aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6/netfilter/nf_dup_ipv6.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2015-05-31 18:04:11 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2015-08-07 11:49:49 +0200
commitd877f07112f1e5a247c6b585c971a93895c9f738 (patch)
tree6ff7fa3d31b94ef6cbe88284d63f93bdab8a35fb /net/ipv6/netfilter/nf_dup_ipv6.c
parentnetfilter: factor out packet duplication for IPv4/IPv6 (diff)
downloadlinux-dev-d877f07112f1e5a247c6b585c971a93895c9f738.tar.xz
linux-dev-d877f07112f1e5a247c6b585c971a93895c9f738.zip
netfilter: nf_tables: add nft_dup expression
This new expression uses the nf_dup engine to clone packets to a given gateway. Unlike xt_TEE, we use an index to indicate output interface which should be fine at this stage. Moreover, change to the preemtion-safe this_cpu_read(nf_skb_duplicated) from nf_dup_ipv{4,6} to silence a lockdep splat. Based on the original tee expression from Arturo Borrero Gonzalez, although this patch has diverted quite a bit from this initial effort due to the change to support maps. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv6/netfilter/nf_dup_ipv6.c')
-rw-r--r--net/ipv6/netfilter/nf_dup_ipv6.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/nf_dup_ipv6.c b/net/ipv6/netfilter/nf_dup_ipv6.c
index 399fdda18447..d8ab654080b4 100644
--- a/net/ipv6/netfilter/nf_dup_ipv6.c
+++ b/net/ipv6/netfilter/nf_dup_ipv6.c
@@ -63,7 +63,7 @@ static bool nf_dup_ipv6_route(struct sk_buff *skb, const struct in6_addr *gw,
void nf_dup_ipv6(struct sk_buff *skb, unsigned int hooknum,
const struct in6_addr *gw, int oif)
{
- if (__this_cpu_read(nf_skb_duplicated))
+ if (this_cpu_read(nf_skb_duplicated))
return;
skb = pskb_copy(skb, GFP_ATOMIC);
if (skb == NULL)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.