#define brnf_filter_vlan_tagged 1
#endif
-static __be16 inline vlan_proto(const struct sk_buff *skb)
+static inline __be16 vlan_proto(const struct sk_buff *skb)
{
return vlan_eth_hdr(skb)->h_vlan_encapsulated_proto;
}
#define IS_VLAN_IP(skb) \
(skb->protocol == htons(ETH_P_8021Q) && \
- vlan_proto(skb) == htons(ETH_P_IP) && \
+ vlan_proto(skb) == htons(ETH_P_IP) && \
brnf_filter_vlan_tagged)
#define IS_VLAN_IPV6(skb) \
static inline void nf_bridge_save_header(struct sk_buff *skb)
{
- int header_size = ETH_HLEN;
+ int header_size = ETH_HLEN;
if (skb->protocol == htons(ETH_P_8021Q))
header_size += VLAN_HLEN;
int nf_bridge_copy_header(struct sk_buff *skb)
{
int err;
- int header_size = ETH_HLEN;
+ int header_size = ETH_HLEN;
if (skb->protocol == htons(ETH_P_8021Q))
header_size += VLAN_HLEN;
* For br_nf_post_routing, we need (prio = NF_BR_PRI_LAST), because
* ip_refrag() can return NF_STOLEN. */
static struct nf_hook_ops br_nf_ops[] = {
- { .hook = br_nf_pre_routing,
- .owner = THIS_MODULE,
- .pf = PF_BRIDGE,
- .hooknum = NF_BR_PRE_ROUTING,
+ { .hook = br_nf_pre_routing,
+ .owner = THIS_MODULE,
+ .pf = PF_BRIDGE,
+ .hooknum = NF_BR_PRE_ROUTING,
.priority = NF_BR_PRI_BRNF, },
{ .hook = br_nf_local_in,
.owner = THIS_MODULE,
};
#endif
-int br_netfilter_init(void)
+int __init br_netfilter_init(void)
{
- int i;
-
- for (i = 0; i < ARRAY_SIZE(br_nf_ops); i++) {
- int ret;
-
- if ((ret = nf_register_hook(&br_nf_ops[i])) >= 0)
- continue;
-
- while (i--)
- nf_unregister_hook(&br_nf_ops[i]);
+ int ret;
+ ret = nf_register_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
+ if (ret < 0)
return ret;
- }
-
#ifdef CONFIG_SYSCTL
- brnf_sysctl_header = register_sysctl_table(brnf_net_table, 0);
+ brnf_sysctl_header = register_sysctl_table(brnf_net_table);
if (brnf_sysctl_header == NULL) {
printk(KERN_WARNING
"br_netfilter: can't register to sysctl.\n");
- for (i = 0; i < ARRAY_SIZE(br_nf_ops); i++)
- nf_unregister_hook(&br_nf_ops[i]);
- return -EFAULT;
+ nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
+ return -ENOMEM;
}
#endif
-
printk(KERN_NOTICE "Bridge firewalling registered\n");
-
return 0;
}
void br_netfilter_fini(void)
{
- int i;
-
- for (i = ARRAY_SIZE(br_nf_ops) - 1; i >= 0; i--)
- nf_unregister_hook(&br_nf_ops[i]);
+ nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
#ifdef CONFIG_SYSCTL
unregister_sysctl_table(brnf_sysctl_header);
#endif