summaryrefslogtreecommitdiffstats
path: root/target/linux
diff options
context:
space:
mode:
Diffstat (limited to 'target/linux')
-rw-r--r--target/linux/generic/patches-3.2/644-bridge_optimize_netfilter_hooks.patch30
-rw-r--r--target/linux/generic/patches-3.3/644-bridge_optimize_netfilter_hooks.patch110
2 files changed, 94 insertions, 46 deletions
diff --git a/target/linux/generic/patches-3.2/644-bridge_optimize_netfilter_hooks.patch b/target/linux/generic/patches-3.2/644-bridge_optimize_netfilter_hooks.patch
index 91139854b..6c3c3e5c6 100644
--- a/target/linux/generic/patches-3.2/644-bridge_optimize_netfilter_hooks.patch
+++ b/target/linux/generic/patches-3.2/644-bridge_optimize_netfilter_hooks.patch
@@ -1,12 +1,16 @@
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
-@@ -62,6 +62,11 @@ static int brnf_filter_pppoe_tagged __re
+@@ -62,6 +62,15 @@ static int brnf_filter_pppoe_tagged __re
#define brnf_filter_pppoe_tagged 0
#endif
++int brnf_call_ebtables __read_mostly = 0;
++EXPORT_SYMBOL_GPL(brnf_call_ebtables);
++
+bool br_netfilter_run_hooks(void)
+{
-+ return brnf_call_iptables | brnf_call_ip6tables | brnf_call_arptables;
++ return brnf_call_iptables | brnf_call_ip6tables | brnf_call_arptables |
++ brnf_call_ebtables;
+}
+
static inline __be16 vlan_proto(const struct sk_buff *skb)
@@ -14,7 +18,11 @@
if (vlan_tx_tag_present(skb))
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
-@@ -491,12 +491,25 @@ static inline bool br_multicast_is_route
+@@ -488,15 +488,29 @@ static inline bool br_multicast_is_route
+
+ /* br_netfilter.c */
+ #ifdef CONFIG_BRIDGE_NETFILTER
++extern int brnf_call_ebtables;
extern int br_netfilter_init(void);
extern void br_netfilter_fini(void);
extern void br_netfilter_rtable_init(struct net_bridge *);
@@ -120,3 +128,19 @@
dev_queue_xmit);
}
+--- a/net/bridge/netfilter/ebtables.c
++++ b/net/bridge/netfilter/ebtables.c
+@@ -2399,11 +2399,13 @@ static int __init ebtables_init(void)
+ }
+
+ printk(KERN_INFO "Ebtables v2.0 registered\n");
++ brnf_call_ebtables = 1;
+ return 0;
+ }
+
+ static void __exit ebtables_fini(void)
+ {
++ brnf_call_ebtables = 0;
+ nf_unregister_sockopt(&ebt_sockopts);
+ xt_unregister_target(&ebt_standard_target);
+ printk(KERN_INFO "Ebtables v2.0 unregistered\n");
diff --git a/target/linux/generic/patches-3.3/644-bridge_optimize_netfilter_hooks.patch b/target/linux/generic/patches-3.3/644-bridge_optimize_netfilter_hooks.patch
index d2fdd614c..3b02c5cf9 100644
--- a/target/linux/generic/patches-3.3/644-bridge_optimize_netfilter_hooks.patch
+++ b/target/linux/generic/patches-3.3/644-bridge_optimize_netfilter_hooks.patch
@@ -1,3 +1,32 @@
+--- a/net/bridge/br_forward.c
++++ b/net/bridge/br_forward.c
+@@ -55,7 +55,7 @@ int br_dev_queue_push_xmit(struct sk_buf
+
+ int br_forward_finish(struct sk_buff *skb)
+ {
+- return NF_HOOK(NFPROTO_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev,
++ return BR_HOOK(NFPROTO_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev,
+ br_dev_queue_push_xmit);
+
+ }
+@@ -74,7 +74,7 @@ static void __br_deliver(const struct ne
+ return;
+ }
+
+- NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
++ BR_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
+ br_forward_finish);
+ }
+
+@@ -91,7 +91,7 @@ static void __br_forward(const struct ne
+ skb->dev = to->dev;
+ skb_forward_csum(skb);
+
+- NF_HOOK(NFPROTO_BRIDGE, NF_BR_FORWARD, skb, indev, skb->dev,
++ BR_HOOK(NFPROTO_BRIDGE, NF_BR_FORWARD, skb, indev, skb->dev,
+ br_forward_finish);
+ }
+
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
@@ -40,7 +40,7 @@ static int br_pass_frame_up(struct sk_bu
@@ -27,15 +56,30 @@
br_handle_frame_finish);
break;
default:
+--- a/net/bridge/br_multicast.c
++++ b/net/bridge/br_multicast.c
+@@ -827,7 +827,7 @@ static void __br_multicast_send_query(st
+ if (port) {
+ __skb_push(skb, sizeof(struct ethhdr));
+ skb->dev = port->dev;
+- NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
++ BR_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
+ dev_queue_xmit);
+ } else
+ netif_rx(skb);
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
-@@ -71,6 +71,11 @@ static int brnf_filter_pppoe_tagged __re
+@@ -71,6 +71,15 @@ static int brnf_filter_pppoe_tagged __re
#define IS_ARP(skb) \
(!vlan_tx_tag_present(skb) && skb->protocol == htons(ETH_P_ARP))
++int brnf_call_ebtables __read_mostly = 0;
++EXPORT_SYMBOL_GPL(brnf_call_ebtables);
++
+bool br_netfilter_run_hooks(void)
+{
-+ return brnf_call_iptables | brnf_call_ip6tables | brnf_call_arptables;
++ return brnf_call_iptables | brnf_call_ip6tables | brnf_call_arptables |
++ brnf_call_ebtables;
+}
+
static inline __be16 vlan_proto(const struct sk_buff *skb)
@@ -43,7 +87,11 @@
if (vlan_tx_tag_present(skb))
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
-@@ -493,12 +493,25 @@ static inline bool br_multicast_is_route
+@@ -490,15 +490,29 @@ static inline bool br_multicast_is_route
+
+ /* br_netfilter.c */
+ #ifdef CONFIG_BRIDGE_NETFILTER
++extern int brnf_call_ebtables;
extern int br_netfilter_init(void);
extern void br_netfilter_fini(void);
extern void br_netfilter_rtable_init(struct net_bridge *);
@@ -69,46 +117,6 @@
/* br_stp.c */
extern void br_log_state(const struct net_bridge_port *p);
extern struct net_bridge_port *br_get_port(struct net_bridge *br,
---- a/net/bridge/br_forward.c
-+++ b/net/bridge/br_forward.c
-@@ -55,7 +55,7 @@ int br_dev_queue_push_xmit(struct sk_buf
-
- int br_forward_finish(struct sk_buff *skb)
- {
-- return NF_HOOK(NFPROTO_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev,
-+ return BR_HOOK(NFPROTO_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev,
- br_dev_queue_push_xmit);
-
- }
-@@ -74,7 +74,7 @@ static void __br_deliver(const struct ne
- return;
- }
-
-- NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
-+ BR_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
- br_forward_finish);
- }
-
-@@ -91,7 +91,7 @@ static void __br_forward(const struct ne
- skb->dev = to->dev;
- skb_forward_csum(skb);
-
-- NF_HOOK(NFPROTO_BRIDGE, NF_BR_FORWARD, skb, indev, skb->dev,
-+ BR_HOOK(NFPROTO_BRIDGE, NF_BR_FORWARD, skb, indev, skb->dev,
- br_forward_finish);
- }
-
---- a/net/bridge/br_multicast.c
-+++ b/net/bridge/br_multicast.c
-@@ -827,7 +827,7 @@ static void __br_multicast_send_query(st
- if (port) {
- __skb_push(skb, sizeof(struct ethhdr));
- skb->dev = port->dev;
-- NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
-+ BR_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
- dev_queue_xmit);
- } else
- netif_rx(skb);
--- a/net/bridge/br_stp_bpdu.c
+++ b/net/bridge/br_stp_bpdu.c
@@ -52,7 +52,7 @@ static void br_send_bpdu(struct net_brid
@@ -120,3 +128,19 @@
dev_queue_xmit);
}
+--- a/net/bridge/netfilter/ebtables.c
++++ b/net/bridge/netfilter/ebtables.c
+@@ -2403,11 +2403,13 @@ static int __init ebtables_init(void)
+ }
+
+ printk(KERN_INFO "Ebtables v2.0 registered\n");
++ brnf_call_ebtables = 1;
+ return 0;
+ }
+
+ static void __exit ebtables_fini(void)
+ {
++ brnf_call_ebtables = 0;
+ nf_unregister_sockopt(&ebt_sockopts);
+ xt_unregister_target(&ebt_standard_target);
+ printk(KERN_INFO "Ebtables v2.0 unregistered\n");
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-26 12:17:58 +0000