struct recent_entry *e;
unsigned int h;
- if (family == AF_INET)
+ if (family == NFPROTO_IPV4)
h = recent_entry_hash4(addrp);
else
h = recent_entry_hash6(addrp);
e->nstamps = 1;
e->index = 1;
e->family = family;
- if (family == AF_INET)
+ if (family == NFPROTO_IPV4)
list_add_tail(&e->list, &t->iphash[recent_entry_hash4(addr)]);
else
list_add_tail(&e->list, &t->iphash[recent_entry_hash6(addr)]);
}
static bool
-recent_mt(const struct sk_buff *skb, const struct net_device *in,
- const struct net_device *out, const struct xt_match *match,
- const void *matchinfo, int offset, unsigned int protoff,
- bool *hotdrop)
+recent_mt(const struct sk_buff *skb, const struct xt_match_param *par)
{
- const struct xt_recent_mtinfo *info = matchinfo;
+ const struct xt_recent_mtinfo *info = par->matchinfo;
struct recent_table *t;
struct recent_entry *e;
union nf_inet_addr addr = {};
u_int8_t ttl;
bool ret = info->invert;
- if (match->family == AF_INET) {
+ if (par->match->family == NFPROTO_IPV4) {
const struct iphdr *iph = ip_hdr(skb);
if (info->side == XT_RECENT_DEST)
}
/* use TTL as seen before forwarding */
- if (out && !skb->sk)
+ if (par->out != NULL && skb->sk == NULL)
ttl++;
spin_lock_bh(&recent_lock);
t = recent_table_lookup(info->name);
- e = recent_entry_lookup(t, &addr, match->family,
+ e = recent_entry_lookup(t, &addr, par->match->family,
(info->check_set & XT_RECENT_TTL) ? ttl : 0);
if (e == NULL) {
if (!(info->check_set & XT_RECENT_SET))
goto out;
- e = recent_entry_init(t, &addr, match->family, ttl);
+ e = recent_entry_init(t, &addr, par->match->family, ttl);
if (e == NULL)
- *hotdrop = true;
+ *par->hotdrop = true;
ret = !ret;
goto out;
}
return ret;
}
-static bool
-recent_mt_check(const char *tablename, const void *ip,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
+static bool recent_mt_check(const struct xt_mtchk_param *par)
{
- const struct xt_recent_mtinfo *info = matchinfo;
+ const struct xt_recent_mtinfo *info = par->matchinfo;
struct recent_table *t;
unsigned i;
bool ret = false;
for (i = 0; i < ip_list_hash_size; i++)
INIT_LIST_HEAD(&t->iphash[i]);
#ifdef CONFIG_PROC_FS
- t->proc = proc_create(t->name, ip_list_perms, recent_proc_dir,
- &recent_mt_fops);
+ t->proc = proc_create_data(t->name, ip_list_perms, recent_proc_dir,
+ &recent_mt_fops, t);
if (t->proc == NULL) {
kfree(t);
goto out;
}
#ifdef CONFIG_NETFILTER_XT_MATCH_RECENT_PROC_COMPAT
- t->proc_old = proc_create(t->name, ip_list_perms, proc_old_dir,
- &recent_old_fops);
+ t->proc_old = proc_create_data(t->name, ip_list_perms, proc_old_dir,
+ &recent_old_fops, t);
if (t->proc_old == NULL) {
remove_proc_entry(t->name, proc_old_dir);
kfree(t);
}
t->proc_old->uid = ip_list_uid;
t->proc_old->gid = ip_list_gid;
- t->proc_old->data = t;
#endif
t->proc->uid = ip_list_uid;
t->proc->gid = ip_list_gid;
- t->proc->data = t;
#endif
spin_lock_bh(&recent_lock);
list_add_tail(&t->list, &tables);
return ret;
}
-static void recent_mt_destroy(const struct xt_match *match, void *matchinfo)
+static void recent_mt_destroy(const struct xt_mtdtor_param *par)
{
- const struct xt_recent_mtinfo *info = matchinfo;
+ const struct xt_recent_mtinfo *info = par->matchinfo;
struct recent_table *t;
mutex_lock(&recent_mutex);
unsigned int i;
i = (e->index - 1) % ip_pkt_list_tot;
- if (e->family == AF_INET)
+ if (e->family == NFPROTO_IPV4)
seq_printf(seq, "src=" NIPQUAD_FMT " ttl: %u last_seen: %lu "
"oldest_pkt: %u", NIPQUAD(e->addr.ip), e->ttl,
e->stamps[i], e->index);
addr = in_aton(c);
spin_lock_bh(&recent_lock);
- e = recent_entry_lookup(t, (const void *)&addr, PF_INET, 0);
+ e = recent_entry_lookup(t, (const void *)&addr, NFPROTO_IPV4, 0);
if (e == NULL) {
if (add)
- recent_entry_init(t, (const void *)&addr, PF_INET, 0);
+ recent_entry_init(t, (const void *)&addr,
+ NFPROTO_IPV4, 0);
} else {
if (add)
recent_entry_update(t, e);
++c;
--size;
if (strnchr(c, size, ':') != NULL) {
- family = AF_INET6;
+ family = NFPROTO_IPV6;
succ = in6_pton(c, size, (void *)&addr, '\n', NULL);
} else {
- family = AF_INET;
+ family = NFPROTO_IPV4;
succ = in4_pton(c, size, (void *)&addr, '\n', NULL);
}
{
.name = "recent",
.revision = 0,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.match = recent_mt,
.matchsize = sizeof(struct xt_recent_mtinfo),
.checkentry = recent_mt_check,
{
.name = "recent",
.revision = 0,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.match = recent_mt,
.matchsize = sizeof(struct xt_recent_mtinfo),
.checkentry = recent_mt_check,