Hi all,
I'll be transmitting a patch to remove CONFIG_NETFILTER_DEBUG
as a config option before 2.4, but meanwhile it *has* caught some
bugs, so I'd like to keep it for a while longer.
This sets the expected debug info on fragments, so we don't
get bogus warnings with fragmentation. It also takes out the
(overzealous) debugging messages.
--- linux-2.3/net/ipv4/ip_output.c.~1~ Fri Nov 5 12:36:42 1999
+++ linux-2.3/net/ipv4/ip_output.c Fri Nov 5 16:26:40 1999
@@ -841,6 +841,9 @@
skb_put(skb2, len + hlen);
skb2->nh.raw = skb2->data;
skb2->h.raw = skb2->data + hlen;
+#ifdef CONFIG_NETFILTER_DEBUG
+ skb2->nf_debug = skb->nf_debug;
+#endif
/*
* Charge the memory for the fragment to any owner
--- linux-2.3/net/core/netfilter.c.~1~ Fri Nov 5 12:35:33 1999
+++ linux-2.3/net/core/netfilter.c Fri Nov 5 16:29:56 1999
@@ -359,15 +359,12 @@
struct nf_hook_ops *elem = (struct nf_hook_ops *)*i;
switch (elem->hook(hook, skb, indev, outdev)) {
case NF_QUEUE:
- NFDEBUG("nf_iterate: NF_QUEUE for %p.\n", *skb);
return NF_QUEUE;
case NF_STOLEN:
- NFDEBUG("nf_iterate: NF_STOLEN for %p.\n", *skb);
return NF_STOLEN;
case NF_DROP:
- NFDEBUG("nf_iterate: NF_DROP for %p.\n", *skb);
return NF_DROP;
#ifdef CONFIG_NETFILTER_DEBUG
@@ -427,8 +424,6 @@
}
/* Hand it to userspace for collection */
skb_queue_tail(&recip->wake->skbq, skb);
- NFDEBUG("Waking up pf=%i hook=%u mark=%lu reason=%u\n",
- pf, hook, skb->nfmark, skb->nfreason);
wake_up_interruptible(&recip->wake->sleep);
return;
@@ -473,7 +468,6 @@
verdict = nf_iterate(&nf_hooks[pf][hook], &skb, hook, indev,
outdev, &elem);
if (verdict == NF_QUEUE) {
- NFDEBUG("nf_hook: Verdict = QUEUE.\n");
nf_queue(skb, elem, pf, hook, indev, outdev, okfn);
}
read_unlock_bh(&nf_lock);
--
Hacking time.
|