/* Called when user tries to insert an entry of this type. */
/* Should return true or false. */
- int (*checkentry)(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask);
+ bool (*checkentry)(const char *tablename,
+ const void *ip,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask);
/* Called when entry of this type deleted. */
void (*destroy)(const struct xt_match *match, void *matchinfo);
return 1;
}
-static inline int
+static inline bool
ip_checkentry(const struct ipt_ip *ip)
{
if (ip->flags & ~IPT_F_MASK) {
duprintf("Unknown flag bits set: %08X\n",
ip->flags & ~IPT_F_MASK);
- return 0;
+ return false;
}
if (ip->invflags & ~IPT_INV_MASK) {
duprintf("Unknown invflag bits set: %08X\n",
ip->invflags & ~IPT_INV_MASK);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static unsigned int
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
icmp_checkentry(const char *tablename,
const void *info,
const struct xt_match *match,
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *ip_void,
const struct xt_match *match,
/* Must specify no unknown invflags */
if (ahinfo->invflags & ~IPT_AH_INV_MASK) {
duprintf("ipt_ah: unknown flags %X\n", ahinfo->invflags);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match ah_match = {
return true;
}
-static int checkentry(const char *tablename, const void *ip_void,
- const struct xt_match *match,
- void *matchinfo, unsigned int hook_mask)
+static bool checkentry(const char *tablename, const void *ip_void,
+ const struct xt_match *match,
+ void *matchinfo, unsigned int hook_mask)
{
const struct ipt_ecn_info *info = matchinfo;
const struct ipt_ip *ip = ip_void;
if (info->operation & IPT_ECN_OP_MATCH_MASK)
- return 0;
+ return false;
if (info->invert & IPT_ECN_OP_MATCH_MASK)
- return 0;
+ return false;
if (info->operation & (IPT_ECN_OP_MATCH_ECE|IPT_ECN_OP_MATCH_CWR)
&& ip->proto != IPPROTO_TCP) {
printk(KERN_WARNING "ipt_ecn: can't match TCP bits in rule for"
" non-tcp packets\n");
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match ecn_match = {
return true;
}
-static int
+static bool
checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
if (info->match & (IPT_OWNER_PID|IPT_OWNER_SID|IPT_OWNER_COMM)) {
printk("ipt_owner: pid, sid and command matching "
"not supported anymore\n");
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match owner_match = {
return ret;
}
-static int
+static bool
ipt_recent_checkentry(const char *tablename, const void *ip,
const struct xt_match *match, void *matchinfo,
unsigned int hook_mask)
const struct ipt_recent_info *info = matchinfo;
struct recent_table *t;
unsigned i;
- int ret = 0;
+ bool ret = false;
if (hweight8(info->check_set &
(IPT_RECENT_SET | IPT_RECENT_REMOVE |
IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) != 1)
- return 0;
+ return false;
if ((info->check_set & (IPT_RECENT_SET | IPT_RECENT_REMOVE)) &&
(info->seconds || info->hit_count))
- return 0;
+ return false;
if (info->name[0] == '\0' ||
strnlen(info->name, IPT_RECENT_NAME_LEN) == IPT_RECENT_NAME_LEN)
- return 0;
+ return false;
mutex_lock(&recent_mutex);
t = recent_table_lookup(info->name);
if (t != NULL) {
t->refcnt++;
- ret = 1;
+ ret = true;
goto out;
}
spin_lock_bh(&recent_lock);
list_add_tail(&t->list, &tables);
spin_unlock_bh(&recent_lock);
- ret = 1;
+ ret = true;
out:
mutex_unlock(&recent_mutex);
return ret;
}
/* should be ip6 safe */
-static inline int
+static inline bool
ip6_checkentry(const struct ip6t_ip6 *ipv6)
{
if (ipv6->flags & ~IP6T_F_MASK) {
duprintf("Unknown flag bits set: %08X\n",
ipv6->flags & ~IP6T_F_MASK);
- return 0;
+ return false;
}
if (ipv6->invflags & ~IP6T_INV_MASK) {
duprintf("Unknown invflag bits set: %08X\n",
ipv6->invflags & ~IP6T_INV_MASK);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static unsigned int
}
/* Returns 1 if the type and code is matched by the range, 0 otherwise */
-static inline int
+static inline bool
icmp6_type_code_match(u_int8_t test_type, u_int8_t min_code, u_int8_t max_code,
u_int8_t type, u_int8_t code,
- int invert)
+ bool invert)
{
return (type == test_type && code >= min_code && code <= max_code)
^ invert;
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
icmp6_checkentry(const char *tablename,
const void *entry,
const struct xt_match *match,
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *entry,
const struct xt_match *match,
if (ahinfo->invflags & ~IP6T_AH_INV_MASK) {
DEBUGP("ip6t_ah: unknown flags %X\n", ahinfo->invflags);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match ah_match = {
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
if (fraginfo->invflags & ~IP6T_FRAG_INV_MASK) {
DEBUGP("ip6t_frag: unknown flags %X\n", fraginfo->invflags);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match frag_match = {
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *entry,
const struct xt_match *match,
if (optsinfo->invflags & ~IP6T_OPTS_INV_MASK) {
DEBUGP("ip6t_opts: unknown flags %X\n", optsinfo->invflags);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match opts_match[] = {
}
}
-static int
+static bool
ipv6header_checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
/* invflags is 0 or 0xff in hard mode */
if ((!info->modeflag) && info->invflags != 0x00 &&
info->invflags != 0xFF)
- return 0;
+ return false;
- return 1;
+ return true;
}
static struct xt_match ip6t_ipv6header_match = {
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
mh_checkentry(const char *tablename,
const void *entry,
const struct xt_match *match,
return true;
}
-static int
+static bool
checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
if (info->match & (IP6T_OWNER_PID | IP6T_OWNER_SID)) {
printk("ipt_owner: pid and sid matching "
"not supported anymore\n");
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match owner_match = {
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *entry,
const struct xt_match *match,
if (rtinfo->invflags & ~IP6T_RT_INV_MASK) {
DEBUGP("ip6t_rt: unknown flags %X\n", rtinfo->invflags);
- return 0;
+ return false;
}
if ((rtinfo->flags & (IP6T_RT_RES | IP6T_RT_FST_MASK)) &&
(!(rtinfo->flags & IP6T_RT_TYP) ||
(rtinfo->rt_type != 0) ||
(rtinfo->invflags & IP6T_RT_INV_TYP))) {
DEBUGP("`--rt-type 0' required before `--rt-0-*'");
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match rt_match = {
return (what >= sinfo->count.from);
}
-static int check(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool check(const char *tablename,
+ const void *ip,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_connbytes_info *sinfo = matchinfo;
if (sinfo->what != XT_CONNBYTES_PKTS &&
sinfo->what != XT_CONNBYTES_BYTES &&
sinfo->what != XT_CONNBYTES_AVGPKT)
- return 0;
+ return false;
if (sinfo->direction != XT_CONNBYTES_DIR_ORIGINAL &&
sinfo->direction != XT_CONNBYTES_DIR_REPLY &&
sinfo->direction != XT_CONNBYTES_DIR_BOTH)
- return 0;
+ return false;
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
return (((ct->mark) & info->mask) == info->mark) ^ info->invert;
}
-static int
+static bool
checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
if (cm->mark > 0xffffffff || cm->mask > 0xffffffff) {
printk(KERN_WARNING "connmark: only support 32bit mark\n");
- return 0;
+ return false;
}
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
return true;
}
-static int
+static bool
checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void destroy(const struct xt_match *match, void *matchinfo)
XT_DCCP_OPTION, info->flags, info->invflags);
}
-static int
+static bool
checkentry(const char *tablename,
const void *inf,
const struct xt_match *match,
return (dscp == info->dscp) ^ !!info->invert;
}
-static int checkentry(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool checkentry(const char *tablename,
+ const void *info,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
{
const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp;
if (dscp > XT_DSCP_MAX) {
printk(KERN_ERR "xt_dscp: dscp %x out of range\n", dscp);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match xt_dscp_match[] = {
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *ip_void,
const struct xt_match *match,
if (espinfo->invflags & ~XT_ESP_INV_MASK) {
duprintf("xt_esp: unknown flags %X\n", espinfo->invflags);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match xt_esp_match[] = {
return false;
}
-static int
+static bool
hashlimit_checkentry(const char *tablename,
const void *inf,
const struct xt_match *match,
user2credits(r->cfg.avg * r->cfg.burst) < user2credits(r->cfg.avg)) {
printk(KERN_ERR "xt_hashlimit: overflow, try lower: %u/%u\n",
r->cfg.avg, r->cfg.burst);
- return 0;
+ return false;
}
if (r->cfg.mode == 0 ||
r->cfg.mode > (XT_HASHLIMIT_HASH_DPT |
XT_HASHLIMIT_HASH_DIP |
XT_HASHLIMIT_HASH_SIP |
XT_HASHLIMIT_HASH_SPT))
- return 0;
+ return false;
if (!r->cfg.gc_interval)
- return 0;
+ return false;
if (!r->cfg.expire)
- return 0;
+ return false;
if (r->name[sizeof(r->name) - 1] != '\0')
- return 0;
+ return false;
/* This is the best we've got: We cannot release and re-grab lock,
* since checkentry() is called before x_tables.c grabs xt_mutex.
r->hinfo = htable_find_get(r->name, match->family);
if (!r->hinfo && htable_create(r, match->family) != 0) {
mutex_unlock(&hlimit_mutex);
- return 0;
+ return false;
}
mutex_unlock(&hlimit_mutex);
/* Ugly hack: For SMP, we only want to use one set */
r->u.master = r;
- return 1;
+ return true;
}
static void
return ret;
}
-static int check(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool check(const char *tablename,
+ const void *inf,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_helper_info *info = matchinfo;
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family);
- return 0;
+ return false;
}
info->name[29] = '\0';
- return 1;
+ return true;
}
static void
return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE;
}
-static int
+static bool
ipt_limit_checkentry(const char *tablename,
const void *inf,
const struct xt_match *match,
|| user2credits(r->avg * r->burst) < user2credits(r->avg)) {
printk("Overflow in xt_limit, try lower: %u/%u\n",
r->avg, r->burst);
- return 0;
+ return false;
}
/* For SMP, we only want to use one set of counters. */
r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */
r->cost = user2credits(r->avg);
}
- return 1;
+ return true;
}
#ifdef CONFIG_COMPAT
return ((skb->mark & info->mask) == info->mark) ^ info->invert;
}
-static int
+static bool
checkentry(const char *tablename,
const void *entry,
const struct xt_match *match,
if (minfo->mark > 0xffffffff || minfo->mask > 0xffffffff) {
printk(KERN_WARNING "mark: only supports 32bit mark\n");
- return 0;
+ return false;
}
- return 1;
+ return true;
}
#ifdef CONFIG_COMPAT
return ports_match_v1(multiinfo, ntohs(pptr[0]), ntohs(pptr[1]));
}
-static inline int
+static inline bool
check(u_int16_t proto,
u_int8_t ip_invflags,
u_int8_t match_flags,
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
checkentry(const char *tablename,
const void *info,
const struct xt_match *match,
multiinfo->count);
}
-static int
+static bool
checkentry_v1(const char *tablename,
const void *info,
const struct xt_match *match,
multiinfo->count);
}
-static int
+static bool
checkentry6(const char *tablename,
const void *info,
const struct xt_match *match,
multiinfo->count);
}
-static int
+static bool
checkentry6_v1(const char *tablename,
const void *info,
const struct xt_match *match,
return ret ^ !(info->invert & XT_PHYSDEV_OP_OUT);
}
-static int
+static bool
checkentry(const char *tablename,
const void *ip,
const struct xt_match *match,
if (!(info->bitmask & XT_PHYSDEV_OP_MASK) ||
info->bitmask & ~XT_PHYSDEV_OP_MASK)
- return 0;
+ return false;
if (info->bitmask & XT_PHYSDEV_OP_OUT &&
(!(info->bitmask & XT_PHYSDEV_OP_BRIDGED) ||
info->invert & XT_PHYSDEV_OP_BRIDGED) &&
"OUTPUT, FORWARD and POSTROUTING chains for non-bridged "
"traffic is not supported anymore.\n");
if (hook_mask & (1 << NF_IP_LOCAL_OUT))
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match xt_physdev_match[] = {
return ret;
}
-static int checkentry(const char *tablename, const void *ip_void,
- const struct xt_match *match,
- void *matchinfo, unsigned int hook_mask)
+static bool checkentry(const char *tablename, const void *ip_void,
+ const struct xt_match *match,
+ void *matchinfo, unsigned int hook_mask)
{
struct xt_policy_info *info = matchinfo;
if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) {
printk(KERN_ERR "xt_policy: neither incoming nor "
"outgoing policy selected\n");
- return 0;
+ return false;
}
/* hook values are equal for IPv4 and IPv6 */
if (hook_mask & (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_LOCAL_IN)
&& info->flags & XT_POLICY_MATCH_OUT) {
printk(KERN_ERR "xt_policy: output policy not valid in "
"PRE_ROUTING and INPUT\n");
- return 0;
+ return false;
}
if (hook_mask & (1 << NF_IP_POST_ROUTING | 1 << NF_IP_LOCAL_OUT)
&& info->flags & XT_POLICY_MATCH_IN) {
printk(KERN_ERR "xt_policy: input policy not valid in "
"POST_ROUTING and OUTPUT\n");
- return 0;
+ return false;
}
if (info->len > XT_POLICY_MAX_ELEM) {
printk(KERN_ERR "xt_policy: too many policy elements\n");
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xt_match xt_policy_match[] = {
return ret;
}
-static int
+static bool
checkentry(const char *tablename, const void *entry,
const struct xt_match *match, void *matchinfo,
unsigned int hook_mask)
struct xt_quota_info *q = (struct xt_quota_info *)matchinfo;
if (q->flags & ~XT_QUOTA_MASK)
- return 0;
+ return false;
/* For SMP, we only want to use one set of counters. */
q->master = q;
- return 1;
+ return true;
}
static struct xt_match xt_quota_match[] = {
XT_SCTP_CHUNK_TYPES, info->flags, info->invflags);
}
-static int
+static bool
checkentry(const char *tablename,
const void *inf,
const struct xt_match *match,
return (sinfo->statemask & statebit);
}
-static int check(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool check(const char *tablename,
+ const void *inf,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
{
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family);
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
return ret;
}
-static int
+static bool
checkentry(const char *tablename, const void *entry,
const struct xt_match *match, void *matchinfo,
unsigned int hook_mask)
if (info->mode > XT_STATISTIC_MODE_MAX ||
info->flags & ~XT_STATISTIC_MASK)
- return 0;
+ return false;
info->master = info;
- return 1;
+ return true;
}
static struct xt_match xt_statistic_match[] = {
#define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m)
-static int checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool checkentry(const char *tablename,
+ const void *ip,
+ const struct xt_match *match,
+ void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_string_info *conf = matchinfo;
struct ts_config *ts_conf;
/* Damn, can't handle this case properly with iptables... */
if (conf->from_offset > conf->to_offset)
- return 0;
+ return false;
if (conf->algo[XT_STRING_MAX_ALGO_NAME_SIZE - 1] != '\0')
- return 0;
+ return false;
if (conf->patlen > XT_STRING_MAX_PATTERN_SIZE)
- return 0;
+ return false;
ts_conf = textsearch_prepare(conf->algo, conf->pattern, conf->patlen,
GFP_KERNEL, TS_AUTOLOAD);
if (IS_ERR(ts_conf))
- return 0;
+ return false;
conf->config = ts_conf;
- return 1;
+ return true;
}
static void destroy(const struct xt_match *match, void *matchinfo)
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
tcp_checkentry(const char *tablename,
const void *info,
const struct xt_match *match,
}
/* Called when user tries to insert an entry of this type. */
-static int
+static bool
udp_checkentry(const char *tablename,
const void *info,
const struct xt_match *match,
projects / linux-2.6-omap-h63xx.git / commitdiff