forked from Minki/linux
[NETFILTER]: x_tables: consistent and unique symbol names
Give all Netfilter modules consistent and unique symbol names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
4c61097957
commit
d3c5ee6d54
@ -287,12 +287,9 @@ clusterip_responsible(const struct clusterip_config *config, u_int32_t hash)
|
||||
***********************************************************************/
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
clusterip_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ipt_clusterip_tgt_info *cipinfo = targinfo;
|
||||
struct nf_conn *ct;
|
||||
@ -359,11 +356,9 @@ target(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *e_void,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
clusterip_tg_check(const char *tablename, const void *e_void,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct ipt_clusterip_tgt_info *cipinfo = targinfo;
|
||||
const struct ipt_entry *e = e_void;
|
||||
@ -427,7 +422,7 @@ checkentry(const char *tablename,
|
||||
}
|
||||
|
||||
/* drop reference count of cluster config when rule is deleted */
|
||||
static void destroy(const struct xt_target *target, void *targinfo)
|
||||
static void clusterip_tg_destroy(const struct xt_target *target, void *targinfo)
|
||||
{
|
||||
struct ipt_clusterip_tgt_info *cipinfo = targinfo;
|
||||
|
||||
@ -454,12 +449,12 @@ struct compat_ipt_clusterip_tgt_info
|
||||
};
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_target clusterip_tgt __read_mostly = {
|
||||
static struct xt_target clusterip_tg_reg __read_mostly = {
|
||||
.name = "CLUSTERIP",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.checkentry = checkentry,
|
||||
.destroy = destroy,
|
||||
.target = clusterip_tg,
|
||||
.checkentry = clusterip_tg_check,
|
||||
.destroy = clusterip_tg_destroy,
|
||||
.targetsize = sizeof(struct ipt_clusterip_tgt_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_ipt_clusterip_tgt_info),
|
||||
@ -712,11 +707,11 @@ static const struct file_operations clusterip_proc_fops = {
|
||||
|
||||
#endif /* CONFIG_PROC_FS */
|
||||
|
||||
static int __init ipt_clusterip_init(void)
|
||||
static int __init clusterip_tg_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = xt_register_target(&clusterip_tgt);
|
||||
ret = xt_register_target(&clusterip_tg_reg);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
@ -742,11 +737,11 @@ cleanup_hook:
|
||||
nf_unregister_hook(&cip_arp_ops);
|
||||
#endif /* CONFIG_PROC_FS */
|
||||
cleanup_target:
|
||||
xt_unregister_target(&clusterip_tgt);
|
||||
xt_unregister_target(&clusterip_tg_reg);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void __exit ipt_clusterip_fini(void)
|
||||
static void __exit clusterip_tg_exit(void)
|
||||
{
|
||||
printk(KERN_NOTICE "ClusterIP Version %s unloading\n",
|
||||
CLUSTERIP_VERSION);
|
||||
@ -754,8 +749,8 @@ static void __exit ipt_clusterip_fini(void)
|
||||
remove_proc_entry(clusterip_procdir->name, clusterip_procdir->parent);
|
||||
#endif
|
||||
nf_unregister_hook(&cip_arp_ops);
|
||||
xt_unregister_target(&clusterip_tgt);
|
||||
xt_unregister_target(&clusterip_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_clusterip_init);
|
||||
module_exit(ipt_clusterip_fini);
|
||||
module_init(clusterip_tg_init);
|
||||
module_exit(clusterip_tg_exit);
|
||||
|
@ -77,12 +77,9 @@ set_ect_tcp(struct sk_buff *skb, const struct ipt_ECN_info *einfo)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
ecn_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ipt_ECN_info *einfo = targinfo;
|
||||
|
||||
@ -99,11 +96,9 @@ target(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *e_void,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
ecn_tg_check(const char *tablename, const void *e_void,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo;
|
||||
const struct ipt_entry *e = e_void;
|
||||
@ -127,25 +122,25 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ipt_ecn_reg __read_mostly = {
|
||||
static struct xt_target ecn_tg_reg __read_mostly = {
|
||||
.name = "ECN",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.target = ecn_tg,
|
||||
.targetsize = sizeof(struct ipt_ECN_info),
|
||||
.table = "mangle",
|
||||
.checkentry = checkentry,
|
||||
.checkentry = ecn_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_ecn_init(void)
|
||||
static int __init ecn_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&ipt_ecn_reg);
|
||||
return xt_register_target(&ecn_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_ecn_fini(void)
|
||||
static void __exit ecn_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&ipt_ecn_reg);
|
||||
xt_unregister_target(&ecn_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_ecn_init);
|
||||
module_exit(ipt_ecn_fini);
|
||||
module_init(ecn_tg_init);
|
||||
module_exit(ecn_tg_exit);
|
||||
|
@ -418,12 +418,9 @@ ipt_log_packet(unsigned int pf,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
ipt_log_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
log_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ipt_log_info *loginfo = targinfo;
|
||||
struct nf_loginfo li;
|
||||
@ -437,11 +434,10 @@ ipt_log_target(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static bool ipt_log_checkentry(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
log_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_log_info *loginfo = targinfo;
|
||||
|
||||
@ -457,12 +453,12 @@ static bool ipt_log_checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ipt_log_reg __read_mostly = {
|
||||
static struct xt_target log_tg_reg __read_mostly = {
|
||||
.name = "LOG",
|
||||
.family = AF_INET,
|
||||
.target = ipt_log_target,
|
||||
.target = log_tg,
|
||||
.targetsize = sizeof(struct ipt_log_info),
|
||||
.checkentry = ipt_log_checkentry,
|
||||
.checkentry = log_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
@ -472,22 +468,22 @@ static struct nf_logger ipt_log_logger ={
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_log_init(void)
|
||||
static int __init log_tg_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = xt_register_target(&ipt_log_reg);
|
||||
ret = xt_register_target(&log_tg_reg);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
nf_log_register(PF_INET, &ipt_log_logger);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void __exit ipt_log_fini(void)
|
||||
static void __exit log_tg_exit(void)
|
||||
{
|
||||
nf_log_unregister(&ipt_log_logger);
|
||||
xt_unregister_target(&ipt_log_reg);
|
||||
xt_unregister_target(&log_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_log_init);
|
||||
module_exit(ipt_log_fini);
|
||||
module_init(log_tg_init);
|
||||
module_exit(log_tg_exit);
|
||||
|
@ -32,11 +32,9 @@ static DEFINE_RWLOCK(masq_lock);
|
||||
|
||||
/* FIXME: Multiple targets. --RR */
|
||||
static bool
|
||||
masquerade_check(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
masquerade_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct nf_nat_multi_range_compat *mr = targinfo;
|
||||
|
||||
@ -52,12 +50,9 @@ masquerade_check(const char *tablename,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
masquerade_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
masquerade_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct nf_conn *ct;
|
||||
struct nf_conn_nat *nat;
|
||||
@ -166,22 +161,22 @@ static struct notifier_block masq_inet_notifier = {
|
||||
.notifier_call = masq_inet_event,
|
||||
};
|
||||
|
||||
static struct xt_target masquerade __read_mostly = {
|
||||
static struct xt_target masquerade_tg_reg __read_mostly = {
|
||||
.name = "MASQUERADE",
|
||||
.family = AF_INET,
|
||||
.target = masquerade_target,
|
||||
.target = masquerade_tg,
|
||||
.targetsize = sizeof(struct nf_nat_multi_range_compat),
|
||||
.table = "nat",
|
||||
.hooks = 1 << NF_INET_POST_ROUTING,
|
||||
.checkentry = masquerade_check,
|
||||
.checkentry = masquerade_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_masquerade_init(void)
|
||||
static int __init masquerade_tg_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = xt_register_target(&masquerade);
|
||||
ret = xt_register_target(&masquerade_tg_reg);
|
||||
|
||||
if (ret == 0) {
|
||||
/* Register for device down reports */
|
||||
@ -193,12 +188,12 @@ static int __init ipt_masquerade_init(void)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void __exit ipt_masquerade_fini(void)
|
||||
static void __exit masquerade_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&masquerade);
|
||||
xt_unregister_target(&masquerade_tg_reg);
|
||||
unregister_netdevice_notifier(&masq_dev_notifier);
|
||||
unregister_inetaddr_notifier(&masq_inet_notifier);
|
||||
}
|
||||
|
||||
module_init(ipt_masquerade_init);
|
||||
module_exit(ipt_masquerade_fini);
|
||||
module_init(masquerade_tg_init);
|
||||
module_exit(masquerade_tg_exit);
|
||||
|
@ -23,11 +23,9 @@ MODULE_AUTHOR("Svenning Soerensen <svenning@post5.tele.dk>");
|
||||
MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");
|
||||
|
||||
static bool
|
||||
check(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
netmap_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct nf_nat_multi_range_compat *mr = targinfo;
|
||||
|
||||
@ -43,12 +41,9 @@ check(const char *tablename,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
netmap_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct nf_conn *ct;
|
||||
enum ip_conntrack_info ctinfo;
|
||||
@ -78,28 +73,28 @@ target(struct sk_buff *skb,
|
||||
return nf_nat_setup_info(ct, &newrange, hooknum);
|
||||
}
|
||||
|
||||
static struct xt_target target_module __read_mostly = {
|
||||
static struct xt_target netmap_tg_reg __read_mostly = {
|
||||
.name = "NETMAP",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.target = netmap_tg,
|
||||
.targetsize = sizeof(struct nf_nat_multi_range_compat),
|
||||
.table = "nat",
|
||||
.hooks = (1 << NF_INET_PRE_ROUTING) |
|
||||
(1 << NF_INET_POST_ROUTING) |
|
||||
(1 << NF_INET_LOCAL_OUT),
|
||||
.checkentry = check,
|
||||
.checkentry = netmap_tg_check,
|
||||
.me = THIS_MODULE
|
||||
};
|
||||
|
||||
static int __init ipt_netmap_init(void)
|
||||
static int __init netmap_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&target_module);
|
||||
return xt_register_target(&netmap_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_netmap_fini(void)
|
||||
static void __exit netmap_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&target_module);
|
||||
xt_unregister_target(&netmap_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_netmap_init);
|
||||
module_exit(ipt_netmap_fini);
|
||||
module_init(netmap_tg_init);
|
||||
module_exit(netmap_tg_exit);
|
||||
|
@ -27,11 +27,9 @@ MODULE_DESCRIPTION("iptables REDIRECT target module");
|
||||
|
||||
/* FIXME: Take multiple ranges --RR */
|
||||
static bool
|
||||
redirect_check(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
redirect_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct nf_nat_multi_range_compat *mr = targinfo;
|
||||
|
||||
@ -47,12 +45,9 @@ redirect_check(const char *tablename,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
redirect_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
redirect_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct nf_conn *ct;
|
||||
enum ip_conntrack_info ctinfo;
|
||||
@ -95,26 +90,26 @@ redirect_target(struct sk_buff *skb,
|
||||
return nf_nat_setup_info(ct, &newrange, hooknum);
|
||||
}
|
||||
|
||||
static struct xt_target redirect_reg __read_mostly = {
|
||||
static struct xt_target redirect_tg_reg __read_mostly = {
|
||||
.name = "REDIRECT",
|
||||
.family = AF_INET,
|
||||
.target = redirect_target,
|
||||
.target = redirect_tg,
|
||||
.targetsize = sizeof(struct nf_nat_multi_range_compat),
|
||||
.table = "nat",
|
||||
.hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
|
||||
.checkentry = redirect_check,
|
||||
.checkentry = redirect_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_redirect_init(void)
|
||||
static int __init redirect_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&redirect_reg);
|
||||
return xt_register_target(&redirect_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_redirect_fini(void)
|
||||
static void __exit redirect_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&redirect_reg);
|
||||
xt_unregister_target(&redirect_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_redirect_init);
|
||||
module_exit(ipt_redirect_fini);
|
||||
module_init(redirect_tg_init);
|
||||
module_exit(redirect_tg_exit);
|
||||
|
@ -156,12 +156,10 @@ static inline void send_unreach(struct sk_buff *skb_in, int code)
|
||||
icmp_send(skb_in, ICMP_DEST_UNREACH, code, 0);
|
||||
}
|
||||
|
||||
static unsigned int reject(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
reject_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ipt_reject_info *reject = targinfo;
|
||||
|
||||
@ -205,11 +203,10 @@ static unsigned int reject(struct sk_buff *skb,
|
||||
return NF_DROP;
|
||||
}
|
||||
|
||||
static bool check(const char *tablename,
|
||||
const void *e_void,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
reject_tg_check(const char *tablename, const void *e_void,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_reject_info *rejinfo = targinfo;
|
||||
const struct ipt_entry *e = e_void;
|
||||
@ -228,27 +225,27 @@ static bool check(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ipt_reject_reg __read_mostly = {
|
||||
static struct xt_target reject_tg_reg __read_mostly = {
|
||||
.name = "REJECT",
|
||||
.family = AF_INET,
|
||||
.target = reject,
|
||||
.target = reject_tg,
|
||||
.targetsize = sizeof(struct ipt_reject_info),
|
||||
.table = "filter",
|
||||
.hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
|
||||
(1 << NF_INET_LOCAL_OUT),
|
||||
.checkentry = check,
|
||||
.checkentry = reject_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_reject_init(void)
|
||||
static int __init reject_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&ipt_reject_reg);
|
||||
return xt_register_target(&reject_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_reject_fini(void)
|
||||
static void __exit reject_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&ipt_reject_reg);
|
||||
xt_unregister_target(&reject_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_reject_init);
|
||||
module_exit(ipt_reject_fini);
|
||||
module_init(reject_tg_init);
|
||||
module_exit(reject_tg_exit);
|
||||
|
@ -28,11 +28,9 @@ MODULE_AUTHOR("Martin Josefsson <gandalf@wlug.westbo.se>");
|
||||
MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip");
|
||||
|
||||
static bool
|
||||
same_check(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
same_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
unsigned int count, countess, rangeip, index = 0;
|
||||
struct ipt_same_info *mr = targinfo;
|
||||
@ -92,8 +90,7 @@ same_check(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static void
|
||||
same_destroy(const struct xt_target *target, void *targinfo)
|
||||
static void same_tg_destroy(const struct xt_target *target, void *targinfo)
|
||||
{
|
||||
struct ipt_same_info *mr = targinfo;
|
||||
|
||||
@ -104,12 +101,9 @@ same_destroy(const struct xt_target *target, void *targinfo)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
same_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
same_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct nf_conn *ct;
|
||||
enum ip_conntrack_info ctinfo;
|
||||
@ -152,29 +146,29 @@ same_target(struct sk_buff *skb,
|
||||
return nf_nat_setup_info(ct, &newrange, hooknum);
|
||||
}
|
||||
|
||||
static struct xt_target same_reg __read_mostly = {
|
||||
static struct xt_target same_tg_reg __read_mostly = {
|
||||
.name = "SAME",
|
||||
.family = AF_INET,
|
||||
.target = same_target,
|
||||
.target = same_tg,
|
||||
.targetsize = sizeof(struct ipt_same_info),
|
||||
.table = "nat",
|
||||
.hooks = (1 << NF_INET_PRE_ROUTING) |
|
||||
(1 << NF_INET_POST_ROUTING),
|
||||
.checkentry = same_check,
|
||||
.destroy = same_destroy,
|
||||
.checkentry = same_tg_check,
|
||||
.destroy = same_tg_destroy,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_same_init(void)
|
||||
static int __init same_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&same_reg);
|
||||
return xt_register_target(&same_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_same_fini(void)
|
||||
static void __exit same_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&same_reg);
|
||||
xt_unregister_target(&same_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_same_init);
|
||||
module_exit(ipt_same_fini);
|
||||
module_init(same_tg_init);
|
||||
module_exit(same_tg_exit);
|
||||
|
||||
|
@ -21,12 +21,9 @@ MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
||||
MODULE_DESCRIPTION("iptables TOS mangling module");
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
tos_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ipt_tos_target_info *tosinfo = targinfo;
|
||||
struct iphdr *iph = ip_hdr(skb);
|
||||
@ -44,11 +41,9 @@ target(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *e_void,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
tos_tg_check(const char *tablename, const void *e_void,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos;
|
||||
|
||||
@ -63,25 +58,25 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ipt_tos_reg __read_mostly = {
|
||||
static struct xt_target tos_tg_reg __read_mostly = {
|
||||
.name = "TOS",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.target = tos_tg,
|
||||
.targetsize = sizeof(struct ipt_tos_target_info),
|
||||
.table = "mangle",
|
||||
.checkentry = checkentry,
|
||||
.checkentry = tos_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_tos_init(void)
|
||||
static int __init tos_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&ipt_tos_reg);
|
||||
return xt_register_target(&tos_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_tos_fini(void)
|
||||
static void __exit tos_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&ipt_tos_reg);
|
||||
xt_unregister_target(&tos_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_tos_init);
|
||||
module_exit(ipt_tos_fini);
|
||||
module_init(tos_tg_init);
|
||||
module_exit(tos_tg_exit);
|
||||
|
@ -20,10 +20,9 @@ MODULE_DESCRIPTION("IP tables TTL modification module");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
static unsigned int
|
||||
ipt_ttl_target(struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
unsigned int hooknum, const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
ttl_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct iphdr *iph;
|
||||
const struct ipt_TTL_info *info = targinfo;
|
||||
@ -62,11 +61,10 @@ ipt_ttl_target(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static bool ipt_ttl_checkentry(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
ttl_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_TTL_info *info = targinfo;
|
||||
|
||||
@ -80,25 +78,25 @@ static bool ipt_ttl_checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ipt_TTL __read_mostly = {
|
||||
static struct xt_target ttl_tg_reg __read_mostly = {
|
||||
.name = "TTL",
|
||||
.family = AF_INET,
|
||||
.target = ipt_ttl_target,
|
||||
.target = ttl_tg,
|
||||
.targetsize = sizeof(struct ipt_TTL_info),
|
||||
.table = "mangle",
|
||||
.checkentry = ipt_ttl_checkentry,
|
||||
.checkentry = ttl_tg_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_ttl_init(void)
|
||||
static int __init ttl_tg_init(void)
|
||||
{
|
||||
return xt_register_target(&ipt_TTL);
|
||||
return xt_register_target(&ttl_tg_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_ttl_fini(void)
|
||||
static void __exit ttl_tg_exit(void)
|
||||
{
|
||||
xt_unregister_target(&ipt_TTL);
|
||||
xt_unregister_target(&ttl_tg_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_ttl_init);
|
||||
module_exit(ipt_ttl_fini);
|
||||
module_init(ttl_tg_init);
|
||||
module_exit(ttl_tg_exit);
|
||||
|
@ -279,12 +279,10 @@ alloc_failure:
|
||||
spin_unlock_bh(&ulog_lock);
|
||||
}
|
||||
|
||||
static unsigned int ipt_ulog_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
ulog_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
|
||||
|
||||
@ -318,11 +316,10 @@ static void ipt_logfn(unsigned int pf,
|
||||
ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
|
||||
}
|
||||
|
||||
static bool ipt_ulog_checkentry(const char *tablename,
|
||||
const void *e,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hookmask)
|
||||
static bool
|
||||
ulog_tg_check(const char *tablename, const void *e,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hookmask)
|
||||
{
|
||||
const struct ipt_ulog_info *loginfo = targinfo;
|
||||
|
||||
@ -347,7 +344,7 @@ struct compat_ipt_ulog_info {
|
||||
char prefix[ULOG_PREFIX_LEN];
|
||||
};
|
||||
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void ulog_tg_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_ipt_ulog_info *cl = src;
|
||||
struct ipt_ulog_info l = {
|
||||
@ -360,7 +357,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memcpy(dst, &l, sizeof(l));
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int ulog_tg_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct ipt_ulog_info *l = src;
|
||||
struct compat_ipt_ulog_info cl = {
|
||||
@ -374,16 +371,16 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_target ipt_ulog_reg __read_mostly = {
|
||||
static struct xt_target ulog_tg_reg __read_mostly = {
|
||||
.name = "ULOG",
|
||||
.family = AF_INET,
|
||||
.target = ipt_ulog_target,
|
||||
.target = ulog_tg,
|
||||
.targetsize = sizeof(struct ipt_ulog_info),
|
||||
.checkentry = ipt_ulog_checkentry,
|
||||
.checkentry = ulog_tg_check,
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_ipt_ulog_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = ulog_tg_compat_from_user,
|
||||
.compat_to_user = ulog_tg_compat_to_user,
|
||||
#endif
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
@ -394,7 +391,7 @@ static struct nf_logger ipt_ulog_logger = {
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_ulog_init(void)
|
||||
static int __init ulog_tg_init(void)
|
||||
{
|
||||
int ret, i;
|
||||
|
||||
@ -415,7 +412,7 @@ static int __init ipt_ulog_init(void)
|
||||
if (!nflognl)
|
||||
return -ENOMEM;
|
||||
|
||||
ret = xt_register_target(&ipt_ulog_reg);
|
||||
ret = xt_register_target(&ulog_tg_reg);
|
||||
if (ret < 0) {
|
||||
sock_release(nflognl->sk_socket);
|
||||
return ret;
|
||||
@ -426,7 +423,7 @@ static int __init ipt_ulog_init(void)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void __exit ipt_ulog_fini(void)
|
||||
static void __exit ulog_tg_exit(void)
|
||||
{
|
||||
ulog_buff_t *ub;
|
||||
int i;
|
||||
@ -435,7 +432,7 @@ static void __exit ipt_ulog_fini(void)
|
||||
|
||||
if (nflog)
|
||||
nf_log_unregister(&ipt_ulog_logger);
|
||||
xt_unregister_target(&ipt_ulog_reg);
|
||||
xt_unregister_target(&ulog_tg_reg);
|
||||
sock_release(nflognl->sk_socket);
|
||||
|
||||
/* remove pending timers and free allocated skb's */
|
||||
@ -453,5 +450,5 @@ static void __exit ipt_ulog_fini(void)
|
||||
}
|
||||
}
|
||||
|
||||
module_init(ipt_ulog_init);
|
||||
module_exit(ipt_ulog_fini);
|
||||
module_init(ulog_tg_init);
|
||||
module_exit(ulog_tg_exit);
|
||||
|
@ -27,10 +27,11 @@ static inline bool match_type(__be32 addr, u_int16_t mask)
|
||||
return !!(mask & (1 << inet_addr_type(addr)));
|
||||
}
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
addrtype_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct ipt_addrtype_info *info = matchinfo;
|
||||
const struct iphdr *iph = ip_hdr(skb);
|
||||
@ -44,23 +45,23 @@ static bool match(const struct sk_buff *skb,
|
||||
return ret;
|
||||
}
|
||||
|
||||
static struct xt_match addrtype_match __read_mostly = {
|
||||
static struct xt_match addrtype_mt_reg __read_mostly = {
|
||||
.name = "addrtype",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = addrtype_mt,
|
||||
.matchsize = sizeof(struct ipt_addrtype_info),
|
||||
.me = THIS_MODULE
|
||||
};
|
||||
|
||||
static int __init ipt_addrtype_init(void)
|
||||
static int __init addrtype_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&addrtype_match);
|
||||
return xt_register_match(&addrtype_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_addrtype_fini(void)
|
||||
static void __exit addrtype_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&addrtype_match);
|
||||
xt_unregister_match(&addrtype_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_addrtype_init);
|
||||
module_exit(ipt_addrtype_fini);
|
||||
module_init(addrtype_mt_init);
|
||||
module_exit(addrtype_mt_exit);
|
||||
|
@ -37,14 +37,9 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
ah_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct ip_auth_hdr _ahdr;
|
||||
const struct ip_auth_hdr *ah;
|
||||
@ -72,11 +67,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip_void,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
ah_mt_check(const char *tablename, const void *ip_void,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_ah *ahinfo = matchinfo;
|
||||
|
||||
@ -88,25 +81,25 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match ah_match __read_mostly = {
|
||||
static struct xt_match ah_mt_reg __read_mostly = {
|
||||
.name = "ah",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = ah_mt,
|
||||
.matchsize = sizeof(struct ipt_ah),
|
||||
.proto = IPPROTO_AH,
|
||||
.checkentry = checkentry,
|
||||
.checkentry = ah_mt_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_ah_init(void)
|
||||
static int __init ah_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&ah_match);
|
||||
return xt_register_match(&ah_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_ah_fini(void)
|
||||
static void __exit ah_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&ah_match);
|
||||
xt_unregister_match(&ah_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_ah_init);
|
||||
module_exit(ipt_ah_fini);
|
||||
module_init(ah_mt_init);
|
||||
module_exit(ah_mt_exit);
|
||||
|
@ -67,10 +67,10 @@ static inline bool match_tcp(const struct sk_buff *skb,
|
||||
return true;
|
||||
}
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
ecn_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct ipt_ecn_info *info = matchinfo;
|
||||
|
||||
@ -88,9 +88,10 @@ static bool match(const struct sk_buff *skb,
|
||||
return true;
|
||||
}
|
||||
|
||||
static bool checkentry(const char *tablename, const void *ip_void,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo, unsigned int hook_mask)
|
||||
static bool
|
||||
ecn_mt_check(const char *tablename, const void *ip_void,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_ecn_info *info = matchinfo;
|
||||
const struct ipt_ip *ip = ip_void;
|
||||
@ -111,24 +112,24 @@ static bool checkentry(const char *tablename, const void *ip_void,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match ecn_match __read_mostly = {
|
||||
static struct xt_match ecn_mt_reg __read_mostly = {
|
||||
.name = "ecn",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = ecn_mt,
|
||||
.matchsize = sizeof(struct ipt_ecn_info),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = ecn_mt_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_ecn_init(void)
|
||||
static int __init ecn_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&ecn_match);
|
||||
return xt_register_match(&ecn_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_ecn_fini(void)
|
||||
static void __exit ecn_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&ecn_match);
|
||||
xt_unregister_match(&ecn_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_ecn_init);
|
||||
module_exit(ipt_ecn_fini);
|
||||
module_init(ecn_mt_init);
|
||||
module_exit(ecn_mt_exit);
|
||||
|
@ -18,12 +18,10 @@ MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
|
||||
MODULE_DESCRIPTION("iptables arbitrary IP range match module");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
iprange_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct ipt_iprange_info *info = matchinfo;
|
||||
const struct iphdr *iph = ip_hdr(skb);
|
||||
@ -57,23 +55,23 @@ match(const struct sk_buff *skb,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match iprange_match __read_mostly = {
|
||||
static struct xt_match iprange_mt_reg __read_mostly = {
|
||||
.name = "iprange",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = iprange_mt,
|
||||
.matchsize = sizeof(struct ipt_iprange_info),
|
||||
.me = THIS_MODULE
|
||||
};
|
||||
|
||||
static int __init ipt_iprange_init(void)
|
||||
static int __init iprange_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&iprange_match);
|
||||
return xt_register_match(&iprange_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_iprange_fini(void)
|
||||
static void __exit iprange_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&iprange_match);
|
||||
xt_unregister_match(&iprange_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_iprange_init);
|
||||
module_exit(ipt_iprange_fini);
|
||||
module_init(iprange_mt_init);
|
||||
module_exit(iprange_mt_exit);
|
||||
|
@ -22,14 +22,10 @@ MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
|
||||
MODULE_DESCRIPTION("iptables owner match");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
owner_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct ipt_owner_info *info = matchinfo;
|
||||
|
||||
@ -52,11 +48,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
owner_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_owner_info *info = matchinfo;
|
||||
|
||||
@ -68,26 +62,26 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match owner_match __read_mostly = {
|
||||
static struct xt_match owner_mt_reg __read_mostly = {
|
||||
.name = "owner",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = owner_mt,
|
||||
.matchsize = sizeof(struct ipt_owner_info),
|
||||
.hooks = (1 << NF_INET_LOCAL_OUT) |
|
||||
(1 << NF_INET_POST_ROUTING),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = owner_mt_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_owner_init(void)
|
||||
static int __init owner_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&owner_match);
|
||||
return xt_register_match(&owner_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_owner_fini(void)
|
||||
static void __exit owner_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&owner_match);
|
||||
xt_unregister_match(&owner_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_owner_init);
|
||||
module_exit(ipt_owner_fini);
|
||||
module_init(owner_mt_init);
|
||||
module_exit(owner_mt_exit);
|
||||
|
@ -170,10 +170,10 @@ static void recent_table_flush(struct recent_table *t)
|
||||
}
|
||||
|
||||
static bool
|
||||
ipt_recent_match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
recent_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct ipt_recent_info *info = matchinfo;
|
||||
struct recent_table *t;
|
||||
@ -236,9 +236,9 @@ out:
|
||||
}
|
||||
|
||||
static bool
|
||||
ipt_recent_checkentry(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
recent_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_recent_info *info = matchinfo;
|
||||
struct recent_table *t;
|
||||
@ -293,8 +293,7 @@ out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void
|
||||
ipt_recent_destroy(const struct xt_match *match, void *matchinfo)
|
||||
static void recent_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
const struct ipt_recent_info *info = matchinfo;
|
||||
struct recent_table *t;
|
||||
@ -455,17 +454,17 @@ static const struct file_operations recent_fops = {
|
||||
};
|
||||
#endif /* CONFIG_PROC_FS */
|
||||
|
||||
static struct xt_match recent_match __read_mostly = {
|
||||
static struct xt_match recent_mt_reg __read_mostly = {
|
||||
.name = "recent",
|
||||
.family = AF_INET,
|
||||
.match = ipt_recent_match,
|
||||
.match = recent_mt,
|
||||
.matchsize = sizeof(struct ipt_recent_info),
|
||||
.checkentry = ipt_recent_checkentry,
|
||||
.destroy = ipt_recent_destroy,
|
||||
.checkentry = recent_mt_check,
|
||||
.destroy = recent_mt_destroy,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_recent_init(void)
|
||||
static int __init recent_mt_init(void)
|
||||
{
|
||||
int err;
|
||||
|
||||
@ -473,27 +472,27 @@ static int __init ipt_recent_init(void)
|
||||
return -EINVAL;
|
||||
ip_list_hash_size = 1 << fls(ip_list_tot);
|
||||
|
||||
err = xt_register_match(&recent_match);
|
||||
err = xt_register_match(&recent_mt_reg);
|
||||
#ifdef CONFIG_PROC_FS
|
||||
if (err)
|
||||
return err;
|
||||
proc_dir = proc_mkdir("ipt_recent", init_net.proc_net);
|
||||
if (proc_dir == NULL) {
|
||||
xt_unregister_match(&recent_match);
|
||||
xt_unregister_match(&recent_mt_reg);
|
||||
err = -ENOMEM;
|
||||
}
|
||||
#endif
|
||||
return err;
|
||||
}
|
||||
|
||||
static void __exit ipt_recent_exit(void)
|
||||
static void __exit recent_mt_exit(void)
|
||||
{
|
||||
BUG_ON(!list_empty(&tables));
|
||||
xt_unregister_match(&recent_match);
|
||||
xt_unregister_match(&recent_mt_reg);
|
||||
#ifdef CONFIG_PROC_FS
|
||||
remove_proc_entry("ipt_recent", init_net.proc_net);
|
||||
#endif
|
||||
}
|
||||
|
||||
module_init(ipt_recent_init);
|
||||
module_exit(ipt_recent_exit);
|
||||
module_init(recent_mt_init);
|
||||
module_exit(recent_mt_exit);
|
||||
|
@ -19,37 +19,32 @@ MODULE_LICENSE("GPL");
|
||||
MODULE_DESCRIPTION("iptables TOS match module");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
tos_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct ipt_tos_info *info = matchinfo;
|
||||
|
||||
return (ip_hdr(skb)->tos == info->tos) ^ info->invert;
|
||||
}
|
||||
|
||||
static struct xt_match tos_match __read_mostly = {
|
||||
static struct xt_match tos_mt_reg __read_mostly = {
|
||||
.name = "tos",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = tos_mt,
|
||||
.matchsize = sizeof(struct ipt_tos_info),
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_multiport_init(void)
|
||||
static int __init tos_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&tos_match);
|
||||
return xt_register_match(&tos_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_multiport_fini(void)
|
||||
static void __exit tos_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&tos_match);
|
||||
xt_unregister_match(&tos_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_multiport_init);
|
||||
module_exit(ipt_multiport_fini);
|
||||
module_init(tos_mt_init);
|
||||
module_exit(tos_mt_exit);
|
||||
|
@ -18,10 +18,10 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
|
||||
MODULE_DESCRIPTION("IP tables TTL matching module");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
ttl_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct ipt_ttl_info *info = matchinfo;
|
||||
const u8 ttl = ip_hdr(skb)->ttl;
|
||||
@ -44,23 +44,23 @@ static bool match(const struct sk_buff *skb,
|
||||
return false;
|
||||
}
|
||||
|
||||
static struct xt_match ttl_match __read_mostly = {
|
||||
static struct xt_match ttl_mt_reg __read_mostly = {
|
||||
.name = "ttl",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = ttl_mt,
|
||||
.matchsize = sizeof(struct ipt_ttl_info),
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipt_ttl_init(void)
|
||||
static int __init ttl_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&ttl_match);
|
||||
return xt_register_match(&ttl_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ipt_ttl_fini(void)
|
||||
static void __exit ttl_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&ttl_match);
|
||||
xt_unregister_match(&ttl_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ipt_ttl_init);
|
||||
module_exit(ipt_ttl_fini);
|
||||
module_init(ttl_mt_init);
|
||||
module_exit(ttl_mt_exit);
|
||||
|
@ -18,12 +18,10 @@ MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>");
|
||||
MODULE_DESCRIPTION("IP6 tables Hop Limit modification module");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
static unsigned int ip6t_hl_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
hl_tg6(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct ipv6hdr *ip6h;
|
||||
const struct ip6t_HL_info *info = targinfo;
|
||||
@ -58,11 +56,10 @@ static unsigned int ip6t_hl_target(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static bool ip6t_hl_checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
hl_tg6_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_HL_info *info = targinfo;
|
||||
|
||||
@ -79,25 +76,25 @@ static bool ip6t_hl_checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ip6t_HL __read_mostly = {
|
||||
static struct xt_target hl_tg6_reg __read_mostly = {
|
||||
.name = "HL",
|
||||
.family = AF_INET6,
|
||||
.target = ip6t_hl_target,
|
||||
.target = hl_tg6,
|
||||
.targetsize = sizeof(struct ip6t_HL_info),
|
||||
.table = "mangle",
|
||||
.checkentry = ip6t_hl_checkentry,
|
||||
.checkentry = hl_tg6_check,
|
||||
.me = THIS_MODULE
|
||||
};
|
||||
|
||||
static int __init ip6t_hl_init(void)
|
||||
static int __init hl_tg6_init(void)
|
||||
{
|
||||
return xt_register_target(&ip6t_HL);
|
||||
return xt_register_target(&hl_tg6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_hl_fini(void)
|
||||
static void __exit hl_tg6_exit(void)
|
||||
{
|
||||
xt_unregister_target(&ip6t_HL);
|
||||
xt_unregister_target(&hl_tg6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_hl_init);
|
||||
module_exit(ip6t_hl_fini);
|
||||
module_init(hl_tg6_init);
|
||||
module_exit(hl_tg6_exit);
|
||||
|
@ -431,12 +431,9 @@ ip6t_log_packet(unsigned int pf,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
ip6t_log_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
log_tg6(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ip6t_log_info *loginfo = targinfo;
|
||||
struct nf_loginfo li;
|
||||
@ -450,11 +447,10 @@ ip6t_log_target(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
|
||||
static bool ip6t_log_checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
log_tg6_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_log_info *loginfo = targinfo;
|
||||
|
||||
@ -470,12 +466,12 @@ static bool ip6t_log_checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ip6t_log_reg __read_mostly = {
|
||||
static struct xt_target log_tg6_reg __read_mostly = {
|
||||
.name = "LOG",
|
||||
.family = AF_INET6,
|
||||
.target = ip6t_log_target,
|
||||
.target = log_tg6,
|
||||
.targetsize = sizeof(struct ip6t_log_info),
|
||||
.checkentry = ip6t_log_checkentry,
|
||||
.checkentry = log_tg6_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
@ -485,22 +481,22 @@ static struct nf_logger ip6t_logger = {
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_log_init(void)
|
||||
static int __init log_tg6_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = xt_register_target(&ip6t_log_reg);
|
||||
ret = xt_register_target(&log_tg6_reg);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
nf_log_register(PF_INET6, &ip6t_logger);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void __exit ip6t_log_fini(void)
|
||||
static void __exit log_tg6_exit(void)
|
||||
{
|
||||
nf_log_unregister(&ip6t_logger);
|
||||
xt_unregister_target(&ip6t_log_reg);
|
||||
xt_unregister_target(&log_tg6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_log_init);
|
||||
module_exit(ip6t_log_fini);
|
||||
module_init(log_tg6_init);
|
||||
module_exit(log_tg6_exit);
|
||||
|
@ -170,12 +170,10 @@ send_unreach(struct sk_buff *skb_in, unsigned char code, unsigned int hooknum)
|
||||
icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0, NULL);
|
||||
}
|
||||
|
||||
static unsigned int reject6_target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
reject_tg6(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct ip6t_reject_info *reject = targinfo;
|
||||
|
||||
@ -214,11 +212,10 @@ static unsigned int reject6_target(struct sk_buff *skb,
|
||||
return NF_DROP;
|
||||
}
|
||||
|
||||
static bool check(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
reject_tg6_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_reject_info *rejinfo = targinfo;
|
||||
const struct ip6t_entry *e = entry;
|
||||
@ -237,27 +234,27 @@ static bool check(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target ip6t_reject_reg __read_mostly = {
|
||||
static struct xt_target reject_tg6_reg __read_mostly = {
|
||||
.name = "REJECT",
|
||||
.family = AF_INET6,
|
||||
.target = reject6_target,
|
||||
.target = reject_tg6,
|
||||
.targetsize = sizeof(struct ip6t_reject_info),
|
||||
.table = "filter",
|
||||
.hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
|
||||
(1 << NF_INET_LOCAL_OUT),
|
||||
.checkentry = check,
|
||||
.checkentry = reject_tg6_check,
|
||||
.me = THIS_MODULE
|
||||
};
|
||||
|
||||
static int __init ip6t_reject_init(void)
|
||||
static int __init reject_tg6_init(void)
|
||||
{
|
||||
return xt_register_target(&ip6t_reject_reg);
|
||||
return xt_register_target(&reject_tg6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_reject_fini(void)
|
||||
static void __exit reject_tg6_exit(void)
|
||||
{
|
||||
xt_unregister_target(&ip6t_reject_reg);
|
||||
xt_unregister_target(&reject_tg6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_reject_init);
|
||||
module_exit(ip6t_reject_fini);
|
||||
module_init(reject_tg6_init);
|
||||
module_exit(reject_tg6_exit);
|
||||
|
@ -37,14 +37,9 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
ah_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct ip_auth_hdr _ah;
|
||||
const struct ip_auth_hdr *ah;
|
||||
@ -100,11 +95,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
ah_mt6_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_ah *ahinfo = matchinfo;
|
||||
|
||||
@ -115,24 +108,24 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match ah_match __read_mostly = {
|
||||
static struct xt_match ah_mt6_reg __read_mostly = {
|
||||
.name = "ah",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = ah_mt6,
|
||||
.matchsize = sizeof(struct ip6t_ah),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = ah_mt6_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_ah_init(void)
|
||||
static int __init ah_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&ah_match);
|
||||
return xt_register_match(&ah_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_ah_fini(void)
|
||||
static void __exit ah_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&ah_match);
|
||||
xt_unregister_match(&ah_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_ah_init);
|
||||
module_exit(ip6t_ah_fini);
|
||||
module_init(ah_mt6_init);
|
||||
module_exit(ah_mt6_exit);
|
||||
|
@ -20,14 +20,10 @@ MODULE_LICENSE("GPL");
|
||||
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
eui64_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
unsigned char eui64[8];
|
||||
int i = 0;
|
||||
@ -62,25 +58,25 @@ match(const struct sk_buff *skb,
|
||||
return false;
|
||||
}
|
||||
|
||||
static struct xt_match eui64_match __read_mostly = {
|
||||
static struct xt_match eui64_mt6_reg __read_mostly = {
|
||||
.name = "eui64",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = eui64_mt6,
|
||||
.matchsize = sizeof(int),
|
||||
.hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) |
|
||||
(1 << NF_INET_FORWARD),
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_eui64_init(void)
|
||||
static int __init eui64_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&eui64_match);
|
||||
return xt_register_match(&eui64_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_eui64_fini(void)
|
||||
static void __exit eui64_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&eui64_match);
|
||||
xt_unregister_match(&eui64_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_eui64_init);
|
||||
module_exit(ip6t_eui64_fini);
|
||||
module_init(eui64_mt6_init);
|
||||
module_exit(eui64_mt6_exit);
|
||||
|
@ -35,14 +35,10 @@ id_match(u_int32_t min, u_int32_t max, u_int32_t id, bool invert)
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
frag_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
struct frag_hdr _frag;
|
||||
const struct frag_hdr *fh;
|
||||
@ -116,11 +112,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
frag_mt6_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_frag *fraginfo = matchinfo;
|
||||
|
||||
@ -131,24 +125,24 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match frag_match __read_mostly = {
|
||||
static struct xt_match frag_mt6_reg __read_mostly = {
|
||||
.name = "frag",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = frag_mt6,
|
||||
.matchsize = sizeof(struct ip6t_frag),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = frag_mt6_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_frag_init(void)
|
||||
static int __init frag_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&frag_match);
|
||||
return xt_register_match(&frag_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_frag_fini(void)
|
||||
static void __exit frag_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&frag_match);
|
||||
xt_unregister_match(&frag_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_frag_init);
|
||||
module_exit(ip6t_frag_fini);
|
||||
module_init(frag_mt6_init);
|
||||
module_exit(frag_mt6_exit);
|
||||
|
@ -42,14 +42,10 @@ MODULE_ALIAS("ip6t_dst");
|
||||
*/
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
hbh_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
struct ipv6_opt_hdr _optsh;
|
||||
const struct ipv6_opt_hdr *oh;
|
||||
@ -171,11 +167,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
hbh_mt6_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_opts *optsinfo = matchinfo;
|
||||
|
||||
@ -186,36 +180,36 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match opts_match[] __read_mostly = {
|
||||
static struct xt_match hbh_mt6_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "hbh",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = hbh_mt6,
|
||||
.matchsize = sizeof(struct ip6t_opts),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = hbh_mt6_check,
|
||||
.me = THIS_MODULE,
|
||||
.data = NEXTHDR_HOP,
|
||||
},
|
||||
{
|
||||
.name = "dst",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = hbh_mt6,
|
||||
.matchsize = sizeof(struct ip6t_opts),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = hbh_mt6_check,
|
||||
.me = THIS_MODULE,
|
||||
.data = NEXTHDR_DEST,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init ip6t_hbh_init(void)
|
||||
static int __init hbh_mt6_init(void)
|
||||
{
|
||||
return xt_register_matches(opts_match, ARRAY_SIZE(opts_match));
|
||||
return xt_register_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
|
||||
}
|
||||
|
||||
static void __exit ip6t_hbh_fini(void)
|
||||
static void __exit hbh_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_matches(opts_match, ARRAY_SIZE(opts_match));
|
||||
xt_unregister_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
|
||||
}
|
||||
|
||||
module_init(ip6t_hbh_init);
|
||||
module_exit(ip6t_hbh_fini);
|
||||
module_init(hbh_mt6_init);
|
||||
module_exit(hbh_mt6_exit);
|
||||
|
@ -19,10 +19,10 @@ MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>");
|
||||
MODULE_DESCRIPTION("IP tables Hop Limit matching module");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
hl_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct ip6t_hl_info *info = matchinfo;
|
||||
const struct ipv6hdr *ip6h = ipv6_hdr(skb);
|
||||
@ -49,23 +49,23 @@ static bool match(const struct sk_buff *skb,
|
||||
return false;
|
||||
}
|
||||
|
||||
static struct xt_match hl_match __read_mostly = {
|
||||
static struct xt_match hl_mt6_reg __read_mostly = {
|
||||
.name = "hl",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = hl_mt6,
|
||||
.matchsize = sizeof(struct ip6t_hl_info),
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_hl_init(void)
|
||||
static int __init hl_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&hl_match);
|
||||
return xt_register_match(&hl_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_hl_fini(void)
|
||||
static void __exit hl_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&hl_match);
|
||||
xt_unregister_match(&hl_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_hl_init);
|
||||
module_exit(ip6t_hl_fini);
|
||||
module_init(hl_mt6_init);
|
||||
module_exit(hl_mt6_exit);
|
||||
|
@ -27,14 +27,10 @@ MODULE_DESCRIPTION("IPv6 headers match");
|
||||
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
|
||||
|
||||
static bool
|
||||
ipv6header_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
ipv6header_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct ip6t_ipv6header_info *info = matchinfo;
|
||||
unsigned int temp;
|
||||
@ -125,11 +121,9 @@ ipv6header_match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
ipv6header_checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
ipv6header_mt6_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_ipv6header_info *info = matchinfo;
|
||||
|
||||
@ -141,25 +135,25 @@ ipv6header_checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match ip6t_ipv6header_match __read_mostly = {
|
||||
static struct xt_match ipv6header_mt6_reg __read_mostly = {
|
||||
.name = "ipv6header",
|
||||
.family = AF_INET6,
|
||||
.match = &ipv6header_match,
|
||||
.match = ipv6header_mt6,
|
||||
.matchsize = sizeof(struct ip6t_ipv6header_info),
|
||||
.checkentry = &ipv6header_checkentry,
|
||||
.checkentry = ipv6header_mt6_check,
|
||||
.destroy = NULL,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ipv6header_init(void)
|
||||
static int __init ipv6header_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&ip6t_ipv6header_match);
|
||||
return xt_register_match(&ipv6header_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ipv6header_exit(void)
|
||||
static void __exit ipv6header_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&ip6t_ipv6header_match);
|
||||
xt_unregister_match(&ipv6header_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ipv6header_init);
|
||||
module_exit(ipv6header_exit);
|
||||
module_init(ipv6header_mt6_init);
|
||||
module_exit(ipv6header_mt6_exit);
|
||||
|
@ -38,14 +38,9 @@ type_match(u_int8_t min, u_int8_t max, u_int8_t type, bool invert)
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
mh_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct ip6_mh _mh;
|
||||
const struct ip6_mh *mh;
|
||||
@ -77,11 +72,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
mh_checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
mh_mt6_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_mh *mhinfo = matchinfo;
|
||||
|
||||
@ -89,25 +82,25 @@ mh_checkentry(const char *tablename,
|
||||
return !(mhinfo->invflags & ~IP6T_MH_INV_MASK);
|
||||
}
|
||||
|
||||
static struct xt_match mh_match __read_mostly = {
|
||||
static struct xt_match mh_mt6_reg __read_mostly = {
|
||||
.name = "mh",
|
||||
.family = AF_INET6,
|
||||
.checkentry = mh_checkentry,
|
||||
.match = match,
|
||||
.checkentry = mh_mt6_check,
|
||||
.match = mh_mt6,
|
||||
.matchsize = sizeof(struct ip6t_mh),
|
||||
.proto = IPPROTO_MH,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_mh_init(void)
|
||||
static int __init mh_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&mh_match);
|
||||
return xt_register_match(&mh_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_mh_fini(void)
|
||||
static void __exit mh_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&mh_match);
|
||||
xt_unregister_match(&mh_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_mh_init);
|
||||
module_exit(ip6t_mh_fini);
|
||||
module_init(mh_mt6_init);
|
||||
module_exit(mh_mt6_exit);
|
||||
|
@ -24,14 +24,10 @@ MODULE_LICENSE("GPL");
|
||||
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
owner_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct ip6t_owner_info *info = matchinfo;
|
||||
|
||||
@ -52,11 +48,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
owner_mt6_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_owner_info *info = matchinfo;
|
||||
|
||||
@ -68,26 +62,26 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match owner_match __read_mostly = {
|
||||
static struct xt_match owner_mt6_reg __read_mostly = {
|
||||
.name = "owner",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = owner_mt6,
|
||||
.matchsize = sizeof(struct ip6t_owner_info),
|
||||
.hooks = (1 << NF_INET_LOCAL_OUT) |
|
||||
(1 << NF_INET_POST_ROUTING),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = owner_mt6_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_owner_init(void)
|
||||
static int __init owner_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&owner_match);
|
||||
return xt_register_match(&owner_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_owner_fini(void)
|
||||
static void __exit owner_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&owner_match);
|
||||
xt_unregister_match(&owner_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_owner_init);
|
||||
module_exit(ip6t_owner_fini);
|
||||
module_init(owner_mt6_init);
|
||||
module_exit(owner_mt6_exit);
|
||||
|
@ -37,14 +37,9 @@ segsleft_match(u_int32_t min, u_int32_t max, u_int32_t id, bool invert)
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
rt_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct ipv6_rt_hdr _route;
|
||||
const struct ipv6_rt_hdr *rh;
|
||||
@ -195,11 +190,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
rt_mt6_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_rt *rtinfo = matchinfo;
|
||||
|
||||
@ -218,24 +211,24 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match rt_match __read_mostly = {
|
||||
static struct xt_match rt_mt6_reg __read_mostly = {
|
||||
.name = "rt",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = rt_mt6,
|
||||
.matchsize = sizeof(struct ip6t_rt),
|
||||
.checkentry = checkentry,
|
||||
.checkentry = rt_mt6_check,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ip6t_rt_init(void)
|
||||
static int __init rt_mt6_init(void)
|
||||
{
|
||||
return xt_register_match(&rt_match);
|
||||
return xt_register_match(&rt_mt6_reg);
|
||||
}
|
||||
|
||||
static void __exit ip6t_rt_fini(void)
|
||||
static void __exit rt_mt6_exit(void)
|
||||
{
|
||||
xt_unregister_match(&rt_match);
|
||||
xt_unregister_match(&rt_mt6_reg);
|
||||
}
|
||||
|
||||
module_init(ip6t_rt_init);
|
||||
module_exit(ip6t_rt_fini);
|
||||
module_init(rt_mt6_init);
|
||||
module_exit(rt_mt6_exit);
|
||||
|
@ -27,12 +27,9 @@ MODULE_ALIAS("ipt_CLASSIFY");
|
||||
MODULE_ALIAS("ip6t_CLASSIFY");
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
classify_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_classify_target_info *clinfo = targinfo;
|
||||
|
||||
@ -40,11 +37,11 @@ target(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static struct xt_target xt_classify_target[] __read_mostly = {
|
||||
static struct xt_target classify_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.family = AF_INET,
|
||||
.name = "CLASSIFY",
|
||||
.target = target,
|
||||
.target = classify_tg,
|
||||
.targetsize = sizeof(struct xt_classify_target_info),
|
||||
.table = "mangle",
|
||||
.hooks = (1 << NF_INET_LOCAL_OUT) |
|
||||
@ -55,7 +52,7 @@ static struct xt_target xt_classify_target[] __read_mostly = {
|
||||
{
|
||||
.name = "CLASSIFY",
|
||||
.family = AF_INET6,
|
||||
.target = target,
|
||||
.target = classify_tg,
|
||||
.targetsize = sizeof(struct xt_classify_target_info),
|
||||
.table = "mangle",
|
||||
.hooks = (1 << NF_INET_LOCAL_OUT) |
|
||||
@ -65,17 +62,16 @@ static struct xt_target xt_classify_target[] __read_mostly = {
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_classify_init(void)
|
||||
static int __init classify_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_classify_target,
|
||||
ARRAY_SIZE(xt_classify_target));
|
||||
return xt_register_targets(classify_tg_reg,
|
||||
ARRAY_SIZE(classify_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_classify_fini(void)
|
||||
static void __exit classify_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_classify_target,
|
||||
ARRAY_SIZE(xt_classify_target));
|
||||
xt_unregister_targets(classify_tg_reg, ARRAY_SIZE(classify_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_classify_init);
|
||||
module_exit(xt_classify_fini);
|
||||
module_init(classify_tg_init);
|
||||
module_exit(classify_tg_exit);
|
||||
|
@ -34,12 +34,9 @@ MODULE_ALIAS("ip6t_CONNMARK");
|
||||
#include <net/netfilter/nf_conntrack_ecache.h>
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
connmark_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_connmark_target_info *markinfo = targinfo;
|
||||
struct nf_conn *ct;
|
||||
@ -78,11 +75,9 @@ target(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
connmark_tg_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_connmark_target_info *matchinfo = targinfo;
|
||||
|
||||
@ -107,7 +102,7 @@ checkentry(const char *tablename,
|
||||
}
|
||||
|
||||
static void
|
||||
destroy(const struct xt_target *target, void *targinfo)
|
||||
connmark_tg_destroy(const struct xt_target *target, void *targinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(target->family);
|
||||
}
|
||||
@ -120,7 +115,7 @@ struct compat_xt_connmark_target_info {
|
||||
u_int16_t __pad2;
|
||||
};
|
||||
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void connmark_tg_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_xt_connmark_target_info *cm = src;
|
||||
struct xt_connmark_target_info m = {
|
||||
@ -131,7 +126,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memcpy(dst, &m, sizeof(m));
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int connmark_tg_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct xt_connmark_target_info *m = src;
|
||||
struct compat_xt_connmark_target_info cm = {
|
||||
@ -143,43 +138,42 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_target xt_connmark_target[] __read_mostly = {
|
||||
static struct xt_target connmark_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "CONNMARK",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.destroy = destroy,
|
||||
.target = target,
|
||||
.checkentry = connmark_tg_check,
|
||||
.destroy = connmark_tg_destroy,
|
||||
.target = connmark_tg,
|
||||
.targetsize = sizeof(struct xt_connmark_target_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_connmark_target_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = connmark_tg_compat_from_user,
|
||||
.compat_to_user = connmark_tg_compat_to_user,
|
||||
#endif
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "CONNMARK",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.destroy = destroy,
|
||||
.target = target,
|
||||
.checkentry = connmark_tg_check,
|
||||
.destroy = connmark_tg_destroy,
|
||||
.target = connmark_tg,
|
||||
.targetsize = sizeof(struct xt_connmark_target_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_connmark_init(void)
|
||||
static int __init connmark_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_connmark_target,
|
||||
ARRAY_SIZE(xt_connmark_target));
|
||||
return xt_register_targets(connmark_tg_reg,
|
||||
ARRAY_SIZE(connmark_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_connmark_fini(void)
|
||||
static void __exit connmark_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_connmark_target,
|
||||
ARRAY_SIZE(xt_connmark_target));
|
||||
xt_unregister_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_connmark_init);
|
||||
module_exit(xt_connmark_fini);
|
||||
module_init(connmark_tg_init);
|
||||
module_exit(connmark_tg_exit);
|
||||
|
@ -61,10 +61,10 @@ static void secmark_restore(struct sk_buff *skb)
|
||||
}
|
||||
}
|
||||
|
||||
static unsigned int target(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
connsecmark_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_connsecmark_target_info *info = targinfo;
|
||||
|
||||
@ -84,9 +84,10 @@ static unsigned int target(struct sk_buff *skb, const struct net_device *in,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static bool checkentry(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
connsecmark_tg_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_connsecmark_target_info *info = targinfo;
|
||||
|
||||
@ -109,18 +110,18 @@ static bool checkentry(const char *tablename, const void *entry,
|
||||
}
|
||||
|
||||
static void
|
||||
destroy(const struct xt_target *target, void *targinfo)
|
||||
connsecmark_tg_destroy(const struct xt_target *target, void *targinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(target->family);
|
||||
}
|
||||
|
||||
static struct xt_target xt_connsecmark_target[] __read_mostly = {
|
||||
static struct xt_target connsecmark_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "CONNSECMARK",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.destroy = destroy,
|
||||
.target = target,
|
||||
.checkentry = connsecmark_tg_check,
|
||||
.destroy = connsecmark_tg_destroy,
|
||||
.target = connsecmark_tg,
|
||||
.targetsize = sizeof(struct xt_connsecmark_target_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
@ -128,26 +129,26 @@ static struct xt_target xt_connsecmark_target[] __read_mostly = {
|
||||
{
|
||||
.name = "CONNSECMARK",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.destroy = destroy,
|
||||
.target = target,
|
||||
.checkentry = connsecmark_tg_check,
|
||||
.destroy = connsecmark_tg_destroy,
|
||||
.target = connsecmark_tg,
|
||||
.targetsize = sizeof(struct xt_connsecmark_target_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_connsecmark_init(void)
|
||||
static int __init connsecmark_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_connsecmark_target,
|
||||
ARRAY_SIZE(xt_connsecmark_target));
|
||||
return xt_register_targets(connsecmark_tg_reg,
|
||||
ARRAY_SIZE(connsecmark_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_connsecmark_fini(void)
|
||||
static void __exit connsecmark_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_connsecmark_target,
|
||||
ARRAY_SIZE(xt_connsecmark_target));
|
||||
xt_unregister_targets(connsecmark_tg_reg,
|
||||
ARRAY_SIZE(connsecmark_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_connsecmark_init);
|
||||
module_exit(xt_connsecmark_fini);
|
||||
module_init(connsecmark_tg_init);
|
||||
module_exit(connsecmark_tg_exit);
|
||||
|
@ -25,12 +25,10 @@ MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS("ipt_DSCP");
|
||||
MODULE_ALIAS("ip6t_DSCP");
|
||||
|
||||
static unsigned int target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
dscp_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_DSCP_info *dinfo = targinfo;
|
||||
u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
|
||||
@ -46,12 +44,10 @@ static unsigned int target(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static unsigned int target6(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
dscp_tg6(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_DSCP_info *dinfo = targinfo;
|
||||
u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
|
||||
@ -66,11 +62,10 @@ static unsigned int target6(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static bool checkentry(const char *tablename,
|
||||
const void *e_void,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
dscp_tg_check(const char *tablename, const void *e_void,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;
|
||||
|
||||
@ -81,12 +76,12 @@ static bool checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target xt_dscp_target[] __read_mostly = {
|
||||
static struct xt_target dscp_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "DSCP",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.target = target,
|
||||
.checkentry = dscp_tg_check,
|
||||
.target = dscp_tg,
|
||||
.targetsize = sizeof(struct xt_DSCP_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
@ -94,23 +89,23 @@ static struct xt_target xt_dscp_target[] __read_mostly = {
|
||||
{
|
||||
.name = "DSCP",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.target = target6,
|
||||
.checkentry = dscp_tg_check,
|
||||
.target = dscp_tg6,
|
||||
.targetsize = sizeof(struct xt_DSCP_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_dscp_target_init(void)
|
||||
static int __init dscp_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
|
||||
return xt_register_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_dscp_target_fini(void)
|
||||
static void __exit dscp_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
|
||||
xt_unregister_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_dscp_target_init);
|
||||
module_exit(xt_dscp_target_fini);
|
||||
module_init(dscp_tg_init);
|
||||
module_exit(dscp_tg_exit);
|
||||
|
@ -22,12 +22,9 @@ MODULE_ALIAS("ipt_MARK");
|
||||
MODULE_ALIAS("ip6t_MARK");
|
||||
|
||||
static unsigned int
|
||||
target_v0(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
mark_tg_v0(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_mark_target_info *markinfo = targinfo;
|
||||
|
||||
@ -36,12 +33,9 @@ target_v0(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
target_v1(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
mark_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_mark_target_info_v1 *markinfo = targinfo;
|
||||
int mark = 0;
|
||||
@ -64,13 +58,10 @@ target_v1(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
|
||||
static bool
|
||||
checkentry_v0(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
mark_tg_check_v0(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_mark_target_info *markinfo = targinfo;
|
||||
|
||||
@ -82,11 +73,9 @@ checkentry_v0(const char *tablename,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry_v1(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
mark_tg_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_mark_target_info_v1 *markinfo = targinfo;
|
||||
|
||||
@ -112,7 +101,7 @@ struct compat_xt_mark_target_info_v1 {
|
||||
u_int16_t __pad2;
|
||||
};
|
||||
|
||||
static void compat_from_user_v1(void *dst, void *src)
|
||||
static void mark_tg_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_xt_mark_target_info_v1 *cm = src;
|
||||
struct xt_mark_target_info_v1 m = {
|
||||
@ -122,7 +111,7 @@ static void compat_from_user_v1(void *dst, void *src)
|
||||
memcpy(dst, &m, sizeof(m));
|
||||
}
|
||||
|
||||
static int compat_to_user_v1(void __user *dst, void *src)
|
||||
static int mark_tg_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct xt_mark_target_info_v1 *m = src;
|
||||
struct compat_xt_mark_target_info_v1 cm = {
|
||||
@ -133,13 +122,13 @@ static int compat_to_user_v1(void __user *dst, void *src)
|
||||
}
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_target xt_mark_target[] __read_mostly = {
|
||||
static struct xt_target mark_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "MARK",
|
||||
.family = AF_INET,
|
||||
.revision = 0,
|
||||
.checkentry = checkentry_v0,
|
||||
.target = target_v0,
|
||||
.checkentry = mark_tg_check_v0,
|
||||
.target = mark_tg_v0,
|
||||
.targetsize = sizeof(struct xt_mark_target_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
@ -148,13 +137,13 @@ static struct xt_target xt_mark_target[] __read_mostly = {
|
||||
.name = "MARK",
|
||||
.family = AF_INET,
|
||||
.revision = 1,
|
||||
.checkentry = checkentry_v1,
|
||||
.target = target_v1,
|
||||
.checkentry = mark_tg_check,
|
||||
.target = mark_tg,
|
||||
.targetsize = sizeof(struct xt_mark_target_info_v1),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_mark_target_info_v1),
|
||||
.compat_from_user = compat_from_user_v1,
|
||||
.compat_to_user = compat_to_user_v1,
|
||||
.compat_from_user = mark_tg_compat_from_user,
|
||||
.compat_to_user = mark_tg_compat_to_user,
|
||||
#endif
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
@ -163,23 +152,23 @@ static struct xt_target xt_mark_target[] __read_mostly = {
|
||||
.name = "MARK",
|
||||
.family = AF_INET6,
|
||||
.revision = 0,
|
||||
.checkentry = checkentry_v0,
|
||||
.target = target_v0,
|
||||
.checkentry = mark_tg_check_v0,
|
||||
.target = mark_tg_v0,
|
||||
.targetsize = sizeof(struct xt_mark_target_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_mark_init(void)
|
||||
static int __init mark_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
|
||||
return xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_mark_fini(void)
|
||||
static void __exit mark_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
|
||||
xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_mark_init);
|
||||
module_exit(xt_mark_fini);
|
||||
module_init(mark_tg_init);
|
||||
module_exit(mark_tg_exit);
|
||||
|
@ -20,10 +20,9 @@ MODULE_ALIAS("ipt_NFLOG");
|
||||
MODULE_ALIAS("ip6t_NFLOG");
|
||||
|
||||
static unsigned int
|
||||
nflog_target(struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
unsigned int hooknum, const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
nflog_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_nflog_info *info = targinfo;
|
||||
struct nf_loginfo li;
|
||||
@ -39,9 +38,9 @@ nflog_target(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
nflog_checkentry(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targetinfo,
|
||||
unsigned int hookmask)
|
||||
nflog_tg_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targetinfo,
|
||||
unsigned int hookmask)
|
||||
{
|
||||
const struct xt_nflog_info *info = targetinfo;
|
||||
|
||||
@ -52,35 +51,34 @@ nflog_checkentry(const char *tablename, const void *entry,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target xt_nflog_target[] __read_mostly = {
|
||||
static struct xt_target nflog_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "NFLOG",
|
||||
.family = AF_INET,
|
||||
.checkentry = nflog_checkentry,
|
||||
.target = nflog_target,
|
||||
.checkentry = nflog_tg_check,
|
||||
.target = nflog_tg,
|
||||
.targetsize = sizeof(struct xt_nflog_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "NFLOG",
|
||||
.family = AF_INET6,
|
||||
.checkentry = nflog_checkentry,
|
||||
.target = nflog_target,
|
||||
.checkentry = nflog_tg_check,
|
||||
.target = nflog_tg,
|
||||
.targetsize = sizeof(struct xt_nflog_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_nflog_init(void)
|
||||
static int __init nflog_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_nflog_target,
|
||||
ARRAY_SIZE(xt_nflog_target));
|
||||
return xt_register_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_nflog_fini(void)
|
||||
static void __exit nflog_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_nflog_target, ARRAY_SIZE(xt_nflog_target));
|
||||
xt_unregister_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_nflog_init);
|
||||
module_exit(xt_nflog_fini);
|
||||
module_init(nflog_tg_init);
|
||||
module_exit(nflog_tg_exit);
|
||||
|
@ -24,52 +24,48 @@ MODULE_ALIAS("ip6t_NFQUEUE");
|
||||
MODULE_ALIAS("arpt_NFQUEUE");
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
nfqueue_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
const struct xt_NFQ_info *tinfo = targinfo;
|
||||
|
||||
return NF_QUEUE_NR(tinfo->queuenum);
|
||||
}
|
||||
|
||||
static struct xt_target xt_nfqueue_target[] __read_mostly = {
|
||||
static struct xt_target nfqueue_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "NFQUEUE",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.target = nfqueue_tg,
|
||||
.targetsize = sizeof(struct xt_NFQ_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "NFQUEUE",
|
||||
.family = AF_INET6,
|
||||
.target = target,
|
||||
.target = nfqueue_tg,
|
||||
.targetsize = sizeof(struct xt_NFQ_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "NFQUEUE",
|
||||
.family = NF_ARP,
|
||||
.target = target,
|
||||
.target = nfqueue_tg,
|
||||
.targetsize = sizeof(struct xt_NFQ_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_nfqueue_init(void)
|
||||
static int __init nfqueue_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_nfqueue_target,
|
||||
ARRAY_SIZE(xt_nfqueue_target));
|
||||
return xt_register_targets(nfqueue_tg_reg, ARRAY_SIZE(nfqueue_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_nfqueue_fini(void)
|
||||
static void __exit nfqueue_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_nfqueue_target, ARRAY_SIZE(xt_nfqueue_target));
|
||||
xt_unregister_targets(nfqueue_tg_reg, ARRAY_SIZE(nfqueue_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_nfqueue_init);
|
||||
module_exit(xt_nfqueue_fini);
|
||||
module_init(nfqueue_tg_init);
|
||||
module_exit(nfqueue_tg_exit);
|
||||
|
@ -12,12 +12,9 @@ MODULE_ALIAS("ipt_NOTRACK");
|
||||
MODULE_ALIAS("ip6t_NOTRACK");
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
notrack_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
/* Previously seen (loopback)? Ignore. */
|
||||
if (skb->nfct != NULL)
|
||||
@ -34,33 +31,32 @@ target(struct sk_buff *skb,
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static struct xt_target xt_notrack_target[] __read_mostly = {
|
||||
static struct xt_target notrack_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "NOTRACK",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.target = notrack_tg,
|
||||
.table = "raw",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "NOTRACK",
|
||||
.family = AF_INET6,
|
||||
.target = target,
|
||||
.target = notrack_tg,
|
||||
.table = "raw",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_notrack_init(void)
|
||||
static int __init notrack_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_notrack_target,
|
||||
ARRAY_SIZE(xt_notrack_target));
|
||||
return xt_register_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_notrack_fini(void)
|
||||
static void __exit notrack_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_notrack_target, ARRAY_SIZE(xt_notrack_target));
|
||||
xt_unregister_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_notrack_init);
|
||||
module_exit(xt_notrack_fini);
|
||||
module_init(notrack_tg_init);
|
||||
module_exit(notrack_tg_exit);
|
||||
|
@ -28,10 +28,10 @@ MODULE_ALIAS("ip6t_SECMARK");
|
||||
|
||||
static u8 mode;
|
||||
|
||||
static unsigned int target(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
static unsigned int
|
||||
secmark_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
u32 secmark = 0;
|
||||
const struct xt_secmark_target_info *info = targinfo;
|
||||
@ -81,9 +81,10 @@ static bool checkentry_selinux(struct xt_secmark_target_info *info)
|
||||
return true;
|
||||
}
|
||||
|
||||
static bool checkentry(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
secmark_tg_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_secmark_target_info *info = targinfo;
|
||||
|
||||
@ -109,12 +110,12 @@ static bool checkentry(const char *tablename, const void *entry,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_target xt_secmark_target[] __read_mostly = {
|
||||
static struct xt_target secmark_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "SECMARK",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.target = target,
|
||||
.checkentry = secmark_tg_check,
|
||||
.target = secmark_tg,
|
||||
.targetsize = sizeof(struct xt_secmark_target_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
@ -122,24 +123,23 @@ static struct xt_target xt_secmark_target[] __read_mostly = {
|
||||
{
|
||||
.name = "SECMARK",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.target = target,
|
||||
.checkentry = secmark_tg_check,
|
||||
.target = secmark_tg,
|
||||
.targetsize = sizeof(struct xt_secmark_target_info),
|
||||
.table = "mangle",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_secmark_init(void)
|
||||
static int __init secmark_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_secmark_target,
|
||||
ARRAY_SIZE(xt_secmark_target));
|
||||
return xt_register_targets(secmark_tg_reg, ARRAY_SIZE(secmark_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_secmark_fini(void)
|
||||
static void __exit secmark_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_secmark_target, ARRAY_SIZE(xt_secmark_target));
|
||||
xt_unregister_targets(secmark_tg_reg, ARRAY_SIZE(secmark_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_secmark_init);
|
||||
module_exit(xt_secmark_fini);
|
||||
module_init(secmark_tg_init);
|
||||
module_exit(secmark_tg_exit);
|
||||
|
@ -135,12 +135,9 @@ tcpmss_mangle_packet(struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
xt_tcpmss_target4(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
tcpmss_tg4(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct iphdr *iph = ip_hdr(skb);
|
||||
__be16 newlen;
|
||||
@ -161,12 +158,9 @@ xt_tcpmss_target4(struct sk_buff *skb,
|
||||
|
||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
||||
static unsigned int
|
||||
xt_tcpmss_target6(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
tcpmss_tg6(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
struct ipv6hdr *ipv6h = ipv6_hdr(skb);
|
||||
u8 nexthdr;
|
||||
@ -205,11 +199,9 @@ static inline bool find_syn_match(const struct xt_entry_match *m)
|
||||
}
|
||||
|
||||
static bool
|
||||
xt_tcpmss_checkentry4(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
tcpmss_tg4_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_tcpmss_info *info = targinfo;
|
||||
const struct ipt_entry *e = entry;
|
||||
@ -230,11 +222,9 @@ xt_tcpmss_checkentry4(const char *tablename,
|
||||
|
||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
||||
static bool
|
||||
xt_tcpmss_checkentry6(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_target *target,
|
||||
void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
tcpmss_tg6_check(const char *tablename, const void *entry,
|
||||
const struct xt_target *target, void *targinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_tcpmss_info *info = targinfo;
|
||||
const struct ip6t_entry *e = entry;
|
||||
@ -254,12 +244,12 @@ xt_tcpmss_checkentry6(const char *tablename,
|
||||
}
|
||||
#endif
|
||||
|
||||
static struct xt_target xt_tcpmss_reg[] __read_mostly = {
|
||||
static struct xt_target tcpmss_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.family = AF_INET,
|
||||
.name = "TCPMSS",
|
||||
.checkentry = xt_tcpmss_checkentry4,
|
||||
.target = xt_tcpmss_target4,
|
||||
.checkentry = tcpmss_tg4_check,
|
||||
.target = tcpmss_tg4,
|
||||
.targetsize = sizeof(struct xt_tcpmss_info),
|
||||
.proto = IPPROTO_TCP,
|
||||
.me = THIS_MODULE,
|
||||
@ -268,8 +258,8 @@ static struct xt_target xt_tcpmss_reg[] __read_mostly = {
|
||||
{
|
||||
.family = AF_INET6,
|
||||
.name = "TCPMSS",
|
||||
.checkentry = xt_tcpmss_checkentry6,
|
||||
.target = xt_tcpmss_target6,
|
||||
.checkentry = tcpmss_tg6_check,
|
||||
.target = tcpmss_tg6,
|
||||
.targetsize = sizeof(struct xt_tcpmss_info),
|
||||
.proto = IPPROTO_TCP,
|
||||
.me = THIS_MODULE,
|
||||
@ -277,15 +267,15 @@ static struct xt_target xt_tcpmss_reg[] __read_mostly = {
|
||||
#endif
|
||||
};
|
||||
|
||||
static int __init xt_tcpmss_init(void)
|
||||
static int __init tcpmss_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_tcpmss_reg, ARRAY_SIZE(xt_tcpmss_reg));
|
||||
return xt_register_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_tcpmss_fini(void)
|
||||
static void __exit tcpmss_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_tcpmss_reg, ARRAY_SIZE(xt_tcpmss_reg));
|
||||
xt_unregister_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_tcpmss_init);
|
||||
module_exit(xt_tcpmss_fini);
|
||||
module_init(tcpmss_tg_init);
|
||||
module_exit(tcpmss_tg_exit);
|
||||
|
@ -10,44 +10,40 @@ MODULE_ALIAS("ipt_TRACE");
|
||||
MODULE_ALIAS("ip6t_TRACE");
|
||||
|
||||
static unsigned int
|
||||
target(struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
unsigned int hooknum,
|
||||
const struct xt_target *target,
|
||||
const void *targinfo)
|
||||
trace_tg(struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, unsigned int hooknum,
|
||||
const struct xt_target *target, const void *targinfo)
|
||||
{
|
||||
skb->nf_trace = 1;
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
||||
static struct xt_target xt_trace_target[] __read_mostly = {
|
||||
static struct xt_target trace_tg_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "TRACE",
|
||||
.family = AF_INET,
|
||||
.target = target,
|
||||
.target = trace_tg,
|
||||
.table = "raw",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "TRACE",
|
||||
.family = AF_INET6,
|
||||
.target = target,
|
||||
.target = trace_tg,
|
||||
.table = "raw",
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_trace_init(void)
|
||||
static int __init trace_tg_init(void)
|
||||
{
|
||||
return xt_register_targets(xt_trace_target,
|
||||
ARRAY_SIZE(xt_trace_target));
|
||||
return xt_register_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_trace_fini(void)
|
||||
static void __exit trace_tg_exit(void)
|
||||
{
|
||||
xt_unregister_targets(xt_trace_target, ARRAY_SIZE(xt_trace_target));
|
||||
xt_unregister_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
|
||||
}
|
||||
|
||||
module_init(xt_trace_init);
|
||||
module_exit(xt_trace_fini);
|
||||
module_init(trace_tg_init);
|
||||
module_exit(trace_tg_exit);
|
||||
|
@ -16,46 +16,41 @@ MODULE_ALIAS("ipt_comment");
|
||||
MODULE_ALIAS("ip6t_comment");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protooff,
|
||||
bool *hotdrop)
|
||||
comment_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protooff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
/* We always match */
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_comment_match[] __read_mostly = {
|
||||
static struct xt_match comment_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "comment",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = comment_mt,
|
||||
.matchsize = sizeof(struct xt_comment_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "comment",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = comment_mt,
|
||||
.matchsize = sizeof(struct xt_comment_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_comment_init(void)
|
||||
static int __init comment_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_comment_match,
|
||||
ARRAY_SIZE(xt_comment_match));
|
||||
return xt_register_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_comment_fini(void)
|
||||
static void __exit comment_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_comment_match, ARRAY_SIZE(xt_comment_match));
|
||||
xt_unregister_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_comment_init);
|
||||
module_exit(xt_comment_fini);
|
||||
module_init(comment_mt_init);
|
||||
module_exit(comment_mt_exit);
|
||||
|
@ -17,14 +17,10 @@ MODULE_ALIAS("ipt_connbytes");
|
||||
MODULE_ALIAS("ip6t_connbytes");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
connbytes_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_connbytes_info *sinfo = matchinfo;
|
||||
const struct nf_conn *ct;
|
||||
@ -96,11 +92,10 @@ match(const struct sk_buff *skb,
|
||||
return what >= sinfo->count.from;
|
||||
}
|
||||
|
||||
static bool check(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
connbytes_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_connbytes_info *sinfo = matchinfo;
|
||||
|
||||
@ -124,43 +119,42 @@ static bool check(const char *tablename,
|
||||
}
|
||||
|
||||
static void
|
||||
destroy(const struct xt_match *match, void *matchinfo)
|
||||
connbytes_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(match->family);
|
||||
}
|
||||
|
||||
static struct xt_match xt_connbytes_match[] __read_mostly = {
|
||||
static struct xt_match connbytes_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "connbytes",
|
||||
.family = AF_INET,
|
||||
.checkentry = check,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = connbytes_mt_check,
|
||||
.match = connbytes_mt,
|
||||
.destroy = connbytes_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_connbytes_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "connbytes",
|
||||
.family = AF_INET6,
|
||||
.checkentry = check,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = connbytes_mt_check,
|
||||
.match = connbytes_mt,
|
||||
.destroy = connbytes_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_connbytes_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_connbytes_init(void)
|
||||
static int __init connbytes_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_connbytes_match,
|
||||
ARRAY_SIZE(xt_connbytes_match));
|
||||
return xt_register_matches(connbytes_mt_reg,
|
||||
ARRAY_SIZE(connbytes_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_connbytes_fini(void)
|
||||
static void __exit connbytes_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_connbytes_match,
|
||||
ARRAY_SIZE(xt_connbytes_match));
|
||||
xt_unregister_matches(connbytes_mt_reg, ARRAY_SIZE(connbytes_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_connbytes_init);
|
||||
module_exit(xt_connbytes_fini);
|
||||
module_init(connbytes_mt_init);
|
||||
module_exit(connbytes_mt_exit);
|
||||
|
@ -54,7 +54,7 @@ static inline unsigned int connlimit_iphash(__be32 addr)
|
||||
|
||||
static inline unsigned int
|
||||
connlimit_iphash6(const union nf_conntrack_address *addr,
|
||||
const union nf_conntrack_address *mask)
|
||||
const union nf_conntrack_address *mask)
|
||||
{
|
||||
union nf_conntrack_address res;
|
||||
unsigned int i;
|
||||
@ -178,12 +178,11 @@ static int count_them(struct xt_connlimit_data *data,
|
||||
return matches;
|
||||
}
|
||||
|
||||
static bool connlimit_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo, int offset,
|
||||
unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
connlimit_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_connlimit_info *info = matchinfo;
|
||||
union nf_conntrack_address addr, mask;
|
||||
@ -227,9 +226,10 @@ static bool connlimit_match(const struct sk_buff *skb,
|
||||
return false;
|
||||
}
|
||||
|
||||
static bool connlimit_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
connlimit_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_connlimit_info *info = matchinfo;
|
||||
unsigned int i;
|
||||
@ -254,7 +254,8 @@ static bool connlimit_check(const char *tablename, const void *ip,
|
||||
return true;
|
||||
}
|
||||
|
||||
static void connlimit_destroy(const struct xt_match *match, void *matchinfo)
|
||||
static void
|
||||
connlimit_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
struct xt_connlimit_info *info = matchinfo;
|
||||
struct xt_connlimit_conn *conn;
|
||||
@ -274,39 +275,40 @@ static void connlimit_destroy(const struct xt_match *match, void *matchinfo)
|
||||
kfree(info->data);
|
||||
}
|
||||
|
||||
static struct xt_match connlimit_reg[] __read_mostly = {
|
||||
static struct xt_match connlimit_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "connlimit",
|
||||
.family = AF_INET,
|
||||
.checkentry = connlimit_check,
|
||||
.match = connlimit_match,
|
||||
.checkentry = connlimit_mt_check,
|
||||
.match = connlimit_mt,
|
||||
.matchsize = sizeof(struct xt_connlimit_info),
|
||||
.destroy = connlimit_destroy,
|
||||
.destroy = connlimit_mt_destroy,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "connlimit",
|
||||
.family = AF_INET6,
|
||||
.checkentry = connlimit_check,
|
||||
.match = connlimit_match,
|
||||
.checkentry = connlimit_mt_check,
|
||||
.match = connlimit_mt,
|
||||
.matchsize = sizeof(struct xt_connlimit_info),
|
||||
.destroy = connlimit_destroy,
|
||||
.destroy = connlimit_mt_destroy,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_connlimit_init(void)
|
||||
static int __init connlimit_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(connlimit_reg, ARRAY_SIZE(connlimit_reg));
|
||||
return xt_register_matches(connlimit_mt_reg,
|
||||
ARRAY_SIZE(connlimit_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_connlimit_exit(void)
|
||||
static void __exit connlimit_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(connlimit_reg, ARRAY_SIZE(connlimit_reg));
|
||||
xt_unregister_matches(connlimit_mt_reg, ARRAY_SIZE(connlimit_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_connlimit_init);
|
||||
module_exit(xt_connlimit_exit);
|
||||
module_init(connlimit_mt_init);
|
||||
module_exit(connlimit_mt_exit);
|
||||
MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
|
||||
MODULE_DESCRIPTION("netfilter xt_connlimit match module");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
@ -32,14 +32,10 @@ MODULE_ALIAS("ipt_connmark");
|
||||
MODULE_ALIAS("ip6t_connmark");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
connmark_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_connmark_info *info = matchinfo;
|
||||
const struct nf_conn *ct;
|
||||
@ -53,11 +49,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
connmark_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_connmark_info *cm = matchinfo;
|
||||
|
||||
@ -74,7 +68,7 @@ checkentry(const char *tablename,
|
||||
}
|
||||
|
||||
static void
|
||||
destroy(const struct xt_match *match, void *matchinfo)
|
||||
connmark_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(match->family);
|
||||
}
|
||||
@ -87,7 +81,7 @@ struct compat_xt_connmark_info {
|
||||
u_int16_t __pad2;
|
||||
};
|
||||
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void connmark_mt_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_xt_connmark_info *cm = src;
|
||||
struct xt_connmark_info m = {
|
||||
@ -98,7 +92,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memcpy(dst, &m, sizeof(m));
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int connmark_mt_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct xt_connmark_info *m = src;
|
||||
struct compat_xt_connmark_info cm = {
|
||||
@ -110,42 +104,42 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_match xt_connmark_match[] __read_mostly = {
|
||||
static struct xt_match connmark_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "connmark",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = connmark_mt_check,
|
||||
.match = connmark_mt,
|
||||
.destroy = connmark_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_connmark_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_connmark_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = connmark_mt_compat_from_user,
|
||||
.compat_to_user = connmark_mt_compat_to_user,
|
||||
#endif
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "connmark",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = connmark_mt_check,
|
||||
.match = connmark_mt,
|
||||
.destroy = connmark_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_connmark_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_connmark_init(void)
|
||||
static int __init connmark_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_connmark_match,
|
||||
ARRAY_SIZE(xt_connmark_match));
|
||||
return xt_register_matches(connmark_mt_reg,
|
||||
ARRAY_SIZE(connmark_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_connmark_fini(void)
|
||||
static void __exit connmark_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_connmark_match, ARRAY_SIZE(xt_connmark_match));
|
||||
xt_unregister_matches(connmark_mt_reg, ARRAY_SIZE(connmark_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_connmark_init);
|
||||
module_exit(xt_connmark_fini);
|
||||
module_init(connmark_mt_init);
|
||||
module_exit(connmark_mt_exit);
|
||||
|
@ -20,14 +20,10 @@ MODULE_DESCRIPTION("iptables connection tracking match module");
|
||||
MODULE_ALIAS("ipt_conntrack");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_conntrack_info *sinfo = matchinfo;
|
||||
const struct nf_conn *ct;
|
||||
@ -115,11 +111,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
conntrack_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
|
||||
printk(KERN_WARNING "can't load conntrack support for "
|
||||
@ -129,7 +123,8 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static void destroy(const struct xt_match *match, void *matchinfo)
|
||||
static void
|
||||
conntrack_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(match->family);
|
||||
}
|
||||
@ -148,7 +143,7 @@ struct compat_xt_conntrack_info
|
||||
u_int8_t invflags;
|
||||
};
|
||||
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void conntrack_mt_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_xt_conntrack_info *cm = src;
|
||||
struct xt_conntrack_info m = {
|
||||
@ -165,7 +160,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memcpy(dst, &m, sizeof(m));
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int conntrack_mt_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct xt_conntrack_info *m = src;
|
||||
struct compat_xt_conntrack_info cm = {
|
||||
@ -183,30 +178,30 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif
|
||||
|
||||
static struct xt_match conntrack_match __read_mostly = {
|
||||
static struct xt_match conntrack_mt_reg __read_mostly = {
|
||||
.name = "conntrack",
|
||||
.match = match,
|
||||
.checkentry = checkentry,
|
||||
.destroy = destroy,
|
||||
.match = conntrack_mt,
|
||||
.checkentry = conntrack_mt_check,
|
||||
.destroy = conntrack_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_conntrack_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_conntrack_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = conntrack_mt_compat_from_user,
|
||||
.compat_to_user = conntrack_mt_compat_to_user,
|
||||
#endif
|
||||
.family = AF_INET,
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init xt_conntrack_init(void)
|
||||
static int __init conntrack_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&conntrack_match);
|
||||
return xt_register_match(&conntrack_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit xt_conntrack_fini(void)
|
||||
static void __exit conntrack_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&conntrack_match);
|
||||
xt_unregister_match(&conntrack_mt_reg);
|
||||
}
|
||||
|
||||
module_init(xt_conntrack_init);
|
||||
module_exit(xt_conntrack_fini);
|
||||
module_init(conntrack_mt_init);
|
||||
module_exit(conntrack_mt_exit);
|
||||
|
@ -93,14 +93,9 @@ match_option(u_int8_t option, const struct sk_buff *skb, unsigned int protoff,
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
dccp_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_dccp_info *info = matchinfo;
|
||||
struct dccp_hdr _dh, *dh;
|
||||
@ -128,11 +123,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *inf,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
dccp_mt_check(const char *tablename, const void *inf,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_dccp_info *info = matchinfo;
|
||||
|
||||
@ -141,12 +134,12 @@ checkentry(const char *tablename,
|
||||
&& !(info->invflags & ~info->flags);
|
||||
}
|
||||
|
||||
static struct xt_match xt_dccp_match[] __read_mostly = {
|
||||
static struct xt_match dccp_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "dccp",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = dccp_mt_check,
|
||||
.match = dccp_mt,
|
||||
.matchsize = sizeof(struct xt_dccp_info),
|
||||
.proto = IPPROTO_DCCP,
|
||||
.me = THIS_MODULE,
|
||||
@ -154,15 +147,15 @@ static struct xt_match xt_dccp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "dccp",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = dccp_mt_check,
|
||||
.match = dccp_mt,
|
||||
.matchsize = sizeof(struct xt_dccp_info),
|
||||
.proto = IPPROTO_DCCP,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_dccp_init(void)
|
||||
static int __init dccp_mt_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
@ -172,7 +165,7 @@ static int __init xt_dccp_init(void)
|
||||
dccp_optbuf = kmalloc(256 * 4, GFP_KERNEL);
|
||||
if (!dccp_optbuf)
|
||||
return -ENOMEM;
|
||||
ret = xt_register_matches(xt_dccp_match, ARRAY_SIZE(xt_dccp_match));
|
||||
ret = xt_register_matches(dccp_mt_reg, ARRAY_SIZE(dccp_mt_reg));
|
||||
if (ret)
|
||||
goto out_kfree;
|
||||
return ret;
|
||||
@ -182,11 +175,11 @@ out_kfree:
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void __exit xt_dccp_fini(void)
|
||||
static void __exit dccp_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_dccp_match, ARRAY_SIZE(xt_dccp_match));
|
||||
xt_unregister_matches(dccp_mt_reg, ARRAY_SIZE(dccp_mt_reg));
|
||||
kfree(dccp_optbuf);
|
||||
}
|
||||
|
||||
module_init(xt_dccp_init);
|
||||
module_exit(xt_dccp_fini);
|
||||
module_init(dccp_mt_init);
|
||||
module_exit(dccp_mt_exit);
|
||||
|
@ -22,14 +22,10 @@ MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS("ipt_dscp");
|
||||
MODULE_ALIAS("ip6t_dscp");
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
static bool
|
||||
dscp_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_dscp_info *info = matchinfo;
|
||||
u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
|
||||
@ -37,14 +33,11 @@ static bool match(const struct sk_buff *skb,
|
||||
return (dscp == info->dscp) ^ !!info->invert;
|
||||
}
|
||||
|
||||
static bool match6(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
static bool
|
||||
dscp_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_dscp_info *info = matchinfo;
|
||||
u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
|
||||
@ -52,11 +45,10 @@ static bool match6(const struct sk_buff *skb,
|
||||
return (dscp == info->dscp) ^ !!info->invert;
|
||||
}
|
||||
|
||||
static bool checkentry(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
dscp_mt_check(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp;
|
||||
|
||||
@ -68,34 +60,34 @@ static bool checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_dscp_match[] __read_mostly = {
|
||||
static struct xt_match dscp_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "dscp",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = dscp_mt_check,
|
||||
.match = dscp_mt,
|
||||
.matchsize = sizeof(struct xt_dscp_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "dscp",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match6,
|
||||
.checkentry = dscp_mt_check,
|
||||
.match = dscp_mt6,
|
||||
.matchsize = sizeof(struct xt_dscp_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_dscp_match_init(void)
|
||||
static int __init dscp_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_dscp_match, ARRAY_SIZE(xt_dscp_match));
|
||||
return xt_register_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_dscp_match_fini(void)
|
||||
static void __exit dscp_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_dscp_match, ARRAY_SIZE(xt_dscp_match));
|
||||
xt_unregister_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_dscp_match_init);
|
||||
module_exit(xt_dscp_match_fini);
|
||||
module_init(dscp_mt_init);
|
||||
module_exit(dscp_mt_exit);
|
||||
|
@ -43,14 +43,9 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
esp_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct ip_esp_hdr _esp, *eh;
|
||||
const struct xt_esp *espinfo = matchinfo;
|
||||
@ -75,11 +70,9 @@ match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip_void,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
esp_mt_check(const char *tablename, const void *ip_void,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_esp *espinfo = matchinfo;
|
||||
|
||||
@ -91,12 +84,12 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_esp_match[] __read_mostly = {
|
||||
static struct xt_match esp_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "esp",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = esp_mt_check,
|
||||
.match = esp_mt,
|
||||
.matchsize = sizeof(struct xt_esp),
|
||||
.proto = IPPROTO_ESP,
|
||||
.me = THIS_MODULE,
|
||||
@ -104,23 +97,23 @@ static struct xt_match xt_esp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "esp",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = esp_mt_check,
|
||||
.match = esp_mt,
|
||||
.matchsize = sizeof(struct xt_esp),
|
||||
.proto = IPPROTO_ESP,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_esp_init(void)
|
||||
static int __init esp_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_esp_match, ARRAY_SIZE(xt_esp_match));
|
||||
return xt_register_matches(esp_mt_reg, ARRAY_SIZE(esp_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_esp_cleanup(void)
|
||||
static void __exit esp_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_esp_match, ARRAY_SIZE(xt_esp_match));
|
||||
xt_unregister_matches(esp_mt_reg, ARRAY_SIZE(esp_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_esp_init);
|
||||
module_exit(xt_esp_cleanup);
|
||||
module_init(esp_mt_init);
|
||||
module_exit(esp_mt_exit);
|
||||
|
@ -441,14 +441,10 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
|
||||
}
|
||||
|
||||
static bool
|
||||
hashlimit_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
hashlimit_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_hashlimit_info *r =
|
||||
((const struct xt_hashlimit_info *)matchinfo)->u.master;
|
||||
@ -500,11 +496,9 @@ hotdrop:
|
||||
}
|
||||
|
||||
static bool
|
||||
hashlimit_checkentry(const char *tablename,
|
||||
const void *inf,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
hashlimit_mt_check(const char *tablename, const void *inf,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_hashlimit_info *r = matchinfo;
|
||||
|
||||
@ -548,7 +542,7 @@ hashlimit_checkentry(const char *tablename,
|
||||
}
|
||||
|
||||
static void
|
||||
hashlimit_destroy(const struct xt_match *match, void *matchinfo)
|
||||
hashlimit_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
const struct xt_hashlimit_info *r = matchinfo;
|
||||
|
||||
@ -563,7 +557,7 @@ struct compat_xt_hashlimit_info {
|
||||
compat_uptr_t master;
|
||||
};
|
||||
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void hashlimit_mt_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
int off = offsetof(struct compat_xt_hashlimit_info, hinfo);
|
||||
|
||||
@ -571,7 +565,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memset(dst + off, 0, sizeof(struct compat_xt_hashlimit_info) - off);
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int hashlimit_mt_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
int off = offsetof(struct compat_xt_hashlimit_info, hinfo);
|
||||
|
||||
@ -579,33 +573,33 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif
|
||||
|
||||
static struct xt_match xt_hashlimit[] __read_mostly = {
|
||||
static struct xt_match hashlimit_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "hashlimit",
|
||||
.family = AF_INET,
|
||||
.match = hashlimit_match,
|
||||
.match = hashlimit_mt,
|
||||
.matchsize = sizeof(struct xt_hashlimit_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_hashlimit_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = hashlimit_mt_compat_from_user,
|
||||
.compat_to_user = hashlimit_mt_compat_to_user,
|
||||
#endif
|
||||
.checkentry = hashlimit_checkentry,
|
||||
.destroy = hashlimit_destroy,
|
||||
.checkentry = hashlimit_mt_check,
|
||||
.destroy = hashlimit_mt_destroy,
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "hashlimit",
|
||||
.family = AF_INET6,
|
||||
.match = hashlimit_match,
|
||||
.match = hashlimit_mt,
|
||||
.matchsize = sizeof(struct xt_hashlimit_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_hashlimit_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = hashlimit_mt_compat_from_user,
|
||||
.compat_to_user = hashlimit_mt_compat_to_user,
|
||||
#endif
|
||||
.checkentry = hashlimit_checkentry,
|
||||
.destroy = hashlimit_destroy,
|
||||
.checkentry = hashlimit_mt_check,
|
||||
.destroy = hashlimit_mt_destroy,
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
@ -728,11 +722,12 @@ static const struct file_operations dl_file_ops = {
|
||||
.release = seq_release
|
||||
};
|
||||
|
||||
static int __init xt_hashlimit_init(void)
|
||||
static int __init hashlimit_mt_init(void)
|
||||
{
|
||||
int err;
|
||||
|
||||
err = xt_register_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit));
|
||||
err = xt_register_matches(hashlimit_mt_reg,
|
||||
ARRAY_SIZE(hashlimit_mt_reg));
|
||||
if (err < 0)
|
||||
goto err1;
|
||||
|
||||
@ -762,19 +757,19 @@ err4:
|
||||
err3:
|
||||
kmem_cache_destroy(hashlimit_cachep);
|
||||
err2:
|
||||
xt_unregister_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit));
|
||||
xt_unregister_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg));
|
||||
err1:
|
||||
return err;
|
||||
|
||||
}
|
||||
|
||||
static void __exit xt_hashlimit_fini(void)
|
||||
static void __exit hashlimit_mt_exit(void)
|
||||
{
|
||||
remove_proc_entry("ipt_hashlimit", init_net.proc_net);
|
||||
remove_proc_entry("ip6t_hashlimit", init_net.proc_net);
|
||||
kmem_cache_destroy(hashlimit_cachep);
|
||||
xt_unregister_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit));
|
||||
xt_unregister_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_hashlimit_init);
|
||||
module_exit(xt_hashlimit_fini);
|
||||
module_init(hashlimit_mt_init);
|
||||
module_exit(hashlimit_mt_exit);
|
||||
|
@ -24,14 +24,10 @@ MODULE_ALIAS("ip6t_helper");
|
||||
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
helper_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_helper_info *info = matchinfo;
|
||||
const struct nf_conn *ct;
|
||||
@ -61,11 +57,10 @@ match(const struct sk_buff *skb,
|
||||
return ret;
|
||||
}
|
||||
|
||||
static bool check(const char *tablename,
|
||||
const void *inf,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
helper_mt_check(const char *tablename, const void *inf,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_helper_info *info = matchinfo;
|
||||
|
||||
@ -78,44 +73,41 @@ static bool check(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static void
|
||||
destroy(const struct xt_match *match, void *matchinfo)
|
||||
static void helper_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(match->family);
|
||||
}
|
||||
|
||||
static struct xt_match xt_helper_match[] __read_mostly = {
|
||||
static struct xt_match helper_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "helper",
|
||||
.family = AF_INET,
|
||||
.checkentry = check,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = helper_mt_check,
|
||||
.match = helper_mt,
|
||||
.destroy = helper_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_helper_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "helper",
|
||||
.family = AF_INET6,
|
||||
.checkentry = check,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = helper_mt_check,
|
||||
.match = helper_mt,
|
||||
.destroy = helper_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_helper_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_helper_init(void)
|
||||
static int __init helper_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_helper_match,
|
||||
ARRAY_SIZE(xt_helper_match));
|
||||
return xt_register_matches(helper_mt_reg, ARRAY_SIZE(helper_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_helper_fini(void)
|
||||
static void __exit helper_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_helper_match, ARRAY_SIZE(xt_helper_match));
|
||||
xt_unregister_matches(helper_mt_reg, ARRAY_SIZE(helper_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_helper_init);
|
||||
module_exit(xt_helper_fini);
|
||||
|
||||
module_init(helper_mt_init);
|
||||
module_exit(helper_mt_exit);
|
||||
|
@ -21,14 +21,10 @@ MODULE_ALIAS("ipt_length");
|
||||
MODULE_ALIAS("ip6t_length");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
length_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_length_info *info = matchinfo;
|
||||
u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len);
|
||||
@ -37,14 +33,10 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
match6(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
length_mt6(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_length_info *info = matchinfo;
|
||||
const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) +
|
||||
@ -53,33 +45,32 @@ match6(const struct sk_buff *skb,
|
||||
return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
|
||||
}
|
||||
|
||||
static struct xt_match xt_length_match[] __read_mostly = {
|
||||
static struct xt_match length_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "length",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = length_mt,
|
||||
.matchsize = sizeof(struct xt_length_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "length",
|
||||
.family = AF_INET6,
|
||||
.match = match6,
|
||||
.match = length_mt6,
|
||||
.matchsize = sizeof(struct xt_length_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_length_init(void)
|
||||
static int __init length_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_length_match,
|
||||
ARRAY_SIZE(xt_length_match));
|
||||
return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_length_fini(void)
|
||||
static void __exit length_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_length_match, ARRAY_SIZE(xt_length_match));
|
||||
xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_length_init);
|
||||
module_exit(xt_length_fini);
|
||||
module_init(length_mt_init);
|
||||
module_exit(length_mt_exit);
|
||||
|
@ -58,14 +58,10 @@ static DEFINE_SPINLOCK(limit_lock);
|
||||
#define CREDITS_PER_JIFFY POW2_BELOW32(MAX_CPJ)
|
||||
|
||||
static bool
|
||||
ipt_limit_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
limit_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
struct xt_rateinfo *r =
|
||||
((const struct xt_rateinfo *)matchinfo)->master;
|
||||
@ -100,11 +96,9 @@ user2credits(u_int32_t user)
|
||||
}
|
||||
|
||||
static bool
|
||||
ipt_limit_checkentry(const char *tablename,
|
||||
const void *inf,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
limit_mt_check(const char *tablename, const void *inf,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_rateinfo *r = matchinfo;
|
||||
|
||||
@ -143,7 +137,7 @@ struct compat_xt_rateinfo {
|
||||
|
||||
/* To keep the full "prev" timestamp, the upper 32 bits are stored in the
|
||||
* master pointer, which does not need to be preserved. */
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void limit_mt_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_xt_rateinfo *cm = src;
|
||||
struct xt_rateinfo m = {
|
||||
@ -157,7 +151,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memcpy(dst, &m, sizeof(m));
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int limit_mt_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct xt_rateinfo *m = src;
|
||||
struct compat_xt_rateinfo cm = {
|
||||
@ -173,39 +167,39 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_match xt_limit_match[] __read_mostly = {
|
||||
static struct xt_match limit_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "limit",
|
||||
.family = AF_INET,
|
||||
.checkentry = ipt_limit_checkentry,
|
||||
.match = ipt_limit_match,
|
||||
.checkentry = limit_mt_check,
|
||||
.match = limit_mt,
|
||||
.matchsize = sizeof(struct xt_rateinfo),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_rateinfo),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = limit_mt_compat_from_user,
|
||||
.compat_to_user = limit_mt_compat_to_user,
|
||||
#endif
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "limit",
|
||||
.family = AF_INET6,
|
||||
.checkentry = ipt_limit_checkentry,
|
||||
.match = ipt_limit_match,
|
||||
.checkentry = limit_mt_check,
|
||||
.match = limit_mt,
|
||||
.matchsize = sizeof(struct xt_rateinfo),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_limit_init(void)
|
||||
static int __init limit_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_limit_match, ARRAY_SIZE(xt_limit_match));
|
||||
return xt_register_matches(limit_mt_reg, ARRAY_SIZE(limit_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_limit_fini(void)
|
||||
static void __exit limit_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_limit_match, ARRAY_SIZE(xt_limit_match));
|
||||
xt_unregister_matches(limit_mt_reg, ARRAY_SIZE(limit_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_limit_init);
|
||||
module_exit(xt_limit_fini);
|
||||
module_init(limit_mt_init);
|
||||
module_exit(limit_mt_exit);
|
||||
|
@ -25,14 +25,9 @@ MODULE_ALIAS("ipt_mac");
|
||||
MODULE_ALIAS("ip6t_mac");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
mac_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_mac_info *info = matchinfo;
|
||||
|
||||
@ -44,11 +39,11 @@ match(const struct sk_buff *skb,
|
||||
^ info->invert);
|
||||
}
|
||||
|
||||
static struct xt_match xt_mac_match[] __read_mostly = {
|
||||
static struct xt_match mac_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "mac",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = mac_mt,
|
||||
.matchsize = sizeof(struct xt_mac_info),
|
||||
.hooks = (1 << NF_INET_PRE_ROUTING) |
|
||||
(1 << NF_INET_LOCAL_IN) |
|
||||
@ -58,7 +53,7 @@ static struct xt_match xt_mac_match[] __read_mostly = {
|
||||
{
|
||||
.name = "mac",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = mac_mt,
|
||||
.matchsize = sizeof(struct xt_mac_info),
|
||||
.hooks = (1 << NF_INET_PRE_ROUTING) |
|
||||
(1 << NF_INET_LOCAL_IN) |
|
||||
@ -67,15 +62,15 @@ static struct xt_match xt_mac_match[] __read_mostly = {
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_mac_init(void)
|
||||
static int __init mac_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_mac_match, ARRAY_SIZE(xt_mac_match));
|
||||
return xt_register_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_mac_fini(void)
|
||||
static void __exit mac_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_mac_match, ARRAY_SIZE(xt_mac_match));
|
||||
xt_unregister_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_mac_init);
|
||||
module_exit(xt_mac_fini);
|
||||
module_init(mac_mt_init);
|
||||
module_exit(mac_mt_exit);
|
||||
|
@ -20,14 +20,9 @@ MODULE_ALIAS("ipt_mark");
|
||||
MODULE_ALIAS("ip6t_mark");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
mark_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_mark_info *info = matchinfo;
|
||||
|
||||
@ -35,11 +30,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *entry,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
mark_mt_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_mark_info *minfo = matchinfo;
|
||||
|
||||
@ -58,7 +51,7 @@ struct compat_xt_mark_info {
|
||||
u_int16_t __pad2;
|
||||
};
|
||||
|
||||
static void compat_from_user(void *dst, void *src)
|
||||
static void mark_mt_compat_from_user(void *dst, void *src)
|
||||
{
|
||||
const struct compat_xt_mark_info *cm = src;
|
||||
struct xt_mark_info m = {
|
||||
@ -69,7 +62,7 @@ static void compat_from_user(void *dst, void *src)
|
||||
memcpy(dst, &m, sizeof(m));
|
||||
}
|
||||
|
||||
static int compat_to_user(void __user *dst, void *src)
|
||||
static int mark_mt_compat_to_user(void __user *dst, void *src)
|
||||
{
|
||||
const struct xt_mark_info *m = src;
|
||||
struct compat_xt_mark_info cm = {
|
||||
@ -81,39 +74,39 @@ static int compat_to_user(void __user *dst, void *src)
|
||||
}
|
||||
#endif /* CONFIG_COMPAT */
|
||||
|
||||
static struct xt_match xt_mark_match[] __read_mostly = {
|
||||
static struct xt_match mark_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "mark",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = mark_mt_check,
|
||||
.match = mark_mt,
|
||||
.matchsize = sizeof(struct xt_mark_info),
|
||||
#ifdef CONFIG_COMPAT
|
||||
.compatsize = sizeof(struct compat_xt_mark_info),
|
||||
.compat_from_user = compat_from_user,
|
||||
.compat_to_user = compat_to_user,
|
||||
.compat_from_user = mark_mt_compat_from_user,
|
||||
.compat_to_user = mark_mt_compat_to_user,
|
||||
#endif
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "mark",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = mark_mt_check,
|
||||
.match = mark_mt,
|
||||
.matchsize = sizeof(struct xt_mark_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_mark_init(void)
|
||||
static int __init mark_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_mark_match, ARRAY_SIZE(xt_mark_match));
|
||||
return xt_register_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_mark_fini(void)
|
||||
static void __exit mark_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_mark_match, ARRAY_SIZE(xt_mark_match));
|
||||
xt_unregister_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_mark_init);
|
||||
module_exit(xt_mark_fini);
|
||||
module_init(mark_mt_init);
|
||||
module_exit(mark_mt_exit);
|
||||
|
@ -34,8 +34,8 @@ MODULE_ALIAS("ip6t_multiport");
|
||||
|
||||
/* Returns 1 if the port is matched by the test, 0 otherwise. */
|
||||
static inline bool
|
||||
ports_match(const u_int16_t *portlist, enum xt_multiport_flags flags,
|
||||
u_int8_t count, u_int16_t src, u_int16_t dst)
|
||||
ports_match_v0(const u_int16_t *portlist, enum xt_multiport_flags flags,
|
||||
u_int8_t count, u_int16_t src, u_int16_t dst)
|
||||
{
|
||||
unsigned int i;
|
||||
for (i = 0; i < count; i++) {
|
||||
@ -95,14 +95,10 @@ ports_match_v1(const struct xt_multiport_v1 *minfo,
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
multiport_mt_v0(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
__be16 _ports[2], *pptr;
|
||||
const struct xt_multiport *multiinfo = matchinfo;
|
||||
@ -120,20 +116,15 @@ match(const struct sk_buff *skb,
|
||||
return false;
|
||||
}
|
||||
|
||||
return ports_match(multiinfo->ports,
|
||||
multiinfo->flags, multiinfo->count,
|
||||
ntohs(pptr[0]), ntohs(pptr[1]));
|
||||
return ports_match_v0(multiinfo->ports, multiinfo->flags,
|
||||
multiinfo->count, ntohs(pptr[0]), ntohs(pptr[1]));
|
||||
}
|
||||
|
||||
static bool
|
||||
match_v1(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
multiport_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
__be16 _ports[2], *pptr;
|
||||
const struct xt_multiport_v1 *multiinfo = matchinfo;
|
||||
@ -173,11 +164,9 @@ check(u_int16_t proto,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
multiport_mt_check_v0(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_ip *ip = info;
|
||||
const struct xt_multiport *multiinfo = matchinfo;
|
||||
@ -187,11 +176,9 @@ checkentry(const char *tablename,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry_v1(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
multiport_mt_check(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ipt_ip *ip = info;
|
||||
const struct xt_multiport_v1 *multiinfo = matchinfo;
|
||||
@ -201,11 +188,9 @@ checkentry_v1(const char *tablename,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry6(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
multiport_mt6_check_v0(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_ip6 *ip = info;
|
||||
const struct xt_multiport *multiinfo = matchinfo;
|
||||
@ -215,11 +200,9 @@ checkentry6(const char *tablename,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry6_v1(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
multiport_mt6_check(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct ip6t_ip6 *ip = info;
|
||||
const struct xt_multiport_v1 *multiinfo = matchinfo;
|
||||
@ -228,13 +211,13 @@ checkentry6_v1(const char *tablename,
|
||||
multiinfo->count);
|
||||
}
|
||||
|
||||
static struct xt_match xt_multiport_match[] __read_mostly = {
|
||||
static struct xt_match multiport_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "multiport",
|
||||
.family = AF_INET,
|
||||
.revision = 0,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = multiport_mt_check_v0,
|
||||
.match = multiport_mt_v0,
|
||||
.matchsize = sizeof(struct xt_multiport),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
@ -242,8 +225,8 @@ static struct xt_match xt_multiport_match[] __read_mostly = {
|
||||
.name = "multiport",
|
||||
.family = AF_INET,
|
||||
.revision = 1,
|
||||
.checkentry = checkentry_v1,
|
||||
.match = match_v1,
|
||||
.checkentry = multiport_mt_check,
|
||||
.match = multiport_mt,
|
||||
.matchsize = sizeof(struct xt_multiport_v1),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
@ -251,8 +234,8 @@ static struct xt_match xt_multiport_match[] __read_mostly = {
|
||||
.name = "multiport",
|
||||
.family = AF_INET6,
|
||||
.revision = 0,
|
||||
.checkentry = checkentry6,
|
||||
.match = match,
|
||||
.checkentry = multiport_mt6_check_v0,
|
||||
.match = multiport_mt_v0,
|
||||
.matchsize = sizeof(struct xt_multiport),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
@ -260,24 +243,23 @@ static struct xt_match xt_multiport_match[] __read_mostly = {
|
||||
.name = "multiport",
|
||||
.family = AF_INET6,
|
||||
.revision = 1,
|
||||
.checkentry = checkentry6_v1,
|
||||
.match = match_v1,
|
||||
.checkentry = multiport_mt6_check,
|
||||
.match = multiport_mt,
|
||||
.matchsize = sizeof(struct xt_multiport_v1),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_multiport_init(void)
|
||||
static int __init multiport_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_multiport_match,
|
||||
ARRAY_SIZE(xt_multiport_match));
|
||||
return xt_register_matches(multiport_mt_reg,
|
||||
ARRAY_SIZE(multiport_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_multiport_fini(void)
|
||||
static void __exit multiport_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_multiport_match,
|
||||
ARRAY_SIZE(xt_multiport_match));
|
||||
xt_unregister_matches(multiport_mt_reg, ARRAY_SIZE(multiport_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_multiport_init);
|
||||
module_exit(xt_multiport_fini);
|
||||
module_init(multiport_mt_init);
|
||||
module_exit(multiport_mt_exit);
|
||||
|
@ -21,14 +21,10 @@ MODULE_ALIAS("ipt_physdev");
|
||||
MODULE_ALIAS("ip6t_physdev");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
physdev_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
int i;
|
||||
static const char nulldevname[IFNAMSIZ];
|
||||
@ -99,11 +95,9 @@ match_outdev:
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
physdev_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_physdev_info *info = matchinfo;
|
||||
|
||||
@ -124,35 +118,34 @@ checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_physdev_match[] __read_mostly = {
|
||||
static struct xt_match physdev_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "physdev",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = physdev_mt_check,
|
||||
.match = physdev_mt,
|
||||
.matchsize = sizeof(struct xt_physdev_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "physdev",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = physdev_mt_check,
|
||||
.match = physdev_mt,
|
||||
.matchsize = sizeof(struct xt_physdev_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_physdev_init(void)
|
||||
static int __init physdev_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_physdev_match,
|
||||
ARRAY_SIZE(xt_physdev_match));
|
||||
return xt_register_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_physdev_fini(void)
|
||||
static void __exit physdev_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_physdev_match, ARRAY_SIZE(xt_physdev_match));
|
||||
xt_unregister_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_physdev_init);
|
||||
module_exit(xt_physdev_fini);
|
||||
module_init(physdev_mt_init);
|
||||
module_exit(physdev_mt_exit);
|
||||
|
@ -21,14 +21,11 @@ MODULE_DESCRIPTION("IP tables match to match on linklayer packet type");
|
||||
MODULE_ALIAS("ipt_pkttype");
|
||||
MODULE_ALIAS("ip6t_pkttype");
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
static bool
|
||||
pkttype_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
u_int8_t type;
|
||||
const struct xt_pkttype_info *info = matchinfo;
|
||||
@ -43,33 +40,32 @@ static bool match(const struct sk_buff *skb,
|
||||
return (type == info->pkttype) ^ info->invert;
|
||||
}
|
||||
|
||||
static struct xt_match xt_pkttype_match[] __read_mostly = {
|
||||
static struct xt_match pkttype_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "pkttype",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = pkttype_mt,
|
||||
.matchsize = sizeof(struct xt_pkttype_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "pkttype",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = pkttype_mt,
|
||||
.matchsize = sizeof(struct xt_pkttype_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_pkttype_init(void)
|
||||
static int __init pkttype_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_pkttype_match,
|
||||
ARRAY_SIZE(xt_pkttype_match));
|
||||
return xt_register_matches(pkttype_mt_reg, ARRAY_SIZE(pkttype_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_pkttype_fini(void)
|
||||
static void __exit pkttype_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_pkttype_match, ARRAY_SIZE(xt_pkttype_match));
|
||||
xt_unregister_matches(pkttype_mt_reg, ARRAY_SIZE(pkttype_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_pkttype_init);
|
||||
module_exit(xt_pkttype_fini);
|
||||
module_init(pkttype_mt_init);
|
||||
module_exit(pkttype_mt_exit);
|
||||
|
@ -108,14 +108,11 @@ match_policy_out(const struct sk_buff *skb, const struct xt_policy_info *info,
|
||||
return strict ? i == info->len : 0;
|
||||
}
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
static bool
|
||||
policy_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_policy_info *info = matchinfo;
|
||||
int ret;
|
||||
@ -133,9 +130,10 @@ static bool match(const struct sk_buff *skb,
|
||||
return ret;
|
||||
}
|
||||
|
||||
static bool checkentry(const char *tablename, const void *ip_void,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo, unsigned int hook_mask)
|
||||
static bool
|
||||
policy_mt_check(const char *tablename, const void *ip_void,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_policy_info *info = matchinfo;
|
||||
|
||||
@ -163,37 +161,36 @@ static bool checkentry(const char *tablename, const void *ip_void,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_policy_match[] __read_mostly = {
|
||||
static struct xt_match policy_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "policy",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = policy_mt_check,
|
||||
.match = policy_mt,
|
||||
.matchsize = sizeof(struct xt_policy_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "policy",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = policy_mt_check,
|
||||
.match = policy_mt,
|
||||
.matchsize = sizeof(struct xt_policy_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init init(void)
|
||||
static int __init policy_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_policy_match,
|
||||
ARRAY_SIZE(xt_policy_match));
|
||||
return xt_register_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit fini(void)
|
||||
static void __exit policy_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_policy_match, ARRAY_SIZE(xt_policy_match));
|
||||
xt_unregister_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg));
|
||||
}
|
||||
|
||||
module_init(init);
|
||||
module_exit(fini);
|
||||
module_init(policy_mt_init);
|
||||
module_exit(policy_mt_exit);
|
||||
MODULE_ALIAS("ipt_policy");
|
||||
MODULE_ALIAS("ip6t_policy");
|
||||
|
@ -17,10 +17,10 @@ MODULE_ALIAS("ip6t_quota");
|
||||
static DEFINE_SPINLOCK(quota_lock);
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
quota_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
struct xt_quota_info *q =
|
||||
((const struct xt_quota_info *)matchinfo)->master;
|
||||
@ -40,9 +40,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
quota_mt_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_quota_info *q = matchinfo;
|
||||
|
||||
@ -53,34 +53,34 @@ checkentry(const char *tablename, const void *entry,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_quota_match[] __read_mostly = {
|
||||
static struct xt_match quota_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "quota",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = quota_mt_check,
|
||||
.match = quota_mt,
|
||||
.matchsize = sizeof(struct xt_quota_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "quota",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = quota_mt_check,
|
||||
.match = quota_mt,
|
||||
.matchsize = sizeof(struct xt_quota_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_quota_init(void)
|
||||
static int __init quota_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_quota_match, ARRAY_SIZE(xt_quota_match));
|
||||
return xt_register_matches(quota_mt_reg, ARRAY_SIZE(quota_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_quota_fini(void)
|
||||
static void __exit quota_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_quota_match, ARRAY_SIZE(xt_quota_match));
|
||||
xt_unregister_matches(quota_mt_reg, ARRAY_SIZE(quota_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_quota_init);
|
||||
module_exit(xt_quota_fini);
|
||||
module_init(quota_mt_init);
|
||||
module_exit(quota_mt_exit);
|
||||
|
@ -22,14 +22,10 @@ MODULE_DESCRIPTION("X_tables realm match");
|
||||
MODULE_ALIAS("ipt_realm");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
realm_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_realm_info *info = matchinfo;
|
||||
const struct dst_entry *dst = skb->dst;
|
||||
@ -37,9 +33,9 @@ match(const struct sk_buff *skb,
|
||||
return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
|
||||
}
|
||||
|
||||
static struct xt_match realm_match __read_mostly = {
|
||||
static struct xt_match realm_mt_reg __read_mostly = {
|
||||
.name = "realm",
|
||||
.match = match,
|
||||
.match = realm_mt,
|
||||
.matchsize = sizeof(struct xt_realm_info),
|
||||
.hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) |
|
||||
(1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN),
|
||||
@ -47,15 +43,15 @@ static struct xt_match realm_match __read_mostly = {
|
||||
.me = THIS_MODULE
|
||||
};
|
||||
|
||||
static int __init xt_realm_init(void)
|
||||
static int __init realm_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&realm_match);
|
||||
return xt_register_match(&realm_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit xt_realm_fini(void)
|
||||
static void __exit realm_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&realm_match);
|
||||
xt_unregister_match(&realm_mt_reg);
|
||||
}
|
||||
|
||||
module_init(xt_realm_init);
|
||||
module_exit(xt_realm_fini);
|
||||
module_init(realm_mt_init);
|
||||
module_exit(realm_mt_exit);
|
||||
|
@ -116,14 +116,9 @@ match_packet(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
sctp_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_sctp_info *info = matchinfo;
|
||||
sctp_sctphdr_t _sh, *sh;
|
||||
@ -153,11 +148,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename,
|
||||
const void *inf,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
sctp_mt_check(const char *tablename, const void *inf,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_sctp_info *info = matchinfo;
|
||||
|
||||
@ -171,12 +164,12 @@ checkentry(const char *tablename,
|
||||
| SCTP_CHUNK_MATCH_ONLY)));
|
||||
}
|
||||
|
||||
static struct xt_match xt_sctp_match[] __read_mostly = {
|
||||
static struct xt_match sctp_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "sctp",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = sctp_mt_check,
|
||||
.match = sctp_mt,
|
||||
.matchsize = sizeof(struct xt_sctp_info),
|
||||
.proto = IPPROTO_SCTP,
|
||||
.me = THIS_MODULE
|
||||
@ -184,23 +177,23 @@ static struct xt_match xt_sctp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "sctp",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = sctp_mt_check,
|
||||
.match = sctp_mt,
|
||||
.matchsize = sizeof(struct xt_sctp_info),
|
||||
.proto = IPPROTO_SCTP,
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_sctp_init(void)
|
||||
static int __init sctp_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match));
|
||||
return xt_register_matches(sctp_mt_reg, ARRAY_SIZE(sctp_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_sctp_fini(void)
|
||||
static void __exit sctp_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match));
|
||||
xt_unregister_matches(sctp_mt_reg, ARRAY_SIZE(sctp_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_sctp_init);
|
||||
module_exit(xt_sctp_fini);
|
||||
module_init(sctp_mt_init);
|
||||
module_exit(sctp_mt_exit);
|
||||
|
@ -21,14 +21,10 @@ MODULE_ALIAS("ipt_state");
|
||||
MODULE_ALIAS("ip6t_state");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
state_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_state_info *sinfo = matchinfo;
|
||||
enum ip_conntrack_info ctinfo;
|
||||
@ -44,11 +40,10 @@ match(const struct sk_buff *skb,
|
||||
return (sinfo->statemask & statebit);
|
||||
}
|
||||
|
||||
static bool check(const char *tablename,
|
||||
const void *inf,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
state_mt_check(const char *tablename, const void *inf,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
|
||||
printk(KERN_WARNING "can't load conntrack support for "
|
||||
@ -58,42 +53,41 @@ static bool check(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static void
|
||||
destroy(const struct xt_match *match, void *matchinfo)
|
||||
static void state_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
nf_ct_l3proto_module_put(match->family);
|
||||
}
|
||||
|
||||
static struct xt_match xt_state_match[] __read_mostly = {
|
||||
static struct xt_match state_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "state",
|
||||
.family = AF_INET,
|
||||
.checkentry = check,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = state_mt_check,
|
||||
.match = state_mt,
|
||||
.destroy = state_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_state_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "state",
|
||||
.family = AF_INET6,
|
||||
.checkentry = check,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = state_mt_check,
|
||||
.match = state_mt,
|
||||
.destroy = state_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_state_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_state_init(void)
|
||||
static int __init state_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_state_match, ARRAY_SIZE(xt_state_match));
|
||||
return xt_register_matches(state_mt_reg, ARRAY_SIZE(state_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_state_fini(void)
|
||||
static void __exit state_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_state_match, ARRAY_SIZE(xt_state_match));
|
||||
xt_unregister_matches(state_mt_reg, ARRAY_SIZE(state_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_state_init);
|
||||
module_exit(xt_state_fini);
|
||||
module_init(state_mt_init);
|
||||
module_exit(state_mt_exit);
|
||||
|
@ -25,10 +25,10 @@ MODULE_ALIAS("ip6t_statistic");
|
||||
static DEFINE_SPINLOCK(nth_lock);
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in, const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
statistic_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
struct xt_statistic_info *info = (struct xt_statistic_info *)matchinfo;
|
||||
bool ret = info->flags & XT_STATISTIC_INVERT;
|
||||
@ -53,9 +53,9 @@ match(const struct sk_buff *skb,
|
||||
}
|
||||
|
||||
static bool
|
||||
checkentry(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
statistic_mt_check(const char *tablename, const void *entry,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_statistic_info *info = matchinfo;
|
||||
|
||||
@ -66,36 +66,36 @@ checkentry(const char *tablename, const void *entry,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_statistic_match[] __read_mostly = {
|
||||
static struct xt_match statistic_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "statistic",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = statistic_mt_check,
|
||||
.match = statistic_mt,
|
||||
.matchsize = sizeof(struct xt_statistic_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "statistic",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.checkentry = statistic_mt_check,
|
||||
.match = statistic_mt,
|
||||
.matchsize = sizeof(struct xt_statistic_info),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_statistic_init(void)
|
||||
static int __init statistic_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_statistic_match,
|
||||
ARRAY_SIZE(xt_statistic_match));
|
||||
return xt_register_matches(statistic_mt_reg,
|
||||
ARRAY_SIZE(statistic_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_statistic_fini(void)
|
||||
static void __exit statistic_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_statistic_match,
|
||||
ARRAY_SIZE(xt_statistic_match));
|
||||
xt_unregister_matches(statistic_mt_reg,
|
||||
ARRAY_SIZE(statistic_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_statistic_init);
|
||||
module_exit(xt_statistic_fini);
|
||||
module_init(statistic_mt_init);
|
||||
module_exit(statistic_mt_exit);
|
||||
|
@ -21,14 +21,11 @@ MODULE_LICENSE("GPL");
|
||||
MODULE_ALIAS("ipt_string");
|
||||
MODULE_ALIAS("ip6t_string");
|
||||
|
||||
static bool match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
static bool
|
||||
string_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_string_info *conf = matchinfo;
|
||||
struct ts_state state;
|
||||
@ -42,11 +39,10 @@ static bool match(const struct sk_buff *skb,
|
||||
|
||||
#define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m)
|
||||
|
||||
static bool checkentry(const char *tablename,
|
||||
const void *ip,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
string_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_string_info *conf = matchinfo;
|
||||
struct ts_config *ts_conf;
|
||||
@ -68,41 +64,41 @@ static bool checkentry(const char *tablename,
|
||||
return true;
|
||||
}
|
||||
|
||||
static void destroy(const struct xt_match *match, void *matchinfo)
|
||||
static void string_mt_destroy(const struct xt_match *match, void *matchinfo)
|
||||
{
|
||||
textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config);
|
||||
}
|
||||
|
||||
static struct xt_match xt_string_match[] __read_mostly = {
|
||||
static struct xt_match string_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "string",
|
||||
.family = AF_INET,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = string_mt_check,
|
||||
.match = string_mt,
|
||||
.destroy = string_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_string_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
{
|
||||
.name = "string",
|
||||
.family = AF_INET6,
|
||||
.checkentry = checkentry,
|
||||
.match = match,
|
||||
.destroy = destroy,
|
||||
.checkentry = string_mt_check,
|
||||
.match = string_mt,
|
||||
.destroy = string_mt_destroy,
|
||||
.matchsize = sizeof(struct xt_string_info),
|
||||
.me = THIS_MODULE
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_string_init(void)
|
||||
static int __init string_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_string_match, ARRAY_SIZE(xt_string_match));
|
||||
return xt_register_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_string_fini(void)
|
||||
static void __exit string_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_string_match, ARRAY_SIZE(xt_string_match));
|
||||
xt_unregister_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_string_init);
|
||||
module_exit(xt_string_fini);
|
||||
module_init(string_mt_init);
|
||||
module_exit(string_mt_exit);
|
||||
|
@ -25,14 +25,10 @@ MODULE_ALIAS("ipt_tcpmss");
|
||||
MODULE_ALIAS("ip6t_tcpmss");
|
||||
|
||||
static bool
|
||||
match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
tcpmss_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
{
|
||||
const struct xt_tcpmss_match_info *info = matchinfo;
|
||||
struct tcphdr _tcph, *th;
|
||||
@ -82,11 +78,11 @@ dropit:
|
||||
return false;
|
||||
}
|
||||
|
||||
static struct xt_match xt_tcpmss_match[] __read_mostly = {
|
||||
static struct xt_match tcpmss_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "tcpmss",
|
||||
.family = AF_INET,
|
||||
.match = match,
|
||||
.match = tcpmss_mt,
|
||||
.matchsize = sizeof(struct xt_tcpmss_match_info),
|
||||
.proto = IPPROTO_TCP,
|
||||
.me = THIS_MODULE,
|
||||
@ -94,23 +90,22 @@ static struct xt_match xt_tcpmss_match[] __read_mostly = {
|
||||
{
|
||||
.name = "tcpmss",
|
||||
.family = AF_INET6,
|
||||
.match = match,
|
||||
.match = tcpmss_mt,
|
||||
.matchsize = sizeof(struct xt_tcpmss_match_info),
|
||||
.proto = IPPROTO_TCP,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_tcpmss_init(void)
|
||||
static int __init tcpmss_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_tcpmss_match,
|
||||
ARRAY_SIZE(xt_tcpmss_match));
|
||||
return xt_register_matches(tcpmss_mt_reg, ARRAY_SIZE(tcpmss_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_tcpmss_fini(void)
|
||||
static void __exit tcpmss_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_tcpmss_match, ARRAY_SIZE(xt_tcpmss_match));
|
||||
xt_unregister_matches(tcpmss_mt_reg, ARRAY_SIZE(tcpmss_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_tcpmss_init);
|
||||
module_exit(xt_tcpmss_fini);
|
||||
module_init(tcpmss_mt_init);
|
||||
module_exit(tcpmss_mt_exit);
|
||||
|
@ -68,14 +68,9 @@ tcp_find_option(u_int8_t option,
|
||||
}
|
||||
|
||||
static bool
|
||||
tcp_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
tcp_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct tcphdr _tcph, *th;
|
||||
const struct xt_tcp *tcpinfo = matchinfo;
|
||||
@ -134,11 +129,9 @@ tcp_match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
tcp_checkentry(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
tcp_mt_check(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_tcp *tcpinfo = matchinfo;
|
||||
|
||||
@ -147,14 +140,9 @@ tcp_checkentry(const char *tablename,
|
||||
}
|
||||
|
||||
static bool
|
||||
udp_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match,
|
||||
const void *matchinfo,
|
||||
int offset,
|
||||
unsigned int protoff,
|
||||
bool *hotdrop)
|
||||
udp_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
struct udphdr _udph, *uh;
|
||||
const struct xt_udp *udpinfo = matchinfo;
|
||||
@ -182,11 +170,9 @@ udp_match(const struct sk_buff *skb,
|
||||
|
||||
/* Called when user tries to insert an entry of this type. */
|
||||
static bool
|
||||
udp_checkentry(const char *tablename,
|
||||
const void *info,
|
||||
const struct xt_match *match,
|
||||
void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
udp_mt_check(const char *tablename, const void *info,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
const struct xt_udp *udpinfo = matchinfo;
|
||||
|
||||
@ -194,12 +180,12 @@ udp_checkentry(const char *tablename,
|
||||
return !(udpinfo->invflags & ~XT_UDP_INV_MASK);
|
||||
}
|
||||
|
||||
static struct xt_match xt_tcpudp_match[] __read_mostly = {
|
||||
static struct xt_match tcpudp_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "tcp",
|
||||
.family = AF_INET,
|
||||
.checkentry = tcp_checkentry,
|
||||
.match = tcp_match,
|
||||
.checkentry = tcp_mt_check,
|
||||
.match = tcp_mt,
|
||||
.matchsize = sizeof(struct xt_tcp),
|
||||
.proto = IPPROTO_TCP,
|
||||
.me = THIS_MODULE,
|
||||
@ -207,8 +193,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "tcp",
|
||||
.family = AF_INET6,
|
||||
.checkentry = tcp_checkentry,
|
||||
.match = tcp_match,
|
||||
.checkentry = tcp_mt_check,
|
||||
.match = tcp_mt,
|
||||
.matchsize = sizeof(struct xt_tcp),
|
||||
.proto = IPPROTO_TCP,
|
||||
.me = THIS_MODULE,
|
||||
@ -216,8 +202,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "udp",
|
||||
.family = AF_INET,
|
||||
.checkentry = udp_checkentry,
|
||||
.match = udp_match,
|
||||
.checkentry = udp_mt_check,
|
||||
.match = udp_mt,
|
||||
.matchsize = sizeof(struct xt_udp),
|
||||
.proto = IPPROTO_UDP,
|
||||
.me = THIS_MODULE,
|
||||
@ -225,8 +211,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "udp",
|
||||
.family = AF_INET6,
|
||||
.checkentry = udp_checkentry,
|
||||
.match = udp_match,
|
||||
.checkentry = udp_mt_check,
|
||||
.match = udp_mt,
|
||||
.matchsize = sizeof(struct xt_udp),
|
||||
.proto = IPPROTO_UDP,
|
||||
.me = THIS_MODULE,
|
||||
@ -234,8 +220,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "udplite",
|
||||
.family = AF_INET,
|
||||
.checkentry = udp_checkentry,
|
||||
.match = udp_match,
|
||||
.checkentry = udp_mt_check,
|
||||
.match = udp_mt,
|
||||
.matchsize = sizeof(struct xt_udp),
|
||||
.proto = IPPROTO_UDPLITE,
|
||||
.me = THIS_MODULE,
|
||||
@ -243,24 +229,23 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
|
||||
{
|
||||
.name = "udplite",
|
||||
.family = AF_INET6,
|
||||
.checkentry = udp_checkentry,
|
||||
.match = udp_match,
|
||||
.checkentry = udp_mt_check,
|
||||
.match = udp_mt,
|
||||
.matchsize = sizeof(struct xt_udp),
|
||||
.proto = IPPROTO_UDPLITE,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_tcpudp_init(void)
|
||||
static int __init tcpudp_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_tcpudp_match,
|
||||
ARRAY_SIZE(xt_tcpudp_match));
|
||||
return xt_register_matches(tcpudp_mt_reg, ARRAY_SIZE(tcpudp_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_tcpudp_fini(void)
|
||||
static void __exit tcpudp_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_tcpudp_match, ARRAY_SIZE(xt_tcpudp_match));
|
||||
xt_unregister_matches(tcpudp_mt_reg, ARRAY_SIZE(tcpudp_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_tcpudp_init);
|
||||
module_exit(xt_tcpudp_fini);
|
||||
module_init(tcpudp_mt_init);
|
||||
module_exit(tcpudp_mt_exit);
|
||||
|
@ -147,11 +147,10 @@ static void localtime_3(struct xtm *r, time_t time)
|
||||
return;
|
||||
}
|
||||
|
||||
static bool xt_time_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
time_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_time_info *info = matchinfo;
|
||||
unsigned int packet_time;
|
||||
@ -216,9 +215,10 @@ static bool xt_time_match(const struct sk_buff *skb,
|
||||
return true;
|
||||
}
|
||||
|
||||
static bool xt_time_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
static bool
|
||||
time_mt_check(const char *tablename, const void *ip,
|
||||
const struct xt_match *match, void *matchinfo,
|
||||
unsigned int hook_mask)
|
||||
{
|
||||
struct xt_time_info *info = matchinfo;
|
||||
|
||||
@ -232,37 +232,37 @@ static bool xt_time_check(const char *tablename, const void *ip,
|
||||
return true;
|
||||
}
|
||||
|
||||
static struct xt_match xt_time_reg[] __read_mostly = {
|
||||
static struct xt_match time_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "time",
|
||||
.family = AF_INET,
|
||||
.match = xt_time_match,
|
||||
.match = time_mt,
|
||||
.matchsize = sizeof(struct xt_time_info),
|
||||
.checkentry = xt_time_check,
|
||||
.checkentry = time_mt_check,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "time",
|
||||
.family = AF_INET6,
|
||||
.match = xt_time_match,
|
||||
.match = time_mt,
|
||||
.matchsize = sizeof(struct xt_time_info),
|
||||
.checkentry = xt_time_check,
|
||||
.checkentry = time_mt_check,
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_time_init(void)
|
||||
static int __init time_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(xt_time_reg, ARRAY_SIZE(xt_time_reg));
|
||||
return xt_register_matches(time_mt_reg, ARRAY_SIZE(time_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_time_exit(void)
|
||||
static void __exit time_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(xt_time_reg, ARRAY_SIZE(xt_time_reg));
|
||||
xt_unregister_matches(time_mt_reg, ARRAY_SIZE(time_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_time_init);
|
||||
module_exit(xt_time_exit);
|
||||
module_init(time_mt_init);
|
||||
module_exit(time_mt_exit);
|
||||
MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
|
||||
MODULE_DESCRIPTION("netfilter time match");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
@ -88,11 +88,10 @@ static bool u32_match_it(const struct xt_u32 *data,
|
||||
return true;
|
||||
}
|
||||
|
||||
static bool u32_match(const struct sk_buff *skb,
|
||||
const struct net_device *in,
|
||||
const struct net_device *out,
|
||||
const struct xt_match *match, const void *matchinfo,
|
||||
int offset, unsigned int protoff, bool *hotdrop)
|
||||
static bool
|
||||
u32_mt(const struct sk_buff *skb, const struct net_device *in,
|
||||
const struct net_device *out, const struct xt_match *match,
|
||||
const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
|
||||
{
|
||||
const struct xt_u32 *data = matchinfo;
|
||||
bool ret;
|
||||
@ -101,35 +100,35 @@ static bool u32_match(const struct sk_buff *skb,
|
||||
return ret ^ data->invert;
|
||||
}
|
||||
|
||||
static struct xt_match u32_reg[] __read_mostly = {
|
||||
static struct xt_match u32_mt_reg[] __read_mostly = {
|
||||
{
|
||||
.name = "u32",
|
||||
.family = AF_INET,
|
||||
.match = u32_match,
|
||||
.match = u32_mt,
|
||||
.matchsize = sizeof(struct xt_u32),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
.name = "u32",
|
||||
.family = AF_INET6,
|
||||
.match = u32_match,
|
||||
.match = u32_mt,
|
||||
.matchsize = sizeof(struct xt_u32),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
static int __init xt_u32_init(void)
|
||||
static int __init u32_mt_init(void)
|
||||
{
|
||||
return xt_register_matches(u32_reg, ARRAY_SIZE(u32_reg));
|
||||
return xt_register_matches(u32_mt_reg, ARRAY_SIZE(u32_mt_reg));
|
||||
}
|
||||
|
||||
static void __exit xt_u32_exit(void)
|
||||
static void __exit u32_mt_exit(void)
|
||||
{
|
||||
xt_unregister_matches(u32_reg, ARRAY_SIZE(u32_reg));
|
||||
xt_unregister_matches(u32_mt_reg, ARRAY_SIZE(u32_mt_reg));
|
||||
}
|
||||
|
||||
module_init(xt_u32_init);
|
||||
module_exit(xt_u32_exit);
|
||||
module_init(u32_mt_init);
|
||||
module_exit(u32_mt_exit);
|
||||
MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
|
||||
MODULE_DESCRIPTION("netfilter u32 match module");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
Loading…
Reference in New Issue
Block a user