Re: [PATCH net v1 1/1] netfilter: nf_reject: Fix build error when CONFIG_BRIDGE_NETFILTER=n
From: Pablo Neira Ayuso
Date: Sun Sep 15 2024 - 17:22:20 EST
Hi Simon,
This proposed update to address this compile time warning LGTM.
Would you submit it?
Thanks.
On Sat, Sep 07, 2024 at 02:48:37PM +0100, Simon Horman wrote:
[...]
> diff --git a/net/ipv4/netfilter/nf_reject_ipv4.c b/net/ipv4/netfilter/nf_reject_ipv4.c
> index 04504b2b51df..87fd945a0d27 100644
> --- a/net/ipv4/netfilter/nf_reject_ipv4.c
> +++ b/net/ipv4/netfilter/nf_reject_ipv4.c
> @@ -239,9 +239,8 @@ static int nf_reject_fill_skb_dst(struct sk_buff *skb_in)
> void nf_send_reset(struct net *net, struct sock *sk, struct sk_buff *oldskb,
> int hook)
> {
> - struct sk_buff *nskb;
> - struct iphdr *niph;
> const struct tcphdr *oth;
> + struct sk_buff *nskb;
> struct tcphdr _oth;
>
> oth = nf_reject_ip_tcphdr_get(oldskb, &_oth, hook);
> @@ -266,14 +265,12 @@ void nf_send_reset(struct net *net, struct sock *sk, struct sk_buff *oldskb,
> nskb->mark = IP4_REPLY_MARK(net, oldskb->mark);
>
> skb_reserve(nskb, LL_MAX_HEADER);
> - niph = nf_reject_iphdr_put(nskb, oldskb, IPPROTO_TCP,
> - ip4_dst_hoplimit(skb_dst(nskb)));
> + nf_reject_iphdr_put(nskb, oldskb, IPPROTO_TCP,
> + ip4_dst_hoplimit(skb_dst(nskb)));
> nf_reject_ip_tcphdr_put(nskb, oldskb, oth);
> if (ip_route_me_harder(net, sk, nskb, RTN_UNSPEC))
> goto free_nskb;
>
> - niph = ip_hdr(nskb);
> -
> /* "Never happens" */
> if (nskb->len > dst_mtu(skb_dst(nskb)))
> goto free_nskb;
> @@ -290,6 +287,7 @@ void nf_send_reset(struct net *net, struct sock *sk, struct sk_buff *oldskb,
> */
> if (nf_bridge_info_exists(oldskb)) {
> struct ethhdr *oeth = eth_hdr(oldskb);
> + struct iphdr *niph = ip_hdr(nskb);
> struct net_device *br_indev;
>
> br_indev = nf_bridge_get_physindev(oldskb, net);