kmod-oaf: fix nf hook before 4.16.0
This commit is contained in:
jjm2473
sbwml
parent
d4c2d206bb
commit
97d7eeb86b
@ -392,7 +392,7 @@ static u_int32_t af_client_hook(unsigned int hook,
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 16, 0)
|
||||
static struct nf_hook_ops af_client_ops[] = {
|
||||
{
|
||||
.hook = af_client_hook,
|
||||
@ -405,8 +405,19 @@ static struct nf_hook_ops af_client_ops[] = {
|
||||
static struct nf_hook_ops af_client_ops[] = {
|
||||
{
|
||||
.hook = af_client_hook,
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0)
|
||||
.owner = THIS_MODULE,
|
||||
.pf = NFPROTO_INET,
|
||||
#endif
|
||||
.pf = NFPROTO_IPV4,
|
||||
.hooknum = NF_INET_FORWARD,
|
||||
.priority = NF_IP_PRI_FIRST + 1,
|
||||
},
|
||||
{
|
||||
.hook = af_client_hook,
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0)
|
||||
.owner = THIS_MODULE,
|
||||
#endif
|
||||
.pf = NFPROTO_IPV6,
|
||||
.hooknum = NF_INET_FORWARD,
|
||||
.priority = NF_IP_PRI_FIRST + 1,
|
||||
},
|
||||
@ -415,12 +426,16 @@ static struct nf_hook_ops af_client_ops[] = {
|
||||
|
||||
int af_client_init(void)
|
||||
{
|
||||
int err;
|
||||
nf_client_list_init();
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 13, 0)
|
||||
nf_register_net_hooks(&init_net, af_client_ops, ARRAY_SIZE(af_client_ops));
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
|
||||
err = nf_register_net_hooks(&init_net, af_client_ops, ARRAY_SIZE(af_client_ops));
|
||||
#else
|
||||
nf_register_hooks(af_client_ops, ARRAY_SIZE(af_client_ops));
|
||||
err = nf_register_hooks(af_client_ops, ARRAY_SIZE(af_client_ops));
|
||||
#endif
|
||||
if (err) {
|
||||
AF_ERROR("oaf register client hooks failed!\n");
|
||||
}
|
||||
AF_INFO("init app afclient ........ok\n");
|
||||
|
||||
return 0;
|
||||
@ -428,7 +443,7 @@ int af_client_init(void)
|
||||
|
||||
void af_client_exit(void)
|
||||
{
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 13, 0)
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
|
||||
nf_unregister_net_hooks(&init_net, af_client_ops, ARRAY_SIZE(af_client_ops));
|
||||
#else
|
||||
nf_unregister_hooks(af_client_ops, ARRAY_SIZE(af_client_ops));
|
||||
|
||||
@ -1176,8 +1176,7 @@ static u_int32_t app_filter_by_pass_hook(unsigned int hook,
|
||||
return app_filter_hook_bypass_handle(skb, skb->dev);
|
||||
}
|
||||
|
||||
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 16, 0)
|
||||
static struct nf_hook_ops app_filter_ops[] __read_mostly = {
|
||||
{
|
||||
.hook = app_filter_hook,
|
||||
@ -1193,12 +1192,47 @@ static struct nf_hook_ops app_filter_ops[] __read_mostly = {
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
},
|
||||
};
|
||||
#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
|
||||
static struct nf_hook_ops app_filter_ops[] __read_mostly = {
|
||||
{
|
||||
.hook = app_filter_hook,
|
||||
.pf = NFPROTO_IPV4,
|
||||
.hooknum = NF_INET_FORWARD,
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
},
|
||||
{
|
||||
.hook = app_filter_by_pass_hook,
|
||||
.pf = NFPROTO_IPV4,
|
||||
.hooknum = NF_INET_PRE_ROUTING,
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
},
|
||||
{
|
||||
.hook = app_filter_hook,
|
||||
.pf = NFPROTO_IPV6,
|
||||
.hooknum = NF_INET_FORWARD,
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
|
||||
},
|
||||
{
|
||||
.hook = app_filter_by_pass_hook,
|
||||
.pf = NFPROTO_IPV6,
|
||||
.hooknum = NF_INET_PRE_ROUTING,
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
},
|
||||
};
|
||||
#else
|
||||
static struct nf_hook_ops app_filter_ops[] __read_mostly = {
|
||||
{
|
||||
.hook = app_filter_hook,
|
||||
.owner = THIS_MODULE,
|
||||
.pf = NFPROTO_INET,
|
||||
.pf = NFPROTO_IPV4,
|
||||
.hooknum = NF_INET_FORWARD,
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
},
|
||||
{
|
||||
.hook = app_filter_hook,
|
||||
.owner = THIS_MODULE,
|
||||
.pf = NFPROTO_IPV6,
|
||||
.hooknum = NF_INET_FORWARD,
|
||||
.priority = NF_IP_PRI_MANGLE + 1,
|
||||
},
|
||||
@ -1343,6 +1377,7 @@ int netlink_oaf_init(void)
|
||||
|
||||
static int __init app_filter_init(void)
|
||||
{
|
||||
int err;
|
||||
if (0 != load_feature_config())
|
||||
{
|
||||
return -1;
|
||||
@ -1355,11 +1390,14 @@ static int __init app_filter_init(void)
|
||||
af_init_app_status();
|
||||
init_af_client_procfs();
|
||||
af_client_init();
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 13, 0)
|
||||
nf_register_net_hooks(&init_net, app_filter_ops, ARRAY_SIZE(app_filter_ops));
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
|
||||
err = nf_register_net_hooks(&init_net, app_filter_ops, ARRAY_SIZE(app_filter_ops));
|
||||
#else
|
||||
nf_register_hooks(app_filter_ops, ARRAY_SIZE(app_filter_ops));
|
||||
err = nf_register_hooks(app_filter_ops, ARRAY_SIZE(app_filter_ops));
|
||||
#endif
|
||||
if (err) {
|
||||
AF_ERROR("oaf register filter hooks failed!\n");
|
||||
}
|
||||
init_oaf_timer();
|
||||
AF_INFO("init app filter ........ok\n");
|
||||
return 0;
|
||||
@ -1369,7 +1407,7 @@ static void app_filter_fini(void)
|
||||
{
|
||||
AF_INFO("app filter module exit\n");
|
||||
fini_oaf_timer();
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 13, 0)
|
||||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
|
||||
nf_unregister_net_hooks(&init_net, app_filter_ops, ARRAY_SIZE(app_filter_ops));
|
||||
#else
|
||||
nf_unregister_hooks(app_filter_ops, ARRAY_SIZE(app_filter_ops));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user