (ntohl(ip->daddr)>>24)&0xFF,
- (ntohl(ip->daddr)>>16)&0xFF,
- (ntohl(ip->daddr)>>8)&0xFF,
- (ntohl(ip->daddr))&0xFF,
+ ip->protocol, NIPQUAD(ip->saddr),
+ src_port, NIPQUAD(ip->daddr),
dst_port,
ntohs(ip->tot_len), ip->tos, ntohs(ip->id),
ntohs(ip->frag_off), ip->ttl);
diff -ruN linux/net/ipv4/arp.c linux-2.3.99-pre4-5.new/net/ipv4/arp.c
--- linux/net/ipv4/arp.c Sat Jan 22 11:54:57 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/arp.c Fri Apr 7 11:53:38 2000
@@ -1061,8 +1061,8 @@
#endif
size = sprintf(buffer+len,
- "%-17s0x%-10x0x%-10x%s",
- in_ntoa2(*(u32*)n->primary_key, abuf),
+ "%u.%u.%u.%u0x%-10x0x%-10x%s",
+ NIPQUAD(*(u32*)n->primary_key),
hatype,
arp_state_to_flags(n),
hbuffer);
@@ -1091,8 +1091,8 @@
int hatype = dev ? dev->type : 0;
size = sprintf(buffer+len,
- "%-17s0x%-10x0x%-10x%s",
- in_ntoa2(*(u32*)n->key, abuf),
+ "%u.%u.%u.%u0x%-10x0x%-10x%s",
+ NIPQUAD(*(u32*)n->key),
hatype,
ATF_PUBL|ATF_PERM,
"00:00:00:00:00:00");
diff -ruN linux/net/ipv4/fib_rules.c linux-2.3.99-pre4-5.new/net/ipv4/fib_rules.c
--- linux/net/ipv4/fib_rules.c Tue Aug 31 11:23:03 1999
+++ linux-2.3.99-pre4-5.new/net/ipv4/fib_rules.c Fri Apr 7 11:35:58 2000
@@ -298,7 +298,8 @@
u32 daddr = key->dst;
u32 saddr = key->src;
-FRprintk("Lookup: %08x <- %08x ", key->dst, key->src);
+FRprintk("Lookup: %u.%u.%u.%u <- %u.%u.%u.%u ",
+ NIPQUAD(key->dst), NIPQUAD(key->src));
read_lock(&fib_rules_lock);
for (r = fib_rules; r; r=r->r_next) {
if (((saddr^r->r_src) & r->r_srcmask) ||
diff -ruN linux/net/ipv4/icmp.c linux-2.3.99-pre4-5.new/net/ipv4/icmp.c
--- linux/net/ipv4/icmp.c Fri Apr 7 12:59:45 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/icmp.c Fri Apr 7 11:55:05 2000
@@ -723,7 +723,7 @@
case ICMP_FRAG_NEEDED:
if (ipv4_config.no_pmtu_disc) {
if (net_ratelimit())
- printk(KERN_INFO "ICMP: %d.%d.%d.%d: fragmentation needed and DF set.\n",
+ printk(KERN_INFO "ICMP: %u.%u.%u.%u: fragmentation needed and DF set.\n",
NIPQUAD(iph->daddr));
} else {
unsigned short new_mtu;
@@ -735,7 +735,7 @@
break;
case ICMP_SR_FAILED:
if (net_ratelimit())
- printk(KERN_INFO "ICMP: %d.%d.%d.%d: Source Route Failed.\n", NIPQUAD(iph->daddr));
+ printk(KERN_INFO "ICMP: %u.%u.%u.%u: Source Route Failed.\n", NIPQUAD(iph->daddr));
break;
default:
break;
@@ -765,7 +765,7 @@
if (inet_addr_type(iph->daddr) == RTN_BROADCAST)
{
if (net_ratelimit())
- printk(KERN_WARNING "%d.%d.%d.%d sent an invalid ICMP error to a broadcast.\n",
+ printk(KERN_WARNING "%u.%u.%u.%u sent an invalid ICMP error to a broadcast.\n",
NIPQUAD(skb->nh.iph->saddr));
return;
}
@@ -987,8 +987,8 @@
}
if (!ifa && net_ratelimit()) {
char b1[16], b2[16];
- printk(KERN_INFO "Wrong address mask %s from %s/%s\n",
- in_ntoa2(mask, b1), in_ntoa2(rt->rt_src, b2), dev->name);
+ printk(KERN_INFO "Wrong address mask %u.%u.%u.%u from %s/%u.%u.%u.%u\n",
+ NIPQUAD(mask), dev->name, NIPQUAD(rt->rt_src));
}
}
read_unlock(&in_dev->lock);
diff -ruN linux/net/ipv4/ip_fragment.c linux-2.3.99-pre4-5.new/net/ipv4/ip_fragment.c
--- linux/net/ipv4/ip_fragment.c Wed Feb 9 20:08:09 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/ip_fragment.c Fri Apr 7 11:38:38 2000
@@ -594,7 +594,7 @@
*/
out_oversize:
if (net_ratelimit())
- printk(KERN_INFO "Oversized packet received from %d.%d.%d.%d\n",
+ printk(KERN_INFO "Oversized packet received from %u.%u.%u.%u\n",
NIPQUAD(iph->saddr));
/* the skb isn't in a fragment, so fall through to free it */
out_freeskb:
diff -ruN linux/net/ipv4/ip_input.c linux-2.3.99-pre4-5.new/net/ipv4/ip_input.c
--- linux/net/ipv4/ip_input.c Sat Feb 26 22:34:27 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/ip_input.c Fri Apr 7 11:39:30 2000
@@ -349,7 +349,7 @@
if (in_dev) {
if (!IN_DEV_SOURCE_ROUTE(in_dev)) {
if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
- printk(KERN_INFO "source route option %d.%d.%d.%d -> %d.%d.%d.%d\n",
+ printk(KERN_INFO "source route option %u.%u.%u.%u -> %u.%u.%u.%u\n",
NIPQUAD(iph->saddr), NIPQUAD(iph->daddr));
in_dev_put(in_dev);
goto drop;
diff -ruN linux/net/ipv4/ipconfig.c linux-2.3.99-pre4-5.new/net/ipv4/ipconfig.c
--- linux/net/ipv4/ipconfig.c Mon Feb 21 17:35:06 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/ipconfig.c Fri Apr 7 12:40:57 2000
@@ -227,17 +227,20 @@
strcpy(ir.ifr_ifrn.ifrn_name, ic_dev->name);
set_sockaddr(sin, ic_myaddr, 0);
if ((err = ic_dev_ioctl(SIOCSIFADDR, &ir)) < 0) {
- printk(KERN_ERR "IP-Config: Unable to set interface address (%d).\n", err);
+ printk(KERN_ERR "IP-Config: Unable to set interface address (%u.%u.%u.%u).\n",
+ NIPQUAD(err));
return -1;
}
set_sockaddr(sin, ic_netmask, 0);
if ((err = ic_dev_ioctl(SIOCSIFNETMASK, &ir)) < 0) {
- printk(KERN_ERR "IP-Config: Unable to set interface netmask (%d).\n", err);
+ printk(KERN_ERR "IP-Config: Unable to set interface netmask (%u.%u.%u.%u).\n",
+ NIPQUAD(err));
return -1;
}
set_sockaddr(sin, ic_myaddr | ~ic_netmask, 0);
if ((err = ic_dev_ioctl(SIOCSIFBRDADDR, &ir)) < 0) {
- printk(KERN_ERR "IP-Config: Unable to set interface broadcast address (%d).\n", err);
+ printk(KERN_ERR "IP-Config: Unable to set interface broadcast address (%u.%u.%u.%u).\n",
+ NIPQUAD(err));
return -1;
}
return 0;
@@ -261,7 +264,8 @@
set_sockaddr((struct sockaddr_in *) &rm.rt_gateway, ic_gateway, 0);
rm.rt_flags = RTF_UP | RTF_GATEWAY;
if ((err = ic_route_ioctl(SIOCADDRT, &rm)) < 0) {
- printk(KERN_ERR "IP-Config: Cannot add default route (%d).\n", err);
+ printk(KERN_ERR "IP-Config: Cannot add default route (%u.%u.%u.%u).\n",
+ NIPQUAD(err));
return -1;
}
}
@@ -294,10 +298,11 @@
else if (IN_CLASSC(ntohl(ic_myaddr)))
ic_netmask = htonl(IN_CLASSC_NET);
else {
- printk(KERN_ERR "IP-Config: Unable to guess netmask for address %08x\n", ic_myaddr);
+ printk(KERN_ERR "IP-Config: Unable to guess netmask for address %u.%u.%u.%u\n",
+ NIPQUAD(ic_myaddr));
return -1;
}
- printk("IP-Config: Guessing netmask %s\n", in_ntoa(ic_netmask));
+ printk("IP-Config: Guessing netmask %u.%u.%u.%u\n", NIPQUAD(ic_netmask));
}
return 0;
@@ -807,10 +812,10 @@
if (!ic_got_reply)
return -1;
- printk("IP-Config: Got %s answer from %s, ",
+ printk("IP-Config: Got %s answer from %u.%u.%u.%u, ",
(ic_got_reply & IC_BOOTP) ? "BOOTP" : "RARP",
- in_ntoa(ic_servaddr));
- printk("my address is %s\n", in_ntoa(ic_myaddr));
+ NIPQUAD(ic_servaddr));
+ printk("my address is %u.%u.%u.%u\n", NIPQUAD(ic_myaddr));
return 0;
}
diff -ruN linux/net/ipv4/netfilter/ipchains_core.c linux-2.3.99-pre4-5.new/net/ipv4/netfilter/ipchains_core.c
--- linux/net/ipv4/netfilter/ipchains_core.c Fri Apr 7 12:59:45 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/netfilter/ipchains_core.c Fri Apr 7 11:24:08 2000
@@ -419,18 +419,10 @@
printk("%d ",f->ipfw.fw_redirpt);
}
- printk("%s PROTO=%d %d.%d.%d.%d:%hu %d.%d.%d.%d:%hu"
+ printk("%s PROTO=%d %u.%u.%u.%u:%hu %u.%u.%u.%u:%hu"
" L=%hu S=0x%2.2hX I=%hu F=0x%4.4hX T=%hu",
- ifname, ip->protocol,
- (ntohl(ip->saddr)>>24)&0xFF,
- (ntohl(ip->saddr)>>16)&0xFF,
- (ntohl(ip->saddr)>>8)&0xFF,
- (ntohl(ip->saddr))&0xFF,
- src_port,
- (ntohl(ip->daddr)>>24)&0xFF,
- (ntohl(ip->daddr)>>16)&0xFF,
- (ntohl(ip->daddr)>>8)&0xFF,
- (ntohl(ip->daddr))&0xFF,
+ ifname, ip->protocol, NIPQUAD(ip->saddr),
+ src_port, NIPQUAD(ip->daddr),
dst_port,
ntohs(ip->tot_len), ip->tos, ntohs(ip->id),
ntohs(ip->frag_off), ip->ttl);
diff -ruN linux/net/ipv4/netfilter/ipfwadm_core.c linux-2.3.99-pre4-5.new/net/ipv4/netfilter/ipfwadm_core.c
--- linux/net/ipv4/netfilter/ipfwadm_core.c Fri Mar 17 10:56:20 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/netfilter/ipfwadm_core.c Fri Apr 7 11:26:34 2000
@@ -143,10 +143,7 @@
#define dprintf4(a1,a2,a3,a4)
#endif
-#define print_ip(a) printk("%d.%d.%d.%d",(ntohl(a)>>24)&0xFF,\
- (ntohl(a)>>16)&0xFF,\
- (ntohl(a)>>8)&0xFF,\
- (ntohl(a))&0xFF);
+#define print_ip(a) printk("%u.%u.%u.%u", NIPQUAD(a));
#ifdef DEBUG_IP_FIREWALL
#define dprint_ip(a) print_ip(a)
diff -ruN linux/net/ipv4/netfilter/ipt_LOG.c linux-2.3.99-pre4-5.new/net/ipv4/netfilter/ipt_LOG.c
--- linux/net/ipv4/netfilter/ipt_LOG.c Fri Apr 7 12:59:45 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/netfilter/ipt_LOG.c Fri Apr 7 11:33:43 2000
@@ -38,14 +38,7 @@
* TOS, len, DF/MF, fragment offset, TTL, src, dst, options. */
/* Max length: 40 "SRC=255.255.255.255 DST=255.255.255.255 " */
printk("SRC=%u.%u.%u.%u DST=%u.%u.%u.%u ",
- (ntohl(iph->saddr)>>24)&0xFF,
- (ntohl(iph->saddr)>>16)&0xFF,
- (ntohl(iph->saddr)>>8)&0xFF,
- (ntohl(iph->saddr))&0xFF,
- (ntohl(iph->daddr)>>24)&0xFF,
- (ntohl(iph->daddr)>>16)&0xFF,
- (ntohl(iph->daddr)>>8)&0xFF,
- (ntohl(iph->daddr))&0xFF);
+ NIPQUAD(iph->saddr), NIPQUAD(iph->daddr));
/* Max length: 46 "LEN=65535 TOS=0xFF PREC=0xFF TTL=255 ID=65535 " */
printk("LEN=%u TOS=0x%02X PREC=0x%02X TTL=%u ID=%u ",
@@ -210,11 +203,7 @@
break;
case ICMP_REDIRECT:
/* Max length: 24 "GATEWAY=255.255.255.255 " */
- printk("GATEWAY=%u.%u.%u.%u ",
- (ntohl(icmph->un.gateway)>>24)&0xFF,
- (ntohl(icmph->un.gateway)>>16)&0xFF,
- (ntohl(icmph->un.gateway)>>8)&0xFF,
- (ntohl(icmph->un.gateway))&0xFF);
+ printk("GATEWAY=%u.%u.%u.%u ", NIPQUAD(icmph->un.gateway));
/* Fall through */
case ICMP_DEST_UNREACH:
case ICMP_SOURCE_QUENCH:
diff -ruN linux/net/ipv4/route.c linux-2.3.99-pre4-5.new/net/ipv4/route.c
--- linux/net/ipv4/route.c Wed Mar 22 21:51:32 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/route.c Fri Apr 7 12:09:42 2000
@@ -616,9 +616,9 @@
#if RT_CACHE_DEBUG >= 2
if (rt->u.rt_next) {
struct rtable * trt;
- printk("rt_cache @%02x: %08x", hash, rt->rt_dst);
+ printk("rt_cache @%02x: %u.%u.%u.%u", hash, NIPQUAD(rt->rt_dst));
for (trt=rt->u.rt_next; trt; trt=trt->u.rt_next)
- printk(" . %08x", trt->rt_dst);
+ printk(" . %u.%u.%u.%u", NIPQUAD(trt->rt_dst));
printk("\n");
}
#endif
@@ -816,10 +816,10 @@
reject_redirect:
#ifdef CONFIG_IP_ROUTE_VERBOSE
if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
- printk(KERN_INFO "Redirect from %X/%s to %X ignored."
- "Path = %X -> %X, tos %02x\n",
- ntohl(old_gw), dev->name, ntohl(new_gw),
- ntohl(saddr), ntohl(daddr), tos);
+ printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about %u.%u.%u.%u ignored.\n"
+ " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u, tos %02x\n",
+ NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw),
+ NIPQUAD(saddr), NIPQUAD(daddr), tos);
#endif
in_dev_put(in_dev);
}
@@ -836,7 +836,8 @@
if ((rt->rt_flags&RTCF_REDIRECTED) || rt->u.dst.expires) {
unsigned hash = rt_hash_code(rt->key.dst, rt->key.src^(rt->key.oif<<5), rt->key.tos);
#if RT_CACHE_DEBUG >= 1
- printk(KERN_DEBUG "ip_rt_advice: redirect to %d.%d.%d.%d/%02x dropped\n", NIPQUAD(rt->rt_dst), rt->key.tos);
+ printk(KERN_DEBUG "ip_rt_advice: redirect to %u.%u.%u.%u/%02x dropped\n",
+ NIPQUAD(rt->rt_dst), rt->key.tos);
#endif
rt_del(hash, rt);
return NULL;
@@ -896,8 +897,10 @@
#ifdef CONFIG_IP_ROUTE_VERBOSE
if (IN_DEV_LOG_MARTIANS(in_dev) &&
rt->u.dst.rate_tokens == ip_rt_redirect_number && net_ratelimit())
- printk(KERN_WARNING "host %08x/if%d ignores redirects for %08x to %08x.\n",
- rt->rt_src, rt->rt_iif, rt->rt_dst, rt->rt_gateway);
+ printk(KERN_WARNING "host %u.%u.%u.%u/if%d ignores redirects for "
+ "%u.%u.%u.%u to %u.%u.%u.%u.\n",
+ NIPQUAD(rt->rt_src), rt->rt_iif,
+ NIPQUAD(rt->rt_dst), NIPQUAD(rt->rt_gateway));
#endif
}
out:
@@ -1061,8 +1064,9 @@
static int ip_rt_bug(struct sk_buff *skb)
{
- printk(KERN_DEBUG "ip_rt_bug: %08x -> %08x, %s\n", skb->nh.iph->saddr,
- skb->nh.iph->daddr, skb->dev ? skb->dev->name : "?");
+ printk(KERN_DEBUG "ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s\n",
+ NIPQUAD(skb->nh.iph->saddr), NIPQUAD(skb->nh.iph->daddr),
+ skb->dev ? skb->dev->name : "?");
kfree_skb(skb);
return 0;
}
@@ -1499,7 +1503,8 @@
martian_destination:
#ifdef CONFIG_IP_ROUTE_VERBOSE
if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
- printk(KERN_WARNING "martian destination %08x from %08x, dev %s\n", daddr, saddr, dev->name);
+ printk(KERN_WARNING "martian destination %u.%u.%u.%u from %u.%u.%u.%u, dev %s\n",
+ NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
#endif
e_inval:
err = -EINVAL;
@@ -1513,10 +1518,11 @@
#ifdef CONFIG_IP_ROUTE_VERBOSE
if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
/*
- * RFC1812 recommenadtion, if source is martian,
+ * RFC1812 recommendation, if source is martian,
* the only hint is MAC header.
*/
- printk(KERN_WARNING "martian source %08x for %08x, dev %s\n", saddr, daddr, dev->name);
+ printk(KERN_WARNING "martian source %u.%u.%u.%u from %u.%u.%u.%u, on dev %s\n",
+ NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
if (dev->hard_header_len) {
int i;
unsigned char *p = skb->mac.raw;
@@ -1520,9 +1520,12 @@
if (dev->hard_header_len) {
int i;
unsigned char *p = skb->mac.raw;
- printk(KERN_WARNING "ll header:");
- for (i=0; i<dev->hard_header_len; i++, p++)
- printk(" %02x", *p);
+ printk(KERN_WARNING "ll header: ");
+ for (i=0; i<dev->hard_header_len; i++, p++) {
+ printk("%02x", *p);
+ if(i<(dev->hard_header_len-1))
+ printk(":");
+ }
printk("\n");
}
}
diff -ruN linux/net/ipv4/tcp_ipv4.c linux-2.3.99-pre4-5.new/net/ipv4/tcp_ipv4.c
--- linux/net/ipv4/tcp_ipv4.c Fri Apr 7 12:59:45 2000
+++ linux-2.3.99-pre4-5.new/net/ipv4/tcp_ipv4.c Fri Apr 7 12:24:08 2000
@@ -1384,7 +1384,8 @@
peer->v4daddr == saddr) {
if (xtime.tv_sec < peer->tcp_ts_stamp + TCP_PAWS_MSL &&
(s32)(peer->tcp_ts - req->ts_recent) > TCP_PAWS_WINDOW) {
- NETDEBUG(printk(KERN_DEBUG "TW_REC: reject openreq %u/%u %08x/%u\n", peer->tcp_ts, req->ts_recent, saddr, ntohs(skb->h.th->source)));
+ NETDEBUG(printk(KERN_DEBUG "TW_REC: reject openreq %u/%u %u.%u.%u.%u/%u\n", \
+ peer->tcp_ts, req->ts_recent, NIPQUAD(saddr), ntohs(skb->h.th->source)));
NET_INC_STATS_BH(PAWSPassiveRejected);
dst_release(dst);
goto drop_and_free;
@@ -1402,7 +1403,9 @@
* to destinations, already remembered
* to the moment of synflood.
*/
- NETDEBUG(if (net_ratelimit()) printk(KERN_DEBUG "TCP: drop open request from %08x/%u\n", saddr, ntohs(skb->h.th->source)));
+ NETDEBUG(if (net_ratelimit()) \
+ printk(KERN_DEBUG "TCP: drop open request from %u.%u.%u.%u/%u\n", \
+ NIPQUAD(saddr), ntohs(skb->h.th->source)));
TCP_INC_STATS_BH(TcpAttemptFails);
dst_release(dst);
goto drop_and_free;
diff -ruN linux/net/sunrpc/pmap_clnt.c linux-2.3.99-pre4-5.new/net/sunrpc/pmap_clnt.c
--- linux/net/sunrpc/pmap_clnt.c Mon Mar 20 08:14:04 2000
+++ linux-2.3.99-pre4-5.new/net/sunrpc/pmap_clnt.c Fri Apr 7 11:56:35 2000
@@ -91,8 +91,8 @@
char hostname[32];
int status;
- dprintk("RPC: rpc_getport_external(%s, %d, %d, %d)\n",
- in_ntoa(sin->sin_addr.s_addr), prog, vers, prot);
+ dprintk("RPC: rpc_getport_external(%u.%u.%u.%u, %d, %d, %d)\n",
+ NIPQUAD(sin->sin_addr.s_addr), prog, vers, prot);
strcpy(hostname, in_ntoa(sin->sin_addr.s_addr));
if (!(pmap_clnt = pmap_create(hostname, sin, prot)))
diff -ruN linux/net/sunrpc/svcsock.c linux-2.3.99-pre4-5.new/net/sunrpc/svcsock.c
--- linux/net/sunrpc/svcsock.c Fri Apr 7 12:59:46 2000
+++ linux-2.3.99-pre4-5.new/net/sunrpc/svcsock.c Fri Apr 7 12:37:10 2000
@@ -544,14 +544,14 @@
if (ntohs(sin.sin_port) >= 1024) {
if (net_ratelimit())
printk(KERN_WARNING
- "%s: connect from unprivileged port: %s:%d",
+ "%s: connect from unprivileged port: %u.%u.%u.%u:%d",
serv->sv_name,
- in_ntoa(sin.sin_addr.s_addr), ntohs(sin.sin_port));
+ NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));
goto failed;
}
- dprintk("%s: connect from %s:%04x\n", serv->sv_name,
- in_ntoa(sin.sin_addr.s_addr), ntohs(sin.sin_port));
+ dprintk("%s: connect from %u.%u.%u.%u:%04x\n", serv->sv_name,
+ NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));
if (!(newsvsk = svc_setup_socket(serv, newsock, &err, 0)))
goto failed;
@@ -915,9 +915,9 @@
int error;
int type;
- dprintk("svc: svc_create_socket(%s, %d, %08x:%d)\n",
+ dprintk("svc: svc_create_socket(%s, %d, %u.%u.%u.%u:%d)\n",
serv->sv_program->pg_name, protocol,
- ntohl(sin->sin_addr.s_addr),
+ NIPQUAD(sin->sin_addr.s_addr),
ntohs(sin->sin_port));
if (protocol != IPPROTO_UDP && protocol != IPPROTO_TCP) {
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Apr 15 2000 - 21:00:23 EST