xref: /linux/net/bridge/br_nf_core.c (revision c0c914eca7f251c70facc37dfebeaf176601918d)
1 /*
2  *	Handle firewalling core
3  *	Linux ethernet bridge
4  *
5  *	Authors:
6  *	Lennert Buytenhek		<buytenh@gnu.org>
7  *	Bart De Schuymer		<bdschuym@pandora.be>
8  *
9  *	This program is free software; you can redistribute it and/or
10  *	modify it under the terms of the GNU General Public License
11  *	as published by the Free Software Foundation; either version
12  *	2 of the License, or (at your option) any later version.
13  *
14  *	Lennert dedicates this file to Kerstin Wurdinger.
15  */
16 
17 #include <linux/module.h>
18 #include <linux/kernel.h>
19 #include <linux/in_route.h>
20 #include <linux/inetdevice.h>
21 #include <net/route.h>
22 
23 #include "br_private.h"
24 #ifdef CONFIG_SYSCTL
25 #include <linux/sysctl.h>
26 #endif
27 
28 static void fake_update_pmtu(struct dst_entry *dst, struct sock *sk,
29 			     struct sk_buff *skb, u32 mtu)
30 {
31 }
32 
33 static void fake_redirect(struct dst_entry *dst, struct sock *sk,
34 			  struct sk_buff *skb)
35 {
36 }
37 
38 static u32 *fake_cow_metrics(struct dst_entry *dst, unsigned long old)
39 {
40 	return NULL;
41 }
42 
43 static struct neighbour *fake_neigh_lookup(const struct dst_entry *dst,
44 					   struct sk_buff *skb,
45 					   const void *daddr)
46 {
47 	return NULL;
48 }
49 
50 static unsigned int fake_mtu(const struct dst_entry *dst)
51 {
52 	return dst->dev->mtu;
53 }
54 
55 static struct dst_ops fake_dst_ops = {
56 	.family		= AF_INET,
57 	.update_pmtu	= fake_update_pmtu,
58 	.redirect	= fake_redirect,
59 	.cow_metrics	= fake_cow_metrics,
60 	.neigh_lookup	= fake_neigh_lookup,
61 	.mtu		= fake_mtu,
62 };
63 
64 /*
65  * Initialize bogus route table used to keep netfilter happy.
66  * Currently, we fill in the PMTU entry because netfilter
67  * refragmentation needs it, and the rt_flags entry because
68  * ipt_REJECT needs it.  Future netfilter modules might
69  * require us to fill additional fields.
70  */
71 static const u32 br_dst_default_metrics[RTAX_MAX] = {
72 	[RTAX_MTU - 1] = 1500,
73 };
74 
75 void br_netfilter_rtable_init(struct net_bridge *br)
76 {
77 	struct rtable *rt = &br->fake_rtable;
78 
79 	atomic_set(&rt->dst.__refcnt, 1);
80 	rt->dst.dev = br->dev;
81 	rt->dst.path = &rt->dst;
82 	dst_init_metrics(&rt->dst, br_dst_default_metrics, true);
83 	rt->dst.flags	= DST_NOXFRM | DST_FAKE_RTABLE;
84 	rt->dst.ops = &fake_dst_ops;
85 }
86 
87 int __init br_nf_core_init(void)
88 {
89 	return dst_entries_init(&fake_dst_ops);
90 }
91 
92 void br_nf_core_fini(void)
93 {
94 	dst_entries_destroy(&fake_dst_ops);
95 }
96