From 181a9cab43b6847b88273ee93ddea396c885e128 Mon Sep 17 00:00:00 2001
From: Jan Rafaj <jr+netfilter-devel@cedric.unob.cz>
Date: Tue, 1 Sep 2009 19:52:48 +0200
Subject: [PATCH] pknock: store peer address in network byte order

The conversions from and to host order can be saved, as nothing
really depends on them.
---
 extensions/xt_pknock.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/extensions/xt_pknock.c b/extensions/xt_pknock.c
index fa0ae2c..5efa942 100644
--- a/extensions/xt_pknock.c
+++ b/extensions/xt_pknock.c
@@ -257,7 +257,6 @@ pknock_seq_show(struct seq_file *s, void *v)
 	const struct list_head *pos, *n;
 	const struct peer *peer;
 	unsigned long expir_time;
-        uint32_t ip;
 
 	const struct list_head *peer_head = v;
 
@@ -266,12 +265,11 @@ pknock_seq_show(struct seq_file *s, void *v)
 
 	list_for_each_safe(pos, n, peer_head) {
 		peer = list_entry(pos, struct peer, head);
-		ip = htonl(peer->ip);
 		expir_time = time_before(jiffies/HZ,
 						peer->timestamp + rule->max_time)
 				? ((peer->timestamp + rule->max_time)-(jiffies/HZ)) : 0;
 
-		seq_printf(s, "src=%u.%u.%u.%u ", NIPQUAD(ip));
+		seq_printf(s, "src=%u.%u.%u.%u ", NIPQUAD(peer->ip));
 		seq_printf(s, "proto=%s ", (peer->proto == IPPROTO_TCP) ?
                                                 "TCP" : "UDP");
 		seq_printf(s, "status=%s ", status_itoa(peer->status));
@@ -550,8 +548,6 @@ static struct peer *get_peer(struct xt_pknock_rule *rule, uint32_t ip)
 	struct list_head *pos, *n;
 	unsigned int hash;
 
-	ip = ntohl(ip);
-
 	hash = pknock_hash(&ip, sizeof(ip), ipt_pknock_hash_rnd, peer_hashsize);
 
 	list_for_each_safe(pos, n, &rule->peer_head[hash]) {
@@ -590,7 +586,7 @@ static struct peer *new_peer(uint32_t ip, uint8_t proto)
 	}
 
 	INIT_LIST_HEAD(&peer->head);
-	peer->ip	= ntohl(ip);
+	peer->ip	= ip;
 	peer->proto	= proto;
 	peer->timestamp = jiffies/HZ;
 	peer->login_min = 0;
@@ -832,7 +828,7 @@ pass_security(struct peer *peer, const struct xt_pknock_mtinfo *info,
 	}
 	/* Check for OPEN secret */
 	if (!has_secret(info->open_secret,
-					info->open_secret_len, htonl(peer->ip),
+					info->open_secret_len, peer->ip,
 					payload, payload_len))
 		return false;
 
@@ -930,7 +926,7 @@ is_close_knock(const struct peer *peer, const struct xt_pknock_mtinfo *info,
 {
 	/* Check for CLOSE secret. */
 	if (has_secret(info->close_secret,
-				info->close_secret_len, htonl(peer->ip),
+				info->close_secret_len, peer->ip,
 				payload, payload_len))
 	{
 		pk_debug("RESET", peer);