]> err.no Git - linux-2.6/commit
[NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables
authorHarald Welte <laforge@netfilter.org>
Thu, 12 Jan 2006 21:30:04 +0000 (13:30 -0800)
committerDavid S. Miller <davem@sunset.davemloft.net>
Thu, 12 Jan 2006 22:06:43 +0000 (14:06 -0800)
commit2e4e6a17af35be359cc8f1c924f8f198fbd478cc
treecb4b5438dcf9ff9d57518a26124308bcbfffd214
parent880b005f294454d989783d0984dc554dfe3c8214
[NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables

This monster-patch tries to do the best job for unifying the data
structures and backend interfaces for the three evil clones ip_tables,
ip6_tables and arp_tables.  In an ideal world we would never have
allowed this kind of copy+paste programming... but well, our world
isn't (yet?) ideal.

o introduce a new x_tables module
o {ip,arp,ip6}_tables depend on this x_tables module
o registration functions for tables, matches and targets are only
  wrappers around x_tables provided functions
o all matches/targets that are used from ip_tables and ip6_tables
  are now implemented as xt_FOOBAR.c files and provide module aliases
  to ipt_FOOBAR and ip6t_FOOBAR
o header files for xt_matches are in include/linux/netfilter/,
  include/linux/netfilter_{ipv4,ipv6} contains compatibility wrappers
  around the xt_FOOBAR.h headers

Based on this patchset we're going to further unify the code,
gradually getting rid of all the layer 3 specific assumptions.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
154 files changed:
include/linux/netfilter/nf_conntrack_common.h
include/linux/netfilter/x_tables.h [new file with mode: 0644]
include/linux/netfilter/xt_CLASSIFY.h [new file with mode: 0644]
include/linux/netfilter/xt_CONNMARK.h [new file with mode: 0644]
include/linux/netfilter/xt_MARK.h [new file with mode: 0644]
include/linux/netfilter/xt_NFQUEUE.h [new file with mode: 0644]
include/linux/netfilter/xt_comment.h [new file with mode: 0644]
include/linux/netfilter/xt_connbytes.h [new file with mode: 0644]
include/linux/netfilter/xt_connmark.h [new file with mode: 0644]
include/linux/netfilter/xt_conntrack.h [new file with mode: 0644]
include/linux/netfilter/xt_dccp.h [new file with mode: 0644]
include/linux/netfilter/xt_helper.h [new file with mode: 0644]
include/linux/netfilter/xt_length.h [new file with mode: 0644]
include/linux/netfilter/xt_limit.h [new file with mode: 0644]
include/linux/netfilter/xt_mac.h [new file with mode: 0644]
include/linux/netfilter/xt_mark.h [new file with mode: 0644]
include/linux/netfilter/xt_physdev.h [new file with mode: 0644]
include/linux/netfilter/xt_pkttype.h [new file with mode: 0644]
include/linux/netfilter/xt_realm.h [new file with mode: 0644]
include/linux/netfilter/xt_sctp.h [new file with mode: 0644]
include/linux/netfilter/xt_state.h [new file with mode: 0644]
include/linux/netfilter/xt_string.h [new file with mode: 0644]
include/linux/netfilter/xt_tcpmss.h [new file with mode: 0644]
include/linux/netfilter/xt_tcpudp.h [new file with mode: 0644]
include/linux/netfilter_arp/arp_tables.h
include/linux/netfilter_ipv4/ip_conntrack.h
include/linux/netfilter_ipv4/ip_tables.h
include/linux/netfilter_ipv4/ipt_CLASSIFY.h
include/linux/netfilter_ipv4/ipt_CONNMARK.h
include/linux/netfilter_ipv4/ipt_MARK.h
include/linux/netfilter_ipv4/ipt_NFQUEUE.h
include/linux/netfilter_ipv4/ipt_comment.h
include/linux/netfilter_ipv4/ipt_connbytes.h
include/linux/netfilter_ipv4/ipt_connmark.h
include/linux/netfilter_ipv4/ipt_conntrack.h
include/linux/netfilter_ipv4/ipt_dccp.h
include/linux/netfilter_ipv4/ipt_helper.h
include/linux/netfilter_ipv4/ipt_length.h
include/linux/netfilter_ipv4/ipt_limit.h
include/linux/netfilter_ipv4/ipt_mac.h
include/linux/netfilter_ipv4/ipt_mark.h
include/linux/netfilter_ipv4/ipt_physdev.h
include/linux/netfilter_ipv4/ipt_pkttype.h
include/linux/netfilter_ipv4/ipt_realm.h
include/linux/netfilter_ipv4/ipt_state.h
include/linux/netfilter_ipv4/ipt_string.h
include/linux/netfilter_ipv4/ipt_tcpmss.h
include/linux/netfilter_ipv6/ip6_tables.h
include/linux/netfilter_ipv6/ip6t_MARK.h
include/linux/netfilter_ipv6/ip6t_length.h
include/linux/netfilter_ipv6/ip6t_limit.h
include/linux/netfilter_ipv6/ip6t_mac.h
include/linux/netfilter_ipv6/ip6t_mark.h
include/linux/netfilter_ipv6/ip6t_physdev.h
include/net/netfilter/ipv4/nf_conntrack_ipv4.h
include/net/netfilter/nf_conntrack.h
net/bridge/netfilter/ebt_log.c
net/ipv4/netfilter/Kconfig
net/ipv4/netfilter/Makefile
net/ipv4/netfilter/arp_tables.c
net/ipv4/netfilter/arpt_mangle.c
net/ipv4/netfilter/arptable_filter.c
net/ipv4/netfilter/ip_conntrack_standalone.c
net/ipv4/netfilter/ip_nat_rule.c
net/ipv4/netfilter/ip_nat_standalone.c
net/ipv4/netfilter/ip_tables.c
net/ipv4/netfilter/ipt_CLUSTERIP.c
net/ipv4/netfilter/ipt_DSCP.c
net/ipv4/netfilter/ipt_ECN.c
net/ipv4/netfilter/ipt_LOG.c
net/ipv4/netfilter/ipt_MASQUERADE.c
net/ipv4/netfilter/ipt_NETMAP.c
net/ipv4/netfilter/ipt_NFQUEUE.c [deleted file]
net/ipv4/netfilter/ipt_REDIRECT.c
net/ipv4/netfilter/ipt_REJECT.c
net/ipv4/netfilter/ipt_SAME.c
net/ipv4/netfilter/ipt_TCPMSS.c
net/ipv4/netfilter/ipt_TOS.c
net/ipv4/netfilter/ipt_TTL.c
net/ipv4/netfilter/ipt_ULOG.c
net/ipv4/netfilter/ipt_addrtype.c
net/ipv4/netfilter/ipt_ah.c
net/ipv4/netfilter/ipt_dscp.c
net/ipv4/netfilter/ipt_ecn.c
net/ipv4/netfilter/ipt_esp.c
net/ipv4/netfilter/ipt_hashlimit.c
net/ipv4/netfilter/ipt_iprange.c
net/ipv4/netfilter/ipt_length.c [deleted file]
net/ipv4/netfilter/ipt_multiport.c
net/ipv4/netfilter/ipt_owner.c
net/ipv4/netfilter/ipt_physdev.c [deleted file]
net/ipv4/netfilter/ipt_recent.c
net/ipv4/netfilter/ipt_tos.c
net/ipv4/netfilter/ipt_ttl.c
net/ipv4/netfilter/iptable_filter.c
net/ipv4/netfilter/iptable_mangle.c
net/ipv4/netfilter/iptable_raw.c
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
net/ipv6/netfilter/Kconfig
net/ipv6/netfilter/Makefile
net/ipv6/netfilter/ip6_tables.c
net/ipv6/netfilter/ip6t_HL.c
net/ipv6/netfilter/ip6t_LOG.c
net/ipv6/netfilter/ip6t_MARK.c [deleted file]
net/ipv6/netfilter/ip6t_NFQUEUE.c [deleted file]
net/ipv6/netfilter/ip6t_REJECT.c
net/ipv6/netfilter/ip6t_ah.c
net/ipv6/netfilter/ip6t_dst.c
net/ipv6/netfilter/ip6t_esp.c
net/ipv6/netfilter/ip6t_eui64.c
net/ipv6/netfilter/ip6t_frag.c
net/ipv6/netfilter/ip6t_hbh.c
net/ipv6/netfilter/ip6t_hl.c
net/ipv6/netfilter/ip6t_ipv6header.c
net/ipv6/netfilter/ip6t_length.c [deleted file]
net/ipv6/netfilter/ip6t_limit.c [deleted file]
net/ipv6/netfilter/ip6t_mac.c [deleted file]
net/ipv6/netfilter/ip6t_mark.c [deleted file]
net/ipv6/netfilter/ip6t_multiport.c
net/ipv6/netfilter/ip6t_owner.c
net/ipv6/netfilter/ip6t_rt.c
net/ipv6/netfilter/ip6table_filter.c
net/ipv6/netfilter/ip6table_mangle.c
net/ipv6/netfilter/ip6table_raw.c
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
net/ipv6/netfilter/nf_conntrack_reasm.c
net/netfilter/Kconfig
net/netfilter/Makefile
net/netfilter/nf_conntrack_standalone.c
net/netfilter/x_tables.c [new file with mode: 0644]
net/netfilter/xt_CLASSIFY.c [moved from net/ipv4/netfilter/ipt_CLASSIFY.c with 66% similarity]
net/netfilter/xt_CONNMARK.c [moved from net/ipv4/netfilter/ipt_CONNMARK.c with 73% similarity]
net/netfilter/xt_MARK.c [moved from net/ipv4/netfilter/ipt_MARK.c with 61% similarity]
net/netfilter/xt_NFQUEUE.c [new file with mode: 0644]
net/netfilter/xt_NOTRACK.c [moved from net/ipv4/netfilter/ipt_NOTRACK.c with 69% similarity]
net/netfilter/xt_comment.c [moved from net/ipv4/netfilter/ipt_comment.c with 55% similarity]
net/netfilter/xt_connbytes.c [moved from net/ipv4/netfilter/ipt_connbytes.c with 66% similarity]
net/netfilter/xt_connmark.c [moved from net/ipv4/netfilter/ipt_connmark.c with 70% similarity]
net/netfilter/xt_conntrack.c [moved from net/ipv4/netfilter/ipt_conntrack.c with 63% similarity]
net/netfilter/xt_dccp.c [moved from net/ipv4/netfilter/ipt_dccp.c with 58% similarity]
net/netfilter/xt_helper.c [moved from net/ipv4/netfilter/ipt_helper.c with 72% similarity]
net/netfilter/xt_length.c [new file with mode: 0644]
net/netfilter/xt_limit.c [moved from net/ipv4/netfilter/ipt_limit.c with 78% similarity]
net/netfilter/xt_mac.c [moved from net/ipv4/netfilter/ipt_mac.c with 65% similarity]
net/netfilter/xt_mark.c [moved from net/ipv4/netfilter/ipt_mark.c with 60% similarity]
net/netfilter/xt_physdev.c [moved from net/ipv6/netfilter/ip6t_physdev.c with 57% similarity]
net/netfilter/xt_pkttype.c [moved from net/ipv4/netfilter/ipt_pkttype.c with 55% similarity]
net/netfilter/xt_realm.c [moved from net/ipv4/netfilter/ipt_realm.c with 70% similarity]
net/netfilter/xt_sctp.c [moved from net/ipv4/netfilter/ipt_sctp.c with 62% similarity]
net/netfilter/xt_state.c [moved from net/ipv4/netfilter/ipt_state.c with 53% similarity]
net/netfilter/xt_string.c [moved from net/ipv4/netfilter/ipt_string.c with 66% similarity]
net/netfilter/xt_tcpmss.c [moved from net/ipv4/netfilter/ipt_tcpmss.c with 59% similarity]
net/netfilter/xt_tcpudp.c [new file with mode: 0644]
net/sched/act_ipt.c