xref: /linux/net/bridge/br_nf_core.c (revision 15a1fbdcfb519c2bd291ed01c6c94e0b89537a77)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *	Handle firewalling core
4  *	Linux ethernet bridge
5  *
6  *	Authors:
7  *	Lennert Buytenhek		<buytenh@gnu.org>
8  *	Bart De Schuymer		<bdschuym@pandora.be>
9  *
10  *	Lennert dedicates this file to Kerstin Wurdinger.
11  */
12 
13 #include <linux/module.h>
14 #include <linux/kernel.h>
15 #include <linux/in_route.h>
16 #include <linux/inetdevice.h>
17 #include <net/route.h>
18 
19 #include "br_private.h"
20 #ifdef CONFIG_SYSCTL
21 #include <linux/sysctl.h>
22 #endif
23 
24 static void fake_update_pmtu(struct dst_entry *dst, struct sock *sk,
25 			     struct sk_buff *skb, u32 mtu,
26 			     bool confirm_neigh)
27 {
28 }
29 
30 static void fake_redirect(struct dst_entry *dst, struct sock *sk,
31 			  struct sk_buff *skb)
32 {
33 }
34 
35 static u32 *fake_cow_metrics(struct dst_entry *dst, unsigned long old)
36 {
37 	return NULL;
38 }
39 
40 static struct neighbour *fake_neigh_lookup(const struct dst_entry *dst,
41 					   struct sk_buff *skb,
42 					   const void *daddr)
43 {
44 	return NULL;
45 }
46 
47 static unsigned int fake_mtu(const struct dst_entry *dst)
48 {
49 	return dst->dev->mtu;
50 }
51 
52 static struct dst_ops fake_dst_ops = {
53 	.family		= AF_INET,
54 	.update_pmtu	= fake_update_pmtu,
55 	.redirect	= fake_redirect,
56 	.cow_metrics	= fake_cow_metrics,
57 	.neigh_lookup	= fake_neigh_lookup,
58 	.mtu		= fake_mtu,
59 };
60 
61 /*
62  * Initialize bogus route table used to keep netfilter happy.
63  * Currently, we fill in the PMTU entry because netfilter
64  * refragmentation needs it, and the rt_flags entry because
65  * ipt_REJECT needs it.  Future netfilter modules might
66  * require us to fill additional fields.
67  */
68 static const u32 br_dst_default_metrics[RTAX_MAX] = {
69 	[RTAX_MTU - 1] = 1500,
70 };
71 
72 void br_netfilter_rtable_init(struct net_bridge *br)
73 {
74 	struct rtable *rt = &br->fake_rtable;
75 
76 	atomic_set(&rt->dst.__refcnt, 1);
77 	rt->dst.dev = br->dev;
78 	dst_init_metrics(&rt->dst, br_dst_default_metrics, true);
79 	rt->dst.flags	= DST_NOXFRM | DST_FAKE_RTABLE;
80 	rt->dst.ops = &fake_dst_ops;
81 }
82 
83 int __init br_nf_core_init(void)
84 {
85 	return dst_entries_init(&fake_dst_ops);
86 }
87 
88 void br_nf_core_fini(void)
89 {
90 	dst_entries_destroy(&fake_dst_ops);
91 }
92