]> err.no Git - linux-2.6/blobdiff - net/netfilter/xt_mac.c
projects / linux-2.6 / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[NETFILTER]: x_tables: replace IPv4/IPv6 policy match by address family independant...
[linux-2.6] / net / netfilter / xt_mac.c
diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c
index 0461dcb5fc7a41a86655014c8892802ef92e2cac..b4559a46dce8308df295a1cb29b20226b9b42cc9 100644 (file)
--- a/net/netfilter/xt_mac.c
+++ b/net/netfilter/xt_mac.c
@@ -27,6 +27,7 @@ static int
 match(const struct sk_buff *skb,
       const struct net_device *in,
       const struct net_device *out,
+      const struct xt_match *match,
       const void *matchinfo,
       int offset,
       unsigned int protoff,
@@ -42,37 +43,20 @@ match(const struct sk_buff *skb,
                ^ info->invert));
 }
 
-static int
-ipt_mac_checkentry(const char *tablename,
-                  const void *inf,
-                  void *matchinfo,
-                  unsigned int matchsize,
-                  unsigned int hook_mask)
-{
-       /* FORWARD isn't always valid, but it's nice to be able to do --RR */
-       if (hook_mask
-           & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN)
-               | (1 << NF_IP_FORWARD))) {
-               printk("xt_mac: only valid for PRE_ROUTING, LOCAL_IN or FORWARD.\n");
-               return 0;
-       }
-
-       if (matchsize != XT_ALIGN(sizeof(struct xt_mac_info)))
-               return 0;
-
-       return 1;
-}
-
 static struct xt_match mac_match = {
        .name           = "mac",
-       .match          = &match,
-       .checkentry     = &ipt_mac_checkentry,
+       .match          = match,
+       .matchsize      = sizeof(struct xt_mac_info),
+       .hooks          = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) |
+                         (1 << NF_IP_FORWARD),
        .me             = THIS_MODULE,
 };
 static struct xt_match mac6_match = {
        .name           = "mac",
-       .match          = &match,
-       .checkentry     = &ipt_mac_checkentry,
+       .match          = match,
+       .matchsize      = sizeof(struct xt_mac_info),
+       .hooks          = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) |
+                         (1 << NF_IP_FORWARD),
        .me             = THIS_MODULE,
 };
 
Linux 2.6 source tree