]> pilppa.org Git - linux-2.6-omap-h63xx.git/blobdiff - net/netfilter/xt_conntrack.c
projects / linux-2.6-omap-h63xx.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fat: document additional vfat mount options
[linux-2.6-omap-h63xx.git] / net / netfilter / xt_conntrack.c
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index d61412f58ef728792940fdd4df6352178d2cae71..0b7139f3dd786b3b4fa9ac416ca20fb9fbfe47c4 100644 (file)
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -25,12 +25,9 @@ MODULE_ALIAS("ipt_conntrack");
 MODULE_ALIAS("ip6t_conntrack");
 
 static bool
-conntrack_mt_v0(const struct sk_buff *skb, const struct net_device *in,
-                const struct net_device *out, const struct xt_match *match,
-                const void *matchinfo, int offset, unsigned int protoff,
-                bool *hotdrop)
+conntrack_mt_v0(const struct sk_buff *skb, const struct xt_match_param *par)
 {
-       const struct xt_conntrack_info *sinfo = matchinfo;
+       const struct xt_conntrack_info *sinfo = par->matchinfo;
        const struct nf_conn *ct;
        enum ip_conntrack_info ctinfo;
        unsigned int statebit;
@@ -121,9 +118,9 @@ conntrack_addrcmp(const union nf_inet_addr *kaddr,
                   const union nf_inet_addr *uaddr,
                   const union nf_inet_addr *umask, unsigned int l3proto)
 {
-       if (l3proto == AF_INET)
+       if (l3proto == NFPROTO_IPV4)
                return ((kaddr->ip ^ uaddr->ip) & umask->ip) == 0;
-       else if (l3proto == AF_INET6)
+       else if (l3proto == NFPROTO_IPV6)
                return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
                       &uaddr->in6) == 0;
        else
@@ -133,7 +130,7 @@ conntrack_addrcmp(const union nf_inet_addr *kaddr,
 static inline bool
 conntrack_mt_origsrc(const struct nf_conn *ct,
                      const struct xt_conntrack_mtinfo1 *info,
-                     unsigned int family)
+                    u_int8_t family)
 {
        return conntrack_addrcmp(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3,
               &info->origsrc_addr, &info->origsrc_mask, family);
@@ -142,7 +139,7 @@ conntrack_mt_origsrc(const struct nf_conn *ct,
 static inline bool
 conntrack_mt_origdst(const struct nf_conn *ct,
                      const struct xt_conntrack_mtinfo1 *info,
-                     unsigned int family)
+                    u_int8_t family)
 {
        return conntrack_addrcmp(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3,
               &info->origdst_addr, &info->origdst_mask, family);
@@ -151,7 +148,7 @@ conntrack_mt_origdst(const struct nf_conn *ct,
 static inline bool
 conntrack_mt_replsrc(const struct nf_conn *ct,
                      const struct xt_conntrack_mtinfo1 *info,
-                     unsigned int family)
+                    u_int8_t family)
 {
        return conntrack_addrcmp(&ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3,
               &info->replsrc_addr, &info->replsrc_mask, family);
@@ -160,7 +157,7 @@ conntrack_mt_replsrc(const struct nf_conn *ct,
 static inline bool
 conntrack_mt_repldst(const struct nf_conn *ct,
                      const struct xt_conntrack_mtinfo1 *info,
-                     unsigned int family)
+                    u_int8_t family)
 {
        return conntrack_addrcmp(&ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3,
               &info->repldst_addr, &info->repldst_mask, family);
@@ -205,12 +202,9 @@ ct_proto_port_check(const struct xt_conntrack_mtinfo1 *info,
 }
 
 static bool
-conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
-             const struct net_device *out, const struct xt_match *match,
-             const void *matchinfo, int offset, unsigned int protoff,
-             bool *hotdrop)
+conntrack_mt(const struct sk_buff *skb, const struct xt_match_param *par)
 {
-       const struct xt_conntrack_mtinfo1 *info = matchinfo;
+       const struct xt_conntrack_mtinfo1 *info = par->matchinfo;
        enum ip_conntrack_info ctinfo;
        const struct nf_conn *ct;
        unsigned int statebit;
@@ -244,22 +238,22 @@ conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
                return false;
 
        if (info->match_flags & XT_CONNTRACK_ORIGSRC)
-               if (conntrack_mt_origsrc(ct, info, match->family) ^
+               if (conntrack_mt_origsrc(ct, info, par->family) ^
                    !(info->invert_flags & XT_CONNTRACK_ORIGSRC))
                        return false;
 
        if (info->match_flags & XT_CONNTRACK_ORIGDST)
-               if (conntrack_mt_origdst(ct, info, match->family) ^
+               if (conntrack_mt_origdst(ct, info, par->family) ^
                    !(info->invert_flags & XT_CONNTRACK_ORIGDST))
                        return false;
 
        if (info->match_flags & XT_CONNTRACK_REPLSRC)
-               if (conntrack_mt_replsrc(ct, info, match->family) ^
+               if (conntrack_mt_replsrc(ct, info, par->family) ^
                    !(info->invert_flags & XT_CONNTRACK_REPLSRC))
                        return false;
 
        if (info->match_flags & XT_CONNTRACK_REPLDST)
-               if (conntrack_mt_repldst(ct, info, match->family) ^
+               if (conntrack_mt_repldst(ct, info, par->family) ^
                    !(info->invert_flags & XT_CONNTRACK_REPLDST))
                        return false;
 
@@ -284,23 +278,19 @@ conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
        return true;
 }
 
-static bool
-conntrack_mt_check(const char *tablename, const void *ip,
-                   const struct xt_match *match, void *matchinfo,
-                   unsigned int hook_mask)
+static bool conntrack_mt_check(const struct xt_mtchk_param *par)
 {
-       if (nf_ct_l3proto_try_module_get(match->family) < 0) {
+       if (nf_ct_l3proto_try_module_get(par->family) < 0) {
                printk(KERN_WARNING "can't load conntrack support for "
-                                   "proto=%u\n", match->family);
+                                   "proto=%u\n", par->family);
                return false;
        }
        return true;
 }
 
-static void
-conntrack_mt_destroy(const struct xt_match *match, void *matchinfo)
+static void conntrack_mt_destroy(const struct xt_mtdtor_param *par)
 {
-       nf_ct_l3proto_module_put(match->family);
+       nf_ct_l3proto_module_put(par->family);
 }
 
 #ifdef CONFIG_COMPAT
@@ -356,7 +346,7 @@ static struct xt_match conntrack_mt_reg[] __read_mostly = {
        {
                .name       = "conntrack",
                .revision   = 0,
-               .family     = AF_INET,
+               .family     = NFPROTO_IPV4,
                .match      = conntrack_mt_v0,
                .checkentry = conntrack_mt_check,
                .destroy    = conntrack_mt_destroy,
@@ -371,17 +361,7 @@ static struct xt_match conntrack_mt_reg[] __read_mostly = {
        {
                .name       = "conntrack",
                .revision   = 1,
-               .family     = AF_INET,
-               .matchsize  = sizeof(struct xt_conntrack_mtinfo1),
-               .match      = conntrack_mt,
-               .checkentry = conntrack_mt_check,
-               .destroy    = conntrack_mt_destroy,
-               .me         = THIS_MODULE,
-       },
-       {
-               .name       = "conntrack",
-               .revision   = 1,
-               .family     = AF_INET6,
+               .family     = NFPROTO_UNSPEC,
                .matchsize  = sizeof(struct xt_conntrack_mtinfo1),
                .match      = conntrack_mt,
                .checkentry = conntrack_mt_check,
Unnamed repository; edit this file 'description' to name the repository.