summaryrefslogtreecommitdiffstats
path: root/target/linux/realtek/files/net/rtl/features
diff options
context:
space:
mode:
authorRoman Yeryomin <roman@advem.lv>2013-05-17 20:40:24 +0300
committerRoman Yeryomin <roman@advem.lv>2013-05-17 20:40:24 +0300
commite6d87036412b952cb083eff2dc716aee97a771f2 (patch)
tree273dd3daaa85553832d3cc6d48276229dc7fbe09 /target/linux/realtek/files/net/rtl/features
parenta18fec42221baa52fff4c5ffd45ec8f32e3add36 (diff)
Move to rsdk 3.2.4. Compiles cleanly.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Diffstat (limited to 'target/linux/realtek/files/net/rtl/features')
-rw-r--r--target/linux/realtek/files/net/rtl/features/98/rtl_nf_connGC.S1603
-rw-r--r--target/linux/realtek/files/net/rtl/features/Makefile16
-rw-r--r--target/linux/realtek/files/net/rtl/features/lan_restrict.c442
-rw-r--r--target/linux/realtek/files/net/rtl/features/lan_restrict.h10
-rw-r--r--target/linux/realtek/files/net/rtl/features/rtl_features.c1007
-rw-r--r--target/linux/realtek/files/net/rtl/features/rtl_ps_hooks.c268
6 files changed, 1806 insertions, 1540 deletions
diff --git a/target/linux/realtek/files/net/rtl/features/98/rtl_nf_connGC.S b/target/linux/realtek/files/net/rtl/features/98/rtl_nf_connGC.S
index 38babadd1..7dda2baf2 100644
--- a/target/linux/realtek/files/net/rtl/features/98/rtl_nf_connGC.S
+++ b/target/linux/realtek/files/net/rtl/features/98/rtl_nf_connGC.S
@@ -91,16 +91,16 @@ drop_priority:
.half 120
.byte 11
.space 1
- .half 60
+ .half 85
.byte 1
.space 1
- .half 90
+ .half 110
.byte 2
.space 1
.half 30
.byte 12
.space 1
- .half 20
+ .half 10
.byte 3
.space 1
.half 120
@@ -294,13 +294,13 @@ $L8:
beq $2,$0,$L16
lui $2,%hi(rtl_newGC_session_status_flags)
- lui $2,%hi(init_net+468)
- lw $3,%lo(init_net+468)($2)
- lw $2,%lo(rtl_nf_conntrack_threshold)($4)
- slt $2,$2,$3
- beq $2,$0,$L9
- lui $4,%hi(rtl_newGC_session_status_flags)
+ jal rtl_gc_threshold_check
+ move $4,$0
+
+ bne $2,$0,$L9
+ lui $2,%hi(rtl_newGC_session_status_flags)
+ lui $4,%hi(rtl_newGC_session_status_flags)
li $3,3 # 0x3
lw $2,%lo(rtl_newGC_session_status_flags)($4)
beq $2,$3,$L3
@@ -314,7 +314,6 @@ $L8:
sw $2,%lo(rtl_newGC_session_status_time)($3)
$L9:
- lui $2,%hi(rtl_newGC_session_status_flags)
$L16:
sw $0,%lo(rtl_newGC_session_status_flags)($2)
$L3:
@@ -403,13 +402,13 @@ $L24:
beq $2,$0,$L32
lui $2,%hi(rtl_newGC_session_status_flags)
- lui $2,%hi(init_net+468)
- lw $3,%lo(init_net+468)($2)
- lw $2,%lo(rtl_nf_conntrack_threshold)($4)
- slt $2,$2,$3
- beq $2,$0,$L25
- lui $4,%hi(rtl_newGC_session_status_flags)
+ jal rtl_gc_threshold_check
+ move $4,$0
+
+ bne $2,$0,$L25
+ lui $2,%hi(rtl_newGC_session_status_flags)
+ lui $4,%hi(rtl_newGC_session_status_flags)
li $3,3 # 0x3
lw $2,%lo(rtl_newGC_session_status_flags)($4)
beq $2,$3,$L19
@@ -423,7 +422,6 @@ $L24:
sw $2,%lo(rtl_newGC_session_status_time)($3)
$L25:
- lui $2,%hi(rtl_newGC_session_status_flags)
$L32:
sw $0,%lo(rtl_newGC_session_status_flags)($2)
$L19:
@@ -452,56 +450,44 @@ clean_from_lists:
sw $17,20($sp)
move $17,$5
sw $16,16($sp)
- addiu $5,$4,4
+ move $5,$0
sw $31,24($sp)
- move $16,$4
- lw $3,4($4)
- lw $4,4($5)
- andi $2,$3,0x1
.set noreorder
.set nomacro
- bne $2,$0,$L38
- sw $3,0($4)
+ jal rtl_hlist_nulls_del_rcu
+ move $16,$4
.set macro
.set reorder
- sw $4,4($3)
-$L38:
- li $2,2097152 # 0x200000
- addiu $6,$16,52
- ori $7,$2,0x200
- sw $7,4($5)
- lw $3,52($16)
- lw $4,4($6)
- andi $2,$3,0x1
+ move $4,$16
.set noreorder
.set nomacro
- bne $2,$0,$L42
- sw $3,0($4)
+ jal rtl_hlist_nulls_del_rcu
+ li $5,1 # 0x1
.set macro
.set reorder
- sw $4,4($3)
-$L42:
+ jal local_bh_disable
+ move $4,$16
.set noreorder
.set nomacro
- jal local_bh_disable
- sw $7,4($6)
+ jal rtl_new_gc_get_ct_protonum
+ move $5,$0
.set macro
.set reorder
+ move $3,$2
li $2,6 # 0x6
- lbu $3,50($16)
.set noreorder
.set nomacro
- beq $3,$2,$L48
+ beq $3,$2,$L40
slt $2,$3,7
.set macro
.set reorder
.set noreorder
.set nomacro
- beq $2,$0,$L54
+ beq $2,$0,$L46
li $2,17 # 0x11
.set macro
.set reorder
@@ -509,22 +495,22 @@ $L42:
li $2,1 # 0x1
.set noreorder
.set nomacro
- beq $3,$2,$L52
- li $2,6 # 0x6
+ beq $3,$2,$L44
+ move $4,$16
.set macro
.set reorder
- j $L65
-$L54:
+ j $L55
+$L46:
.set noreorder
.set nomacro
- beq $3,$2,$L50
- lui $2,%hi(prot_counters+8)
+ beq $3,$2,$L42
+ move $4,$16
.set macro
.set reorder
- j $L47
-$L48:
+ j $L55
+$L40:
lui $2,%hi(prot_counters+4)
#APP
@@ -539,8 +525,9 @@ $L48:
.previous
#NO_APP
- j $L64
-$L50:
+ j $L54
+$L42:
+ lui $2,%hi(prot_counters+8)
#APP
@@ -554,8 +541,8 @@ $L50:
.previous
#NO_APP
- j $L64
-$L52:
+ j $L54
+$L44:
lui $2,%hi(prot_counters)
#APP
@@ -570,25 +557,44 @@ $L52:
.previous
#NO_APP
-$L64:
+$L54:
#APP
#NO_APP
-$L47:
- lbu $3,50($16)
- li $2,6 # 0x6
-$L65:
+ move $4,$16
+$L55:
.set noreorder
.set nomacro
- beq $3,$2,$L56
- li $2,17 # 0x11
+ jal rtl_new_gc_get_ct_protonum
+ move $5,$0
.set macro
.set reorder
- bne $3,$2,$L63
-$L56:
+ li $3,6 # 0x6
+ .set noreorder
+ .set nomacro
+ beq $2,$3,$L56
+ move $4,$16
+ .set macro
+ .set reorder
+
+ .set noreorder
+ .set nomacro
+ jal rtl_new_gc_get_ct_protonum
+ move $5,$0
+ .set macro
+ .set reorder
+
+ li $3,17 # 0x11
+ .set noreorder
+ .set nomacro
+ bne $2,$3,$L53
move $4,$16
+ .set macro
+ .set reorder
+
+$L56:
.set noreorder
.set nomacro
jal clean_from_lists_hooks
@@ -596,42 +602,42 @@ $L56:
.set macro
.set reorder
- addiu $5,$16,204
- lw $4,4($5)
- li $2,1048576 # 0x100000
- lw $3,204($16)
- ori $2,$2,0x100
- sw $3,0($4)
- sw $2,204($16)
- li $2,2097152 # 0x200000
- ori $2,$2,0x200
- sw $4,4($3)
- sw $2,4($5)
+ .set noreorder
+ .set nomacro
+ jal rtl_list_del
+ move $4,$16
+ .set macro
+ .set reorder
+
lui $2,%hi(nf_conntrack_max)
lw $2,%lo(nf_conntrack_max)($2)
.set noreorder
.set nomacro
- beq $2,$0,$L66
+ beq $2,$0,$L57
lui $2,%hi(rtl_newGC_session_status_flags)
.set macro
.set reorder
- lui $2,%hi(rtl_nf_conntrack_threshold)
- lw $3,468($17)
- lw $2,%lo(rtl_nf_conntrack_threshold)($2)
- slt $2,$2,$3
.set noreorder
.set nomacro
- beq $2,$0,$L59
- lui $4,%hi(rtl_newGC_session_status_flags)
+ jal rtl_gc_threshold_check
+ move $4,$17
+ .set macro
+ .set reorder
+
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L49
+ lui $2,%hi(rtl_newGC_session_status_flags)
.set macro
.set reorder
+ lui $4,%hi(rtl_newGC_session_status_flags)
li $3,3 # 0x3
lw $2,%lo(rtl_newGC_session_status_flags)($4)
.set noreorder
.set nomacro
- beq $2,$3,$L63
+ beq $2,$3,$L53
lui $2,%hi(jiffies)
.set macro
.set reorder
@@ -642,16 +648,15 @@ $L56:
addiu $2,$2,1
.set noreorder
.set nomacro
- j $L63
+ j $L53
sw $2,%lo(rtl_newGC_session_status_time)($3)
.set macro
.set reorder
-$L59:
- lui $2,%hi(rtl_newGC_session_status_flags)
-$L66:
+$L49:
+$L57:
sw $0,%lo(rtl_newGC_session_status_flags)($2)
-$L63:
+$L53:
jal local_bh_enable
move $4,$16
lw $31,24($sp)
@@ -684,7 +689,7 @@ rtl_death_action:
lw $3,200($4)
.set noreorder
.set nomacro
- beq $3,$0,$L74
+ beq $3,$0,$L65
move $16,$4
.set macro
.set reorder
@@ -692,33 +697,36 @@ rtl_death_action:
lbu $2,8($3)
.set noreorder
.set nomacro
- beq $2,$0,$L74
+ beq $2,$0,$L65
addu $3,$3,$2
.set macro
.set reorder
- beq $3,$0,$L74
+ beq $3,$0,$L65
lw $2,0($3)
- beq $2,$0,$L74
+ beq $2,$0,$L65
lw $2,64($2)
- beq $2,$0,$L74
+ beq $2,$0,$L65
jal $2
-$L74:
+$L65:
jal local_bh_disable
- move $5,$17
- lw $3,488($17)
+ .set noreorder
+ .set nomacro
+ jal rtl_nf_ct_stat_inc
+ move $4,$17
+ .set macro
+ .set reorder
+
move $4,$16
- lw $2,24($3)
- addiu $2,$2,1
.set noreorder
.set nomacro
jal clean_from_lists
- sw $2,24($3)
+ move $5,$17
.set macro
.set reorder
jal local_bh_enable
- beq $16,$0,$L67
+ beq $16,$0,$L58
#APP
@@ -737,7 +745,7 @@ $L74:
#NO_APP
.set noreorder
.set nomacro
- bne $2,$0,$L67
+ bne $2,$0,$L58
move $4,$16
.set macro
.set reorder
@@ -752,7 +760,7 @@ $L74:
.set macro
.set reorder
-$L67:
+$L58:
lw $31,24($sp)
lw $17,20($sp)
lw $16,16($sp)
@@ -771,143 +779,177 @@ $L67:
.type rtl_connGC_addList, @function
rtl_connGC_addList:
.set nomips16
- .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, gp= 0
- .mask 0x00000000,0
+ .frame $sp,32,$31 # vars= 0, regs= 3/0, args= 16, gp= 0
+ .mask 0x80030000,-8
.fmask 0x00000000,0
- lw $2,156($4)
- beq $2,$0,$L94
- lbu $3,9($2)
+ addiu $sp,$sp,-32
+ sw $17,20($sp)
+ move $17,$5
+ sw $16,16($sp)
+ sw $31,24($sp)
+ .set noreorder
+ .set nomacro
+ jal rtl_new_gc_ip_hdr
+ move $16,$4
+ .set macro
+ .set reorder
+
+ beq $2,$0,$L85
+ .set noreorder
+ .set nomacro
+ jal rtl_new_gc_get_skb_protocol
+ move $4,$16
+ .set macro
+ .set reorder
+
+ move $3,$2
li $2,6 # 0x6
.set noreorder
.set nomacro
- beq $3,$2,$L99
+ beq $3,$2,$L88
slt $2,$3,7
.set macro
.set reorder
.set noreorder
.set nomacro
- beq $2,$0,$L116
+ beq $2,$0,$L97
li $2,17 # 0x11
.set macro
.set reorder
li $2,1 # 0x1
- beq $3,$2,$L112
.set noreorder
.set nomacro
- j $31
- move $2,$0
+ beq $3,$2,$L95
+ lui $2,%hi(prot_counters)
.set macro
.set reorder
-$L116:
+ j $L85
+$L97:
+ beq $3,$2,$L91
+ j $L85
+$L88:
.set noreorder
.set nomacro
- beq $3,$2,$L104
- move $2,$0
+ jal rtl_new_gc_get_ct_tcp_state
+ move $4,$17
.set macro
.set reorder
- j $L119
-$L99:
- lbu $3,176($5)
- lui $2,%hi(Tcp_State_Hash_Head)
- addiu $2,$2,%lo(Tcp_State_Hash_Head)
- sll $3,$3,3
- addu $3,$3,$2
- lw $4,4($3)
- beq $4,$0,$L100
- lw $3,4($4)
- addiu $2,$5,204
- sw $4,204($5)
- sw $2,4($4)
- sw $2,0($3)
- sw $3,4($2)
-$L100:
+ lui $3,%hi(Tcp_State_Hash_Head)
+ sll $2,$2,3
+ addiu $3,$3,%lo(Tcp_State_Hash_Head)
+ addu $2,$2,$3
+ lw $2,4($2)
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L100
lui $2,%hi(prot_counters+4)
+ .set macro
+ .set reorder
+
+ move $4,$17
+ li $5,1 # 0x1
+ .set noreorder
+ .set nomacro
+ jal rtl_list_add_tail
+ move $6,$0
+ .set macro
+ .set reorder
+
+ lui $2,%hi(prot_counters+4)
+$L100:
#APP
- .set mips3
-1: ll $3, %lo(prot_counters+4)($2) # atomic_add
+ 1: ll $3, %lo(prot_counters+4)($2) # atomic_add
nop
addu $3, 1
- sc $3, %lo(prot_counters+4)($2)
+ sc $3, %lo(prot_counters+4)($2)
beqz $3, 2f
.subsection 2
-2: b 1b
- .previous
- .set mips0
+2: b 1b
+ .previous
#NO_APP
- j $L118
-$L104:
- lw $2,100($5)
- addiu $4,$5,204
+ j $L99
+$L91:
+ .set noreorder
+ .set nomacro
+ jal rtl_new_gc_get_ct_udp_status
+ move $4,$17
+ .set macro
+ .set reorder
+
andi $2,$2,0x2
.set noreorder
.set nomacro
- beq $2,$0,$L105
- lui $3,%hi(Udp_State_Hash_Head)
+ beq $2,$0,$L92
+ move $4,$17
+ .set macro
+ .set reorder
+
+ li $5,2 # 0x2
+ .set noreorder
+ .set nomacro
+ j $L98
+ li $6,1 # 0x1
.set macro
.set reorder
- addiu $2,$3,%lo(Udp_State_Hash_Head)
- lw $2,12($2)
- j $L117
-$L105:
- addiu $2,$3,%lo(Udp_State_Hash_Head)
- lw $2,4($2)
-$L117:
- lw $3,4($2)
- sw $2,204($5)
- sw $4,4($2)
+$L92:
+ li $5,2 # 0x2
+ move $6,$0
+$L98:
+ jal rtl_list_add_tail
lui $2,%hi(prot_counters+8)
- sw $4,0($3)
- sw $3,4($4)
#APP
- .set mips3
-1: ll $3, %lo(prot_counters+8)($2) # atomic_add
+ 1: ll $3, %lo(prot_counters+8)($2) # atomic_add
nop
addu $3, 1
- sc $3, %lo(prot_counters+8)($2)
+ sc $3, %lo(prot_counters+8)($2)
beqz $3, 2f
.subsection 2
-2: b 1b
- .previous
- .set mips0
+2: b 1b
+ .previous
#NO_APP
- j $L118
-$L112:
- lui $2,%hi(prot_counters)
+ j $L99
+$L95:
#APP
- .set mips3
-1: ll $4, %lo(prot_counters)($2) # atomic_add
+ 1: ll $4, %lo(prot_counters)($2) # atomic_add
nop
addu $4, $3
- sc $4, %lo(prot_counters)($2)
+ sc $4, %lo(prot_counters)($2)
beqz $4, 2f
.subsection 2
-2: b 1b
- .previous
- .set mips0
+2: b 1b
+ .previous
#NO_APP
-$L118:
+$L99:
#APP
#NO_APP
-$L94:
+$L85:
+ lw $31,24($sp)
move $2,$0
-$L119:
+ lw $17,20($sp)
+ lw $16,16($sp)
+ .set noreorder
+ .set nomacro
j $31
+ addiu $sp,$sp,32
+ .set macro
+ .set reorder
+
.end rtl_connGC_addList
.section .text.__nf_ct_refresh_acct_proto,"ax",@progbits
.align 2
@@ -916,962 +958,939 @@ $L119:
.type __nf_ct_refresh_acct_proto, @function
__nf_ct_refresh_acct_proto:
.set nomips16
- .frame $sp,64,$31 # vars= 8, regs= 7/0, args= 24, gp= 0
- .mask 0x803f0000,-8
+ .frame $sp,56,$31 # vars= 8, regs= 6/0, args= 24, gp= 0
+ .mask 0x801f0000,-4
.fmask 0x00000000,0
.set noreorder
.set nomacro
- addiu $sp,$sp,-64
- sw $17,36($sp)
- move $17,$4
- sw $21,52($sp)
- move $21,$6
+ addiu $sp,$sp,-56
+ sw $16,32($sp)
+ move $16,$4
sw $20,48($sp)
- move $20,$5
+ move $20,$6
sw $19,44($sp)
+ move $19,$5
sw $18,40($sp)
- sw $31,56($sp)
- sw $16,32($sp)
+ sw $17,36($sp)
+ sw $31,52($sp)
sw $0,24($sp)
- lbu $18,87($sp)
+ lbu $17,79($sp)
jal local_bh_disable
- move $19,$7
+ move $18,$7
- lw $2,100($17)
- srl $2,$2,10
- andi $2,$2,0x1
- bne $2,$0,$L156
- nop
+ move $4,$16
+ jal rtl_test_bit
+ li $5,10 # 0xa
- lw $2,100($17)
- srl $2,$2,3
- andi $2,$2,0x1
- bne $2,$0,$L129
- li $2,8 # 0x8
+ beq $2,$0,$L121
+ move $4,$16
+
+ jal rtl_test_bit
+ li $5,3 # 0x3
+
+ li $3,-1 # 0xffffffff
+ bne $2,$3,$L108
+ move $5,$18
- sw $19,116($17)
- j $L132
+ jal rtl_new_gc_set_ct_timeout_expires
+ move $4,$16
+
+ li $2,8 # 0x8
+ j $L109
sw $2,24($sp)
-$L129:
- addiu $16,$17,108
- jal del_timer
+$L108:
+ jal rtl_del_ct_timer
move $4,$16
- beq $2,$0,$L132
+ beq $2,$0,$L109
lui $2,%hi(jiffies)
move $4,$16
- lw $2,%lo(jiffies)($2)
- addu $2,$2,$19
- jal add_timer
- sw $2,116($17)
+ lw $5,%lo(jiffies)($2)
+ jal rtl_new_gc_set_ct_timeout_expires
+ addu $5,$5,$18
+
+ jal rtl_add_ct_timer
+ move $4,$16
li $2,8 # 0x8
sw $2,24($sp)
li $2,6 # 0x6
- beq $18,$2,$L135
+ beq $17,$2,$L112
li $2,17 # 0x11
- beq $18,$2,$L140
+ beq $17,$2,$L113
nop
- j $L132
+ j $L109
nop
-$L135:
- lw $3,92($sp)
- lui $2,%hi(Tcp_State_Hash_Head)
- addiu $4,$17,204
- addiu $2,$2,%lo(Tcp_State_Hash_Head)
- sll $3,$3,3
- lw $6,4($4)
- addu $3,$3,$2
- lw $5,204($17)
- lw $2,4($3)
- sw $6,4($5)
- lw $3,4($2)
- sw $5,0($6)
- sw $4,4($2)
- sw $2,204($17)
- sw $3,4($4)
- j $L132
- sw $4,0($3)
-
-$L140:
- lw $2,100($17)
- lw $6,204($17)
+$L112:
+ lw $6,84($sp)
+ move $4,$16
+ j $L120
+ li $5,1 # 0x1
+
+$L113:
+ jal rtl_new_gc_get_ct_udp_status
+ move $4,$16
+
andi $2,$2,0x2
- beq $2,$0,$L141
- addiu $5,$17,204
-
- lui $3,%hi(udp_assured_list)
- lw $2,4($5)
- j $L155
- addiu $3,$3,%lo(udp_assured_list)
-
-$L141:
- lui $3,%hi(udp_unreply_list)
- lw $2,4($5)
- addiu $3,$3,%lo(udp_unreply_list)
-$L155:
- sw $2,4($6)
- lw $4,4($3)
- sw $6,0($2)
- sw $5,4($3)
- sw $3,204($17)
- sw $4,4($5)
- sw $5,0($4)
-$L132:
- lw $7,80($sp)
+ beq $2,$0,$L114
+ move $4,$16
+
+ li $5,2 # 0x2
+ j $L120
+ li $6,1 # 0x1
+
+$L114:
+ li $5,2 # 0x2
+ move $6,$0
+$L120:
+ jal rtl_list_move_tail
+ nop
+
+$L109:
+ lw $7,72($sp)
addiu $2,$sp,24
- move $4,$17
- move $5,$20
- move $6,$21
+ move $4,$16
+ move $5,$19
+ move $6,$20
jal __nf_ct_refresh_acct_proto_hooks
sw $2,16($sp)
-$L156:
+$L121:
jal local_bh_enable
nop
- lw $31,56($sp)
- lw $21,52($sp)
+ lw $31,52($sp)
lw $20,48($sp)
lw $19,44($sp)
lw $18,40($sp)
lw $17,36($sp)
lw $16,32($sp)
j $31
- addiu $sp,$sp,64
+ addiu $sp,$sp,56
.set macro
.set reorder
.end __nf_ct_refresh_acct_proto
- .section .text.drop_one_conntrack,"ax",@progbits
+ .section .text.__conntrack_drop_check,"ax",@progbits
.align 2
- .globl drop_one_conntrack
- .ent drop_one_conntrack
- .type drop_one_conntrack, @function
-drop_one_conntrack:
+ .globl __conntrack_drop_check
+ .ent __conntrack_drop_check
+ .type __conntrack_drop_check, @function
+__conntrack_drop_check:
.set nomips16
- .frame $sp,64,$31 # vars= 0, regs= 9/0, args= 24, gp= 0
+ .frame $sp,56,$31 # vars= 0, regs= 9/0, args= 16, gp= 0
.mask 0x80ff0000,-8
.fmask 0x00000000,0
.set noreorder
.set nomacro
- addiu $sp,$sp,-64
- sw $31,56($sp)
- sw $23,52($sp)
- sw $22,48($sp)
- sw $21,44($sp)
- sw $20,40($sp)
- sw $19,36($sp)
- sw $18,32($sp)
- sw $17,28($sp)
- sw $16,24($sp)
- lhu $3,16($4)
- sltu $2,$3,1024
- bne $2,$0,$L157
- li $2,1 # 0x1
+ addiu $sp,$sp,-56
+ move $5,$0
+ sw $16,16($sp)
+ move $16,$4
+ sw $31,48($sp)
+ sw $23,44($sp)
+ sw $22,40($sp)
+ sw $21,36($sp)
+ sw $20,32($sp)
+ sw $19,28($sp)
+ sw $18,24($sp)
+ jal rtl_new_gc_get_ct_protonum
+ sw $17,20($sp)
- li $6,8080 # 0x1f90
- beq $3,$6,$L157
- nop
+ move $4,$16
+ move $5,$0
+ jal rtl_new_gc_get_ct_port_by_dir
+ move $6,$0
- lhu $3,36($4)
- sltu $2,$3,1024
- bne $2,$0,$L157
- li $2,1 # 0x1
+ move $4,$16
+ move $5,$0
+ li $6,1 # 0x1
+ jal rtl_new_gc_get_ct_port_by_dir
+ move $23,$2
+
+ move $4,$16
+ li $5,1 # 0x1
+ move $6,$0
+ jal rtl_new_gc_get_ct_port_by_dir
+ move $22,$2
+
+ move $4,$16
+ li $5,1 # 0x1
+ li $6,1 # 0x1
+ jal rtl_new_gc_get_ct_port_by_dir
+ move $21,$2
+
+ move $4,$16
+ move $5,$0
+ move $6,$0
+ jal rtl_new_gc_get_ct_ip_by_dir
+ move $20,$2
+
+ move $4,$16
+ move $5,$0
+ li $6,1 # 0x1
+ jal rtl_new_gc_get_ct_ip_by_dir
+ move $19,$2
+
+ move $4,$16
+ li $5,1 # 0x1
+ move $6,$0
+ jal rtl_new_gc_get_ct_ip_by_dir
+ move $17,$2
+
+ move $4,$16
+ li $5,1 # 0x1
+ li $6,1 # 0x1
+ jal rtl_new_gc_get_ct_ip_by_dir
+ move $18,$2
- beq $3,$6,$L157
+ li $5,-268435456 # 0xf0000000
+ move $3,$2
+ li $4,-536870912 # 0xe0000000
+ and $2,$17,$5
+ beq $2,$4,$L124
+ and $2,$3,$5
+
+ beq $2,$4,$L122
+ li $2,-1 # 0xffffffff
+
+ bne $19,$3,$L127
+ sltu $2,$23,1024
+
+ beq $17,$18,$L124
nop
- lhu $3,16($5)
- sltu $2,$3,1024
- bne $2,$0,$L157
- li $2,1 # 0x1
+$L127:
+ bne $2,$0,$L122
+ li $2,-1 # 0xffffffff
+
+ sltu $2,$22,1024
+ bne $2,$0,$L122
+ li $2,-1 # 0xffffffff
+
+ sltu $2,$21,1024
+ bne $2,$0,$L122
+ li $2,-1 # 0xffffffff
+
+ sltu $2,$20,1024
+ bne $2,$0,$L124
+ li $3,8080 # 0x1f90
- beq $3,$6,$L157
+ beq $23,$3,$L124
nop
- lhu $3,36($5)
- sltu $2,$3,1024
- bne $2,$0,$L157
- li $2,1 # 0x1
+ beq $22,$3,$L124
+ nop
- beq $3,$6,$L157
- li $7,-268435456 # 0xf0000000
+ beq $21,$3,$L122
+ li $2,-1 # 0xffffffff
+
+ bne $20,$3,$L122
+ move $2,$0
- lw $3,20($4)
- li $8,-536870912 # 0xe0000000
- and $2,$3,$7
- lw $4,0($4)
- beq $2,$8,$L394
- li $6,-1 # 0xffffffff
+$L124:
+ li $2,-1 # 0xffffffff
+$L122:
+ lw $31,48($sp)
+ lw $23,44($sp)
+ lw $22,40($sp)
+ lw $21,36($sp)
+ lw $20,32($sp)
+ lw $19,28($sp)
+ lw $18,24($sp)
+ lw $17,20($sp)
+ lw $16,16($sp)
+ j $31
+ addiu $sp,$sp,56
- beq $3,$6,$L157
+ .set macro
+ .set reorder
+ .end __conntrack_drop_check
+ .section .text.isReservedConntrack,"ax",@progbits
+ .align 2
+ .globl isReservedConntrack
+ .ent isReservedConntrack
+ .type isReservedConntrack, @function
+isReservedConntrack:
+ .set nomips16
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, gp= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .set nomacro
+
+ lbu $3,38($4)
li $2,1 # 0x1
+ beq $3,$2,$L128
+ li $7,1 # 0x1
+
+ lw $6,20($4)
+ li $8,-268435456 # 0xf0000000
+ li $9,-536870912 # 0xe0000000
+ and $2,$6,$8
+ lw $3,0($4)
+ beq $2,$9,$L139
+ li $7,-1 # 0xffffffff
+
+ beq $6,$7,$L139
+ nop
- beq $4,$0,$L157
+ beq $3,$0,$L139
nop
lw $3,20($5)
- lw $5,0($5)
- and $2,$3,$7
- beq $2,$8,$L157
- li $2,1 # 0x1
+ lw $6,0($5)
+ and $2,$3,$8
+ beq $2,$9,$L139
+ nop
- beq $3,$6,$L157
+ beq $3,$7,$L139
nop
- beq $5,$0,$L157
- lui $3,%hi(prot_counters+4)
+ beq $6,$0,$L139
+ li $3,80 # 0x50
+ lhu $2,16($4)
+ beq $2,$3,$L139
+ li $6,8080 # 0x1f90
+
+ beq $2,$6,$L139
+ nop
+
+ lhu $4,36($4)
+ beq $4,$3,$L139
+ nop
+
+ beq $4,$6,$L139
+ nop
+
+ lhu $2,16($5)
+ beq $2,$3,$L139
+ nop
+
+ beq $2,$6,$L139
+ nop
+
+ lhu $5,36($5)
+ beq $5,$3,$L156
+ li $7,1 # 0x1
+
+ bne $5,$6,$L128
+ move $7,$0
+
+$L139:
+ li $7,1 # 0x1
+$L128:
+$L156:
+ j $31
+ move $2,$7
+
+ .set macro
+ .set reorder
+ .end isReservedConntrack
+ .section .text.drop_one_conntrack,"ax",@progbits
+ .align 2
+ .globl drop_one_conntrack
+ .ent drop_one_conntrack
+ .type drop_one_conntrack, @function
+drop_one_conntrack:
+ .set nomips16
+ .frame $sp,64,$31 # vars= 0, regs= 10/0, args= 24, gp= 0
+ .mask 0xc0ff0000,-4
+ .fmask 0x00000000,0
+ .set noreorder
+ .set nomacro
+
+ addiu $sp,$sp,-64
lui $2,%hi(_prot_limit+4)
+ sw $31,60($sp)
+ lui $3,%hi(prot_counters+4)
+ sw $fp,56($sp)
+ sw $23,52($sp)
+ sw $22,48($sp)
+ sw $21,44($sp)
+ sw $20,40($sp)
+ sw $19,36($sp)
+ sw $18,32($sp)
+ sw $17,28($sp)
+ sw $16,24($sp)
lw $2,%lo(_prot_limit+4)($2)
lw $3,%lo(prot_counters+4)($3)
slt $2,$2,$3
- beq $2,$0,$L447
+ beq $2,$0,$L343
lui $2,%hi(_prot_limit+8)
+ lui $20,%hi(drop_priority_max_idx)
jal local_bh_disable
move $19,$0
+ lw $2,%lo(drop_priority_max_idx)($20)
+ blez $2,$L304
lui $3,%hi(drop_priority)
-$L449:
+
+$L344:
sll $2,$19,2
addiu $3,$3,%lo(drop_priority)
addu $2,$2,$3
lbu $3,0($2)
sltu $2,$3,10
- beq $2,$0,$L186
+ beq $2,$0,$L164
lui $2,%hi(Tcp_State_Hash_Head)
sll $3,$3,3
addiu $2,$2,%lo(Tcp_State_Hash_Head)
addu $3,$3,$2
lw $18,4($3)
- lw $4,0($18)
- beq $4,$18,$L186
- move $17,$4
+ lw $2,0($18)
+ beq $2,$18,$L164
+ move $17,$2
-$L437:
- beq $17,$18,$L186
+$L332:
+ beq $17,$18,$L164
addiu $16,$17,-204
- li $12,-268435456 # 0xf0000000
- lw $6,32($16)
- li $11,-536870912 # 0xe0000000
- lhu $10,28($16)
- and $2,$6,$12
- lhu $7,48($16)
- lhu $8,76($16)
- lhu $9,96($16)
- lw $4,12($16)
- lw $5,60($16)
- lw $3,80($16)
- beq $2,$11,$L192
- and $2,$3,$12
-
- beq $2,$11,$L192
- nop
-
- bne $4,$3,$L448
- sltu $2,$10,1024
-
- beq $6,$5,$L192
- nop
-
-$L448:
- bne $2,$0,$L192
- sltu $2,$7,1024
-
- bne $2,$0,$L192
- sltu $2,$8,1024
-
- bne $2,$0,$L192
- sltu $2,$9,1024
-
- bne $2,$0,$L192
- li $2,8080 # 0x1f90
-
- beq $10,$2,$L192
- nop
+ li $2,-1 # 0xffffffff
+ lb $3,212($16)
+ bne $3,$2,$L171
+ move $4,$16
- beq $7,$2,$L192
+ jal __conntrack_drop_check
nop
- beq $8,$2,$L192
- nop
+ sb $2,212($16)
+$L171:
+ lb $2,212($16)
+ bne $2,$0,$L170
+ move $4,$16
- beq $9,$2,$L192
+ jal rtl_del_ct_timer
nop
- jal del_timer
- addiu $4,$17,-96
-
- bne $2,$0,$L412
+ bne $2,$0,$L318
nop
-$L192:
+$L170:
lw $17,0($17)
- j $L437
+ j $L332
nop
-$L186:
+$L164:
+ lw $2,%lo(drop_priority_max_idx)($20)
addiu $19,$19,1
- sltu $2,$19,10
- bne $2,$0,$L449
+ slt $2,$19,$2
+ bne $2,$0,$L344
lui $3,%hi(drop_priority)
+$L304:
jal local_bh_enable
nop
lui $2,%hi(_prot_limit+8)
-$L447:
+$L343:
lui $3,%hi(prot_counters+8)
lw $2,%lo(_prot_limit+8)($2)
lw $3,%lo(prot_counters+8)($3)
slt $2,$2,$3
- beq $2,$0,$L216
- nop
+ beq $2,$0,$L182
+ lui $fp,%hi(drop_priority_max_idx)
+ lui $20,%hi(drop_priority_max_idx)
jal local_bh_disable
move $19,$0
+ lw $2,%lo(drop_priority_max_idx)($20)
+ blez $2,$L307
lui $3,%hi(drop_priority)
-$L451:
+
+$L345:
sll $2,$19,2
addiu $3,$3,%lo(drop_priority)
addu $2,$2,$3
lbu $3,0($2)
sltu $2,$3,11
- bne $2,$0,$L222
+ bne $2,$0,$L188
lui $2,%hi(Udp_State_Hash_Head)
sll $3,$3,3
addiu $2,$2,%lo(Udp_State_Hash_Head)
addu $3,$3,$2
lw $18,-84($3)
- lw $4,0($18)
- beq $4,$18,$L222
- move $17,$4
+ lw $2,0($18)
+ beq $2,$18,$L188
+ move $17,$2
-$L438:
- beq $17,$18,$L222
+$L333:
+ beq $17,$18,$L188
addiu $16,$17,-204
- li $12,-268435456 # 0xf0000000
- lw $6,32($16)
- li $11,-536870912 # 0xe0000000
- lhu $10,28($16)
- and $2,$6,$12
- lhu $7,48($16)
- lhu $8,76($16)
- lhu $9,96($16)
- lw $4,12($16)
- lw $5,60($16)
- lw $3,80($16)
- beq $2,$11,$L228
- and $2,$3,$12
-
- beq $2,$11,$L228
- nop
-
- bne $4,$3,$L450
- sltu $2,$10,1024
-
- beq $6,$5,$L228
- nop
-
-$L450:
- bne $2,$0,$L228
- sltu $2,$7,1024
-
- bne $2,$0,$L228
- sltu $2,$8,1024
-
- bne $2,$0,$L228
- sltu $2,$9,1024
-
- bne $2,$0,$L228
- li $2,8080 # 0x1f90
-
- beq $10,$2,$L228
- nop
+ li $2,-1 # 0xffffffff
+ lb $3,212($16)
+ bne $3,$2,$L195
+ move $4,$16
- beq $7,$2,$L228
+ jal __conntrack_drop_check
nop
- beq $8,$2,$L228
- nop
+ sb $2,212($16)
+$L195:
+ lb $2,212($16)
+ bne $2,$0,$L194
+ move $4,$16
- beq $9,$2,$L228
+ jal rtl_del_ct_timer
nop
- jal del_timer
- addiu $4,$17,-96
-
- bne $2,$0,$L412
+ bne $2,$0,$L318
nop
-$L228:
+$L194:
lw $17,0($17)
- j $L438
+ j $L333
nop
-$L222:
+$L188:
+ lw $2,%lo(drop_priority_max_idx)($20)
addiu $19,$19,1
- sltu $2,$19,10
- bne $2,$0,$L451
+ slt $2,$19,$2
+ bne $2,$0,$L345
lui $3,%hi(drop_priority)
+$L307:
jal local_bh_enable
- nop
+ lui $fp,%hi(drop_priority_max_idx)
- j $L216
+ j $L341
nop
-$L412:
+$L318:
jal local_bh_enable
nop
jal rtl_death_action
move $4,$16
- j $L446
+ j $L342
lui $4,%hi(rtl_newGC_session_status_flags)
-$L216:
+$L182:
+$L341:
jal local_bh_disable
move $19,$0
+ lw $2,%lo(drop_priority_max_idx)($fp)
+ blez $2,$L310
lui $22,%hi(drop_priority)
-$L456:
+
+$L346:
sll $21,$19,2
addiu $2,$22,%lo(drop_priority)
addu $2,$21,$2
lbu $2,0($2)
sltu $3,$2,10
- beq $3,$0,$L260
+ beq $3,$0,$L214
sll $4,$2,3
lui $2,%hi(Tcp_State_Hash_Head)
addiu $2,$2,%lo(Tcp_State_Hash_Head)
addu $2,$4,$2
lw $18,4($2)
- lw $4,0($18)
- beq $4,$18,$L293
+ lw $2,0($18)
+ beq $2,$18,$L235
li $23,3 # 0x3
- move $17,$4
+ move $17,$2
move $20,$0
-$L439:
- beq $17,$18,$L293
+$L334:
+ beq $17,$18,$L235
addiu $16,$17,-204
- li $12,-268435456 # 0xf0000000
- lw $6,32($16)
- li $11,-536870912 # 0xe0000000
- and $2,$6,$12
- lhu $7,28($16)
- lhu $8,48($16)
- lhu $9,76($16)
- lhu $10,96($16)
- lw $4,12($16)
- lw $5,60($16)
- lw $3,80($16)
- beq $2,$11,$L266
+ li $2,-1 # 0xffffffff
+ lb $3,212($16)
+ move $4,$16
+ bne $3,$2,$L221
addiu $20,$20,1
- and $2,$3,$12
- beq $2,$11,$L266
- nop
-
- bne $4,$3,$L452
- sltu $2,$7,1024
-
- beq $6,$5,$L266
- nop
-
-$L452:
- bne $2,$0,$L266
- sltu $2,$8,1024
-
- bne $2,$0,$L266
- sltu $2,$9,1024
-
- bne $2,$0,$L266
- sltu $2,$10,1024
-
- bne $2,$0,$L266
- li $2,8080 # 0x1f90
-
- beq $7,$2,$L266
+ jal __conntrack_drop_check
nop
- beq $8,$2,$L266
- nop
+ sb $2,212($16)
+$L221:
+ lb $2,212($16)
+ bne $2,$0,$L220
+ move $4,$16
- beq $9,$2,$L266
+ jal rtl_get_ct_timer_expires
nop
- beq $10,$2,$L266
- lui $2,%hi(jiffies)
-
+ lui $3,%hi(jiffies)
+ lw $5,%lo(jiffies)($3)
addiu $3,$22,%lo(drop_priority)
- lw $4,%lo(jiffies)($2)
addu $3,$21,$3
- lw $2,116($16)
+ subu $2,$2,$5
lhu $3,2($3)
- subu $2,$2,$4
srl $2,$2,7
sltu $3,$3,$2
- bne $3,$0,$L453
- slt $2,$20,1025
-
- jal del_timer
- addiu $4,$17,-96
+ bne $3,$0,$L223
+ move $4,$16
- beq $2,$0,$L453
- slt $2,$20,1025
+ jal rtl_del_ct_timer
+ nop
move $4,$16
move $5,$19
move $6,$0
+ beq $2,$0,$L223
li $7,1 # 0x1
+
jal __drop_one_conntrack_process_hooks1
sw $23,16($sp)
+ move $4,$16
move $3,$2
li $2,1 # 0x1
- beq $3,$2,$L413
- li $2,2 # 0x2
-
- beq $3,$2,$L440
move $5,$19
-
- move $4,$16
move $6,$0
+ beq $3,$2,$L319
li $7,1 # 0x1
+
+ li $2,2 # 0x2
+ beq $3,$2,$L246
+ li $3,1 # 0x1
+
jal __drop_one_conntrack_process_hooks2
sw $23,16($sp)
- slt $2,$20,1025
-$L453:
- beq $2,$0,$L316
+$L223:
+ slt $2,$20,129
+ beq $2,$0,$L246
move $3,$0
-$L266:
+$L220:
lw $17,0($17)
- j $L439
+ j $L334
nop
-$L413:
+$L319:
jal local_bh_enable
nop
jal rtl_death_action
move $4,$16
-$L440:
- j $L316
+ j $L246
li $3,1 # 0x1
-$L260:
+$L214:
lui $2,%hi(Udp_State_Hash_Head)
addiu $2,$2,%lo(Udp_State_Hash_Head)
addu $2,$4,$2
lw $18,-84($2)
- lw $4,0($18)
- beq $4,$18,$L293
+ lw $2,0($18)
+ beq $2,$18,$L235
li $23,12 # 0xc
- move $17,$4
+ move $17,$2
move $20,$0
-$L441:
- beq $17,$18,$L293
+$L336:
+ beq $17,$18,$L235
addiu $16,$17,-204
- li $12,-268435456 # 0xf0000000
- lw $6,32($16)
- li $11,-536870912 # 0xe0000000
- and $2,$6,$12
- lhu $7,28($16)
- lhu $8,48($16)
- lhu $9,76($16)
- lhu $10,96($16)
- lw $4,12($16)
- lw $5,60($16)
- lw $3,80($16)
- beq $2,$11,$L297
+ li $2,-1 # 0xffffffff
+ lb $3,212($16)
+ move $4,$16
+ bne $3,$2,$L240
addiu $20,$20,1
- and $2,$3,$12
- beq $2,$11,$L297
+ jal __conntrack_drop_check
nop
- bne $4,$3,$L454
- sltu $2,$7,1024
-
- beq $6,$5,$L297
- nop
-
-$L454:
- bne $2,$0,$L297
- sltu $2,$8,1024
-
- bne $2,$0,$L297
- sltu $2,$9,1024
-
- bne $2,$0,$L297
- sltu $2,$10,1024
-
- bne $2,$0,$L297
- li $2,8080 # 0x1f90
-
- beq $7,$2,$L297
- nop
-
- beq $8,$2,$L297
- nop
+ sb $2,212($16)
+$L240:
+ lb $2,212($16)
+ bne $2,$0,$L239
+ move $4,$16
- beq $9,$2,$L297
+ jal rtl_get_ct_timer_expires
nop
- beq $10,$2,$L297
- lui $2,%hi(jiffies)
-
+ lui $3,%hi(jiffies)
+ lw $5,%lo(jiffies)($3)
addiu $3,$22,%lo(drop_priority)
- lw $4,%lo(jiffies)($2)
addu $3,$21,$3
- lw $2,116($16)
+ subu $2,$2,$5
lhu $3,2($3)
- subu $2,$2,$4
srl $2,$2,7
sltu $3,$3,$2
- bne $3,$0,$L455
- slt $2,$20,1025
-
- jal del_timer
- addiu $4,$17,-96
+ bne $3,$0,$L242
+ move $4,$16
- beq $2,$0,$L455
- slt $2,$20,1025
+ jal rtl_del_ct_timer
+ nop
move $4,$16
move $5,$19
move $6,$0
+ beq $2,$0,$L242
li $7,1 # 0x1
+
jal __drop_one_conntrack_process_hooks1
sw $23,16($sp)
+ move $4,$16
move $3,$2
li $2,1 # 0x1
- beq $3,$2,$L413
- li $2,2 # 0x2
-
- beq $3,$2,$L440
move $5,$19
-
- move $4,$16
move $6,$0
+ beq $3,$2,$L319
li $7,1 # 0x1
+
+ li $2,2 # 0x2
+ beq $3,$2,$L246
+ li $3,1 # 0x1
+
jal __drop_one_conntrack_process_hooks2
sw $23,16($sp)
- slt $2,$20,1025
-$L455:
- beq $2,$0,$L316
+$L242:
+ slt $2,$20,129
+ beq $2,$0,$L246
move $3,$0
-$L297:
+$L239:
lw $17,0($17)
- j $L441
+ j $L336
nop
-$L293:
+$L235:
move $3,$0
-$L316:
+$L246:
li $2,1 # 0x1
- beq $3,$2,$L253
+ beq $3,$2,$L207
addiu $19,$19,1
- sltu $2,$19,10
- bne $2,$0,$L456
+ lw $2,%lo(drop_priority_max_idx)($fp)
+ slt $2,$19,$2
+ bne $2,$0,$L346
lui $22,%hi(drop_priority)
+$L310:
jal local_bh_enable
- move $19,$0
+ lui $fp,%hi(drop_priority_max_idx)
jal local_bh_disable
+ move $19,$0
+
+ lw $2,%lo(drop_priority_max_idx)($fp)
+ blez $2,$L314
lui $22,%hi(drop_priority)
-$L461:
+$L347:
sll $21,$19,2
addiu $2,$22,%lo(drop_priority)
addu $2,$21,$2
lbu $2,0($2)
sltu $3,$2,10
- beq $3,$0,$L330
+ beq $3,$0,$L260
sll $4,$2,3
lui $2,%hi(Tcp_State_Hash_Head)
addiu $2,$2,%lo(Tcp_State_Hash_Head)
addu $2,$4,$2
lw $18,4($2)
- lw $4,0($18)
- beq $4,$18,$L363
+ lw $2,0($18)
+ beq $2,$18,$L281
li $23,3 # 0x3
- move $17,$4
+ move $17,$2
move $20,$0
-$L442:
- beq $17,$18,$L363
+$L337:
+ beq $17,$18,$L281
addiu $16,$17,-204
- li $12,-268435456 # 0xf0000000
- lw $6,32($16)
- li $11,-536870912 # 0xe0000000
- and $2,$6,$12
- lhu $7,28($16)
- lhu $8,48($16)
- lhu $9,76($16)
- lhu $10,96($16)
- lw $4,12($16)
- lw $5,60($16)
- lw $3,80($16)
- beq $2,$11,$L336
+ li $2,-1 # 0xffffffff
+ lb $3,212($16)
+ move $4,$16
+ bne $3,$2,$L267
addiu $20,$20,1
- and $2,$3,$12
- beq $2,$11,$L336
- nop
-
- bne $4,$3,$L457
- sltu $2,$7,1024
-
- beq $6,$5,$L336
- nop
-
-$L457:
- bne $2,$0,$L336
- sltu $2,$8,1024
-
- bne $2,$0,$L336
- sltu $2,$9,1024
-
- bne $2,$0,$L336
- sltu $2,$10,1024
-
- bne $2,$0,$L336
- li $2,8080 # 0x1f90
-
- beq $7,$2,$L336
+ jal __conntrack_drop_check
nop
- beq $8,$2,$L336
- nop
+ sb $2,212($16)
+$L267:
+ lb $2,212($16)
+ bne $2,$0,$L266
+ move $4,$16
- beq $9,$2,$L336
+ jal rtl_get_ct_timer_expires
nop
- beq $10,$2,$L336
- lui $2,%hi(jiffies)
-
+ lui $3,%hi(jiffies)
+ lw $5,%lo(jiffies)($3)
addiu $3,$22,%lo(drop_priority)
- lw $4,%lo(jiffies)($2)
addu $3,$21,$3
- lw $2,116($16)
+ subu $2,$2,$5
lhu $3,2($3)
- subu $2,$2,$4
srl $2,$2,9
sltu $3,$3,$2
- bne $3,$0,$L458
- slt $2,$20,1025
-
- jal del_timer
- addiu $4,$17,-96
+ bne $3,$0,$L269
+ move $4,$16
- beq $2,$0,$L458
- slt $2,$20,1025
+ jal rtl_del_ct_timer
+ nop
move $4,$16
move $5,$19
li $6,2 # 0x2
+ beq $2,$0,$L269
move $7,$0
+
jal __drop_one_conntrack_process_hooks1
sw $23,16($sp)
+ move $4,$16
move $3,$2
li $2,1 # 0x1
- beq $3,$2,$L418
- li $2,2 # 0x2
-
- beq $3,$2,$L443
move $5,$19
-
- move $4,$16
li $6,2 # 0x2
+ beq $3,$2,$L324
move $7,$0
+
+ li $2,2 # 0x2
+ beq $3,$2,$L292
+ li $3,1 # 0x1
+
jal __drop_one_conntrack_process_hooks2
sw $23,16($sp)
- slt $2,$20,1025
-$L458:
- beq $2,$0,$L386
+$L269:
+ slt $2,$20,129
+ beq $2,$0,$L292
move $3,$0
-$L336:
+$L266:
lw $17,0($17)
- j $L442
+ j $L337
nop
-$L418:
+$L324:
jal local_bh_enable
nop
jal rtl_death_action
move $4,$16
-$L443:
- j $L386
+ j $L292
li $3,1 # 0x1
-$L330:
+$L260:
lui $2,%hi(Udp_State_Hash_Head)
addiu $2,$2,%lo(Udp_State_Hash_Head)
addu $2,$4,$2
lw $18,-84($2)
- lw $4,0($18)
- beq $4,$18,$L363
+ lw $2,0($18)
+ beq $2,$18,$L281
li $23,12 # 0xc
- move $17,$4
+ move $17,$2
move $20,$0
-$L444:
- beq $17,$18,$L363
+$L339:
+ beq $17,$18,$L281
addiu $16,$17,-204
- li $12,-268435456 # 0xf0000000
- lw $6,32($16)
- li $11,-536870912 # 0xe0000000
- and $2,$6,$12
- lhu $7,28($16)
- lhu $8,48($16)
- lhu $9,76($16)
- lhu $10,96($16)
- lw $4,12($16)
- lw $5,60($16)
- lw $3,80($16)
- beq $2,$11,$L367
+ li $2,-1 # 0xffffffff
+ lb $3,212($16)
+ move $4,$16
+ bne $3,$2,$L286
addiu $20,$20,1
- and $2,$3,$12
- beq $2,$11,$L367
- nop
-
- bne $4,$3,$L459
- sltu $2,$7,1024
-
- beq $6,$5,$L367
- nop
-
-$L459:
- bne $2,$0,$L367
- sltu $2,$8,1024
-
- bne $2,$0,$L367
- sltu $2,$9,1024
-
- bne $2,$0,$L367
- sltu $2,$10,1024
-
- bne $2,$0,$L367
- li $2,8080 # 0x1f90
-
- beq $7,$2,$L367
+ jal __conntrack_drop_check
nop
- beq $8,$2,$L367
- nop
+ sb $2,212($16)
+$L286:
+ lb $2,212($16)
+ bne $2,$0,$L285
+ move $4,$16
- beq $9,$2,$L367
+ jal rtl_get_ct_timer_expires
nop
- beq $10,$2,$L367
- lui $2,%hi(jiffies)
-
+ lui $3,%hi(jiffies)
+ lw $5,%lo(jiffies)($3)
addiu $3,$22,%lo(drop_priority)
- lw $4,%lo(jiffies)($2)
addu $3,$21,$3
- lw $2,116($16)
+ subu $2,$2,$5
lhu $3,2($3)
- subu $2,$2,$4
srl $2,$2,9
sltu $3,$3,$2
- bne $3,$0,$L460
- slt $2,$20,1025
-
- jal del_timer
- addiu $4,$17,-96
+ bne $3,$0,$L288
+ move $4,$16
- beq $2,$0,$L460
- slt $2,$20,1025
+ jal rtl_del_ct_timer
+ nop
move $4,$16
move $5,$19
li $6,2 # 0x2
+ beq $2,$0,$L288
move $7,$0
+
jal __drop_one_conntrack_process_hooks1
sw $23,16($sp)
+ move $4,$16
move $3,$2
li $2,1 # 0x1
- beq $3,$2,$L418
- li $2,2 # 0x2
-
- beq $3,$2,$L443
move $5,$19
-
- move $4,$16
li $6,2 # 0x2
+ beq $3,$2,$L324
move $7,$0
+
+ li $2,2 # 0x2
+ beq $3,$2,$L292
+ li $3,1 # 0x1
+
jal __drop_one_conntrack_process_hooks2
sw $23,16($sp)
- slt $2,$20,1025
-$L460:
- beq $2,$0,$L386
+$L288:
+ slt $2,$20,129
+ beq $2,$0,$L292
move $3,$0
-$L367:
+$L285:
lw $17,0($17)
- j $L444
+ j $L339
nop
-$L363:
+$L281:
move $3,$0
-$L386:
+$L292:
li $2,1 # 0x1
- beq $3,$2,$L253
+ beq $3,$2,$L207
addiu $19,$19,1
- sltu $2,$19,10
- bne $2,$0,$L461
+ lw $2,%lo(drop_priority_max_idx)($fp)
+ slt $2,$19,$2
+ bne $2,$0,$L347
lui $22,%hi(drop_priority)
- j $L436
+ j $L314
nop
-$L253:
+$L207:
lui $4,%hi(rtl_newGC_session_status_flags)
-$L446:
+$L342:
lw $2,%lo(rtl_newGC_session_status_flags)($4)
- bne $2,$0,$L394
+ bne $2,$0,$L300
nop
lui $2,%hi(jiffies)
@@ -1881,18 +1900,18 @@ $L446:
lui $2,%hi(rtl_newGC_session_status_time)
addiu $3,$3,1
sw $3,%lo(rtl_newGC_session_status_time)($2)
-$L394:
+$L300:
j $L157
li $2,1 # 0x1
-$L436:
+$L314:
jal local_bh_enable
nop
lui $4,%hi(rtl_newGC_session_status_flags)
lw $2,%lo(rtl_newGC_session_status_flags)($4)
li $3,1 # 0x1
- beq $2,$3,$L396
+ beq $2,$3,$L302
lui $2,%hi(jiffies)
lw $2,%lo(jiffies)($2)
@@ -1900,10 +1919,11 @@ $L436:
lui $3,%hi(rtl_newGC_session_status_time)
addiu $2,$2,200
sw $2,%lo(rtl_newGC_session_status_time)($3)
-$L396:
+$L302:
move $2,$0
$L157:
- lw $31,56($sp)
+ lw $31,60($sp)
+ lw $fp,56($sp)
lw $23,52($sp)
lw $22,48($sp)
lw $21,44($sp)
@@ -1925,45 +1945,46 @@ $L157:
.type rtl_nf_conn_GC_init, @function
rtl_nf_conn_GC_init:
.set nomips16
- .frame $sp,24,$31 # vars= 0, regs= 2/0, args= 16, gp= 0
- .mask 0x80010000,-4
+ .frame $sp,32,$31 # vars= 0, regs= 3/0, args= 16, gp= 0
+ .mask 0x80030000,-8
.fmask 0x00000000,0
.set noreorder
.set nomacro
lui $2,%hi(Tcp_State_Hash_Head)
- addiu $sp,$sp,-24
+ addiu $sp,$sp,-32
addiu $2,$2,%lo(Tcp_State_Hash_Head)
li $5,10 # 0xa
- sw $31,20($sp)
+ sw $31,24($sp)
addiu $2,$2,4
+ sw $17,20($sp)
sw $16,16($sp)
-$L468:
+$L354:
lw $3,0($2)
addiu $5,$5,-1
- beq $3,$0,$L465
+ beq $3,$0,$L351
addiu $2,$2,8
sw $3,4($3)
sw $3,0($3)
-$L465:
- bgez $5,$L468
+$L351:
+ bgez $5,$L354
nop
lui $2,%hi(Udp_State_Hash_Head)
li $5,1 # 0x1
addiu $2,$2,%lo(Udp_State_Hash_Head)
addiu $2,$2,4
-$L474:
+$L360:
lw $3,0($2)
addiu $5,$5,-1
- beq $3,$0,$L471
+ beq $3,$0,$L357
addiu $2,$2,8
sw $3,4($3)
sw $3,0($3)
-$L471:
- bgez $5,$L474
+$L357:
+ bgez $5,$L360
lui $16,%hi(prot_limit)
move $5,$0
@@ -1977,47 +1998,50 @@ $L471:
addiu $6,$2,%lo(_prot_limit)
move $5,$0
sll $2,$5,2
-$L497:
+$L383:
addiu $5,$5,1
addu $4,$2,$6
slt $3,$5,3
addu $2,$2,$7
sw $0,0($2)
sw $0,0($4)
- bne $3,$0,$L497
+ bne $3,$0,$L383
sll $2,$5,2
lui $2,%hi(nf_conntrack_max)
- addiu $3,$16,%lo(prot_limit)
+ li $3,10 # 0xa
lw $6,%lo(nf_conntrack_max)($2)
lui $2,%hi(_prot_limit)
- addiu $10,$2,%lo(_prot_limit)
+ addiu $9,$2,%lo(_prot_limit)
+ lui $2,%hi(drop_priority_max_idx)
+ sw $3,%lo(drop_priority_max_idx)($2)
li $2,2 # 0x2
sw $2,%lo(prot_limit)($16)
- li $2,90 # 0x5a
- sw $2,4($3)
li $2,1374355456 # 0x51eb0000
- lui $7,%hi(rtl_newGC_session_status_flags)
- ori $8,$2,0x851f
+ addiu $4,$16,%lo(prot_limit)
+ ori $7,$2,0x851f
+ li $2,90 # 0x5a
+ lui $17,%hi(rtl_newGC_session_status_flags)
+ sw $2,4($4)
li $2,60 # 0x3c
- move $9,$3
- sw $2,8($3)
+ move $8,$4
move $5,$0
- sw $0,%lo(rtl_newGC_session_status_flags)($7)
+ sw $2,8($4)
+ sw $0,%lo(rtl_newGC_session_status_flags)($17)
sll $3,$5,2
-$L498:
+$L384:
addiu $5,$5,1
- addu $2,$3,$9
+ addu $2,$3,$8
slt $4,$5,3
lw $2,0($2)
- addu $3,$3,$10
+ addu $3,$3,$9
mult $6,$2
mflo $2
- multu $2,$8
+ multu $2,$7
mfhi $2
srl $2,$2,5
sw $2,0($3)
- bne $4,$0,$L498
+ bne $4,$0,$L384
sll $3,$5,2
li $3,-859045888 # 0xcccc0000
@@ -2029,45 +2053,46 @@ $L498:
srl $2,$2,2
subu $3,$6,$2
sltu $3,$3,65
- bne $3,$0,$L484
+ bne $3,$0,$L370
sw $2,%lo(rtl_nf_conntrack_threshold)($4)
addiu $2,$6,-64
sw $2,%lo(rtl_nf_conntrack_threshold)($4)
-$L484:
+$L370:
lui $2,%hi(nf_conntrack_max)
lw $2,%lo(nf_conntrack_max)($2)
- beq $2,$0,$L485
- lui $2,%hi(init_net+468)
+ beq $2,$0,$L371
+ nop
- lw $3,%lo(init_net+468)($2)
- lw $2,%lo(rtl_nf_conntrack_threshold)($4)
- slt $2,$2,$3
- beq $2,$0,$L485
+ jal rtl_gc_threshold_check
+ move $4,$0
+
+ bne $2,$0,$L371
li $3,3 # 0x3
- lw $2,%lo(rtl_newGC_session_status_flags)($7)
- beq $2,$3,$L488
+ lw $2,%lo(rtl_newGC_session_status_flags)($17)
+ beq $2,$3,$L374
lui $2,%hi(jiffies)
lw $2,%lo(jiffies)($2)
- sw $3,%lo(rtl_newGC_session_status_flags)($7)
+ sw $3,%lo(rtl_newGC_session_status_flags)($17)
lui $3,%hi(rtl_newGC_session_status_time)
addiu $2,$2,1
- j $L488
+ j $L374
sw $2,%lo(rtl_newGC_session_status_time)($3)
-$L485:
- sw $0,%lo(rtl_newGC_session_status_flags)($7)
-$L488:
+$L371:
+ sw $0,%lo(rtl_newGC_session_status_flags)($17)
+$L374:
jal rtl_nf_conn_GC_init_hooks
nop
move $2,$0
- lw $31,20($sp)
+ lw $31,24($sp)
+ lw $17,20($sp)
lw $16,16($sp)
j $31
- addiu $sp,$sp,24
+ addiu $sp,$sp,32
.set macro
.set reorder
@@ -2079,6 +2104,12 @@ $L488:
.size rtl_nf_conntrack_threshold, 4
rtl_nf_conntrack_threshold:
.space 4
+ .globl drop_priority_max_idx
+ .align 2
+ .type drop_priority_max_idx, @object
+ .size drop_priority_max_idx, 4
+drop_priority_max_idx:
+ .space 4
.globl rtl_newGC_session_status_flags
.section .dram-fwd,"aw",@progbits
.align 2
diff --git a/target/linux/realtek/files/net/rtl/features/Makefile b/target/linux/realtek/files/net/rtl/features/Makefile
index 1e34bfa4f..229e483b2 100644
--- a/target/linux/realtek/files/net/rtl/features/Makefile
+++ b/target/linux/realtek/files/net/rtl/features/Makefile
@@ -3,17 +3,27 @@
#
#EXTRA_CFLAGS += -I $(DIR_LINUX)/drivers/net/rtl819x
-EXTRA_CFLAGS += -I $(TOPDIR)/net
+EXTRA_CFLAGS += -I $(DIR_LINUX)/net
EXTRA_CFLAGS += -D__KERNEL__
#EXTRA_CFLAGS += -Wno-implicit -Werror
#EXTRA_CFLAGS += -DCONFIG_RTK_IPTABLES_FAST_PATH
#EXTRA_CFLAGS += -DCONFIG_FAST_PATH_MODULE
+ifeq ($(CONFIG_RTL_819XD),y)
+TARGET = 9xD
+endif
+
+ifeq ($(CONFIG_RTL_8196E),y)
+TARGET = 96E
+endif
+
ifeq ($(CONFIG_RTL_8198),y)
TARGET = 98
-else
-TARGET = 96C
+endif
+
+ifeq ($(CONFIG_RTL_8196C),y)
+TARGET = 96E
endif
EFEATURES_OBJ=rtl_features.o rtl_ps_hooks.o
diff --git a/target/linux/realtek/files/net/rtl/features/lan_restrict.c b/target/linux/realtek/files/net/rtl/features/lan_restrict.c
deleted file mode 100644
index 8f09a9409..000000000
--- a/target/linux/realtek/files/net/rtl/features/lan_restrict.c
+++ /dev/null
@@ -1,442 +0,0 @@
-#include <linux/module.h>
-#include <linux/proc_fs.h>
-#include <linux/types.h>
-#include <linux/errno.h>
-#include <linux/sched.h>
-#include <linux/kernel.h>
-#include <linux/kernel_stat.h>
-#include <linux/init.h>
-#include <linux/module.h>
-#include <linux/slab.h>
-#include <asm/uaccess.h>
-//#include <linux/brlock.h>
-#include <linux/net.h>
-#include <linux/socket.h>
-
-#include <linux/netdevice.h>
-#include <linux/etherdevice.h>
-#include <linux/string.h>
-#include <net/ip.h>
-#include <net/protocol.h>
-#include <net/route.h>
-#include <net/sock.h>
-#include <net/arp.h>
-#include <net/raw.h>
-#include <net/checksum.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter_ipv4.h>
-#include <linux/netlink.h>
-#include <linux/inetdevice.h>
-#include "lan_restrict.h"
-
-static char lan_restrict_flag[1024];
-int8 enable_lanrestrict = FALSE;
-static struct proc_dir_entry *res=NULL;
-
-static inline int _strncasecmp(const char *s1, const char *s2, unsigned int n)
-{
- if (n == 0)
- return 0;
-
- while ((n-- != 0)
- && (tolower(*(unsigned char *) s1) ==
- tolower(*(unsigned char *) s2))) {
- if (n == 0 || *s1 == '\0' || *s2 == '\0')
- return 0;
- s1++;
- s2++;
- }
-
- return tolower(*(unsigned char *) s1) - tolower(*(unsigned char *) s2);
-}
-
-int lan_restrict_rcv(struct sk_buff *skb, struct net_device *dev)
-{
- int32 found = FAILED;
- ether_addr_t *macAddr;
-// int8 port_num;
- int32 column;
- int32 SrcBlk;
-
- if ((memcmp(skb->dev->name, RTL_PS_BR0_DEV_NAME, 3) ==0) || (memcmp(skb->dev->name, RTL_PS_LAN_P0_DEV_NAME, 4) ==0) )
- {
- macAddr = (ether_addr_t *)(eth_hdr(skb)->h_source);
- found = rtl_check_fdb_entry_check_exist(RTL_LAN_FID, macAddr, FDB_DYNAMIC);
-/* printk("\nrecv packet from dev:%s\n", skb->dev->name);*/
- /*can found in asic , do noting here , in linux fdb module , it can be authed*/
- if (found == SUCCESS )
- {
-#if 0
- port_num = rtl865x_ConvertPortMasktoPortNum(fdbEntry.memberPortMask);
-
- if (lan_restrict_tbl[port_num].enable == TRUE)
- {
- if ((lan_restrict_tbl[port_num].curr_num < lan_restrict_tbl[port_num].max_num))
- {
-/* printk("\nPASS:lan_restrict_tbl[%d] current number is %d\n", port_num, lan_restrict_tbl[port_num].curr_num);*/
- return NET_RX_SUCCESS;
- }
- else
- {
- if (fdbEntry.auth == TRUE)
- {
-/* printk("\nPASS1:lan_restrict_tbl[%d] current number is %d\n", port_num, lan_restrict_tbl[port_num].curr_num);*/
- return NET_RX_SUCCESS;
- }
- else
- {
-/* printk("\nDROP:lan_restrict_tbl[%d] current number is %d\n", port_num, lan_restrict_tbl[port_num].curr_num);*/
- l2temp_entry.l2type = (fdbEntry.nhFlag==0)?RTL865x_L2_TYPEI: RTL865x_L2_TYPEII;
- l2temp_entry.process = FDB_TYPE_FWD;
- l2temp_entry.memberPortMask = fdbEntry.memberPortMask;
- l2temp_entry.auth = FALSE;
- l2temp_entry.SrcBlk = TRUE;
- memcpy(&(l2temp_entry.macAddr), macAddr, sizeof(ether_addr_t));
- rtl865x_addAuthFilterDatabaseEntryExtension(fdbEntry.fid, &l2temp_entry);
- return NET_RX_AUTH_BLOCK;
- }
- }
- }
- else
- {
- return NET_RX_SUCCESS;
- }
-#endif
- return NET_RX_SUCCESS;
- }
- else
- {
-/* printk(" \nnot found in hw table, src port is %d\n", skb->srcPort);*/
- if (lan_restrict_tbl[skb->srcPort].enable == TRUE)
- {
- /*found in sw l2 table*/
- if(rtl_check_fdb_entry_check_srcBlock(0, macAddr, &SrcBlk) == SUCCESS)
- {
- if (SrcBlk == TRUE)/*sw block*/
- {
- return NET_RX_AUTH_BLOCK;
- }
- else
- {
- return NET_RX_SUCCESS;
- }
- }
- else /*not found in sw l2 table*/
- {
-/* printk(" \nnot found ind hw and sw table\n");*/
- if ((lan_restrict_tbl[skb->srcPort].curr_num < lan_restrict_tbl[skb->srcPort].max_num))
- {
- /*try to add into sw l2 table*/
-/* printk("\ntry to add into sw l2 table\n");*/
- rtl865x_addAuthFDBEntry((unsigned char *)macAddr, TRUE, skb->srcPort);
- return NET_RX_SUCCESS;
- }
- else
- {
- return NET_RX_AUTH_BLOCK;
- }
- }
-
- }
- else
- {
-/* printk("dev name is %s\n", skb->dev->name);*/
- return NET_RX_SUCCESS;
- }
- }
- }
- else
- {
- return NET_RX_SUCCESS;
- }
-}
-#if 0
-static struct packet_type lan_restrict_packet_type = {
- .type = __constant_htons(ETH_P_ALL),
- .func = lan_restrict_rcv,
-};
-#endif
-static int lan_restrict_tbl_int(void)
-{
- uint8 i;
-
- for (i=0; i < LAN_RESTRICT_PORT_NUMBER; i++ )
- {
- lan_restrict_tbl[i].port_num = 0;
- lan_restrict_tbl[i].enable = FALSE;
- lan_restrict_tbl[i].max_num = 0;
- lan_restrict_tbl[i].curr_num = 0;
- }
- return TRUE;
-}
-
-static int lan_restrict_tbl_reset(void)
-{
- uint8 i;
-
- for (i=0; i < LAN_RESTRICT_PORT_NUMBER; i++ )
- {
- lan_restrict_tbl[i].port_num = 0;
- lan_restrict_tbl[i].enable = FALSE;
- lan_restrict_tbl[i].max_num = 0;
- lan_restrict_tbl[i].curr_num = 0;
- }
- return TRUE;
-}
-
-
-static int lan_restrict_set_singleport(uint8 portnum , int8 enable, int32 max_num)
-{
- int32 ret;
- if (enable == TRUE)
- {
- lan_restrict_tbl[portnum].max_num = max_num;
- }
- else
- {
- lan_restrict_tbl[portnum].max_num = 0;
- }
-
- ret =rtl865x_setRestrictPortNum(portnum, enable, max_num);
- return ret;
-}
-
-static int lan_restrict_perport_setting(void)
-{
- int i;
- for (i=0; i < LAN_RESTRICT_PORT_NUMBER; i++ )
- {
- lan_restrict_set_singleport(lan_restrict_tbl[i].port_num, lan_restrict_tbl[i].enable, lan_restrict_tbl[i].max_num);
- }
- return TRUE;
-}
-
-static int lan_restrict_enable(void)
-{
- /*
- enable
- */
- rtl865x_enableLanPortNumRestrict(TRUE);
- lan_restrict_perport_setting();
- return TRUE;
-}
-
-static int lan_restrict_disable(void)
-{
- /*
- disable
- */
- rtl865x_enableLanPortNumRestrict(FALSE);
- lan_restrict_tbl_reset();
- lan_restrict_perport_setting();
- return TRUE;
-}
-/*
-int32 lanrestrict_addfdbentry(const unsigned char *addr)
-{
- int32 found = FAILED;
- ether_addr_t *macAddr;
- int32 ret=FAILED;
- int8 port_num;
- int32 column;
- rtl865x_tblAsicDrv_l2Param_t fdbEntry;
- rtl865x_filterDbTableEntry_t l2temp_entry;
-
- macAddr = (ether_addr_t *)(addr);
- found = rtl865x_Lookup_fdb_entry(0, macAddr, FDB_DYNAMIC, &column, &fdbEntry);
- if (found == SUCCESS )
- {
- port_num = rtl865x_ConvertPortMasktoPortNum(fdbEntry.memberPortMask);
-
- if (rtl865x_lookup_FilterDatabaseEntry(fdbEntry.fid, macAddr) != SUCCESS)
- {
- l2temp_entry.l2type = (fdbEntry.nhFlag==0)?RTL865x_L2_TYPEI: RTL865x_L2_TYPEII;
- l2temp_entry.process = FDB_TYPE_FWD;
- l2temp_entry.memberPortMask = fdbEntry.memberPortMask;
- l2temp_entry.auth = TRUE;
- l2temp_entry.SrcBlk = FALSE;
- memcpy(&(l2temp_entry.macAddr), macAddr, sizeof(ether_addr_t));
- ret =rtl865x_addAuthFilterDatabaseEntryExtension(fdbEntry.fid, &l2temp_entry);
- }
- }
- return ret;
-}
-*/
-
-int32 lan_restrict_getBlockAddr(int32 port , const unsigned char *swap_addr)
-{
- int32 ret = FAILED;
-
- if (lan_restrict_tbl[port].enable == TRUE)
- {
- ret = rtl865x_check_authfdbentry_Byport(port , swap_addr);
- }
-
- return ret;
-}
-
-int32 lan_restrict_CheckStatusByport(int32 port)
-{
- if (lan_restrict_tbl[port].enable == TRUE)
- {
- if (lan_restrict_tbl[port].curr_num < lan_restrict_tbl[port].max_num)
- {
- return TRUE;
- }
- else
- {
- return FALSE;
- }
- }
- else
- {
- return FAILED;
- }
-}
-static int lan_restrict_read_proc(char *page, char **start, off_t off,
- int count, int *eof, void *data)
-{
- int len, i ;
- len = sprintf(page, "%s\n", "lan restrict table:");
- if (len <= off+count)
- *eof = 1;
-
- for (i = 0; i < LAN_RESTRICT_PORT_NUMBER; i++)
- {
- len += sprintf(page + len, " PORT[%d] ", i);
- len += sprintf(page + len,"%6s %6d %6d ",lan_restrict_tbl[i].enable?"ON":"OFF", lan_restrict_tbl[i].max_num, lan_restrict_tbl[i].curr_num);
- len += sprintf(page + len,"\n");
- }
-
- return len;
-}
-
-static int lan_restrict_write_proc(struct file *file, const char *buffer,
- unsigned long count, void *data)
-{
- char tmpbuf[1024];
- char *entryPtr, *portnumPtr, *enablePtr, *maxnumPtr, *strptr=tmpbuf;
- int8 port, port_enable, maxnum;
-
- if (count < 2)
- return -EFAULT;
- /*
- format: entry1;entry2;entry3
- entry format: port_num enable max_num curr_num;
- port_num: 0,1,2...
- enable: on/off
- max_num: 0,1,2...
- curr_num: 0,1,2..., can not write, can only read from proc file and write again, just for display
- */
-
- memset(lan_restrict_flag,0,strlen(lan_restrict_flag));
- if (buffer && !copy_from_user(tmpbuf, buffer, count))
- {
- if(memcmp(strptr,"enable", strlen("enable")) == 0)
- {
- lan_restrict_enable();
- enable_lanrestrict = TRUE;
-/* printk("Fun[%s][%d]\n", __FUNCTION__, __LINE__);*/
- printk("enable lan restrict FUNC.....\n");
- }
- else if(memcmp(strptr,"disable", strlen("enable")) == 0)
- {
- lan_restrict_disable();
- enable_lanrestrict = FALSE;
-/* printk("Fun[%s][%d]\n", __FUNCTION__, __LINE__);*/
- printk("disable lan restrict FUNC.....\n");
- }
- else
- {
- if (lan_restrict_enable == FALSE)
- return count;
-
- /*
- format: entry1;entry2;entry3
- entry format: port_num enable max_num curr_num;
- port_num: 0,1,2...
- enable: on/off
- max_num: 0,1,2...
- curr_num: 0,1,2..., can not write, can only read from proc file and write again, just for display
- */
- entryPtr = strsep(&strptr,";");
- while (entryPtr != NULL)
- {
- /*1. port_num*/
- portnumPtr = strsep(&entryPtr," ");
- if(portnumPtr == NULL)
- {
- printk("lan restrict setting format error1\n");
- break;
- }
- port = simple_strtol(portnumPtr,NULL,0);
- printk("set port num is %d\n", port);
-
- /*2. enable or not*/
- enablePtr = strsep(&entryPtr," ");
- if(enablePtr == NULL)
- {
- printk("lan restrict setting format error2\n");
- break;
- }
- if(_strncasecmp(enablePtr,"OFF",3) == 0)
- {
- port_enable = FALSE;
- }
- else if (_strncasecmp(enablePtr,"ON",3) == 0)
- {
- port_enable = TRUE;
- }
- else
- {
- printk("lan restrict setting format error3\n");
- break;
- }
- printk("port_enable is %d\n", port_enable);
-
- /*3max num*/
- maxnumPtr = strsep(&entryPtr," ");
- if(maxnumPtr == NULL)
- {
- printk("lan restrict setting format error4\n");
- break;
- }
- maxnum = simple_strtol(maxnumPtr,NULL,0);
- printk("set max num is %d\n", maxnum);
-
- lan_restrict_tbl[port].enable = port_enable;
- lan_restrict_tbl[port].max_num = maxnum;
- /*
- set Asic
- */
- lan_restrict_set_singleport(port, port_enable, maxnum);
- }
- }
- }
-
- return count;
-}
-
-static int lan_restrict_proc_init(void)
-{
- res = create_proc_entry("lan_restrict_info",0,NULL);
- if(res)
- {
- res->read_proc = lan_restrict_read_proc;
- res->write_proc = lan_restrict_write_proc;
- lanrestrict_unRegister_event();
- lanrestrict_register_event();
- return TRUE;
- }
- return FALSE;
-}
-
-int __init lan_restrict_init(void)
-{
- lan_restrict_tbl_int();
-// dev_add_pack(&lan_restrict_packet_type);
- lan_restrict_proc_init();
- return 0;
-}
-
-
diff --git a/target/linux/realtek/files/net/rtl/features/lan_restrict.h b/target/linux/realtek/files/net/rtl/features/lan_restrict.h
deleted file mode 100644
index 0ad313b47..000000000
--- a/target/linux/realtek/files/net/rtl/features/lan_restrict.h
+++ /dev/null
@@ -1,10 +0,0 @@
-//#include <common/rtl865x_common.h>
-#include <net/rtl/rtl_types.h>
-#include <net/rtl/rtl_queue.h>
-#include <net/rtl/rtl_nic.h>
-#include <net/rtl/rtl865x_fdb_api.h>
-
-int32 lan_restrict_getBlockAddr(int32 port , const unsigned char *swap_addr);
-extern int __init lan_restrict_init(void);
-extern int lan_restrict_rcv(struct sk_buff *skb, struct net_device *dev);
-extern int32 lan_restrict_CheckStatusByport(int32 port);
diff --git a/target/linux/realtek/files/net/rtl/features/rtl_features.c b/target/linux/realtek/files/net/rtl/features/rtl_features.c
index a07cecac4..e46c3f430 100644
--- a/target/linux/realtek/files/net/rtl/features/rtl_features.c
+++ b/target/linux/realtek/files/net/rtl/features/rtl_features.c
@@ -10,7 +10,7 @@
#include <linux/ip.h>
#include <linux/tcp.h>
-#if defined(CONFIG_PROC_FS)
+#if defined(CONFIG_PROC_FS)
#include <linux/proc_fs.h>
#endif
@@ -65,11 +65,15 @@ extern int rtl865x_curOpMode;
#include <net/rtl/fastpath/fast_br.h>
#endif
+#if defined(CONFIG_BRIDGE)&&defined(CONFIG_RTL_AVOID_ADDING_WLAN_PKT_TO_HW_NAT)
+#include <bridge/br_private.h>
+#endif
+
#if defined(CONFIG_NET_SCHED)
__DRAM_GEN int gQosEnabled;
#endif
-#ifdef CONFIG_RTL_HARDWARE_NAT
+#ifdef CONFIG_RTL_HARDWARE_NAT
/*2007-12-19*/
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
#include <net/rtl/rtl865x_ip_api.h>
@@ -84,8 +88,8 @@ __DRAM_GEN int gQosEnabled;
enum LR_RESULT (*FastPath_hook4)( rtl_fp_napt_entry *fpNaptEntry)=NULL;
enum LR_RESULT (*FastPath_hook6)( rtl_fp_napt_entry *fpNaptEntry,
#if defined(IMPROVE_QOS)
- struct sk_buff *pskb, struct nf_conn *ct,
-#endif
+ struct sk_buff *pskb, struct nf_conn *ct,
+#endif
enum NP_FLAGS flags)=NULL;
enum LR_RESULT (*FastPath_hook11)(rtl_fp_napt_entry *fpNaptEntry, uint32 interval)=NULL;
int (*fast_path_hook)(struct sk_buff **pskb) = NULL;
@@ -96,16 +100,18 @@ EXPORT_SYMBOL(fast_path_hook);
#endif
#ifdef FAST_PPTP
- void (*sync_tx_pptp_gre_seqno_hook)(struct sk_buff *skb) = NULL;
+ void (*sync_tx_pptp_gre_seqno_hook)(struct sk_buff *skb) = NULL;
#ifdef CONFIG_FAST_PATH_MODULE
EXPORT_SYMBOL(sync_tx_pptp_gre_seqno_hook);
#endif
#endif
+int routerTypeFlag = 0;
+
#if defined(CONFIG_RTL_HARDWARE_NAT)
__DRAM_GEN int gHwNatEnabled;
-int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
+int32 rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
{
struct nf_conn_nat *nat;
u_int32_t sip, dip, gip;
@@ -121,13 +127,15 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
#if defined(CONFIG_RTL_LAYERED_DRIVER_L4)
rtl865x_napt_entry rtl865xNaptEntry;
rtl865x_priority rtl865xPrio;
+ #if defined(CONFIG_RTL_HW_QOS_SUPPORT)
rtl865x_qos_mark rtl865xQosMark;
+ #endif
#endif
if (gHwNatEnabled!=1)
return -1;
- proto = (ct->tuplehash[0].tuple.dst.protonum==IPPROTO_TCP)? 1: 0;
+ proto = (ct->tuplehash[0].tuple.dst.protonum==IPPROTO_TCP)?RTL865X_PROTOCOL_TCP:RTL865X_PROTOCOL_UDP;
if (ct->status & IPS_SRC_NAT)
{ /* outbound flow */
@@ -137,7 +145,7 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
sp = (proto)? ct->tuplehash[0].tuple.src.u.tcp.port: ct->tuplehash[0].tuple.src.u.udp.port;
dp = (proto)? ct->tuplehash[0].tuple.dst.u.tcp.port: ct->tuplehash[0].tuple.dst.u.udp.port;
gp = (proto)? ct->tuplehash[1].tuple.dst.u.tcp.port: ct->tuplehash[1].tuple.dst.u.udp.port;
- }
+ }
else if (ct->status & IPS_DST_NAT)
{ /* inbound flow */
sip = ct->tuplehash[1].tuple.src.u3.ip;
@@ -147,7 +155,7 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
dp = (proto)? ct->tuplehash[1].tuple.dst.u.tcp.port: ct->tuplehash[1].tuple.dst.u.udp.port;
gp = (proto)? ct->tuplehash[0].tuple.dst.u.tcp.port: ct->tuplehash[0].tuple.dst.u.udp.port;
}
- else
+ else
return -1;
/* do not add hardware NAPT table if protocol is UDP and source IP address is equal to gateway IP address */
@@ -170,13 +178,10 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
rtl865xNaptEntry.extPort=gp;
rtl865xNaptEntry.remIp=dip;
rtl865xNaptEntry.remPort=dp;
-
+
timeval = rtl865x_naptSync(&rtl865xNaptEntry, 0);
#endif
- if (timeval > 0)
- return 0;
- else
- return -1;
+ return timeval;
}
else if (act == 0) {
/* delete */
@@ -189,7 +194,7 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
rtl865xNaptEntry.extPort=gp;
rtl865xNaptEntry.remIp=dip;
rtl865xNaptEntry.remPort=dp;
-
+
rc = rtl865x_delNaptConnection(&rtl865xNaptEntry);
#endif
}
@@ -265,11 +270,11 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
#ifdef CONFIG_HARDWARE_NAT_DEBUG
/*2007-12-19*/
DEBUGP("%s:%d:(%s): errno=%d\n %s (%u.%u.%u.%u:%u -> %u.%u.%u.%u:%u) g:(%u.%u.%u.%u:%u)\n",
- __FUNCTION__,__LINE__,((is_add)?"add_nat": "del_nat"), rc, ((proto)? "tcp": "udp"),
- NIPQUAD(sip), sp, NIPQUAD(dip), dp, NIPQUAD(gip), gp);
+ __FUNCTION__,__LINE__,((is_add)?"add_nat": "del_nat"), rc, ((proto)? "tcp": "udp"),
+ NIPQUAD(sip), sp, NIPQUAD(dip), dp, NIPQUAD(gip), gp);
#endif
- return 0;
+ return 0;
}
/* return value:
@@ -278,23 +283,24 @@ int rtl865x_handle_nat(struct nf_conn *ct, int act, struct sk_buff *skb)
*/
int rtl_hwnat_timer_update(struct nf_conn *ct)
{
- unsigned long expires, now;
+ unsigned long expires, now, elasped;
struct nf_conn_nat *nat;
if (gHwNatEnabled!=1)
return FAILED;
-
- nat = nfct_nat(ct);
+
+ nat = nfct_nat(ct);
if (nat==NULL || nat->hw_acc!=1)
return FAILED;
-
+
now = jiffies;
//read_lock_bh(&nf_conntrack_lock);
if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum == IPPROTO_UDP) {
- if(ct->status & IPS_SEEN_REPLY)
+ if(ct->status & IPS_SEEN_REPLY) {
expires = nf_ct_udp_timeout_stream;
- else
- expires = nf_ct_udp_timeout;
+ } else {
+ expires = nf_ct_udp_timeout;
+ }
} else if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum == IPPROTO_TCP &&
ct->proto.tcp.state < TCP_CONNTRACK_LAST_ACK) {
expires = tcp_get_timeouts_by_state(ct->proto.tcp.state);
@@ -303,45 +309,67 @@ int rtl_hwnat_timer_update(struct nf_conn *ct)
return FAILED;
}
//read_unlock_bh(&nf_conntrack_lock);
-
- if (!rtl865x_handle_nat(ct, 2, NULL)) {
+
+ elasped = rtl865x_handle_nat(ct, 2, NULL);
+ if (elasped>=0 && (elasped*HZ)<expires) {
/* update ct expires time */
- ct->timeout.expires = now+expires;
- rtl_check_for_acc(ct, (now+expires));
+ ct->timeout.expires = now+(expires-(elasped*HZ));
+ rtl_check_for_acc(ct, ct->timeout.expires);
return SUCCESS;
- } else
+ } else {
return FAILED;
+ }
}
#endif
-
-#if defined(CONFIG_RTL_IPTABLES_FAST_PATH) || defined(CONFIG_RTL_HARDWARE_NAT)
-int smart_count=0;
-unsigned long smart_count_start_timer;
-unsigned int _br0_ip;
-unsigned int _br0_mask;
-static void get_br0_ip_mask(void)
+int get_dev_ip_mask(const char * name, unsigned int *ip, unsigned int *mask)
{
- struct in_device *in_dev;
+ struct in_device *in_dev;
struct net_device *landev;
struct in_ifaddr *ifap = NULL;
- if ((landev = __dev_get_by_name(&init_net, RTL_PS_BR0_DEV_NAME)) != NULL){
+ if((name == NULL) || (ip==NULL) || (mask == NULL))
+ {
+ return -1;
+ }
+
+ if ((landev = __dev_get_by_name(&init_net, name)) != NULL)
+ {
in_dev=(struct in_device *)(landev->ip_ptr);
- if (in_dev != NULL) {
- for (ifap=in_dev->ifa_list; ifap != NULL; ifap=ifap->ifa_next) {
- if (strcmp(RTL_PS_BR0_DEV_NAME, ifap->ifa_label) == 0){
- _br0_ip = ifap->ifa_address;
- _br0_mask = ifap->ifa_mask;
- return;
+ if (in_dev != NULL)
+ {
+ for (ifap=in_dev->ifa_list; ifap != NULL; ifap=ifap->ifa_next)
+ {
+ if (strcmp(name, ifap->ifa_label) == 0)
+ {
+ *ip = ifap->ifa_address;
+ *mask = ifap->ifa_mask;
+ return 0;
}
}
-
+
}
- }
+ }
+
+ return -1;
}
+
+#if defined(CONFIG_RTL_IPTABLES_FAST_PATH) || defined(CONFIG_RTL_HARDWARE_NAT) || defined(CONFIG_RTL_WLAN_DOS_FILTER)
+unsigned int _br0_ip;
+unsigned int _br0_mask;
+static void get_br0_ip_mask(void)
+{
+
+ get_dev_ip_mask(RTL_PS_BR0_DEV_NAME, &_br0_ip, &_br0_mask);
+}
+#endif
+
+#if defined(CONFIG_RTL_IPTABLES_FAST_PATH) || defined(CONFIG_RTL_HARDWARE_NAT)
+int smart_count=0;
+unsigned long smart_count_start_timer;
+
/* return value:
FAILED: ct should be delete
SUCCESS: ct should NOT be delete.
@@ -352,10 +380,13 @@ void rtl_delConnCache(struct nf_conn *ct)
enum NP_PROTOCOL protocol;
rtl_fp_napt_entry rtlFpNaptEntry;
#endif
- #ifdef CONFIG_RTL_HARDWARE_NAT
+ #ifdef CONFIG_RTL_HARDWARE_NAT
struct nf_conn_nat *nat;
#endif
-
+#if defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW)
+ if (ct->removed == 1) // this ct's fastpath entry was already deleted.
+ return;
+#endif
if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum == IPPROTO_TCP) {
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
protocol = NP_TCP;
@@ -377,7 +408,7 @@ void rtl_delConnCache(struct nf_conn *ct)
#endif
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
- if(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
+ if(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip) {
/*case WAN->LAN(BC->AB) use C|A-B*/
@@ -388,16 +419,16 @@ void rtl_delConnCache(struct nf_conn *ct)
rtlFpNaptEntry.extPort=ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all);
rtlFpNaptEntry.remIp=ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
rtlFpNaptEntry.remPort=ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.all);
-
+
#ifdef CONFIG_FAST_PATH_MODULE
if(FastPath_hook4!=NULL)
{
- FastPath_hook4(&rtlFpNaptEntry) ;
+ FastPath_hook4(&rtlFpNaptEntry) ;
}
#else
- rtk_delNaptConnection(&rtlFpNaptEntry) ;
+ rtk_delNaptConnection(&rtlFpNaptEntry) ;
#endif
- } else if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
+ } else if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip) {
/*case LAN->WAN(AB->BC) use A|C-B*/
@@ -408,7 +439,7 @@ void rtl_delConnCache(struct nf_conn *ct)
rtlFpNaptEntry.extPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.all);
rtlFpNaptEntry.remIp=ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
rtlFpNaptEntry.remPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all);
-
+
#ifdef CONFIG_FAST_PATH_MODULE
if(FastPath_hook4!=NULL)
{
@@ -419,6 +450,10 @@ void rtl_delConnCache(struct nf_conn *ct)
#endif
}
#endif
+
+#if defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW)
+ ct->removed = 1; // set this ct has delete fastpath entry
+#endif
spin_unlock_bh(&nf_conntrack_lock);
}
@@ -453,7 +488,7 @@ int32 rtl_connCache_timer_update(struct nf_conn *ct)
spin_lock_bh(&nf_conntrack_lock);
if (time_after_eq(jiffies, ct->timeout.expires)) {
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
- if (SUCCESS==rtl_fpTimer_update(ct)) {
+ if (SUCCESS==rtl_fpTimer_update((void*)ct)) {
add_timer(&ct->timeout);
spin_unlock_bh(&nf_conntrack_lock);
return SUCCESS;
@@ -472,14 +507,14 @@ int32 rtl_connCache_timer_update(struct nf_conn *ct)
return FAILED;
}
-#if defined(IMPROVE_QOS)
+#if defined(IMPROVE_QOS)
/*
* ### for iperf application test ###
* the behavior of iperf UDP test is LAN PC (client) will burst UDP from LAN to WAN (by one way),
* WAN PC (server) will only send one UDP packet (statistics) at the end of test.
* so the fastpath or hardware NAT will create link at the end of test.
*
- * the purpose for adding the following code is to create fastpath or hardware NAT link
+ * the purpose for adding the following code is to create fastpath or hardware NAT link
* when we only get one packet from LAN to WAN in UDP case.
*/
static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, struct sk_buff *skb)
@@ -495,17 +530,17 @@ static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, stru
sip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
dip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
create_conn = FALSE;
-
- if (((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
+
+ if (((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip) ||
- (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
+ (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip))
#if defined(UNNUMBER_IP)
&& (is_unnumber_ip(dip)==FALSE)
#endif
) {
/* UDP and "LAN to WAN" */
- /* ignore some cases:
+ /* ignore some cases:
* 1. sip = br0's ip -----> (ex. sip 192.168.1.254 ==> dip 239.255.255.250)
* 2. (sip & br0's mask) != (br0's ip & br0's mask) -----> sip is not in br0's subnet
* 3. (dip & br0's mask) = (br0's ip & br0's mask) -----> dip is in br0's subnet
@@ -513,7 +548,7 @@ static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, stru
* 5. sip != gip
*/
if (iph->protocol == IPPROTO_UDP) {
- if ((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
+ if ((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip)&&
(sip != _br0_ip) &&
((sip & _br0_mask) == (_br0_ip & _br0_mask)) &&
@@ -521,7 +556,7 @@ static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, stru
((dip & 0xf0000000) != 0xe0000000) &&
(sip != (ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip))) {
create_conn = TRUE;
- } else if ((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
+ } else if ((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip)&&
((sip & _br0_mask) != (_br0_ip & _br0_mask))&&
((dip & _br0_mask) == (_br0_ip & _br0_mask))&&
@@ -530,28 +565,38 @@ static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, stru
}
} else if (iph->protocol == IPPROTO_TCP) {
tcph=(void *) iph + iph->ihl*4;
- if (!tcph->fin && !tcph->syn && !tcph->rst && tcph->psh==1 &&
- tcph->ack ==1 &&
+ if (!tcph->fin && !tcph->syn && !tcph->rst &&
+ #if !defined(CONFIG_RTL_URL_PATCH)
+ tcph->psh==1 &&
+ #endif
+ tcph->ack ==1 &&
(((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip==ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip) &&
(iph->daddr !=_br0_ip) && ((sip & _br0_mask) == (_br0_ip & _br0_mask)) &&
((dip & _br0_mask) != (_br0_ip & _br0_mask)) && (sip != (ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip)))||
((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip==ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip) &&
- ((sip & _br0_mask) != (_br0_ip & _br0_mask)) &&
+ ((sip & _br0_mask) != (_br0_ip & _br0_mask)) &&
((dip & _br0_mask) == (_br0_ip & _br0_mask))&& (sip == iph->saddr)))) {
- if (smart_count==0) {
- smart_count_start_timer = jiffies+HZ;
- }
-
+ #if defined(CONFIG_RTL_URL_PATCH)
+ if((ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all) == URL_PROTO_PORT) ||
+ ((ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all) != URL_PROTO_PORT) &&
+ (tcph->psh==1)))
+ #endif
+ {
+ if (smart_count==0) {
+ smart_count_start_timer = jiffies+HZ;
+ }
+
if (time_after(jiffies, smart_count_start_timer)) {
smart_count_start_timer = jiffies+HZ;
smart_count=0;
}
- smart_count++;
- if(smart_count >810){
- //panic_printk("the case hit for mart flow:tcp state=%d, assured=%d\n",ct->proto.tcp.state,test_bit(IPS_ASSURED_BIT, &ct->status));
- create_conn=TRUE;
+ smart_count++;
+ if(smart_count >810){
+ //panic_printk("the case hit for mart flow:tcp state=%d, assured=%d\n",ct->proto.tcp.state,test_bit(IPS_ASSURED_BIT, &ct->status));
+ create_conn=TRUE;
+ }
}
}
} else {
@@ -559,8 +604,8 @@ static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, stru
}
#if defined(UNNUMBER_IP)
- if ((!create_conn)
- && (is_unnumber_ip(sip)==TRUE))
+ if ((!create_conn)
+ && (is_unnumber_ip(sip)==TRUE))
){
create_conn = TRUE;
}
@@ -570,6 +615,70 @@ static inline int32 rtl_addConnCheck(struct nf_conn *ct, struct iphdr *iph, stru
return create_conn;
}
+#if defined(CONFIG_RTL_AVOID_ADDING_WLAN_PKT_TO_HW_NAT)
+static int rtl_isWlanPkt(struct nf_conn *ct)
+{
+ int ret = FALSE;
+
+#if defined(CONFIG_BRIDGE)
+ struct net_device *lan_dev = __dev_get_by_name(&init_net, RTL_PS_BR0_DEV_NAME);
+ struct net_bridge *br = netdev_priv(lan_dev);
+ struct net_bridge_fdb_entry *dst;
+ unsigned char Mac[6];
+ __be32 intIp;
+
+ if(ct->status & IPS_SRC_NAT){
+ intIp = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
+ }else if(ct->status & IPS_DST_NAT){
+ intIp = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
+ }
+
+ if((intIp & _br0_mask) == (_br0_ip & _br0_mask)){
+ if(arp_req_get_ha(intIp, lan_dev, Mac)==0){
+ if((dst = __br_fdb_get(br, Mac))!=NULL){
+ if(!memcmp(dst->dst->dev->name, "wlan", strlen("wlan")))
+ return TRUE;
+ }
+ }
+ }
+
+#endif
+
+ return ret;
+}
+
+
+static int rtl_checkLanIp(struct nf_conn *ct)
+{
+
+ __be32 lanIp=0;
+
+ if(ct->status & IPS_SRC_NAT)
+ {
+ lanIp = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
+ }
+ else if(ct->status & IPS_DST_NAT)
+ {
+ lanIp = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
+ }
+ else
+ {
+ return FAILED;
+ }
+
+
+ if(rtl865x_isEthArp(lanIp)==TRUE)
+ {
+
+ return SUCCESS;
+ }
+
+
+ return FAILED;
+}
+
+#endif
+
void rtl_addConnCache(struct nf_conn *ct, struct sk_buff *skb)
{
int assured;
@@ -586,16 +695,16 @@ void rtl_addConnCache(struct nf_conn *ct, struct sk_buff *skb)
iph=ip_hdr(skb);
if (iph->protocol== IPPROTO_TCP) {
assured = ((ct->proto.tcp.state==TCP_CONNTRACK_ESTABLISHED)&&
- (test_bit(IPS_DST_NAT_DONE_BIT, &ct->status) ||
+ (test_bit(IPS_DST_NAT_DONE_BIT, &ct->status) ||
test_bit(IPS_SRC_NAT_DONE_BIT, &ct->status)));
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
protocol = NP_TCP;
#endif
} else if (iph->protocol== IPPROTO_UDP) {
- assured = (test_bit(IPS_DST_NAT_DONE_BIT, &ct->status) ||
+ assured = (test_bit(IPS_DST_NAT_DONE_BIT, &ct->status) ||
test_bit(IPS_SRC_NAT_DONE_BIT, &ct->status));
-
+
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
protocol = NP_UDP;
#endif
@@ -603,23 +712,28 @@ void rtl_addConnCache(struct nf_conn *ct, struct sk_buff *skb)
return;
}
-
+
+#if defined(CONFIG_RTL_URL_PATCH)
+ if((protocol == NP_TCP)&&(ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all) == URL_PROTO_PORT)&&assured)
+ assured = 0;
+#endif
+
if (!assured) {
create_conn = rtl_addConnCheck(ct, iph, skb);
} else
create_conn = 0;
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
- /*1.add "!(ct->helper)" to fix ftp-cmd type packet
- 2.add identify case LAN->WAN(AB->BC) or WAN->LAN(BC->AB)
+ /*1.add "!(ct->helper)" to fix ftp-cmd type packet
+ 2.add identify case LAN->WAN(AB->BC) or WAN->LAN(BC->AB)
3.add !(ct->nat.info.helper) for best ALG avoid
*/
if (assured || create_conn) {
- if(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
+ if(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip) {
/*case BC->AB*/
/* wan->lan */
-
+
rtlFpNaptEntry.protocol=protocol;
rtlFpNaptEntry.intIp=ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
rtlFpNaptEntry.intPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all);
@@ -627,20 +741,20 @@ void rtl_addConnCache(struct nf_conn *ct, struct sk_buff *skb)
rtlFpNaptEntry.extPort=ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all);
rtlFpNaptEntry.remIp=ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
rtlFpNaptEntry.remPort=ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.all);
-
+
#ifdef CONFIG_FAST_PATH_MODULE
if(FastPath_hook6!=NULL)
{
FastPath_hook6(&rtlFpNaptEntry,
- skb, ct,
- NP_NONE);
+ skb, ct,
+ NP_NONE);
}
#else
rtk_addNaptConnection(&rtlFpNaptEntry,
- skb, ct,
- NP_NONE);
+ (void *)skb, (void*)ct,
+ NP_NONE);
#endif
- } else if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
+ } else if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip) {
/*case AB->BC*/
/* lan->wan */
@@ -652,17 +766,17 @@ void rtl_addConnCache(struct nf_conn *ct, struct sk_buff *skb)
rtlFpNaptEntry.extPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.all);
rtlFpNaptEntry.remIp=ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
rtlFpNaptEntry.remPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all);
-
+
#ifdef CONFIG_FAST_PATH_MODULE
if(FastPath_hook6!=NULL)
{
FastPath_hook6(&rtlFpNaptEntry,
- skb, ct,
+ skb, ct,
NP_NONE);
}
#else
rtk_addNaptConnection(&rtlFpNaptEntry,
- skb, ct,
+ skb, ct,
NP_NONE);
#endif
}
@@ -675,18 +789,32 @@ void rtl_addConnCache(struct nf_conn *ct, struct sk_buff *skb)
if (assured || create_conn)
#endif
{
+ #if defined(CONFIG_RTL_AVOID_ADDING_WLAN_PKT_TO_HW_NAT)
+ //if(rtl_isWlanPkt(ct) == TRUE)
+ // return;
+ if(rtl_checkLanIp(ct)==SUCCESS)
+ {
+ rtl865x_handle_nat(ct, 1, skb);
+ }
+ #else
rtl865x_handle_nat(ct, 1, skb);
+ #endif
+
}
#endif
}
-#else /* !defined(IMPROVE_QOS) */
+
+#endif /* defined(IMPROVE_QOS) */
+
+#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
+#if !defined(IMPROVE_QOS) ||defined(CONFIG_RTL_ROUTER_FAST_PATH)
/*
* ### for iperf application test ###
* the behavior of iperf UDP test is LAN PC (client) will burst UDP from LAN to WAN (by one way),
* WAN PC (server) will only send one UDP packet (statistics) at the end of test.
* so the fastpath or hardware NAT will create link at the end of test.
*
- * the purpose for adding the following code is to create fastpath or hardware NAT link
+ * the purpose for adding the following code is to create fastpath or hardware NAT link
* when we only get one packet from LAN to WAN in UDP case.
*/
static int32 rtl_fpAddConnCheck(struct nf_conn *ct, struct iphdr *iph, struct sk_buff *skb)
@@ -700,8 +828,8 @@ static int32 rtl_fpAddConnCheck(struct nf_conn *ct, struct iphdr *iph, struct sk
sip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
dip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
create_conn = FALSE;
-
- if ((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
+
+ if ((ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
== ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip)
#if defined(UNNUMBER_IP)
&& (is_unnumber_ip(dip)==FALSE)
@@ -710,10 +838,12 @@ static int32 rtl_fpAddConnCheck(struct nf_conn *ct, struct iphdr *iph, struct sk
/* lan -> wan */
if (iph->protocol == IPPROTO_UDP &&
(sip != _br0_ip) &&
- ((sip & _br0_mask) == (_br0_ip & _br0_mask)) &&
- ((dip & _br0_mask) != (_br0_ip & _br0_mask)) &&
+ ((((sip & _br0_mask) == (_br0_ip & _br0_mask)) &&
+ ((dip & _br0_mask) != (_br0_ip & _br0_mask))) ||
+ (((sip & _br0_mask) != (_br0_ip & _br0_mask))&&
+ ((dip & _br0_mask) == (_br0_ip & _br0_mask))))&&
(!IS_CLASSD_ADDR(dip)) &&
- (sip != (ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip))
+ ((routerTypeFlag == 1) ||(sip != (ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip)))
) {
create_conn = TRUE;
/* copied from last 2 line of this function **/
@@ -724,14 +854,18 @@ static int32 rtl_fpAddConnCheck(struct nf_conn *ct, struct iphdr *iph, struct sk
set_bit(IPS_ASSURED_BIT, &ct->status);
} else if (iph->protocol == IPPROTO_TCP) {
tcph=(void *) iph + iph->ihl*4;
- if (!tcph->fin && !tcph->syn && !tcph->rst && tcph->psh==1 &&
- tcph->ack ==TRUE && (iph->daddr !=_br0_ip) && ((sip & _br0_mask) == (_br0_ip & _br0_mask)) &&
- ((dip & _br0_mask) != (_br0_ip & _br0_mask)) && (sip != (ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip))) {
-
+ if (!tcph->fin && !tcph->syn && !tcph->rst && tcph->psh==1 &&
+ tcph->ack ==TRUE && (iph->daddr !=_br0_ip) &&
+ ((((sip & _br0_mask) == (_br0_ip & _br0_mask)) &&
+ ((dip & _br0_mask) != (_br0_ip & _br0_mask))) ||
+ (((sip & _br0_mask) != (_br0_ip & _br0_mask))&&
+ ((dip & _br0_mask) == (_br0_ip & _br0_mask))))&&
+ ((routerTypeFlag == 1) || (sip != (ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip)))
+ ) {
if (smart_count==0) {
smart_count_start_timer = jiffies+HZ;
}
-
+
if (time_after(jiffies, smart_count_start_timer)) {
smart_count_start_timer = jiffies+HZ;
smart_count=0;
@@ -748,8 +882,8 @@ static int32 rtl_fpAddConnCheck(struct nf_conn *ct, struct iphdr *iph, struct sk
}
#if defined(UNNUMBER_IP)
- if ((!create_conn)
- && (is_unnumber_ip(sip)==TRUE))
+ if ((!create_conn)
+ && (is_unnumber_ip(sip)==TRUE))
){
create_conn = TRUE;
}
@@ -769,13 +903,13 @@ void rtl_fpAddConnCache(struct nf_conn *ct, struct sk_buff *skb)
if (nfct_help(ct))
return;
-
+
iph=ip_hdr(skb);
create_conn = rtl_fpAddConnCheck(ct, iph, skb);
assured = test_bit(IPS_ASSURED_BIT, &ct->status);
-
- /*1.add "!(ct->helper)" to fix ftp-cmd type packet
- 2.add identify case LAN->WAN(AB->BC) or WAN->LAN(BC->AB)
+
+ /*1.add "!(ct->helper)" to fix ftp-cmd type packet
+ 2.add identify case LAN->WAN(AB->BC) or WAN->LAN(BC->AB)
3.add !(ct->nat.info.helper) for best ALG avoid
*/
@@ -787,8 +921,13 @@ void rtl_fpAddConnCache(struct nf_conn *ct, struct sk_buff *skb)
protocol = NP_UDP;
}
- if(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip
- == ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip) {
+
+#if !defined(IMPROVE_QOS)
+ if(((!rtl_isRouterType(ct)) && rtl_isNatTypeWantoLan(ct)) ||rtl_isRouterTypeWantoLan(ct))
+#else
+ if(rtl_isRouterTypeWantoLan(ct))
+#endif
+ {
/*case BC->AB*/
/* wan->lan */
@@ -799,19 +938,30 @@ void rtl_fpAddConnCache(struct nf_conn *ct, struct sk_buff *skb)
rtlFpNaptEntry.extPort=ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all);
rtlFpNaptEntry.remIp=ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
rtlFpNaptEntry.remPort=ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.all);
-
+
#ifdef CONFIG_FAST_PATH_MODULE
if(FastPath_hook6!=NULL)
{
FastPath_hook6(&rtlFpNaptEntry,
- NP_NONE);
+ #if defined(IMPROVE_QOS)
+ skb, ct,
+ #endif
+ NP_NONE);
}
#else
rtk_addNaptConnection(&rtlFpNaptEntry,
- NP_NONE);
+ #if defined(IMPROVE_QOS)
+ (void*)skb, (void*)ct,
+ #endif
+ NP_NONE);
#endif
- } else if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip
- == ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip) {
+ }
+#if !defined(IMPROVE_QOS)
+ else if(((!rtl_isRouterType(ct)) && rtl_isNatTypeLantoWan(ct)) ||rtl_isRouterTypeLantoWan(ct))
+#else
+ else if(rtl_isRouterTypeLantoWan(ct))
+#endif
+ {
/*case AB->BC*/
/* lan->wan */
@@ -822,15 +972,21 @@ void rtl_fpAddConnCache(struct nf_conn *ct, struct sk_buff *skb)
rtlFpNaptEntry.extPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.all);
rtlFpNaptEntry.remIp=ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
rtlFpNaptEntry.remPort=ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all);
-
+
#ifdef CONFIG_FAST_PATH_MODULE
if(FastPath_hook6!=NULL)
{
FastPath_hook6(&rtlFpNaptEntry,
+ #if defined(IMPROVE_QOS)
+ skb, ct,
+ #endif
NP_NONE);
}
#else
rtk_addNaptConnection(&rtlFpNaptEntry,
+ #if defined(IMPROVE_QOS)
+ skb, ct,
+ #endif
NP_NONE);
#endif
}
@@ -838,10 +994,11 @@ void rtl_fpAddConnCache(struct nf_conn *ct, struct sk_buff *skb)
}
#endif /* defined(IMPROVE_QOS) */
-
#endif
+#endif
+
-#if defined(CONFIG_PROC_FS) && defined(CONFIG_RTL_HARDWARE_NAT )
+#if defined(CONFIG_PROC_FS) && defined(CONFIG_RTL_HARDWARE_NAT)
static struct proc_dir_entry *proc_hw_nat=NULL;
static char gHwNatSetting[16];
//extern unsigned int ldst, lmask, wdst, wmask;
@@ -864,18 +1021,24 @@ static int hw_nat_read_proc(char *page, char **start, off_t off,
static int hw_nat_write_proc(struct file *file, const char *buffer,
unsigned long count, void *data)
{
- if (count < 2)
+ if (count < 2)
return -EFAULT;
if (buffer && !copy_from_user(&gHwNatSetting, buffer, 8)) {
- if (gHwNatSetting[0] == '0') { /* hardware NAT disabled, operation mode = gateway */
+ if ((gHwNatSetting[0] == '-')&&(gHwNatSetting[1] == '1') ) { /* hardware NAT disabled, operation mode = gateway */
gHwNatEnabled = 0;
- rtl865x_nat_reinit();
+ rtl865x_nat_reinit();
rtl865x_reChangeOpMode();
//rtl8651_setAsicOperationLayer(4);
}
+ else if (gHwNatSetting[0] == '0') { /* hardware NAT disabled, operation mode = gateway */
+ gHwNatEnabled = 0;
+ rtl865x_nat_reinit();
+ rtl865x_changeOpMode(GATEWAY_MODE);
+ //rtl8651_setAsicOperationLayer(4);
+ }
else if (gHwNatSetting[0] == '1') { /* hardware NAT enabled, operation mode = gateway */
-
+
rtl865x_changeOpMode(GATEWAY_MODE);
//rtl8651_setAsicOperationLayer(4);
gHwNatEnabled = 1;
@@ -902,14 +1065,22 @@ static int hw_nat_write_proc(struct file *file, const char *buffer,
else if (gHwNatSetting[0] == '9') {
get_br0_ip_mask();
}
+ else if(gHwNatSetting[0] == '7'){
+ routerTypeFlag = 1;
+ }
#endif
+
+ if((count>0)&& (count<sizeof(gHwNatSetting)))
+ {
+ gHwNatSetting[count]=0;
+ }
return count;
}
return -EFAULT;
}
#endif
-#if defined(CONFIG_RTL_819X) && (defined(CONFIG_PROC_FS) && !defined(CONFIG_RTL_HARDWARE_NAT))
+#if defined(CONFIG_RTL_819X_SWCORE) && (defined(CONFIG_PROC_FS) && !defined(CONFIG_RTL_HARDWARE_NAT))
static struct proc_dir_entry *proc_sw_nat=NULL;
static char gSwNatSetting[16];
@@ -931,9 +1102,9 @@ static int sw_nat_read_proc(char *page, char **start, off_t off,
static int sw_nat_write_proc(struct file *file, const char *buffer,
unsigned long count, void *data)
{
- if (count < 2)
+ if (count < 2)
return -EFAULT;
-
+
if (buffer && !copy_from_user(&gSwNatSetting, buffer, 8)) {
if (gSwNatSetting[0] == '0'){ /* operation mode = GATEWAY */
//SoftNAT_OP_Mode(2);
@@ -949,18 +1120,33 @@ static int sw_nat_write_proc(struct file *file, const char *buffer,
rtl865x_changeOpMode(WISP_MODE);
//rtl8651_setAsicOperationLayer(2);
}
-#if defined(CONFIG_RTL_HARDWARE_NAT) || defined(CONFIG_RTL_IPTABLES_FAST_PATH)
+#if defined(CONFIG_RTL_HARDWARE_NAT) || defined(CONFIG_RTL_IPTABLES_FAST_PATH) || defined(CONFIG_RTL_WLAN_DOS_FILTER)
else if(gSwNatSetting[0] == '9'){
get_br0_ip_mask();
}
+ else if(gSwNatSetting[0] == '7'){
+ routerTypeFlag = 1;
+ }
#endif
+
+#ifdef CONFIG_RTL_WLAN_DOS_FILTER
+ else if(gSwNatSetting[0] == 'a') {
+ extern int wlan_dos_filter_enabled;
+ wlan_dos_filter_enabled = 0;
+ }
+ else if(gSwNatSetting[0] == 'b') {
+ extern int wlan_dos_filter_enabled;
+ wlan_dos_filter_enabled = 1;
+ }
+#endif
+
return count;
}
return -EFAULT;
}
#endif /* defined(CONFIG_RTL_819X) && (defined(CONFIG_PROC_FS) && !defined(CONFIG_RTL_HARDWARE_NAT)) */
-#if defined(CONFIG_RTL_819X)
+#if defined(CONFIG_RTL_819X_SWCORE)
int32 rtl_nat_init(void)
{
#if defined(CONFIG_PROC_FS) && defined(CONFIG_RTL_HARDWARE_NAT)
@@ -968,9 +1154,8 @@ int32 rtl_nat_init(void)
if (proc_hw_nat) {
proc_hw_nat->read_proc = hw_nat_read_proc;
proc_hw_nat->write_proc = hw_nat_write_proc;
- }
+ }
#endif
-
#if defined(CONFIG_PROC_FS) && !defined(CONFIG_RTL_HARDWARE_NAT)
proc_sw_nat = create_proc_entry("sw_nat", 0, NULL);
if (proc_sw_nat) {
@@ -992,7 +1177,7 @@ extern int rtl865x_curOpMode;
struct net_device *rtl865x_getWanDev(void )
{
struct net_device * wanDev=NULL;
-
+
if(rtl865x_curOpMode==GATEWAY_MODE)
{
#if defined(CONFIG_RTL_PUBLIC_SSID)
@@ -1005,7 +1190,7 @@ struct net_device *rtl865x_getWanDev(void )
//Try eth1 then
wanDev=dev_get_by_name(&init_net,RTL_PS_WAN0_DEV_NAME);
}
-#endif
+#endif
}
else if(rtl865x_curOpMode==WISP_MODE)
{
@@ -1021,9 +1206,9 @@ struct net_device *rtl865x_getWanDev(void )
wanDev=dev_get_by_name(&init_net,RTL_BR_WAN_DEVICE_NAME);
#else
wanDev=dev_get_by_name(&init_net,RTL_PS_BR0_DEV_NAME);
-#endif
+#endif
}
-
+
return wanDev;
}
@@ -1043,7 +1228,7 @@ int rtl865x_attainDevType(unsigned char *devName, unsigned int *isLanDev, unsign
if(rtl865x_curOpMode==GATEWAY_MODE)
{
#if defined(CONFIG_RTL_PUBLIC_SSID)
- if(strncmp(devName, RTL_PS_WAN0_DEV_NAME, 4) ==0 || strncmp(devName, RTL_GW_WAN_DEVICE_NAME, 3) ==0 ||
+ if(strncmp(devName, RTL_PS_WAN0_DEV_NAME, 4) ==0 || strncmp(devName, RTL_GW_WAN_DEVICE_NAME, 3) ==0 ||
rtl865x_from_public_ssid_device(devName)
)
#else
@@ -1052,8 +1237,8 @@ int rtl865x_attainDevType(unsigned char *devName, unsigned int *isLanDev, unsign
{
*isWanDev=1;
}
- else if( (strncmp(devName, RTL_PS_BR0_DEV_NAME, 3) ==0)||
- (strncmp(devName, RTL_PS_ETH_NAME, 3) ==0) ||
+ else if( (strncmp(devName, RTL_PS_BR0_DEV_NAME, 3) ==0)||
+ (strncmp(devName, RTL_PS_ETH_NAME, 3) ==0) ||
(strncmp(devName, RTL_PS_WLAN_NAME, 4) ==0))
{
*isLanDev=1;
@@ -1062,7 +1247,7 @@ int rtl865x_attainDevType(unsigned char *devName, unsigned int *isLanDev, unsign
{
return -1;
}
-
+
}
else if(rtl865x_curOpMode==WISP_MODE)
{
@@ -1097,7 +1282,7 @@ int rtl865x_attainDevType(unsigned char *devName, unsigned int *isLanDev, unsign
{
return -1;
}
-
+
return 0;
}
#endif
@@ -1107,12 +1292,12 @@ int rtl865x_localPublicRx(struct sk_buff *skb)
{
struct rtl865x_pktInfo pktInfo;
unsigned int rxFromLan, rxFromWan;
-
+
if(rtl865x_localPublicEnabled() ==0)
{
goto end_of_local_public_rx;
}
-
+
if(rtl865x_attainDevType(skb->dev->name, &rxFromLan, &rxFromWan))
{
return NET_RX_SUCCESS;
@@ -1126,10 +1311,10 @@ int rtl865x_localPublicRx(struct sk_buff *skb)
#if 0
printk("%s:%d,skb->dev->name is %s,rxFromLan is %d,rxFromWan is %d\n",__FUNCTION__,__LINE__,skb->dev->name,rxFromLan,rxFromWan);
printk("EtherType: 0x%x\n", *((uint16*)&skb->mac.raw[12]));
- printk("%x:%x:%x:%x:%x:%x ==> %x:%x:%x:%x:%x:%x \n\n",
+ printk("%x:%x:%x:%x:%x:%x ==> %x:%x:%x:%x:%x:%x \n\n",
skb->mac.raw[6], skb->mac.raw[7], skb->mac.raw[8],
- skb->mac.raw[9], skb->mac.raw[10], skb->mac.raw[11],
- skb->mac.raw[0], skb->mac.raw[1], skb->mac.raw[2],
+ skb->mac.raw[9], skb->mac.raw[10], skb->mac.raw[11],
+ skb->mac.raw[0], skb->mac.raw[1], skb->mac.raw[2],
skb->mac.raw[3], skb->mac.raw[4], skb->mac.raw[5]);
#endif
if(rxFromWan)
@@ -1140,7 +1325,7 @@ int rtl865x_localPublicRx(struct sk_buff *skb)
pktInfo.data=skb_mac_header(skb);
pktInfo.action=RX_WAN_PACKET;
rtl865x_checkLocalPublic(&pktInfo);
-
+
if(pktInfo.fromLocalPublic==1)
{
kfree_skb(skb);
@@ -1148,12 +1333,12 @@ int rtl865x_localPublicRx(struct sk_buff *skb)
}
else if(pktInfo.toLocalPublic==1)
{
-
+
skb->pkt_type=PACKET_HOST;
//printk("%s:%d,pktInfo.fromLocalPublic is %d,pktInfo.toLocalPublic is %d\n",__FUNCTION__,__LINE__,pktInfo.fromLocalPublic,pktInfo.toLocalPublic );
memcpy(eth_hdr(skb)->h_dest, skb->dev->dev_addr, 6);
}
-
+
}
else if (rxFromLan)
{
@@ -1169,7 +1354,7 @@ int rtl865x_localPublicRx(struct sk_buff *skb)
skb->fromLocalPublic=1;
skb->srcLocalPublicIp=pktInfo.srcIp;
//if(pktInfo.toLocalPublic==1)
- {
+ {
skb->pkt_type=PACKET_HOST;
memcpy(eth_hdr(skb)->h_dest, skb->dev->dev_addr, 6);
#if 0
@@ -1179,13 +1364,13 @@ int rtl865x_localPublicRx(struct sk_buff *skb)
dest[0],dest[1],dest[2],dest[3],dest[4],dest[5],
src[0],src[1],src[2],src[3],src[4],src[5]);
#endif
-
+
}
}
-
+
}
skb->localPublicFlags = 0x1;
-
+
end_of_local_public_rx:
return NET_RX_SUCCESS;
}
@@ -1197,14 +1382,14 @@ int rtl865x_localPublicTx(struct sk_buff *skb, struct net_device *dev)
{
return NET_RX_SUCCESS;
}
-
+
if(txToWan)
- {
+ {
if((skb->fromLocalPublic==1) && (skb->srcLocalPublicIp!=0))
{
rtl865x_getLocalPublicMac(skb->srcLocalPublicIp, eth_hdr(skb)->h_source);
}
-
+
}
else if (txToLan)
{
@@ -1218,31 +1403,31 @@ int rtl865x_localPublicTx(struct sk_buff *skb, struct net_device *dev)
int rtl865x_getDevIpAndNetmask(struct net_device * dev, unsigned int *ipAddr, unsigned int *netMask )
{
- struct in_device *in_dev;
+ struct in_device *in_dev;
struct in_ifaddr *ifap = NULL;
if((dev==NULL) || (ipAddr==NULL) || (netMask==NULL))
{
return FAILED;
}
-
+
*ipAddr=0;
*netMask=0;
-
- in_dev=(struct net_device *)(dev->ip_ptr);
+
+ in_dev=(struct in_device *)(dev->ip_ptr);
if (in_dev != NULL) {
for (ifap=in_dev->ifa_list; ifap != NULL; ifap=ifap->ifa_next) {
if (strcmp(dev->name, ifap->ifa_label) == 0){
*ipAddr = ifap->ifa_address;
*netMask = ifap->ifa_mask;
- return SUCCESS;
+ return SUCCESS;
}
}
-
+
}
-
+
return FAILED;
-
+
}
@@ -1286,7 +1471,7 @@ static int qos_read_proc(char *page, char **start, off_t off,
static int qos_write_proc(struct file *file, const char *buffer,
unsigned long count, void *data)
{
- if ( gQosSetting==NULL || count < 2)
+ if ( gQosSetting==NULL || count < 2)
return -EFAULT;
if (buffer && !copy_from_user(gQosSetting, buffer, count)) {
@@ -1322,10 +1507,10 @@ int32 rtl_qos_init(void)
proc_qos->write_proc = qos_write_proc;
}
#endif
- gQosSetting = kmalloc(RTL_QOS_PROC_MAX_LEN, GFP_KERNEL);
+ gQosSetting = kmalloc(RTL_QOS_PROC_MAX_LEN, GFP_ATOMIC);
memset(gQosSetting, 0, RTL_QOS_PROC_MAX_LEN);
gQosEnabled = 0;
-
+
return SUCCESS;
}
@@ -1340,11 +1525,11 @@ int32 rtl_qos_cleanup(void)
#if defined(CONFIG_RTL_FAST_BRIDGE)
int32 rtl_fb_add_br_entry(skb)
-{
+{
struct net_bridge_fdb_entry *dst;
const unsigned char *dest = eth_hdr(skb)->h_dest;
if (!is_multicast_ether_addr(dest))
- {
+ {
dst = __br_fdb_get(skb->dev->br_port->br, dest);
if(dst != NULL && dst->dst->dev == skb->dev)
{
@@ -1413,7 +1598,7 @@ rtl_resolve_normal_ct(struct net *net,
/* look for tuple match */
h = nf_conntrack_find_get(net, &tuple);
-
+
if (!h) {
//h = init_conntrack(net, &tuple, l3proto, l4proto, skb, dataoff);
//if (!h)
@@ -1487,7 +1672,7 @@ rtl_nf_conntrack_in(struct net *net, unsigned int dataoff, unsigned int hooknum,
}
NF_CT_ASSERT(skb->nfct);
-
+
th = skb_header_pointer(skb, dataoff, sizeof(_tcph), &_tcph);
BUG_ON(th == NULL);
@@ -1536,7 +1721,7 @@ int get_hookNum(struct ipt_entry *e, unsigned char *base, const unsigned int val
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
u32 arp_ip = htonl(*((u32 *)n->primary_key));
int rc;
-
+
rc = add? rtl865x_addArp(arp_ip, (void *)n->ha): rtl865x_delArp(arp_ip);
#endif
return 0;
@@ -1572,16 +1757,16 @@ rtl_masq_if rtl_masq_info[RTL_MULTIPLE_WAN_NUM];
rtl_masq_if *rtl_get_masq_info_by_devName(const char* name)
{
- int i;
+ int i;
if(name == NULL)
return NULL;
-
+
for(i = 0; i < RTL_MULTIPLE_WAN_NUM;i++)
{
if(rtl_masq_info[i].valid == 1 &&strcmp(rtl_masq_info[i].ifName,name) == 0)
return &rtl_masq_info[i];
}
-
+
return NULL;
}
@@ -1590,7 +1775,7 @@ int rtl_add_masq_info(const char *name,int ipAddr)
int i;
if(strlen(name) >=IFNAMSIZ || ipAddr ==0)
return FAILED;
-
+
for(i = 0; i < RTL_MULTIPLE_WAN_NUM;i++)
{
if(rtl_masq_info[i].valid == 0)
@@ -1604,7 +1789,7 @@ int rtl_add_masq_info(const char *name,int ipAddr)
rtl_masq_info[i].ipAddr = ipAddr;
memcpy(rtl_masq_info[i].ifName,name,strlen(name));
rtl_masq_info[i].ifName[strlen(name)] ='\0';
- return SUCCESS;
+ return SUCCESS;
}
int rtl_init_masq_info(void)
@@ -1614,7 +1799,7 @@ int rtl_init_masq_info(void)
{
memset(&rtl_masq_info[i],0,sizeof(rtl_masq_if));
}
-
+
return SUCCESS;
}
@@ -1643,26 +1828,26 @@ static int rtl_get_masquerade_netif(struct xt_table_info *private,struct ipt_ent
struct ipt_entry_target *t;
struct net_device *dev;
char masq_name[IFNAMSIZ]={'\0'};
-
+
if(masq_entry && masq_entry->ip.outiface[0] !='\0')
- {
+ {
memcpy(masq_name, masq_entry->ip.outiface, IFNAMSIZ);
//return 0;
}
- else
+ else
{
table_base = private->entries[smp_processor_id()];
- e = get_entry(table_base, private->hook_entry[NF_INET_POST_ROUTING]);
- back = get_entry(table_base, private->underflow[NF_INET_POST_ROUTING]);
-
+ e = get_entry(table_base, private->hook_entry[NF_INET_POST_ROUTING]);
+ back = get_entry(table_base, private->underflow[NF_INET_POST_ROUTING]);
+
//clear masq_name;
- memset(masq_name,0,IFNAMSIZ);
+ memset(masq_name,0,IFNAMSIZ);
while(e)
{
-
+
if(e == masq_entry)
break;
-
+
//record the entry's outif name
if(e->ip.outiface[0] !='\0')
memcpy(masq_name,e->ip.outiface,IFNAMSIZ);
@@ -1678,26 +1863,26 @@ static int rtl_get_masquerade_netif(struct xt_table_info *private,struct ipt_ent
memset(masq_name,0,IFNAMSIZ);
break;
}
-
+
/* Standard target? */
- if (!t->u.kernel.target->target)
+ if (!t->u.kernel.target->target)
{
int v;
- v = ((struct ipt_standard_target *)t)->verdict;
-
+ v = ((struct ipt_standard_target *)t)->verdict;
+
if (v < 0 )
{
if(v == IPT_RETURN)
{
e = back;
- back = get_entry(table_base, back->comefrom);
+ back = get_entry(table_base, back->comefrom);
}
else
{
e = (void *)e + e->next_offset;
}
- continue;
+ continue;
}
//jump ?
@@ -1713,34 +1898,34 @@ static int rtl_get_masquerade_netif(struct xt_table_info *private,struct ipt_ent
}
e = get_entry(table_base, v);
continue;
- }
-
+ }
+
/*user define target?*/
e = (void *)e + e->next_offset;
- }
-
+ }
+
}
if(masq_name[0] !='\0')
{
struct in_ifaddr *ina;
dev = __dev_get_by_name(&init_net,masq_name);
- if ((dev)&&(dev->ip_ptr))
- {
-
+ if ((dev)&&(dev->ip_ptr))
+ {
+
ina=(struct in_ifaddr *)(((struct in_device *)(dev->ip_ptr))->ifa_list);
- if (ina!=NULL)
+ if (ina!=NULL)
{
rtl_add_masq_info(masq_name,ina->ifa_local);
}
}
}
-
+
return 0;
}
-static int rtl_check_for_masquerade_entry(struct ipt_entry *e,
+static int rtl_check_for_masquerade_entry(struct ipt_entry *e,
unsigned char *base,
const char *name,
unsigned int size,
@@ -1751,20 +1936,20 @@ static int rtl_check_for_masquerade_entry(struct ipt_entry *e,
struct ipt_entry_target *t;
unsigned int hook;
int ret = 0;
-
- t = ipt_get_target(e);
- if ( !t)
- {
+
+ t = ipt_get_target(e);
+ if ( !t)
+ {
goto err;
}
- hook = get_hookNum(e,base,valid_hooks,hook_entries);
+ hook = get_hookNum(e,base,valid_hooks,hook_entries);
if ((hook == NF_INET_POST_ROUTING) &&
- ((strcmp(t->u.kernel.target->name, "MASQUERADE") == 0)))
- {
- rtl_get_masquerade_netif(private,e);
+ ((strcmp(t->u.kernel.target->name, "MASQUERADE") == 0)))
+ {
+ rtl_get_masquerade_netif(private,e);
}
- err:
+ err:
return ret;
}
@@ -1788,7 +1973,7 @@ int rtl_check_for_extern_ip(const char *name,
rtl865x_addIp(0,rtl_masq_info[i].ipAddr,IP_TYPE_NAPT);
}
}
-
+
return 0;
}
@@ -1803,33 +1988,33 @@ int rtl_check_for_extern_ip(const char *name,
rtl865x_delIp(rtl_masq_info[i].ipAddr);
}
}
-
+
return SUCCESS;
}
int32 rtl_update_ip_tables(char *name, unsigned long event, struct in_ifaddr *ina)
{
rtl_masq_if *entry;
-
+
/*2007-12-19*/
#ifdef CONFIG_HARDWARE_NAT_DEBUG
/*2007-12-19*/
printk("%s:%d\n",__FUNCTION__,__LINE__);
- #endif
+ #endif
if (ina==NULL)
return SUCCESS;
-
+
entry = rtl_get_masq_info_by_devName(name);
if (entry!=NULL)
{
- if (event == NETDEV_UP )
+ if (event == NETDEV_UP )
{
rtl865x_addIp(0,(u32)(ina->ifa_local),IP_TYPE_NAPT);
//update the ip address
entry->ipAddr = ina->ifa_local;
}
- else if(event == NETDEV_DOWN)
- {
+ else if(event == NETDEV_DOWN)
+ {
if(rtl865x_delIp(ina->ifa_local)==SUCCESS)
{
rtl865x_nat_init();
@@ -1847,7 +2032,7 @@ int32 rtl_fn_insert(struct fib_table *tb, struct fib_config *cfg, struct fib_inf
unsigned int srcIp,srcMask;
struct net_device *netif;
char *dev_t;
-
+
/*2007-12-19*/
if ((tb->tb_id == RT_TABLE_MAIN) && (gHwNatEnabled !=0)) {
if(cfg->fc_oif) {
@@ -1861,8 +2046,8 @@ int32 rtl_fn_insert(struct fib_table *tb, struct fib_config *cfg, struct fib_inf
ipMask = inet_make_mask(cfg->fc_dst_len);
ipGw = cfg->fc_gw;
rtl865x_getDevIpAndNetmask(netif,&srcIp,&srcMask);
- if (!ipDst || (!MULTICAST(ipDst) && !LOOPBACK(ipDst) && (ipDst != 0xffffffff)))
- {
+ if (!ipDst || (!MULTICAST(ipDst) && !LOOPBACK(ipDst) && (ipDst != 0xffffffff)))
+ {
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
//printk("-------------------%s(%d)\n",__FUNCTION__,__LINE__);
rc = rtl865x_addRoute(ipDst,ipMask,ipGw,dev_t,srcIp);
@@ -1870,7 +2055,7 @@ int32 rtl_fn_insert(struct fib_table *tb, struct fib_config *cfg, struct fib_inf
#endif
#ifdef CONFIG_HARDWARE_NAT_DEBUG
/*2007-12-19*/
- printk("%s:%d:(%s): dst:%u.%u.%u.%u/%u, gw:%u.%u.%u.%u, dev: %s, errno=%d\n",
+ printk("%s:%d:(%s): dst:%u.%u.%u.%u/%u, gw:%u.%u.%u.%u, dev: %s, errno=%d\n",
__FUNCTION__,__LINE__,"add_rt", NIPQUAD(ipDst), cfg->fc_dst_len, NIPQUAD(ipGw), dev_t? dev_t: "null", rc
);
#endif
@@ -1885,13 +2070,13 @@ int32 rtl_fn_delete(struct fib_table *tb, struct fib_config *cfg)
{
int rc;
unsigned int ipDst, ipMask;
-
+
/*2007-12-19*/
if (tb->tb_id == RT_TABLE_MAIN) {
ipDst = cfg->fc_dst;
ipMask = inet_make_mask(cfg->fc_dst_len);
-
- if (!ipDst || (!MULTICAST(ipDst) && !LOOPBACK(ipDst) && (ipDst != 0xffffffff))) {
+
+ if (!ipDst || (!MULTICAST(ipDst) && !LOOPBACK(ipDst) && (ipDst != 0xffffffff))) {
rc = 0;
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
rc = rtl865x_delRoute(ipDst, ipMask);
@@ -1907,11 +2092,11 @@ int32 rtl_fn_flush(int fz_order, int idx, u32 tb_id, u32 fn_key)
int rc;
unsigned int ipDst, ipMask;
/*2007-12-19*/
- if (tb_id==RT_TABLE_MAIN) {
+ if (tb_id==RT_TABLE_MAIN) {
ipDst =fn_key;
ipMask = inet_make_mask(fz_order);
- if (!ipDst || (!MULTICAST(ipDst) && !LOOPBACK(ipDst) && (ipDst != 0xffffffff))) {
+ if (!ipDst || (!MULTICAST(ipDst) && !LOOPBACK(ipDst) && (ipDst != 0xffffffff))) {
rc = 0;
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
rc = rtl865x_delRoute(ipDst, ipMask);
@@ -1924,12 +2109,21 @@ int32 rtl_fn_flush(int fz_order, int idx, u32 tb_id, u32 fn_key)
int32 rtl_ip_vs_conn_expire_check(struct ip_vs_conn *cp)
{
- int timeval;
+ int elapsed;
+ u_int32_t expires;
rtl865x_napt_entry rtl865xNaptEntry;
+ if (cp->protocol==IPPROTO_UDP) {
+ expires = nf_ct_udp_timeout;
+ } else if (cp->protocol==IPPROTO_TCP) {
+ expires = tcp_get_timeouts_by_state(cp->state); /* does cp->state right here? */
+ } else {
+ return FAILED;
+ }
+
/* chhuang:
printk("ip_vs_conn_expire: c:(%u.%u.%u.%u:%d), v:(%u.%u.%u.%u:%d), \n\td:(%u.%u.%u.%u:%d), p:(%x), f: %x, s: %x\n",
- NIPQUAD(cp->caddr), cp->cport, NIPQUAD(cp->vaddr), cp->vport, NIPQUAD(cp->daddr), cp->dport,
+ NIPQUAD(cp->caddr), cp->cport, NIPQUAD(cp->vaddr), cp->vport, NIPQUAD(cp->daddr), cp->dport,
cp->protocol, cp->flags, cp->state);
*/
if (cp->hw_acc) {
@@ -1941,21 +2135,21 @@ int32 rtl_ip_vs_conn_expire_check(struct ip_vs_conn *cp)
rtl865xNaptEntry.remIp=cp->caddr.ip;
rtl865xNaptEntry.remPort=cp->cport;
- timeval = rtl865x_naptSync(&rtl865xNaptEntry, 0);
-
- if (timeval > 0 && (cp->protocol==IPPROTO_UDP))
+ elapsed = rtl865x_naptSync(&rtl865xNaptEntry, 0);
+
+ if (elapsed >= 0 && (cp->protocol==IPPROTO_UDP))
{
- cp->timer.expires = jiffies + (timeval)*HZ;
+ cp->timer.expires = jiffies + (expires-elapsed)*HZ;
add_timer(&cp->timer);
#ifdef CONFIG_HARDWARE_NAT_DEBUG
/*2007-12-19*/
printk("%s:%d:(%s): expired time = %d\n %s (%u.%u.%u.%u:%u -> %u.%u.%u.%u:%u) g:(%u.%u.%u.%u:%u)\n",
__FUNCTION__,__LINE__,"poll_nat", timeval, (cp->protocol==IPPROTO_TCP)? "tcp": "udp",
- NIPQUAD(cp->daddr), cp->dport, NIPQUAD(cp->caddr), cp->cport,
+ NIPQUAD(cp->daddr), cp->dport, NIPQUAD(cp->caddr), cp->cport,
NIPQUAD(cp->vaddr), cp->vport
);
#endif
-
+
return FAILED;
}
}
@@ -1980,7 +2174,7 @@ int32 rtl_ip_vs_conn_expire_check_delete(struct ip_vs_conn *cp)
rtl865xNaptEntry.remPort=cp->cport;
rc = rtl865x_delNaptConnection(&rtl865xNaptEntry);
-
+
#ifdef CONFIG_HARDWARE_NAT_DEBUG
/*2007-12-19*/
printk("%s:%d:(%s): errno=%d\n %s (%u.%u.%u.%u:%u -> %u.%u.%u.%u:%u) g:(%u.%u.%u.%u:%u)\n",
@@ -2010,15 +2204,15 @@ int32 rtl_tcp_state_transition_check(struct ip_vs_conn *cp, int direction, const
/*2007-12-19*/
/*
printk("ip_vs_set_state: c:(%u.%u.%u.%u:%d), v:(%u.%u.%u.%u:%d), \n\td:(%u.%u.%u.%u:%d), p:(%x), f: %x, s: %x, master: %s\n\tapp_data: %x, app: %x\n",
- NIPQUAD(cp->caddr), cp->cport, NIPQUAD(cp->vaddr), cp->vport, NIPQUAD(cp->daddr), cp->dport, cp->protocol, cp->flags, cp->state,
+ NIPQUAD(cp->caddr), cp->cport, NIPQUAD(cp->vaddr), cp->vport, NIPQUAD(cp->daddr), cp->dport, cp->protocol, cp->flags, cp->state,
cp->control? "yes": "no", cp->app_data, cp->app);
*/
#if 0
if (!cp->hw_acc && !cp->app &&
- cp->state==IP_VS_S_ESTABLISHED)
+ cp->state==IP_VS_S_ESTABLISHED)
#else
if (!cp->hw_acc && !cp->app &&
- cp->state==IP_VS_TCP_S_ESTABLISHED)
+ cp->state==IP_VS_TCP_S_ESTABLISHED)
#endif
{
int rc;
@@ -2038,7 +2232,7 @@ int32 rtl_tcp_state_transition_check(struct ip_vs_conn *cp, int direction, const
rtl865xQosMark.downlinkMark=0; //Initial
rtl865xQosMark.uplinkMark=0; //Initial
ret=rtl_qosGetSkbMarkByNaptEntry(&rtl865xNaptEntry, &rtl865xQosMark, skb);
-
+
lanDev=rtl865x_getLanDev();
wanDev=rtl865x_getWanDev();
rtl865xPrio.downlinkPrio=rtl_qosGetPriorityByMark(lanDev->name, rtl865xQosMark.downlinkMark);
@@ -2055,7 +2249,7 @@ int32 rtl_tcp_state_transition_check(struct ip_vs_conn *cp, int direction, const
rtl865xPrio.downlinkPrio=0;
rtl865xPrio.uplinkPrio=0;
}
-
+
#if defined(CONFIG_RTL_LAYERED_DRIVER_L4)
rtl865xNaptEntry.protocol=RTL865X_PROTOCOL_TCP;
rtl865xNaptEntry.intIp=cp->daddr.ip;
@@ -2091,7 +2285,7 @@ int32 rtl_udp_state_transition_check(struct ip_vs_conn *cp, int direction, const
#endif
/*2007-12-19*/
- if (!cp->hw_acc && !cp->app)
+ if (!cp->hw_acc && !cp->app)
{
int rc;
rc = 0;
@@ -2109,7 +2303,7 @@ int32 rtl_udp_state_transition_check(struct ip_vs_conn *cp, int direction, const
rtl865xQosMark.downlinkMark=0; //Initial
rtl865xQosMark.uplinkMark=0; //Initial
ret=rtl_qosGetSkbMarkByNaptEntry(&rtl865xNaptEntry, &rtl865xQosMark, skb);
-
+
lanDev=rtl865x_getLanDev();
wanDev=rtl865x_getWanDev();
rtl865xPrio.downlinkPrio=rtl_qosGetPriorityByMark(lanDev->name, rtl865xQosMark.downlinkMark);
@@ -2126,7 +2320,7 @@ int32 rtl_udp_state_transition_check(struct ip_vs_conn *cp, int direction, const
rtl865xPrio.downlinkPrio=0;
rtl865xPrio.uplinkPrio=0;
}
-
+
#if defined(CONFIG_RTL_LAYERED_DRIVER_L4)
rtl865xNaptEntry.protocol=RTL865X_PROTOCOL_UDP;
rtl865xNaptEntry.intIp=cp->daddr.ip;
@@ -2150,7 +2344,7 @@ int32 rtl_udp_state_transition_check(struct ip_vs_conn *cp, int direction, const
}
}
-#endif
+#endif
#if defined(CONFIG_PROC_FS) && defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW)
static struct proc_dir_entry *proc_gc_overflow_timout=NULL;
@@ -2173,14 +2367,14 @@ static int gc_overflow_timout_write_proc(struct file *file, const char *buffer,
unsigned long count, void *data)
{
uint32 tmpBuf[32];
-
- if (count < 2)
+
+ if (count < 2)
return -EFAULT;
if (buffer && !copy_from_user(tmpBuf, buffer, count)) {
tmpBuf[count-1]=0;
rtl_gc_overflow_timout=simple_strtol((const char *)tmpBuf, NULL, 0);
-
+
return count;
}
return -EFAULT;
@@ -2196,4 +2390,315 @@ void gc_overflow_timout_proc_init(void)
}
#endif
+#if defined(CONFIG_RTL_LOG_DEBUG)
+struct RTL_LOG_PRINT_MASK
+/*{
+ uint32 ERROR:1;
+ uint32 WARN:1;
+ uint32 INFO:1;
+}*/ RTL_LogTypeMask;
+struct RTL_LOG_ERROR_MASK
+/*{
+ uint32 MEM:1;
+ uint32 SKB:1;
+}*/RTL_LogErrorMask;
+struct RTL_LOG_MODULE_MASK
+/*{
+ uint8 NIC:1;
+ uint8 WIRELESS:1;
+ uint8 PROSTACK:1;
+}*/RTL_LogModuleMask;
+uint32 RTL_LogRatelimit=1;
+
+static struct proc_dir_entry *proc_log_print_control=NULL;
+static struct proc_dir_entry *proc_printMask=NULL;
+static struct proc_dir_entry *proc_errMask=NULL;
+static struct proc_dir_entry *proc_printModule=NULL;
+static struct proc_dir_entry *proc_print_rateLimit=NULL;
+const char *print_Mask_ID="typeMask";
+const char *print_errMask_ID="errMask";
+const char *print_rateLimit_ID="rateLimit_enable";
+const char *print_module_ID="module_mask";
+
+static int print_log_read_proc(char *page, char **start, off_t off,
+ int count, int *eof, void *data)
+{
+ int len;
+
+ if(0==strcmp(data, print_Mask_ID))
+ {
+ len = sprintf(page, "RTL_LogTypeMask(0x%x)\n\tbit means:\n\t ERROR %d\n\t WARN %d \n\t INFO %d \n", \
+ *(uint32 *)&RTL_LogTypeMask, RTL_LogTypeMask.ERROR, RTL_LogTypeMask.WARN, RTL_LogTypeMask.INFO);
+ }
+ else if(0==strcmp(data, print_errMask_ID))
+ {
+ len = sprintf(page, "RTL_LogErrorMask(0x%x)\n\tbit means:\n\t MEM %d\n\t SKB %d \n", \
+ *(uint32 *)&RTL_LogErrorMask, RTL_LogErrorMask.MEM, RTL_LogErrorMask.SKB);
+ }
+ else if(0==strcmp(data, print_rateLimit_ID))
+ {
+ len = sprintf(page, "rate_limit %d \n", RTL_LogRatelimit);
+ }
+ else if(0==strcmp(data, print_module_ID))
+ {
+ len = sprintf(page, "RTL_LogModuleMask(0x%x)\n\tbit means:\n\t NIC %d\n\t WIRELESS %d \n\t PROSTACK %d \n", \
+ *(uint32 *)&RTL_LogModuleMask, RTL_LogModuleMask.NIC, RTL_LogModuleMask.WIRELESS, RTL_LogModuleMask.PROSTACK);
+ }
+
+ if (len <= off+count) *eof = 1;
+ *start = page + off;
+ len -= off;
+ if (len>count) len = count;
+ if (len<0) len = 0;
+ return len;
+}
+
+static int print_log_write_proc(struct file *file, const char *buffer,
+ unsigned long count, void *data)
+{
+ unsigned char tmpBuf[32];
+ int tmp;
+ if (count < 2)
+ return -EFAULT;
+
+ if (!buffer || copy_from_user(tmpBuf, buffer, count)) {
+ return -EFAULT;
+ }
+
+ if(0==strcmp(data, print_Mask_ID))
+ {
+ sscanf(tmpBuf, "%x", &tmp);
+ *(uint32 *)&RTL_LogTypeMask=tmp;
+ }
+ else if(0==strcmp(data, print_errMask_ID))
+ {
+ sscanf(tmpBuf, "%x", &tmp);
+ *(uint32 *)&RTL_LogErrorMask=tmp;
+ }
+ else if(0==strcmp(data, print_rateLimit_ID))
+ {
+ tmpBuf[count-1]=0;
+ RTL_LogRatelimit=simple_strtol((const char *)tmpBuf, NULL, 0);
+ }
+ else if(0==strcmp(data, print_module_ID))
+ {
+ sscanf(tmpBuf, "%x", &tmp);
+ *(uint32 *)&RTL_LogModuleMask=tmp;
+ }
+
+ return count;
+}
+void log_print_proc_init(void)
+{
+ RTL_LogTypeMask.ERROR=1;
+ RTL_LogErrorMask.MEM=1;
+ RTL_LogErrorMask.SKB=1;
+
+ RTL_LogTypeMask.WARN=1;
+ RTL_LogTypeMask.INFO=0;
+
+ RTL_LogModuleMask.NIC=1;
+ RTL_LogModuleMask.WIRELESS=1;
+ RTL_LogModuleMask.PROSTACK=1;
+
+ RTL_LogRatelimit=1;
+
+ proc_log_print_control= proc_mkdir("log_print_control",NULL);
+ if(proc_log_print_control)
+ {
+
+ proc_printMask = create_proc_entry(print_Mask_ID, 0, proc_log_print_control);
+ if (proc_printMask) {
+ proc_printMask->read_proc = print_log_read_proc;
+ proc_printMask->write_proc = print_log_write_proc;
+ proc_printMask->data = (void *)print_Mask_ID;
+ }
+
+ proc_errMask = create_proc_entry(print_errMask_ID, 0, proc_log_print_control);
+ if (proc_errMask) {
+ proc_errMask->read_proc = print_log_read_proc;
+ proc_errMask->write_proc = print_log_write_proc;
+ proc_errMask->data = (void *)print_errMask_ID;
+ }
+
+ proc_print_rateLimit = create_proc_entry(print_rateLimit_ID, 0, proc_log_print_control);
+ if (proc_print_rateLimit) {
+ proc_print_rateLimit->read_proc = print_log_read_proc;
+ proc_print_rateLimit->write_proc = print_log_write_proc;
+ proc_print_rateLimit->data = (void *)print_rateLimit_ID;
+ }
+
+ proc_printModule = create_proc_entry(print_module_ID, 0, proc_log_print_control);
+ if (proc_printModule) {
+ proc_printModule->read_proc = print_log_read_proc;
+ proc_printModule->write_proc = print_log_write_proc;
+ proc_printModule->data = (void *)print_module_ID;
+ }
+ }
+}
+#endif
+
+#if defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW) //CONFIG_RTL_GC_INDEPENDENCE_ON_KERNEL
+int rtl_gc_threshold_check(struct net* net)
+{
+ int ret = FAILED;
+
+ if(net == NULL){
+ if(atomic_read(&(init_net.ct.count)) > rtl_nf_conntrack_threshold)
+ ret = SUCCESS;
+ }else{
+ if(atomic_read(&net->ct.count) > rtl_nf_conntrack_threshold)
+ ret = SUCCESS;
+ }
+
+ return ret;
+}
+
+void rtl_list_del(struct nf_conn* ct)
+{
+ return list_del(&ct->state_tuple);
+}
+
+void rtl_hlist_nulls_del_rcu(struct nf_conn* ct, enum ip_conntrack_dir dir)
+{
+ return hlist_nulls_del_rcu(&ct->tuplehash[dir].hnnode);
+}
+
+void rtl_list_add_tail(struct nf_conn* ct, int proto, int flag)
+{
+ if(proto == PROT_UDP)
+ return list_add_tail(&ct->state_tuple,Udp_State_Hash_Head[flag].state_hash);
+ else if(proto == PROT_TCP)
+ return list_add_tail(&ct->state_tuple,Tcp_State_Hash_Head[ct->proto.tcp.state].state_hash);
+}
+
+
+int rtl_test_bit(struct nf_conn* ct, int num)
+{
+ if(test_bit(num, &ct->status))
+ return SUCCESS;
+ else
+ return FAILED;
+}
+
+int rtl_del_ct_timer(struct nf_conn *ct)
+{
+ return del_timer(&ct->timeout);
+}
+
+void rtl_add_ct_timer(struct nf_conn *ct)
+{
+ return add_timer(&ct->timeout);
+}
+
+void rtl_list_move_tail(struct nf_conn *ct, int proto, int state)
+{
+ if(proto == PROT_UDP)
+ return list_move_tail(&ct->state_tuple, Udp_State_Hash_Head[state].state_hash);
+ else if(proto == PROT_TCP)
+ return list_move_tail(&ct->state_tuple, Tcp_State_Hash_Head[(enum tcp_conntrack)state].state_hash);
+}
+
+unsigned long rtl_get_ct_timer_expires(struct nf_conn* ct)
+{
+ return ct->timeout.expires;
+}
+
+void rtl_nf_ct_stat_inc(struct net* net)
+{
+ NF_CT_STAT_INC(net, delete_list);
+
+ return;
+}
+
+int rtl_skb_network_offset(struct sk_buff *skb)
+{
+ return skb_network_offset(skb);
+}
+
+u_int8_t rtl_new_gc_get_ct_protonum(void *ct_ptr, enum ip_conntrack_dir dir)
+{
+ struct nf_conn *ct = (struct nf_conn *)ct_ptr;
+
+ return ct->tuplehash[dir].tuple.dst.protonum;
+}
+
+struct iphdr *rtl_new_gc_ip_hdr(struct sk_buff *skb)
+{
+ return ip_hdr(skb);
+}
+
+__be16 rtl_new_gc_get_skb_protocol(struct sk_buff *skb)
+{
+ return skb->protocol;
+}
+
+unsigned long rtl_new_gc_get_ct_udp_status(void *ct_ptr)
+{
+ struct nf_conn *ct = (struct nf_conn *)ct_ptr;
+
+ return ct->status;
+}
+
+u_int8_t rtl_new_gc_get_ct_tcp_state(void *ct_ptr)
+{
+ struct nf_conn *ct = (struct nf_conn *)ct_ptr;
+
+ return ct->proto.tcp.state;
+}
+
+void rtl_new_gc_set_ct_timeout_expires(void *ct_ptr, unsigned long value)
+{
+ struct nf_conn *ct = (struct nf_conn *)ct_ptr;
+
+ ct->timeout.expires = value;
+
+ return;
+}
+
+/*flag = 0 for src; flag = 1 for dst*/
+__be32 rtl_new_gc_get_ct_ip_by_dir(void *ct_ptr, enum ip_conntrack_dir dir, int flag)
+{
+ struct nf_conn *ct = (struct nf_conn *)ct_ptr;
+
+ if(dir == IP_CT_DIR_ORIGINAL)
+ {
+ if(flag == 0)
+ return ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip;
+ else if(flag == 1)
+ return ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.ip;
+ }
+ else if(dir == IP_CT_DIR_REPLY)
+ {
+ if(flag == 0)
+ return ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip;
+ else if(flag == 1)
+ return ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip;
+ }
+}
+
+/*flag = 0 for src; flag = 1 for dst*/
+__be16 rtl_new_gc_get_ct_port_by_dir(void *ct_ptr, enum ip_conntrack_dir dir, int flag)
+{
+ struct nf_conn *ct = (struct nf_conn *)ct_ptr;
+
+ if(dir == IP_CT_DIR_ORIGINAL)
+ {
+ if(flag == 0)
+ return ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.all;
+ else if(flag == 1)
+ return ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all;
+
+ }
+ else if(dir == IP_CT_DIR_REPLY)
+ {
+ if(flag == 0)
+ return ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all;
+ else if(flag == 1)
+ return ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.all;
+ }
+}
+
+#endif
+
diff --git a/target/linux/realtek/files/net/rtl/features/rtl_ps_hooks.c b/target/linux/realtek/files/net/rtl/features/rtl_ps_hooks.c
index 8be001711..269683038 100644
--- a/target/linux/realtek/files/net/rtl/features/rtl_ps_hooks.c
+++ b/target/linux/realtek/files/net/rtl/features/rtl_ps_hooks.c
@@ -33,12 +33,20 @@
#include <net/rtl/rtl865x_arp_api.h>
#endif
+#ifdef CONFIG_RTL_LAYERED_DRIVER_L2
+#include <net/rtl/rtl865x_fdb_api.h>
+#endif
+
#if defined(CONFIG_RTL_HW_QOS_SUPPORT) && defined(CONFIG_RTL_HARDWARE_NAT)
#include <net/rtl/rtl865x_netif.h>
#include <net/rtl/rtl865x_outputQueue.h>
#endif
-#ifdef CONFIG_RTL_HARDWARE_NAT
+#if defined (CONFIG_RTL865X_LANPORT_RESTRICTION)
+#include <net/rtl/features/lan_restrict.h>
+#endif
+
+#ifdef CONFIG_RTL_HARDWARE_NAT
//#define CONFIG_HARDWARE_NAT_DEBUG
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
#include <net/rtl/rtl865x_ppp.h>
@@ -48,7 +56,7 @@
extern int gHwNatEnabled;
#endif
-#ifdef CONFIG_RTL_HARDWARE_NAT
+#ifdef CONFIG_RTL_HARDWARE_NAT
/*2007-12-19*/
#ifdef CONFIG_RTL_LAYERED_DRIVER_L3
#include <net/rtl/rtl865x_ip_api.h>
@@ -64,18 +72,21 @@ extern unsigned int hw_napt_ip;
enum LR_RESULT (*FastPath_hook5)( ipaddr_t ip, ether_addr_t* mac, enum ARP_FLAGS flags )=NULL;
enum LR_RESULT (*FastPath_hook7)( ipaddr_t ip )=NULL;
enum LR_RESULT (*FastPath_hook8)( ipaddr_t ip, ether_addr_t* mac, enum ARP_FLAGS flags )=NULL;
-EXPORT_SYMBOL(FastPath_hook8);
-EXPORT_SYMBOL(FastPath_hook7);
-EXPORT_SYMBOL(FastPath_hook5);
+EXPORT_SYMBOL(FastPath_hook8);
+EXPORT_SYMBOL(FastPath_hook7);
+EXPORT_SYMBOL(FastPath_hook5);
#endif
-
int32 rtl_nf_conntrack_in_hooks(rtl_nf_conntrack_inso_s *info)
{
- #if !defined(IMPROVE_QOS) && defined(CONFIG_RTL_IPTABLES_FAST_PATH)
- rtl_fpAddConnCache(info->ct, info->skb);
+#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
+ #if !defined(IMPROVE_QOS)
+ rtl_fpAddConnCache(info->ct, info->skb);
+ #elif defined(CONFIG_RTL_ROUTER_FAST_PATH)
+ if(routerTypeFlag == 1)
+ rtl_fpAddConnCache(info->ct, info->skb);
#endif
-
+#endif
return RTL_PS_HOOKS_CONTINUE;
}
@@ -105,7 +116,7 @@ int32 rtl_nf_conntrack_destroy_hooks(rtl_nf_conntrack_inso_s *info)
int32 rtl_nf_conntrack_confirm_hooks(rtl_nf_conntrack_inso_s *info)
{
#if defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW)
- rtl_connGC_addList(info->skb, info->ct);
+ rtl_connGC_addList((void*)info->skb, (void*)info->ct);
#endif
return RTL_PS_HOOKS_CONTINUE;
@@ -149,13 +160,58 @@ int32 rtl_nf_nat_packet_hooks(rtl_nf_conntrack_inso_s *info)
return RTL_PS_HOOKS_CONTINUE;
}
+#ifdef CONFIG_RTL_WLAN_DOS_FILTER
+#define RTL_WLAN_NAME "wlan"
+#define TCP_SYN 2
+#define _MAX_SYN_THRESHOLD 400
+#define _WLAN_BLOCK_TIME 20 // unit: seconds
+
+int wlan_syn_cnt=0;
+int wlan_block=0, wlan_block_count=0;
+unsigned int dbg_wlan_dos_block_pkt_num=0;
+unsigned char block_source_mac[6];
+int wlan_dos_filter_enabled = 1;
+
+extern unsigned int _br0_ip;
+
+#if defined(CONFIG_RTL8192CD) || defined(CONFIG_RTL8192E)
+extern int issue_disassoc_from_kernel(void *priv, unsigned char *mac);
+#endif
+
+static struct timer_list wlan_dos_timer;
+static void wlan_dos_timer_fn(unsigned long arg)
+{
+ wlan_syn_cnt = 0;
+
+ if(wlan_block_count >=_WLAN_BLOCK_TIME) {
+ wlan_block=0;
+ wlan_block_count=0;
+ }
+ if(wlan_block == 1)
+ wlan_block_count++;
+
+ mod_timer(&wlan_dos_timer, jiffies + HZ);
+}
+
+#endif
+
int32 rtl_nat_init_hooks(void)
{
+#ifdef CONFIG_RTL_819X_SWCORE
rtl_nat_init();
+#endif
#if defined(CONFIG_NET_SCHED)
rtl_qos_init();
#endif
+#ifdef CONFIG_RTL_WLAN_DOS_FILTER
+ init_timer(&wlan_dos_timer);
+ wlan_dos_timer.expires = jiffies + HZ;
+ wlan_dos_timer.data = 0L;
+ wlan_dos_timer.function = wlan_dos_timer_fn;
+ mod_timer(&wlan_dos_timer, jiffies + HZ);
+ #endif
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -205,7 +261,7 @@ int32 rtl_fn_hash_delete_hooks(struct fib_table *tb, struct fib_config *cfg)
#if defined(CONFIG_RTL_HARDWARE_NAT)
rtl_fn_delete(tb, cfg);
#endif
-
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -252,6 +308,76 @@ int32 rtl_dev_hard_start_xmit_hooks(struct sk_buff *skb, struct net_device *dev,
return RTL_PS_HOOKS_CONTINUE;
}
+#ifdef CONFIG_RTL_WLAN_DOS_FILTER
+
+static int filter_dos_wlan(struct sk_buff *skb)
+{
+ struct iphdr *iph;
+ struct tcphdr *tcph;
+ unsigned char *tflag;
+ int ret=NF_ACCEPT;
+
+ iph=ip_hdr(skb);
+ tcph=(void *) iph + iph->ihl*4;
+ tflag=(void *) tcph + 13;
+
+ //wlan_dev=__dev_get_by_name(&init_net,RTL_PS_WLAN0_DEV_NAME); // wlan0
+ //wlan_dev=__dev_get_by_name(&init_net,RTL_PS_LAN_P0_DEV_NAME); // eth0
+
+ //if(skb->dev && (skb->dev == wlan_dev))
+
+ if ((skb->dev) && (!strncmp(skb->dev->name, RTL_WLAN_NAME, 4))) // wlan0, wlan1, wlan0-va0, ... and so on
+ {
+ if ((iph->protocol==IPPROTO_TCP) && ((*tflag & 0x3f)==TCP_SYN) && (iph->daddr == _br0_ip)) // xdos.exe 192.168.1.254 0-65535
+ {
+ //if(wlan_block==1 && attack_daddr2==iph->daddr) {
+ if ((wlan_block==1) && (memcmp(block_source_mac, &(skb->mac_header[6]), 6) == 0)) {
+ dbg_wlan_dos_block_pkt_num++;
+ ret = NF_DROP;
+ }
+ else {
+ wlan_syn_cnt++;
+
+ if(wlan_syn_cnt > _MAX_SYN_THRESHOLD)
+ {
+ //attack_daddr2=iph->daddr;
+ wlan_block=1;
+
+#if defined(CONFIG_RTL8192CD) || defined(CONFIG_RTL8192E)
+ issue_disassoc_from_kernel((void *) skb->dev->priv, &(skb->mac_header[6]));
+#endif
+ memcpy(block_source_mac, &(skb->mac_header[6]), 6);
+ }
+ }
+ }
+
+ }
+
+ return (ret);
+}
+
+int filter_dos_wlan_enter(struct sk_buff **pskb)
+{
+ int ret;
+ struct sk_buff *skb;
+
+ skb=*pskb;
+ skb->transport_header=skb->data;
+ skb->network_header = skb->data;
+
+ ret = filter_dos_wlan((void*)skb);
+ if (ret == NF_DROP) {
+ kfree_skb(skb);
+ ret = NET_RX_DROP;
+ }
+ else {
+ ret = NET_RX_SUCCESS;
+ }
+
+ return ret;
+}
+#endif
+
int32 rtl_netif_receive_skb_hooks(struct sk_buff **pskb)
{
int ret;
@@ -261,6 +387,13 @@ int32 rtl_netif_receive_skb_hooks(struct sk_buff **pskb)
ret = RTL_PS_HOOKS_RETURN;
} else
#endif
+
+ #ifdef CONFIG_RTL_WLAN_DOS_FILTER
+ if (wlan_dos_filter_enabled && filter_dos_wlan_enter(pskb)== NET_RX_DROP) {
+ ret = RTL_PS_HOOKS_RETURN;
+ } else
+ #endif
+
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
if (FastPath_Enter(pskb)== NET_RX_DROP) {
ret = RTL_PS_HOOKS_RETURN;
@@ -278,7 +411,7 @@ int32 rtl_br_dev_queue_push_xmit_before_xmit_hooks(struct sk_buff *skb)
#if defined(CONFIG_RTL_FAST_BRIDGE)
rtl_fb_add_br_entry(skb);
#endif
-
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -310,7 +443,7 @@ int32 rtl_neigh_flush_dev_hooks(struct neigh_table *tbl, struct net_device *dev,
#endif
}
#endif
-
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -342,7 +475,7 @@ int32 rtl_neigh_update_hooks(struct neighbour *neigh, const u8 *lladdr, uint8 ol
}
#else
rtk_modifyArp(*(u32*)neigh->primary_key, (ether_addr_t*)lladdr, ARP_NONE);
- #endif
+ #endif
}
#endif
@@ -393,7 +526,7 @@ int32 rtl_neigh_periodic_timer_hooks(struct neighbour *n, unsigned int refres
if (!(n->nud_state & NUD_VALID))
return RTL_PS_HOOKS_CONTINUE;
-
+
ret = RTL_PS_HOOKS_CONTINUE;
#if defined(CONFIG_RTL_HARDWARE_NAT) && defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L3)
if (rtl865x_arpSync(htonl(*((u32 *)n->primary_key)), refresh)>0) {
@@ -401,7 +534,7 @@ int32 rtl_neigh_periodic_timer_hooks(struct neighbour *n, unsigned int refres
n->dead=0;
ret = RTL_PS_HOOKS_BREAK;
}
- else
+ else
#endif
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
@@ -425,7 +558,7 @@ int32 rtl_neigh_timer_handler_pre_update_hooks(struct neighbour *neigh, unsigned
#if defined(CONFIG_RTL_HARDWARE_NAT) && defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L3)
int32 tval;
#endif
-
+
if (state & NUD_REACHABLE) {
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
if (neigh->nud_state & NUD_VALID) {
@@ -442,13 +575,13 @@ int32 rtl_neigh_timer_handler_pre_update_hooks(struct neighbour *neigh, unsigned
#if defined(CONFIG_RTL_HARDWARE_NAT) && defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L3)
tval = rtl865x_arpSync(htonl(*((u32 *)neigh->primary_key)), 0);
- if (tval > 0)
+ if (tval > 0)
{
neigh->confirmed = jiffies;
}
#if 0
printk("%s:%d: ip:%u.%u.%u.%u, mac:%x:%x:%x:%x:%x:%x, tval is %d\n",
- __FUNCTION__,__LINE__,NIPQUAD(htonl(*((u32 *)neigh->primary_key))), neigh->ha[0], neigh->ha[1],
+ __FUNCTION__,__LINE__,NIPQUAD(htonl(*((u32 *)neigh->primary_key))), neigh->ha[0], neigh->ha[1],
neigh->ha[2], neigh->ha[3], neigh->ha[4], neigh->ha[5],tval);
#endif
#endif
@@ -456,13 +589,13 @@ int32 rtl_neigh_timer_handler_pre_update_hooks(struct neighbour *neigh, unsigned
} else if (state & NUD_DELAY) {
#if defined(CONFIG_RTL_HARDWARE_NAT) && defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L3)
tval = rtl865x_arpSync(htonl(*((u32 *)neigh->primary_key)), 0);
- if (tval > 0)
+ if (tval > 0)
{
neigh->confirmed = jiffies;
}
#if 0
printk("%s:%d: ip:%u.%u.%u.%u, mac:%x:%x:%x:%x:%x:%x, tval is %d",
- __FUNCTION__,__LINE__,NIPQUAD(htonl(*((u32 *)neigh->primary_key))), neigh->ha[0], neigh->ha[1],
+ __FUNCTION__,__LINE__,NIPQUAD(htonl(*((u32 *)neigh->primary_key))), neigh->ha[0], neigh->ha[1],
neigh->ha[2], neigh->ha[3], neigh->ha[4], neigh->ha[5],tval);
#endif
#endif
@@ -480,8 +613,8 @@ int32 rtl_neigh_timer_handler_during_update_hooks(struct neighbour *neigh, unsig
/*delete asic arp entry*/
syn_asic_arp(neigh, 0);
#if 0
- printk("%s:%d: ip:%u.%u.%u.%u, mac:%x:%x:%x:%x:%x:%x\n",
- __FUNCTION__,__LINE__,NIPQUAD(htonl(*((u32 *)neigh->primary_key))), neigh->ha[0], neigh->ha[1],
+ printk("%s:%d: ip:%u.%u.%u.%u, mac:%x:%x:%x:%x:%x:%x\n",
+ __FUNCTION__,__LINE__,NIPQUAD(htonl(*((u32 *)neigh->primary_key))), neigh->ha[0], neigh->ha[1],
neigh->ha[2], neigh->ha[3], neigh->ha[4],neigh->ha[5]);
#endif
}
@@ -550,7 +683,7 @@ int32 rtl_neigh_init_hooks(void)
#if defined(CONFIG_BRIDGE)
int32 rtl___br_fdb_get_timeout_hooks(struct net_bridge *br, struct net_bridge_fdb_entry *fdb, const unsigned char *addr)
{
- #if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
+ #if defined(CONFIG_RTL_IPTABLES_FAST_PATH) || defined(CONFIG_RTL_FASTBRIDGE)
if (rtl_br_fdb_time_update((void*)br, (void*)fdb, addr)==FAILED) {
return RTL_PS_HOOKS_BREAK;
}
@@ -600,12 +733,12 @@ int32 rtl_translate_table_hooks(const char *name,
const unsigned int *hook_entries,
const unsigned int *underflows)
{
-#if defined(CONFIG_RTL_HARDWARE_NAT)
+#if defined(CONFIG_RTL_HARDWARE_NAT)
//hyking:check masquerade and add ip
if(strcmp(name,"nat") == 0)
{
rtl_flush_extern_ip();
- rtl_init_masq_info();
+ rtl_init_masq_info();
rtl_check_for_extern_ip(name,valid_hooks,newinfo,entry0,size,number,hook_entries,underflows);
}
#endif
@@ -618,7 +751,7 @@ int32 rtl_ip_tables_init_hooks(void)
#if defined(CONFIG_RTL_HARDWARE_NAT)
rtl_init_masq_info();
#endif
-
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -645,7 +778,7 @@ int32 rtl_ip_vs_conn_expire_hooks2(struct ip_vs_conn *cp)
return RTL_PS_HOOKS_CONTINUE;
}
-
+
#if defined(CONFIG_IP_VS_PROTO_TCP)
int32 rtl_tcp_state_transition_hooks(struct ip_vs_conn *cp, int direction, const struct sk_buff *skb, struct ip_vs_protocol *pp)
{
@@ -678,7 +811,7 @@ int rtl_ct_seq_show_hooks(struct seq_file *s, struct nf_conn *ct)
nat = nfct_nat(ct);
if(seq_printf(s,"[%s] ",nat->hw_acc?state[0]:state[1]) != 0)
- return RTL_PS_HOOKS_BREAK;
+ return RTL_PS_HOOKS_BREAK;
#endif
return RTL_PS_HOOKS_CONTINUE;
}
@@ -709,7 +842,7 @@ int32 rtl_dst_alloc_gc_post_check1_hooks(struct dst_ops * ops)
#if defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW)
rtl_gc_overflow_timeout=jiffies+rtl_gc_overflow_timout;
#endif
-
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -719,7 +852,7 @@ int32 rtl_dst_alloc_gc_post_check2_hooks(struct dst_ops * ops, struct dst_entry
#if defined(CONFIG_RTL_NF_CONNTRACK_GARBAGE_NEW)
rtl_gc_overflow_timeout=0;
#endif
-
+
return RTL_PS_HOOKS_CONTINUE;
}
@@ -735,16 +868,16 @@ int32 clean_from_lists_hooks(struct nf_conn *ct, struct net *net)
}
// hooks in __nf_ct_refresh_acct_proto at rtl_nf_connGC.c
-int32 __nf_ct_refresh_acct_proto_hooks(struct nf_conn *ct,
+int32 __nf_ct_refresh_acct_proto_hooks(struct nf_conn *ct,
enum ip_conntrack_info ctinfo,
- const struct sk_buff *skb,
+ const struct sk_buff *skb,
int do_acct,
int *event)
{
#ifdef CONFIG_IP_NF_CT_ACCT
if (do_acct) {
ct->counters[CTINFO2DIR(ctinfo)].packets++;
- ct->counters[CTINFO2DIR(ctinfo)].bytes +=
+ ct->counters[CTINFO2DIR(ctinfo)].bytes +=
ntohs(skb->nh.iph->tot_len);
if ((ct->counters[CTINFO2DIR(ctinfo)].packets & 0x80000000)
|| (ct->counters[CTINFO2DIR(ctinfo)].bytes & 0x80000000))
@@ -761,9 +894,9 @@ int32 __drop_one_conntrack_process_hooks1(struct nf_conn* ct, int dropPrioIdx, i
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH) || defined(CONFIG_RTL_HARDWARE_NAT)
if (checkFlags==TRUE && drop_priority[dropPrioIdx].state==tcpUdpState) {
#if defined(CONFIG_RTL_IPTABLES_FAST_PATH)
- if (FAILED==rtl_fpTimer_update(ct)) {
+ if (FAILED==rtl_fpTimer_update((void*)ct)) {
read_unlock_bh(&nf_conntrack_lock);
- rtl_death_action(ct);
+ rtl_death_action((void*)ct);
return RTL_PS_HOOKS_RETURN;
}
#endif
@@ -771,7 +904,7 @@ int32 __drop_one_conntrack_process_hooks1(struct nf_conn* ct, int dropPrioIdx, i
#if defined(CONFIG_RTL_HARDWARE_NAT)
if (FAILED==rtl_hwnat_timer_update(ct)) {
read_unlock_bh(&nf_conntrack_lock);
- rtl_death_action(ct);
+ rtl_death_action((void*)ct);
return RTL_PS_HOOKS_RETURN;
}
#endif
@@ -786,7 +919,7 @@ int32 __drop_one_conntrack_process_hooks1(struct nf_conn* ct, int dropPrioIdx, i
#endif
{
read_unlock_bh(&nf_conntrack_lock);
- rtl_death_action(ct);
+ rtl_death_action((void*)ct);
return RTL_PS_HOOKS_RETURN;
}
@@ -819,9 +952,28 @@ int32 rtl_nf_conn_GC_init_hooks(void)
#if defined(CONFIG_BRIDGE)
+int32 rtl_fdb_create_hooks(struct net_bridge_fdb_entry *fdb,const unsigned char *addr)
+{
+#if defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L2)
+ #if defined (CONFIG_RTL865X_LANPORT_RESTRICTION)
+ if (fdb->is_static == 0)
+ {
+ rtl865x_addAuthFDBEntry_hooks(addr);
+ }
+
+ #else
+ //fdb->ageing_timer = 300*HZ;
+ rtl865x_addFDBEntry(addr);
+ #endif
+#endif
+
+return RTL_PS_HOOKS_CONTINUE;
+
+}
int32 rtl_fdb_delete_hooks(struct net_bridge_fdb_entry *f)
{
-#if defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L2) && defined(CONFIG_RTL865X_SYNC_L2)
+
+#if defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L2) //&& defined(CONFIG_RTL865X_SYNC_L2)
#if defined (CONFIG_RTL865X_LANPORT_RESTRICTION)
rtl865x_delAuthLanFDBEntry(RTL865x_L2_TYPEII, f->addr.addr);
#else
@@ -835,19 +987,28 @@ int32 rtl_fdb_delete_hooks(struct net_bridge_fdb_entry *f)
return RTL_PS_HOOKS_CONTINUE;
}
-int32 rtl_br_fdb_cleanup_hooks(struct net_bridge *br, struct net_bridge_fdb_entry *f)
+
+int32 rtl_br_fdb_cleanup_hooks(struct net_bridge *br, struct net_bridge_fdb_entry *f, unsigned long delay)
{
#if defined(CONFIG_RTL_FASTBRIDGE)
unsigned long fb_aging;
#endif
#if defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L2) && defined(CONFIG_RTL865X_SYNC_L2)
int32 port_num;
- int ret;
unsigned long hw_aging;
#endif
+ int ret;
+
+ /*printk("timelist as follow:(s)jiffies:%ld,f->ageing_timer:%ld,delay:%ld",jiffies/HZ,f->ageing_timer/HZ,delay/HZ);*/
+ if (time_after(f->ageing_timer, jiffies))
+ {
+ DEBUG_PRINT("\nf->ageing_timer AFTER jiffies:addr is :%x,%x,%x,%x,%x,%x\n",f->addr.addr[0],f->addr.addr[1],f->addr.addr[2],f->addr.addr[3],f->addr.addr[4],f->addr.addr[5]);
+ DEBUG_PRINT("time list:jiffies:%ld,hw_aging:%ld,f->ageing_timer:%ld\n",jiffies/HZ,hw_aging/HZ,f->ageing_timer/HZ );
+ return RTL_PS_HOOKS_BREAK;
+ }
- #if defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L2) && defined(CONFIG_RTL865X_SYNC_L2)
- port_num= -100
+ #if defined(CONFIG_RTL_LAYERED_DRIVER) && defined(CONFIG_RTL_LAYERED_DRIVER_L2) && defined(CONFIG_RTL865X_SYNC_L2)
+ port_num= -100;
ret = rtl865x_arrangeFdbEntry(f->addr.addr, &port_num);
switch (ret) {
@@ -857,29 +1018,40 @@ int32 rtl_br_fdb_cleanup_hooks(struct net_bridge *br, struct net_bridge_fdb_entr
case RTL865X_FDBENTRY_300SEC:
hw_aging = jiffies -150*HZ;
break;
- case RTL865X_FDBENTRY_150SEC:
+ case RTL865X_FDBENTRY_150SEC:
hw_aging = jiffies -300*HZ;
break;
case RTL865X_FDBENTRY_TIMEOUT:
case FAILED:
default:
- hw_aging = jiffies - (br->forward_delay<<1);
- break;
+ hw_aging =jiffies -450*HZ;
+ break;
}
+ ret = 0;
if(time_before_eq(f->ageing_timer, hw_aging))
+ {
+ /*fresh f->ageing_timer*/
f->ageing_timer = hw_aging;
+ }
#endif
#if defined(CONFIG_RTL_FASTBRIDGE)
fb_aging = rtl_fb_get_entry_lastused(f->addr.addr);
if(time_before_eq(f->ageing_timer, fb_aging))
+ {
f->ageing_timer = fb_aging;
+ }
#endif
- return RTL_PS_HOOKS_CONTINUE;
+ if (ret==0) {
+ return RTL_PS_HOOKS_CONTINUE;
+ } else {
+ return RTL_PS_HOOKS_BREAK;
+ }
}
+
#endif /* defined(CONFIG_BRIDGE) */
-
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-20 03:44:47 +0000