bridge: netfilter: unroll NF_HOOK helper in bridge input path
Replace NF_HOOK() based invocation of the netfilter hooks with a private copy of nf_hook_slow(). This copy has one difference: it can return the rx handler value expected by the stack, i.e. RX_HANDLER_CONSUMED or RX_HANDLER_PASS. This is needed by the next patch to invoke the ebtables "broute" table via the standard netfilter hooks rather than the custom "br_should_route_hook" indirection that is used now. When the skb is to be "brouted", we must return RX_HANDLER_PASS from the bridge rx input handler, but there is no way to indicate this via NF_HOOK(), unless perhaps by some hack such as exposing bridge_cb in the netfilter core or a percpu flag. text data bss dec filename 3369 56 0 3425 net/bridge/br_input.o.before 3458 40 0 3498 net/bridge/br_input.o.after This allows removal of the "br_should_route_hook" in the next patch. Signed-off-by:Florian Westphal <fw@strlen.de> Acked-by:
David S. Miller <davem@davemloft.net> Acked-by:
Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
Showing
- include/net/netfilter/nf_queue.h 3 additions, 0 deletionsinclude/net/netfilter/nf_queue.h
- net/bridge/br_input.c 51 additions, 4 deletionsnet/bridge/br_input.c
- net/netfilter/core.c 1 addition, 0 deletionsnet/netfilter/core.c
- net/netfilter/nf_internals.h 0 additions, 3 deletionsnet/netfilter/nf_internals.h
- net/netfilter/nf_queue.c 1 addition, 0 deletionsnet/netfilter/nf_queue.c
Loading
Please register or sign in to comment