var_cont* object_get_name(obj_t* object, ns_addr name)
{
N_ASSERT(object, "object_get_name\n");
var_cont* value = ns_get(object->names, 1, name);
return value;
}
static s32
icmpv6_error_message(struct vrf *vrf,
struct sk_buff *skb,
unsigned int icmp6off,
enum netsession_info *nsinfo,
unsigned int hooknum)
{
struct netsession_tuple intuple, origtuple;
const struct netsession_l4proto *inproto;
struct netsession_tuple *ret_tuple = NULL;
/* Are they talking about one of our connections? */
if (!ns_get_tuplepr(skb,
skb_network_header(skb) - skb->data
+ sizeof(struct ipv6hdr) + sizeof(struct icmp6hdr),
PF_INET6, &origtuple)) {
return -NS_ACCEPT;
}
/* rcu_read_lock()ed by nf_hook_slow */
inproto = __ns_l4proto_find(PF_INET6, origtuple.dst.protonum);
/* Ordinarily, we'd expect the inverted tupleproto, but it's
been preserved inside the ICMP. */
if (!ns_invert_tuple(&intuple, &origtuple,
&ns_l3proto_ipv6, inproto)) {
return -NS_ACCEPT;
}
*nsinfo = NS_RELATED;
ret_tuple = ns_search(&intuple, NULL);
if (!ret_tuple) {
return -NS_ACCEPT;
}
if(NS_DIRECTION(ret_tuple) == NS_DIR_REPLY)
*nsinfo += NS_IS_REPLY;
/* Update skb to refer to this connection */
skb->ns = &ns_tuple_to_netsession(ret_tuple)->ns_general;
ns_get(&ns_tuple_to_netsession(ret_tuple)->ns_general);
skb->nsinfo = *nsinfo;
return -NS_ACCEPT;
}
static inline s32 __ip6_ns_in(struct net_device *dev, u8 pf, u32 hooknum, struct sk_buff *skb)
{
struct sk_buff *reasm = skb->ns_reasm;
if (reasm)
{
if (!reasm->ns) {
s32 ret;
ret = ip_ns_in(dev, pf, hooknum, reasm);
if (ret != NF_ACCEPT)
return ret;
}
ns_get(reasm->ns);
skb->ns = reasm->ns;
skb->nsinfo= reasm->nsinfo;
return NF_ACCEPT;
}
return ip_ns_in(dev, pf, hooknum, skb);
}
static s32
icmpv6_error(struct vrf *vrf, struct sk_buff *skb, unsigned int dataoff,
enum netsession_info *nsinfo, u_int8_t pf, unsigned int hooknum)
{
const struct icmp6hdr *icmp6h;
struct icmp6hdr _ih;
s32 type;
icmp6h = skb_header_pointer(skb, dataoff, sizeof(_ih), &_ih);
if (icmp6h == NULL) {
return -NS_ACCEPT;
}
if (ns_need_checksum &&
ns_ip6_checksum(skb, hooknum, dataoff, IPPROTO_ICMPV6)) {
return -NS_ACCEPT;
}
if(skb->ns)
return NS_ACCEPT;
type = icmp6h->icmp6_type - 130;
if (type >= 0 && type < sizeof(noct_valid_new) &&
noct_valid_new[type]) {
skb->ns = &ns_untracked_get()->ns_general;
ns_get(skb->ns);
skb->nsinfo = NS_ESTABLISHED;
return NS_ACCEPT;
}
/* is not error message ? */
if (icmp6h->icmp6_type >= 128)
return NS_ACCEPT;
return icmpv6_error_message(vrf, skb, dataoff, nsinfo, hooknum);
}
