Give all Netfilter modules consistent and unique symbol names.
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
***********************************************************************/
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+clusterip_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ipt_clusterip_tgt_info *cipinfo = targinfo;
struct nf_conn *ct;
}
static bool
-checkentry(const char *tablename,
- const void *e_void,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+clusterip_tg_check(const char *tablename, const void *e_void,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
struct ipt_clusterip_tgt_info *cipinfo = targinfo;
const struct ipt_entry *e = e_void;
}
/* drop reference count of cluster config when rule is deleted */
-static void destroy(const struct xt_target *target, void *targinfo)
+static void clusterip_tg_destroy(const struct xt_target *target, void *targinfo)
{
struct ipt_clusterip_tgt_info *cipinfo = targinfo;
};
#endif /* CONFIG_COMPAT */
-static struct xt_target clusterip_tgt __read_mostly = {
+static struct xt_target clusterip_tg_reg __read_mostly = {
.name = "CLUSTERIP",
.family = AF_INET,
- .target = target,
- .checkentry = checkentry,
- .destroy = destroy,
+ .target = clusterip_tg,
+ .checkentry = clusterip_tg_check,
+ .destroy = clusterip_tg_destroy,
.targetsize = sizeof(struct ipt_clusterip_tgt_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_ipt_clusterip_tgt_info),
#endif /* CONFIG_PROC_FS */
-static int __init ipt_clusterip_init(void)
+static int __init clusterip_tg_init(void)
{
int ret;
- ret = xt_register_target(&clusterip_tgt);
+ ret = xt_register_target(&clusterip_tg_reg);
if (ret < 0)
return ret;
nf_unregister_hook(&cip_arp_ops);
#endif /* CONFIG_PROC_FS */
cleanup_target:
- xt_unregister_target(&clusterip_tgt);
+ xt_unregister_target(&clusterip_tg_reg);
return ret;
}
-static void __exit ipt_clusterip_fini(void)
+static void __exit clusterip_tg_exit(void)
{
printk(KERN_NOTICE "ClusterIP Version %s unloading\n",
CLUSTERIP_VERSION);
remove_proc_entry(clusterip_procdir->name, clusterip_procdir->parent);
#endif
nf_unregister_hook(&cip_arp_ops);
- xt_unregister_target(&clusterip_tgt);
+ xt_unregister_target(&clusterip_tg_reg);
}
-module_init(ipt_clusterip_init);
-module_exit(ipt_clusterip_fini);
+module_init(clusterip_tg_init);
+module_exit(clusterip_tg_exit);
}
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+ecn_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ipt_ECN_info *einfo = targinfo;
}
static bool
-checkentry(const char *tablename,
- const void *e_void,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+ecn_tg_check(const char *tablename, const void *e_void,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo;
const struct ipt_entry *e = e_void;
return true;
}
-static struct xt_target ipt_ecn_reg __read_mostly = {
+static struct xt_target ecn_tg_reg __read_mostly = {
.name = "ECN",
.family = AF_INET,
- .target = target,
+ .target = ecn_tg,
.targetsize = sizeof(struct ipt_ECN_info),
.table = "mangle",
- .checkentry = checkentry,
+ .checkentry = ecn_tg_check,
.me = THIS_MODULE,
};
-static int __init ipt_ecn_init(void)
+static int __init ecn_tg_init(void)
{
- return xt_register_target(&ipt_ecn_reg);
+ return xt_register_target(&ecn_tg_reg);
}
-static void __exit ipt_ecn_fini(void)
+static void __exit ecn_tg_exit(void)
{
- xt_unregister_target(&ipt_ecn_reg);
+ xt_unregister_target(&ecn_tg_reg);
}
-module_init(ipt_ecn_init);
-module_exit(ipt_ecn_fini);
+module_init(ecn_tg_init);
+module_exit(ecn_tg_exit);
}
static unsigned int
-ipt_log_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+log_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ipt_log_info *loginfo = targinfo;
struct nf_loginfo li;
return XT_CONTINUE;
}
-static bool ipt_log_checkentry(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+log_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ipt_log_info *loginfo = targinfo;
return true;
}
-static struct xt_target ipt_log_reg __read_mostly = {
+static struct xt_target log_tg_reg __read_mostly = {
.name = "LOG",
.family = AF_INET,
- .target = ipt_log_target,
+ .target = log_tg,
.targetsize = sizeof(struct ipt_log_info),
- .checkentry = ipt_log_checkentry,
+ .checkentry = log_tg_check,
.me = THIS_MODULE,
};
.me = THIS_MODULE,
};
-static int __init ipt_log_init(void)
+static int __init log_tg_init(void)
{
int ret;
- ret = xt_register_target(&ipt_log_reg);
+ ret = xt_register_target(&log_tg_reg);
if (ret < 0)
return ret;
nf_log_register(PF_INET, &ipt_log_logger);
return 0;
}
-static void __exit ipt_log_fini(void)
+static void __exit log_tg_exit(void)
{
nf_log_unregister(&ipt_log_logger);
- xt_unregister_target(&ipt_log_reg);
+ xt_unregister_target(&log_tg_reg);
}
-module_init(ipt_log_init);
-module_exit(ipt_log_fini);
+module_init(log_tg_init);
+module_exit(log_tg_exit);
/* FIXME: Multiple targets. --RR */
static bool
-masquerade_check(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+masquerade_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct nf_nat_multi_range_compat *mr = targinfo;
}
static unsigned int
-masquerade_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+masquerade_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct nf_conn *ct;
struct nf_conn_nat *nat;
.notifier_call = masq_inet_event,
};
-static struct xt_target masquerade __read_mostly = {
+static struct xt_target masquerade_tg_reg __read_mostly = {
.name = "MASQUERADE",
.family = AF_INET,
- .target = masquerade_target,
+ .target = masquerade_tg,
.targetsize = sizeof(struct nf_nat_multi_range_compat),
.table = "nat",
.hooks = 1 << NF_INET_POST_ROUTING,
- .checkentry = masquerade_check,
+ .checkentry = masquerade_tg_check,
.me = THIS_MODULE,
};
-static int __init ipt_masquerade_init(void)
+static int __init masquerade_tg_init(void)
{
int ret;
- ret = xt_register_target(&masquerade);
+ ret = xt_register_target(&masquerade_tg_reg);
if (ret == 0) {
/* Register for device down reports */
return ret;
}
-static void __exit ipt_masquerade_fini(void)
+static void __exit masquerade_tg_exit(void)
{
- xt_unregister_target(&masquerade);
+ xt_unregister_target(&masquerade_tg_reg);
unregister_netdevice_notifier(&masq_dev_notifier);
unregister_inetaddr_notifier(&masq_inet_notifier);
}
-module_init(ipt_masquerade_init);
-module_exit(ipt_masquerade_fini);
+module_init(masquerade_tg_init);
+module_exit(masquerade_tg_exit);
MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");
static bool
-check(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+netmap_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct nf_nat_multi_range_compat *mr = targinfo;
}
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+netmap_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct nf_conn *ct;
enum ip_conntrack_info ctinfo;
return nf_nat_setup_info(ct, &newrange, hooknum);
}
-static struct xt_target target_module __read_mostly = {
+static struct xt_target netmap_tg_reg __read_mostly = {
.name = "NETMAP",
.family = AF_INET,
- .target = target,
+ .target = netmap_tg,
.targetsize = sizeof(struct nf_nat_multi_range_compat),
.table = "nat",
.hooks = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_POST_ROUTING) |
(1 << NF_INET_LOCAL_OUT),
- .checkentry = check,
+ .checkentry = netmap_tg_check,
.me = THIS_MODULE
};
-static int __init ipt_netmap_init(void)
+static int __init netmap_tg_init(void)
{
- return xt_register_target(&target_module);
+ return xt_register_target(&netmap_tg_reg);
}
-static void __exit ipt_netmap_fini(void)
+static void __exit netmap_tg_exit(void)
{
- xt_unregister_target(&target_module);
+ xt_unregister_target(&netmap_tg_reg);
}
-module_init(ipt_netmap_init);
-module_exit(ipt_netmap_fini);
+module_init(netmap_tg_init);
+module_exit(netmap_tg_exit);
/* FIXME: Take multiple ranges --RR */
static bool
-redirect_check(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+redirect_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct nf_nat_multi_range_compat *mr = targinfo;
}
static unsigned int
-redirect_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+redirect_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct nf_conn *ct;
enum ip_conntrack_info ctinfo;
return nf_nat_setup_info(ct, &newrange, hooknum);
}
-static struct xt_target redirect_reg __read_mostly = {
+static struct xt_target redirect_tg_reg __read_mostly = {
.name = "REDIRECT",
.family = AF_INET,
- .target = redirect_target,
+ .target = redirect_tg,
.targetsize = sizeof(struct nf_nat_multi_range_compat),
.table = "nat",
.hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
- .checkentry = redirect_check,
+ .checkentry = redirect_tg_check,
.me = THIS_MODULE,
};
-static int __init ipt_redirect_init(void)
+static int __init redirect_tg_init(void)
{
- return xt_register_target(&redirect_reg);
+ return xt_register_target(&redirect_tg_reg);
}
-static void __exit ipt_redirect_fini(void)
+static void __exit redirect_tg_exit(void)
{
- xt_unregister_target(&redirect_reg);
+ xt_unregister_target(&redirect_tg_reg);
}
-module_init(ipt_redirect_init);
-module_exit(ipt_redirect_fini);
+module_init(redirect_tg_init);
+module_exit(redirect_tg_exit);
icmp_send(skb_in, ICMP_DEST_UNREACH, code, 0);
}
-static unsigned int reject(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+reject_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ipt_reject_info *reject = targinfo;
return NF_DROP;
}
-static bool check(const char *tablename,
- const void *e_void,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+reject_tg_check(const char *tablename, const void *e_void,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ipt_reject_info *rejinfo = targinfo;
const struct ipt_entry *e = e_void;
return true;
}
-static struct xt_target ipt_reject_reg __read_mostly = {
+static struct xt_target reject_tg_reg __read_mostly = {
.name = "REJECT",
.family = AF_INET,
- .target = reject,
+ .target = reject_tg,
.targetsize = sizeof(struct ipt_reject_info),
.table = "filter",
.hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
(1 << NF_INET_LOCAL_OUT),
- .checkentry = check,
+ .checkentry = reject_tg_check,
.me = THIS_MODULE,
};
-static int __init ipt_reject_init(void)
+static int __init reject_tg_init(void)
{
- return xt_register_target(&ipt_reject_reg);
+ return xt_register_target(&reject_tg_reg);
}
-static void __exit ipt_reject_fini(void)
+static void __exit reject_tg_exit(void)
{
- xt_unregister_target(&ipt_reject_reg);
+ xt_unregister_target(&reject_tg_reg);
}
-module_init(ipt_reject_init);
-module_exit(ipt_reject_fini);
+module_init(reject_tg_init);
+module_exit(reject_tg_exit);
MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip");
static bool
-same_check(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+same_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
unsigned int count, countess, rangeip, index = 0;
struct ipt_same_info *mr = targinfo;
return true;
}
-static void
-same_destroy(const struct xt_target *target, void *targinfo)
+static void same_tg_destroy(const struct xt_target *target, void *targinfo)
{
struct ipt_same_info *mr = targinfo;
}
static unsigned int
-same_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+same_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct nf_conn *ct;
enum ip_conntrack_info ctinfo;
return nf_nat_setup_info(ct, &newrange, hooknum);
}
-static struct xt_target same_reg __read_mostly = {
+static struct xt_target same_tg_reg __read_mostly = {
.name = "SAME",
.family = AF_INET,
- .target = same_target,
+ .target = same_tg,
.targetsize = sizeof(struct ipt_same_info),
.table = "nat",
.hooks = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_POST_ROUTING),
- .checkentry = same_check,
- .destroy = same_destroy,
+ .checkentry = same_tg_check,
+ .destroy = same_tg_destroy,
.me = THIS_MODULE,
};
-static int __init ipt_same_init(void)
+static int __init same_tg_init(void)
{
- return xt_register_target(&same_reg);
+ return xt_register_target(&same_tg_reg);
}
-static void __exit ipt_same_fini(void)
+static void __exit same_tg_exit(void)
{
- xt_unregister_target(&same_reg);
+ xt_unregister_target(&same_tg_reg);
}
-module_init(ipt_same_init);
-module_exit(ipt_same_fini);
+module_init(same_tg_init);
+module_exit(same_tg_exit);
MODULE_DESCRIPTION("iptables TOS mangling module");
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+tos_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ipt_tos_target_info *tosinfo = targinfo;
struct iphdr *iph = ip_hdr(skb);
}
static bool
-checkentry(const char *tablename,
- const void *e_void,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+tos_tg_check(const char *tablename, const void *e_void,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos;
return true;
}
-static struct xt_target ipt_tos_reg __read_mostly = {
+static struct xt_target tos_tg_reg __read_mostly = {
.name = "TOS",
.family = AF_INET,
- .target = target,
+ .target = tos_tg,
.targetsize = sizeof(struct ipt_tos_target_info),
.table = "mangle",
- .checkentry = checkentry,
+ .checkentry = tos_tg_check,
.me = THIS_MODULE,
};
-static int __init ipt_tos_init(void)
+static int __init tos_tg_init(void)
{
- return xt_register_target(&ipt_tos_reg);
+ return xt_register_target(&tos_tg_reg);
}
-static void __exit ipt_tos_fini(void)
+static void __exit tos_tg_exit(void)
{
- xt_unregister_target(&ipt_tos_reg);
+ xt_unregister_target(&tos_tg_reg);
}
-module_init(ipt_tos_init);
-module_exit(ipt_tos_fini);
+module_init(tos_tg_init);
+module_exit(tos_tg_exit);
MODULE_LICENSE("GPL");
static unsigned int
-ipt_ttl_target(struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- unsigned int hooknum, const struct xt_target *target,
- const void *targinfo)
+ttl_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct iphdr *iph;
const struct ipt_TTL_info *info = targinfo;
return XT_CONTINUE;
}
-static bool ipt_ttl_checkentry(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+ttl_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ipt_TTL_info *info = targinfo;
return true;
}
-static struct xt_target ipt_TTL __read_mostly = {
+static struct xt_target ttl_tg_reg __read_mostly = {
.name = "TTL",
.family = AF_INET,
- .target = ipt_ttl_target,
+ .target = ttl_tg,
.targetsize = sizeof(struct ipt_TTL_info),
.table = "mangle",
- .checkentry = ipt_ttl_checkentry,
+ .checkentry = ttl_tg_check,
.me = THIS_MODULE,
};
-static int __init ipt_ttl_init(void)
+static int __init ttl_tg_init(void)
{
- return xt_register_target(&ipt_TTL);
+ return xt_register_target(&ttl_tg_reg);
}
-static void __exit ipt_ttl_fini(void)
+static void __exit ttl_tg_exit(void)
{
- xt_unregister_target(&ipt_TTL);
+ xt_unregister_target(&ttl_tg_reg);
}
-module_init(ipt_ttl_init);
-module_exit(ipt_ttl_fini);
+module_init(ttl_tg_init);
+module_exit(ttl_tg_exit);
spin_unlock_bh(&ulog_lock);
}
-static unsigned int ipt_ulog_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+ulog_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
}
-static bool ipt_ulog_checkentry(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hookmask)
+static bool
+ulog_tg_check(const char *tablename, const void *e,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hookmask)
{
const struct ipt_ulog_info *loginfo = targinfo;
char prefix[ULOG_PREFIX_LEN];
};
-static void compat_from_user(void *dst, void *src)
+static void ulog_tg_compat_from_user(void *dst, void *src)
{
const struct compat_ipt_ulog_info *cl = src;
struct ipt_ulog_info l = {
memcpy(dst, &l, sizeof(l));
}
-static int compat_to_user(void __user *dst, void *src)
+static int ulog_tg_compat_to_user(void __user *dst, void *src)
{
const struct ipt_ulog_info *l = src;
struct compat_ipt_ulog_info cl = {
}
#endif /* CONFIG_COMPAT */
-static struct xt_target ipt_ulog_reg __read_mostly = {
+static struct xt_target ulog_tg_reg __read_mostly = {
.name = "ULOG",
.family = AF_INET,
- .target = ipt_ulog_target,
+ .target = ulog_tg,
.targetsize = sizeof(struct ipt_ulog_info),
- .checkentry = ipt_ulog_checkentry,
+ .checkentry = ulog_tg_check,
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_ipt_ulog_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = ulog_tg_compat_from_user,
+ .compat_to_user = ulog_tg_compat_to_user,
#endif
.me = THIS_MODULE,
};
.me = THIS_MODULE,
};
-static int __init ipt_ulog_init(void)
+static int __init ulog_tg_init(void)
{
int ret, i;
if (!nflognl)
return -ENOMEM;
- ret = xt_register_target(&ipt_ulog_reg);
+ ret = xt_register_target(&ulog_tg_reg);
if (ret < 0) {
sock_release(nflognl->sk_socket);
return ret;
return 0;
}
-static void __exit ipt_ulog_fini(void)
+static void __exit ulog_tg_exit(void)
{
ulog_buff_t *ub;
int i;
if (nflog)
nf_log_unregister(&ipt_ulog_logger);
- xt_unregister_target(&ipt_ulog_reg);
+ xt_unregister_target(&ulog_tg_reg);
sock_release(nflognl->sk_socket);
/* remove pending timers and free allocated skb's */
}
}
-module_init(ipt_ulog_init);
-module_exit(ipt_ulog_fini);
+module_init(ulog_tg_init);
+module_exit(ulog_tg_exit);
return !!(mask & (1 << inet_addr_type(addr)));
}
-static bool match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+static bool
+addrtype_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct ipt_addrtype_info *info = matchinfo;
const struct iphdr *iph = ip_hdr(skb);
return ret;
}
-static struct xt_match addrtype_match __read_mostly = {
+static struct xt_match addrtype_mt_reg __read_mostly = {
.name = "addrtype",
.family = AF_INET,
- .match = match,
+ .match = addrtype_mt,
.matchsize = sizeof(struct ipt_addrtype_info),
.me = THIS_MODULE
};
-static int __init ipt_addrtype_init(void)
+static int __init addrtype_mt_init(void)
{
- return xt_register_match(&addrtype_match);
+ return xt_register_match(&addrtype_mt_reg);
}
-static void __exit ipt_addrtype_fini(void)
+static void __exit addrtype_mt_exit(void)
{
- xt_unregister_match(&addrtype_match);
+ xt_unregister_match(&addrtype_mt_reg);
}
-module_init(ipt_addrtype_init);
-module_exit(ipt_addrtype_fini);
+module_init(addrtype_mt_init);
+module_exit(addrtype_mt_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+ah_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct ip_auth_hdr _ahdr;
const struct ip_auth_hdr *ah;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *ip_void,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+ah_mt_check(const char *tablename, const void *ip_void,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ipt_ah *ahinfo = matchinfo;
return true;
}
-static struct xt_match ah_match __read_mostly = {
+static struct xt_match ah_mt_reg __read_mostly = {
.name = "ah",
.family = AF_INET,
- .match = match,
+ .match = ah_mt,
.matchsize = sizeof(struct ipt_ah),
.proto = IPPROTO_AH,
- .checkentry = checkentry,
+ .checkentry = ah_mt_check,
.me = THIS_MODULE,
};
-static int __init ipt_ah_init(void)
+static int __init ah_mt_init(void)
{
- return xt_register_match(&ah_match);
+ return xt_register_match(&ah_mt_reg);
}
-static void __exit ipt_ah_fini(void)
+static void __exit ah_mt_exit(void)
{
- xt_unregister_match(&ah_match);
+ xt_unregister_match(&ah_mt_reg);
}
-module_init(ipt_ah_init);
-module_exit(ipt_ah_fini);
+module_init(ah_mt_init);
+module_exit(ah_mt_exit);
return true;
}
-static bool match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+static bool
+ecn_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct ipt_ecn_info *info = matchinfo;
return true;
}
-static bool checkentry(const char *tablename, const void *ip_void,
- const struct xt_match *match,
- void *matchinfo, unsigned int hook_mask)
+static bool
+ecn_mt_check(const char *tablename, const void *ip_void,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ipt_ecn_info *info = matchinfo;
const struct ipt_ip *ip = ip_void;
return true;
}
-static struct xt_match ecn_match __read_mostly = {
+static struct xt_match ecn_mt_reg __read_mostly = {
.name = "ecn",
.family = AF_INET,
- .match = match,
+ .match = ecn_mt,
.matchsize = sizeof(struct ipt_ecn_info),
- .checkentry = checkentry,
+ .checkentry = ecn_mt_check,
.me = THIS_MODULE,
};
-static int __init ipt_ecn_init(void)
+static int __init ecn_mt_init(void)
{
- return xt_register_match(&ecn_match);
+ return xt_register_match(&ecn_mt_reg);
}
-static void __exit ipt_ecn_fini(void)
+static void __exit ecn_mt_exit(void)
{
- xt_unregister_match(&ecn_match);
+ xt_unregister_match(&ecn_mt_reg);
}
-module_init(ipt_ecn_init);
-module_exit(ipt_ecn_fini);
+module_init(ecn_mt_init);
+module_exit(ecn_mt_exit);
MODULE_DESCRIPTION("iptables arbitrary IP range match module");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+iprange_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct ipt_iprange_info *info = matchinfo;
const struct iphdr *iph = ip_hdr(skb);
return true;
}
-static struct xt_match iprange_match __read_mostly = {
+static struct xt_match iprange_mt_reg __read_mostly = {
.name = "iprange",
.family = AF_INET,
- .match = match,
+ .match = iprange_mt,
.matchsize = sizeof(struct ipt_iprange_info),
.me = THIS_MODULE
};
-static int __init ipt_iprange_init(void)
+static int __init iprange_mt_init(void)
{
- return xt_register_match(&iprange_match);
+ return xt_register_match(&iprange_mt_reg);
}
-static void __exit ipt_iprange_fini(void)
+static void __exit iprange_mt_exit(void)
{
- xt_unregister_match(&iprange_match);
+ xt_unregister_match(&iprange_mt_reg);
}
-module_init(ipt_iprange_init);
-module_exit(ipt_iprange_fini);
+module_init(iprange_mt_init);
+module_exit(iprange_mt_exit);
MODULE_DESCRIPTION("iptables owner match");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+owner_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct ipt_owner_info *info = matchinfo;
}
static bool
-checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+owner_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ipt_owner_info *info = matchinfo;
return true;
}
-static struct xt_match owner_match __read_mostly = {
+static struct xt_match owner_mt_reg __read_mostly = {
.name = "owner",
.family = AF_INET,
- .match = match,
+ .match = owner_mt,
.matchsize = sizeof(struct ipt_owner_info),
.hooks = (1 << NF_INET_LOCAL_OUT) |
(1 << NF_INET_POST_ROUTING),
- .checkentry = checkentry,
+ .checkentry = owner_mt_check,
.me = THIS_MODULE,
};
-static int __init ipt_owner_init(void)
+static int __init owner_mt_init(void)
{
- return xt_register_match(&owner_match);
+ return xt_register_match(&owner_mt_reg);
}
-static void __exit ipt_owner_fini(void)
+static void __exit owner_mt_exit(void)
{
- xt_unregister_match(&owner_match);
+ xt_unregister_match(&owner_mt_reg);
}
-module_init(ipt_owner_init);
-module_exit(ipt_owner_fini);
+module_init(owner_mt_init);
+module_exit(owner_mt_exit);
}
static bool
-ipt_recent_match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+recent_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct ipt_recent_info *info = matchinfo;
struct recent_table *t;
}
static bool
-ipt_recent_checkentry(const char *tablename, const void *ip,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
+recent_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ipt_recent_info *info = matchinfo;
struct recent_table *t;
return ret;
}
-static void
-ipt_recent_destroy(const struct xt_match *match, void *matchinfo)
+static void recent_mt_destroy(const struct xt_match *match, void *matchinfo)
{
const struct ipt_recent_info *info = matchinfo;
struct recent_table *t;
};
#endif /* CONFIG_PROC_FS */
-static struct xt_match recent_match __read_mostly = {
+static struct xt_match recent_mt_reg __read_mostly = {
.name = "recent",
.family = AF_INET,
- .match = ipt_recent_match,
+ .match = recent_mt,
.matchsize = sizeof(struct ipt_recent_info),
- .checkentry = ipt_recent_checkentry,
- .destroy = ipt_recent_destroy,
+ .checkentry = recent_mt_check,
+ .destroy = recent_mt_destroy,
.me = THIS_MODULE,
};
-static int __init ipt_recent_init(void)
+static int __init recent_mt_init(void)
{
int err;
return -EINVAL;
ip_list_hash_size = 1 << fls(ip_list_tot);
- err = xt_register_match(&recent_match);
+ err = xt_register_match(&recent_mt_reg);
#ifdef CONFIG_PROC_FS
if (err)
return err;
proc_dir = proc_mkdir("ipt_recent", init_net.proc_net);
if (proc_dir == NULL) {
- xt_unregister_match(&recent_match);
+ xt_unregister_match(&recent_mt_reg);
err = -ENOMEM;
}
#endif
return err;
}
-static void __exit ipt_recent_exit(void)
+static void __exit recent_mt_exit(void)
{
BUG_ON(!list_empty(&tables));
- xt_unregister_match(&recent_match);
+ xt_unregister_match(&recent_mt_reg);
#ifdef CONFIG_PROC_FS
remove_proc_entry("ipt_recent", init_net.proc_net);
#endif
}
-module_init(ipt_recent_init);
-module_exit(ipt_recent_exit);
+module_init(recent_mt_init);
+module_exit(recent_mt_exit);
MODULE_DESCRIPTION("iptables TOS match module");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+tos_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct ipt_tos_info *info = matchinfo;
return (ip_hdr(skb)->tos == info->tos) ^ info->invert;
}
-static struct xt_match tos_match __read_mostly = {
+static struct xt_match tos_mt_reg __read_mostly = {
.name = "tos",
.family = AF_INET,
- .match = match,
+ .match = tos_mt,
.matchsize = sizeof(struct ipt_tos_info),
.me = THIS_MODULE,
};
-static int __init ipt_multiport_init(void)
+static int __init tos_mt_init(void)
{
- return xt_register_match(&tos_match);
+ return xt_register_match(&tos_mt_reg);
}
-static void __exit ipt_multiport_fini(void)
+static void __exit tos_mt_exit(void)
{
- xt_unregister_match(&tos_match);
+ xt_unregister_match(&tos_mt_reg);
}
-module_init(ipt_multiport_init);
-module_exit(ipt_multiport_fini);
+module_init(tos_mt_init);
+module_exit(tos_mt_exit);
MODULE_DESCRIPTION("IP tables TTL matching module");
MODULE_LICENSE("GPL");
-static bool match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+static bool
+ttl_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct ipt_ttl_info *info = matchinfo;
const u8 ttl = ip_hdr(skb)->ttl;
return false;
}
-static struct xt_match ttl_match __read_mostly = {
+static struct xt_match ttl_mt_reg __read_mostly = {
.name = "ttl",
.family = AF_INET,
- .match = match,
+ .match = ttl_mt,
.matchsize = sizeof(struct ipt_ttl_info),
.me = THIS_MODULE,
};
-static int __init ipt_ttl_init(void)
+static int __init ttl_mt_init(void)
{
- return xt_register_match(&ttl_match);
+ return xt_register_match(&ttl_mt_reg);
}
-static void __exit ipt_ttl_fini(void)
+static void __exit ttl_mt_exit(void)
{
- xt_unregister_match(&ttl_match);
+ xt_unregister_match(&ttl_mt_reg);
}
-module_init(ipt_ttl_init);
-module_exit(ipt_ttl_fini);
+module_init(ttl_mt_init);
+module_exit(ttl_mt_exit);
MODULE_DESCRIPTION("IP6 tables Hop Limit modification module");
MODULE_LICENSE("GPL");
-static unsigned int ip6t_hl_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+hl_tg6(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct ipv6hdr *ip6h;
const struct ip6t_HL_info *info = targinfo;
return XT_CONTINUE;
}
-static bool ip6t_hl_checkentry(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+hl_tg6_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ip6t_HL_info *info = targinfo;
return true;
}
-static struct xt_target ip6t_HL __read_mostly = {
+static struct xt_target hl_tg6_reg __read_mostly = {
.name = "HL",
.family = AF_INET6,
- .target = ip6t_hl_target,
+ .target = hl_tg6,
.targetsize = sizeof(struct ip6t_HL_info),
.table = "mangle",
- .checkentry = ip6t_hl_checkentry,
+ .checkentry = hl_tg6_check,
.me = THIS_MODULE
};
-static int __init ip6t_hl_init(void)
+static int __init hl_tg6_init(void)
{
- return xt_register_target(&ip6t_HL);
+ return xt_register_target(&hl_tg6_reg);
}
-static void __exit ip6t_hl_fini(void)
+static void __exit hl_tg6_exit(void)
{
- xt_unregister_target(&ip6t_HL);
+ xt_unregister_target(&hl_tg6_reg);
}
-module_init(ip6t_hl_init);
-module_exit(ip6t_hl_fini);
+module_init(hl_tg6_init);
+module_exit(hl_tg6_exit);
}
static unsigned int
-ip6t_log_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+log_tg6(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ip6t_log_info *loginfo = targinfo;
struct nf_loginfo li;
}
-static bool ip6t_log_checkentry(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+log_tg6_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ip6t_log_info *loginfo = targinfo;
return true;
}
-static struct xt_target ip6t_log_reg __read_mostly = {
+static struct xt_target log_tg6_reg __read_mostly = {
.name = "LOG",
.family = AF_INET6,
- .target = ip6t_log_target,
+ .target = log_tg6,
.targetsize = sizeof(struct ip6t_log_info),
- .checkentry = ip6t_log_checkentry,
+ .checkentry = log_tg6_check,
.me = THIS_MODULE,
};
.me = THIS_MODULE,
};
-static int __init ip6t_log_init(void)
+static int __init log_tg6_init(void)
{
int ret;
- ret = xt_register_target(&ip6t_log_reg);
+ ret = xt_register_target(&log_tg6_reg);
if (ret < 0)
return ret;
nf_log_register(PF_INET6, &ip6t_logger);
return 0;
}
-static void __exit ip6t_log_fini(void)
+static void __exit log_tg6_exit(void)
{
nf_log_unregister(&ip6t_logger);
- xt_unregister_target(&ip6t_log_reg);
+ xt_unregister_target(&log_tg6_reg);
}
-module_init(ip6t_log_init);
-module_exit(ip6t_log_fini);
+module_init(log_tg6_init);
+module_exit(log_tg6_exit);
icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0, NULL);
}
-static unsigned int reject6_target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+reject_tg6(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct ip6t_reject_info *reject = targinfo;
return NF_DROP;
}
-static bool check(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+reject_tg6_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct ip6t_reject_info *rejinfo = targinfo;
const struct ip6t_entry *e = entry;
return true;
}
-static struct xt_target ip6t_reject_reg __read_mostly = {
+static struct xt_target reject_tg6_reg __read_mostly = {
.name = "REJECT",
.family = AF_INET6,
- .target = reject6_target,
+ .target = reject_tg6,
.targetsize = sizeof(struct ip6t_reject_info),
.table = "filter",
.hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
(1 << NF_INET_LOCAL_OUT),
- .checkentry = check,
+ .checkentry = reject_tg6_check,
.me = THIS_MODULE
};
-static int __init ip6t_reject_init(void)
+static int __init reject_tg6_init(void)
{
- return xt_register_target(&ip6t_reject_reg);
+ return xt_register_target(&reject_tg6_reg);
}
-static void __exit ip6t_reject_fini(void)
+static void __exit reject_tg6_exit(void)
{
- xt_unregister_target(&ip6t_reject_reg);
+ xt_unregister_target(&reject_tg6_reg);
}
-module_init(ip6t_reject_init);
-module_exit(ip6t_reject_fini);
+module_init(reject_tg6_init);
+module_exit(reject_tg6_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+ah_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct ip_auth_hdr _ah;
const struct ip_auth_hdr *ah;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *entry,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+ah_mt6_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_ah *ahinfo = matchinfo;
return true;
}
-static struct xt_match ah_match __read_mostly = {
+static struct xt_match ah_mt6_reg __read_mostly = {
.name = "ah",
.family = AF_INET6,
- .match = match,
+ .match = ah_mt6,
.matchsize = sizeof(struct ip6t_ah),
- .checkentry = checkentry,
+ .checkentry = ah_mt6_check,
.me = THIS_MODULE,
};
-static int __init ip6t_ah_init(void)
+static int __init ah_mt6_init(void)
{
- return xt_register_match(&ah_match);
+ return xt_register_match(&ah_mt6_reg);
}
-static void __exit ip6t_ah_fini(void)
+static void __exit ah_mt6_exit(void)
{
- xt_unregister_match(&ah_match);
+ xt_unregister_match(&ah_mt6_reg);
}
-module_init(ip6t_ah_init);
-module_exit(ip6t_ah_fini);
+module_init(ah_mt6_init);
+module_exit(ah_mt6_exit);
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+eui64_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
unsigned char eui64[8];
int i = 0;
return false;
}
-static struct xt_match eui64_match __read_mostly = {
+static struct xt_match eui64_mt6_reg __read_mostly = {
.name = "eui64",
.family = AF_INET6,
- .match = match,
+ .match = eui64_mt6,
.matchsize = sizeof(int),
.hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) |
(1 << NF_INET_FORWARD),
.me = THIS_MODULE,
};
-static int __init ip6t_eui64_init(void)
+static int __init eui64_mt6_init(void)
{
- return xt_register_match(&eui64_match);
+ return xt_register_match(&eui64_mt6_reg);
}
-static void __exit ip6t_eui64_fini(void)
+static void __exit eui64_mt6_exit(void)
{
- xt_unregister_match(&eui64_match);
+ xt_unregister_match(&eui64_mt6_reg);
}
-module_init(ip6t_eui64_init);
-module_exit(ip6t_eui64_fini);
+module_init(eui64_mt6_init);
+module_exit(eui64_mt6_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+frag_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
struct frag_hdr _frag;
const struct frag_hdr *fh;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+frag_mt6_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_frag *fraginfo = matchinfo;
return true;
}
-static struct xt_match frag_match __read_mostly = {
+static struct xt_match frag_mt6_reg __read_mostly = {
.name = "frag",
.family = AF_INET6,
- .match = match,
+ .match = frag_mt6,
.matchsize = sizeof(struct ip6t_frag),
- .checkentry = checkentry,
+ .checkentry = frag_mt6_check,
.me = THIS_MODULE,
};
-static int __init ip6t_frag_init(void)
+static int __init frag_mt6_init(void)
{
- return xt_register_match(&frag_match);
+ return xt_register_match(&frag_mt6_reg);
}
-static void __exit ip6t_frag_fini(void)
+static void __exit frag_mt6_exit(void)
{
- xt_unregister_match(&frag_match);
+ xt_unregister_match(&frag_mt6_reg);
}
-module_init(ip6t_frag_init);
-module_exit(ip6t_frag_fini);
+module_init(frag_mt6_init);
+module_exit(frag_mt6_exit);
*/
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+hbh_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
struct ipv6_opt_hdr _optsh;
const struct ipv6_opt_hdr *oh;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *entry,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+hbh_mt6_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_opts *optsinfo = matchinfo;
return true;
}
-static struct xt_match opts_match[] __read_mostly = {
+static struct xt_match hbh_mt6_reg[] __read_mostly = {
{
.name = "hbh",
.family = AF_INET6,
- .match = match,
+ .match = hbh_mt6,
.matchsize = sizeof(struct ip6t_opts),
- .checkentry = checkentry,
+ .checkentry = hbh_mt6_check,
.me = THIS_MODULE,
.data = NEXTHDR_HOP,
},
{
.name = "dst",
.family = AF_INET6,
- .match = match,
+ .match = hbh_mt6,
.matchsize = sizeof(struct ip6t_opts),
- .checkentry = checkentry,
+ .checkentry = hbh_mt6_check,
.me = THIS_MODULE,
.data = NEXTHDR_DEST,
},
};
-static int __init ip6t_hbh_init(void)
+static int __init hbh_mt6_init(void)
{
- return xt_register_matches(opts_match, ARRAY_SIZE(opts_match));
+ return xt_register_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
}
-static void __exit ip6t_hbh_fini(void)
+static void __exit hbh_mt6_exit(void)
{
- xt_unregister_matches(opts_match, ARRAY_SIZE(opts_match));
+ xt_unregister_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
}
-module_init(ip6t_hbh_init);
-module_exit(ip6t_hbh_fini);
+module_init(hbh_mt6_init);
+module_exit(hbh_mt6_exit);
MODULE_DESCRIPTION("IP tables Hop Limit matching module");
MODULE_LICENSE("GPL");
-static bool match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+static bool
+hl_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct ip6t_hl_info *info = matchinfo;
const struct ipv6hdr *ip6h = ipv6_hdr(skb);
return false;
}
-static struct xt_match hl_match __read_mostly = {
+static struct xt_match hl_mt6_reg __read_mostly = {
.name = "hl",
.family = AF_INET6,
- .match = match,
+ .match = hl_mt6,
.matchsize = sizeof(struct ip6t_hl_info),
.me = THIS_MODULE,
};
-static int __init ip6t_hl_init(void)
+static int __init hl_mt6_init(void)
{
- return xt_register_match(&hl_match);
+ return xt_register_match(&hl_mt6_reg);
}
-static void __exit ip6t_hl_fini(void)
+static void __exit hl_mt6_exit(void)
{
- xt_unregister_match(&hl_match);
+ xt_unregister_match(&hl_mt6_reg);
}
-module_init(ip6t_hl_init);
-module_exit(ip6t_hl_fini);
+module_init(hl_mt6_init);
+module_exit(hl_mt6_exit);
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
static bool
-ipv6header_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+ipv6header_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct ip6t_ipv6header_info *info = matchinfo;
unsigned int temp;
}
static bool
-ipv6header_checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+ipv6header_mt6_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_ipv6header_info *info = matchinfo;
return true;
}
-static struct xt_match ip6t_ipv6header_match __read_mostly = {
+static struct xt_match ipv6header_mt6_reg __read_mostly = {
.name = "ipv6header",
.family = AF_INET6,
- .match = &ipv6header_match,
+ .match = ipv6header_mt6,
.matchsize = sizeof(struct ip6t_ipv6header_info),
- .checkentry = &ipv6header_checkentry,
+ .checkentry = ipv6header_mt6_check,
.destroy = NULL,
.me = THIS_MODULE,
};
-static int __init ipv6header_init(void)
+static int __init ipv6header_mt6_init(void)
{
- return xt_register_match(&ip6t_ipv6header_match);
+ return xt_register_match(&ipv6header_mt6_reg);
}
-static void __exit ipv6header_exit(void)
+static void __exit ipv6header_mt6_exit(void)
{
- xt_unregister_match(&ip6t_ipv6header_match);
+ xt_unregister_match(&ipv6header_mt6_reg);
}
-module_init(ipv6header_init);
-module_exit(ipv6header_exit);
+module_init(ipv6header_mt6_init);
+module_exit(ipv6header_mt6_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+mh_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct ip6_mh _mh;
const struct ip6_mh *mh;
/* Called when user tries to insert an entry of this type. */
static bool
-mh_checkentry(const char *tablename,
- const void *entry,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+mh_mt6_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_mh *mhinfo = matchinfo;
return !(mhinfo->invflags & ~IP6T_MH_INV_MASK);
}
-static struct xt_match mh_match __read_mostly = {
+static struct xt_match mh_mt6_reg __read_mostly = {
.name = "mh",
.family = AF_INET6,
- .checkentry = mh_checkentry,
- .match = match,
+ .checkentry = mh_mt6_check,
+ .match = mh_mt6,
.matchsize = sizeof(struct ip6t_mh),
.proto = IPPROTO_MH,
.me = THIS_MODULE,
};
-static int __init ip6t_mh_init(void)
+static int __init mh_mt6_init(void)
{
- return xt_register_match(&mh_match);
+ return xt_register_match(&mh_mt6_reg);
}
-static void __exit ip6t_mh_fini(void)
+static void __exit mh_mt6_exit(void)
{
- xt_unregister_match(&mh_match);
+ xt_unregister_match(&mh_mt6_reg);
}
-module_init(ip6t_mh_init);
-module_exit(ip6t_mh_fini);
+module_init(mh_mt6_init);
+module_exit(mh_mt6_exit);
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+owner_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct ip6t_owner_info *info = matchinfo;
}
static bool
-checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+owner_mt6_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_owner_info *info = matchinfo;
return true;
}
-static struct xt_match owner_match __read_mostly = {
+static struct xt_match owner_mt6_reg __read_mostly = {
.name = "owner",
.family = AF_INET6,
- .match = match,
+ .match = owner_mt6,
.matchsize = sizeof(struct ip6t_owner_info),
.hooks = (1 << NF_INET_LOCAL_OUT) |
(1 << NF_INET_POST_ROUTING),
- .checkentry = checkentry,
+ .checkentry = owner_mt6_check,
.me = THIS_MODULE,
};
-static int __init ip6t_owner_init(void)
+static int __init owner_mt6_init(void)
{
- return xt_register_match(&owner_match);
+ return xt_register_match(&owner_mt6_reg);
}
-static void __exit ip6t_owner_fini(void)
+static void __exit owner_mt6_exit(void)
{
- xt_unregister_match(&owner_match);
+ xt_unregister_match(&owner_mt6_reg);
}
-module_init(ip6t_owner_init);
-module_exit(ip6t_owner_fini);
+module_init(owner_mt6_init);
+module_exit(owner_mt6_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+rt_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct ipv6_rt_hdr _route;
const struct ipv6_rt_hdr *rh;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *entry,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+rt_mt6_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_rt *rtinfo = matchinfo;
return true;
}
-static struct xt_match rt_match __read_mostly = {
+static struct xt_match rt_mt6_reg __read_mostly = {
.name = "rt",
.family = AF_INET6,
- .match = match,
+ .match = rt_mt6,
.matchsize = sizeof(struct ip6t_rt),
- .checkentry = checkentry,
+ .checkentry = rt_mt6_check,
.me = THIS_MODULE,
};
-static int __init ip6t_rt_init(void)
+static int __init rt_mt6_init(void)
{
- return xt_register_match(&rt_match);
+ return xt_register_match(&rt_mt6_reg);
}
-static void __exit ip6t_rt_fini(void)
+static void __exit rt_mt6_exit(void)
{
- xt_unregister_match(&rt_match);
+ xt_unregister_match(&rt_mt6_reg);
}
-module_init(ip6t_rt_init);
-module_exit(ip6t_rt_fini);
+module_init(rt_mt6_init);
+module_exit(rt_mt6_exit);
MODULE_ALIAS("ip6t_CLASSIFY");
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+classify_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_classify_target_info *clinfo = targinfo;
return XT_CONTINUE;
}
-static struct xt_target xt_classify_target[] __read_mostly = {
+static struct xt_target classify_tg_reg[] __read_mostly = {
{
.family = AF_INET,
.name = "CLASSIFY",
- .target = target,
+ .target = classify_tg,
.targetsize = sizeof(struct xt_classify_target_info),
.table = "mangle",
.hooks = (1 << NF_INET_LOCAL_OUT) |
{
.name = "CLASSIFY",
.family = AF_INET6,
- .target = target,
+ .target = classify_tg,
.targetsize = sizeof(struct xt_classify_target_info),
.table = "mangle",
.hooks = (1 << NF_INET_LOCAL_OUT) |
},
};
-static int __init xt_classify_init(void)
+static int __init classify_tg_init(void)
{
- return xt_register_targets(xt_classify_target,
- ARRAY_SIZE(xt_classify_target));
+ return xt_register_targets(classify_tg_reg,
+ ARRAY_SIZE(classify_tg_reg));
}
-static void __exit xt_classify_fini(void)
+static void __exit classify_tg_exit(void)
{
- xt_unregister_targets(xt_classify_target,
- ARRAY_SIZE(xt_classify_target));
+ xt_unregister_targets(classify_tg_reg, ARRAY_SIZE(classify_tg_reg));
}
-module_init(xt_classify_init);
-module_exit(xt_classify_fini);
+module_init(classify_tg_init);
+module_exit(classify_tg_exit);
#include <net/netfilter/nf_conntrack_ecache.h>
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+connmark_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_connmark_target_info *markinfo = targinfo;
struct nf_conn *ct;
}
static bool
-checkentry(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+connmark_tg_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct xt_connmark_target_info *matchinfo = targinfo;
}
static void
-destroy(const struct xt_target *target, void *targinfo)
+connmark_tg_destroy(const struct xt_target *target, void *targinfo)
{
nf_ct_l3proto_module_put(target->family);
}
u_int16_t __pad2;
};
-static void compat_from_user(void *dst, void *src)
+static void connmark_tg_compat_from_user(void *dst, void *src)
{
const struct compat_xt_connmark_target_info *cm = src;
struct xt_connmark_target_info m = {
memcpy(dst, &m, sizeof(m));
}
-static int compat_to_user(void __user *dst, void *src)
+static int connmark_tg_compat_to_user(void __user *dst, void *src)
{
const struct xt_connmark_target_info *m = src;
struct compat_xt_connmark_target_info cm = {
}
#endif /* CONFIG_COMPAT */
-static struct xt_target xt_connmark_target[] __read_mostly = {
+static struct xt_target connmark_tg_reg[] __read_mostly = {
{
.name = "CONNMARK",
.family = AF_INET,
- .checkentry = checkentry,
- .destroy = destroy,
- .target = target,
+ .checkentry = connmark_tg_check,
+ .destroy = connmark_tg_destroy,
+ .target = connmark_tg,
.targetsize = sizeof(struct xt_connmark_target_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_connmark_target_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = connmark_tg_compat_from_user,
+ .compat_to_user = connmark_tg_compat_to_user,
#endif
.me = THIS_MODULE
},
{
.name = "CONNMARK",
.family = AF_INET6,
- .checkentry = checkentry,
- .destroy = destroy,
- .target = target,
+ .checkentry = connmark_tg_check,
+ .destroy = connmark_tg_destroy,
+ .target = connmark_tg,
.targetsize = sizeof(struct xt_connmark_target_info),
.me = THIS_MODULE
},
};
-static int __init xt_connmark_init(void)
+static int __init connmark_tg_init(void)
{
- return xt_register_targets(xt_connmark_target,
- ARRAY_SIZE(xt_connmark_target));
+ return xt_register_targets(connmark_tg_reg,
+ ARRAY_SIZE(connmark_tg_reg));
}
-static void __exit xt_connmark_fini(void)
+static void __exit connmark_tg_exit(void)
{
- xt_unregister_targets(xt_connmark_target,
- ARRAY_SIZE(xt_connmark_target));
+ xt_unregister_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg));
}
-module_init(xt_connmark_init);
-module_exit(xt_connmark_fini);
+module_init(connmark_tg_init);
+module_exit(connmark_tg_exit);
}
}
-static unsigned int target(struct sk_buff *skb, const struct net_device *in,
- const struct net_device *out, unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+connsecmark_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_connsecmark_target_info *info = targinfo;
return XT_CONTINUE;
}
-static bool checkentry(const char *tablename, const void *entry,
- const struct xt_target *target, void *targinfo,
- unsigned int hook_mask)
+static bool
+connsecmark_tg_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct xt_connsecmark_target_info *info = targinfo;
}
static void
-destroy(const struct xt_target *target, void *targinfo)
+connsecmark_tg_destroy(const struct xt_target *target, void *targinfo)
{
nf_ct_l3proto_module_put(target->family);
}
-static struct xt_target xt_connsecmark_target[] __read_mostly = {
+static struct xt_target connsecmark_tg_reg[] __read_mostly = {
{
.name = "CONNSECMARK",
.family = AF_INET,
- .checkentry = checkentry,
- .destroy = destroy,
- .target = target,
+ .checkentry = connsecmark_tg_check,
+ .destroy = connsecmark_tg_destroy,
+ .target = connsecmark_tg,
.targetsize = sizeof(struct xt_connsecmark_target_info),
.table = "mangle",
.me = THIS_MODULE,
{
.name = "CONNSECMARK",
.family = AF_INET6,
- .checkentry = checkentry,
- .destroy = destroy,
- .target = target,
+ .checkentry = connsecmark_tg_check,
+ .destroy = connsecmark_tg_destroy,
+ .target = connsecmark_tg,
.targetsize = sizeof(struct xt_connsecmark_target_info),
.table = "mangle",
.me = THIS_MODULE,
},
};
-static int __init xt_connsecmark_init(void)
+static int __init connsecmark_tg_init(void)
{
- return xt_register_targets(xt_connsecmark_target,
- ARRAY_SIZE(xt_connsecmark_target));
+ return xt_register_targets(connsecmark_tg_reg,
+ ARRAY_SIZE(connsecmark_tg_reg));
}
-static void __exit xt_connsecmark_fini(void)
+static void __exit connsecmark_tg_exit(void)
{
- xt_unregister_targets(xt_connsecmark_target,
- ARRAY_SIZE(xt_connsecmark_target));
+ xt_unregister_targets(connsecmark_tg_reg,
+ ARRAY_SIZE(connsecmark_tg_reg));
}
-module_init(xt_connsecmark_init);
-module_exit(xt_connsecmark_fini);
+module_init(connsecmark_tg_init);
+module_exit(connsecmark_tg_exit);
MODULE_ALIAS("ipt_DSCP");
MODULE_ALIAS("ip6t_DSCP");
-static unsigned int target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+dscp_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_DSCP_info *dinfo = targinfo;
u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
return XT_CONTINUE;
}
-static unsigned int target6(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+dscp_tg6(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_DSCP_info *dinfo = targinfo;
u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
return XT_CONTINUE;
}
-static bool checkentry(const char *tablename,
- const void *e_void,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+static bool
+dscp_tg_check(const char *tablename, const void *e_void,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;
return true;
}
-static struct xt_target xt_dscp_target[] __read_mostly = {
+static struct xt_target dscp_tg_reg[] __read_mostly = {
{
.name = "DSCP",
.family = AF_INET,
- .checkentry = checkentry,
- .target = target,
+ .checkentry = dscp_tg_check,
+ .target = dscp_tg,
.targetsize = sizeof(struct xt_DSCP_info),
.table = "mangle",
.me = THIS_MODULE,
{
.name = "DSCP",
.family = AF_INET6,
- .checkentry = checkentry,
- .target = target6,
+ .checkentry = dscp_tg_check,
+ .target = dscp_tg6,
.targetsize = sizeof(struct xt_DSCP_info),
.table = "mangle",
.me = THIS_MODULE,
},
};
-static int __init xt_dscp_target_init(void)
+static int __init dscp_tg_init(void)
{
- return xt_register_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
+ return xt_register_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
}
-static void __exit xt_dscp_target_fini(void)
+static void __exit dscp_tg_exit(void)
{
- xt_unregister_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
+ xt_unregister_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
}
-module_init(xt_dscp_target_init);
-module_exit(xt_dscp_target_fini);
+module_init(dscp_tg_init);
+module_exit(dscp_tg_exit);
MODULE_ALIAS("ip6t_MARK");
static unsigned int
-target_v0(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+mark_tg_v0(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_mark_target_info *markinfo = targinfo;
}
static unsigned int
-target_v1(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+mark_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_mark_target_info_v1 *markinfo = targinfo;
int mark = 0;
return XT_CONTINUE;
}
-
static bool
-checkentry_v0(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+mark_tg_check_v0(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct xt_mark_target_info *markinfo = targinfo;
}
static bool
-checkentry_v1(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+mark_tg_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct xt_mark_target_info_v1 *markinfo = targinfo;
u_int16_t __pad2;
};
-static void compat_from_user_v1(void *dst, void *src)
+static void mark_tg_compat_from_user(void *dst, void *src)
{
const struct compat_xt_mark_target_info_v1 *cm = src;
struct xt_mark_target_info_v1 m = {
memcpy(dst, &m, sizeof(m));
}
-static int compat_to_user_v1(void __user *dst, void *src)
+static int mark_tg_compat_to_user(void __user *dst, void *src)
{
const struct xt_mark_target_info_v1 *m = src;
struct compat_xt_mark_target_info_v1 cm = {
}
#endif /* CONFIG_COMPAT */
-static struct xt_target xt_mark_target[] __read_mostly = {
+static struct xt_target mark_tg_reg[] __read_mostly = {
{
.name = "MARK",
.family = AF_INET,
.revision = 0,
- .checkentry = checkentry_v0,
- .target = target_v0,
+ .checkentry = mark_tg_check_v0,
+ .target = mark_tg_v0,
.targetsize = sizeof(struct xt_mark_target_info),
.table = "mangle",
.me = THIS_MODULE,
.name = "MARK",
.family = AF_INET,
.revision = 1,
- .checkentry = checkentry_v1,
- .target = target_v1,
+ .checkentry = mark_tg_check,
+ .target = mark_tg,
.targetsize = sizeof(struct xt_mark_target_info_v1),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_mark_target_info_v1),
- .compat_from_user = compat_from_user_v1,
- .compat_to_user = compat_to_user_v1,
+ .compat_from_user = mark_tg_compat_from_user,
+ .compat_to_user = mark_tg_compat_to_user,
#endif
.table = "mangle",
.me = THIS_MODULE,
.name = "MARK",
.family = AF_INET6,
.revision = 0,
- .checkentry = checkentry_v0,
- .target = target_v0,
+ .checkentry = mark_tg_check_v0,
+ .target = mark_tg_v0,
.targetsize = sizeof(struct xt_mark_target_info),
.table = "mangle",
.me = THIS_MODULE,
},
};
-static int __init xt_mark_init(void)
+static int __init mark_tg_init(void)
{
- return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
+ return xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
}
-static void __exit xt_mark_fini(void)
+static void __exit mark_tg_exit(void)
{
- xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
+ xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
}
-module_init(xt_mark_init);
-module_exit(xt_mark_fini);
+module_init(mark_tg_init);
+module_exit(mark_tg_exit);
MODULE_ALIAS("ip6t_NFLOG");
static unsigned int
-nflog_target(struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- unsigned int hooknum, const struct xt_target *target,
- const void *targinfo)
+nflog_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_nflog_info *info = targinfo;
struct nf_loginfo li;
}
static bool
-nflog_checkentry(const char *tablename, const void *entry,
- const struct xt_target *target, void *targetinfo,
- unsigned int hookmask)
+nflog_tg_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targetinfo,
+ unsigned int hookmask)
{
const struct xt_nflog_info *info = targetinfo;
return true;
}
-static struct xt_target xt_nflog_target[] __read_mostly = {
+static struct xt_target nflog_tg_reg[] __read_mostly = {
{
.name = "NFLOG",
.family = AF_INET,
- .checkentry = nflog_checkentry,
- .target = nflog_target,
+ .checkentry = nflog_tg_check,
+ .target = nflog_tg,
.targetsize = sizeof(struct xt_nflog_info),
.me = THIS_MODULE,
},
{
.name = "NFLOG",
.family = AF_INET6,
- .checkentry = nflog_checkentry,
- .target = nflog_target,
+ .checkentry = nflog_tg_check,
+ .target = nflog_tg,
.targetsize = sizeof(struct xt_nflog_info),
.me = THIS_MODULE,
},
};
-static int __init xt_nflog_init(void)
+static int __init nflog_tg_init(void)
{
- return xt_register_targets(xt_nflog_target,
- ARRAY_SIZE(xt_nflog_target));
+ return xt_register_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
}
-static void __exit xt_nflog_fini(void)
+static void __exit nflog_tg_exit(void)
{
- xt_unregister_targets(xt_nflog_target, ARRAY_SIZE(xt_nflog_target));
+ xt_unregister_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
}
-module_init(xt_nflog_init);
-module_exit(xt_nflog_fini);
+module_init(nflog_tg_init);
+module_exit(nflog_tg_exit);
MODULE_ALIAS("arpt_NFQUEUE");
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+nfqueue_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
const struct xt_NFQ_info *tinfo = targinfo;
return NF_QUEUE_NR(tinfo->queuenum);
}
-static struct xt_target xt_nfqueue_target[] __read_mostly = {
+static struct xt_target nfqueue_tg_reg[] __read_mostly = {
{
.name = "NFQUEUE",
.family = AF_INET,
- .target = target,
+ .target = nfqueue_tg,
.targetsize = sizeof(struct xt_NFQ_info),
.me = THIS_MODULE,
},
{
.name = "NFQUEUE",
.family = AF_INET6,
- .target = target,
+ .target = nfqueue_tg,
.targetsize = sizeof(struct xt_NFQ_info),
.me = THIS_MODULE,
},
{
.name = "NFQUEUE",
.family = NF_ARP,
- .target = target,
+ .target = nfqueue_tg,
.targetsize = sizeof(struct xt_NFQ_info),
.me = THIS_MODULE,
},
};
-static int __init xt_nfqueue_init(void)
+static int __init nfqueue_tg_init(void)
{
- return xt_register_targets(xt_nfqueue_target,
- ARRAY_SIZE(xt_nfqueue_target));
+ return xt_register_targets(nfqueue_tg_reg, ARRAY_SIZE(nfqueue_tg_reg));
}
-static void __exit xt_nfqueue_fini(void)
+static void __exit nfqueue_tg_exit(void)
{
- xt_unregister_targets(xt_nfqueue_target, ARRAY_SIZE(xt_nfqueue_target));
+ xt_unregister_targets(nfqueue_tg_reg, ARRAY_SIZE(nfqueue_tg_reg));
}
-module_init(xt_nfqueue_init);
-module_exit(xt_nfqueue_fini);
+module_init(nfqueue_tg_init);
+module_exit(nfqueue_tg_exit);
MODULE_ALIAS("ip6t_NOTRACK");
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+notrack_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
/* Previously seen (loopback)? Ignore. */
if (skb->nfct != NULL)
return XT_CONTINUE;
}
-static struct xt_target xt_notrack_target[] __read_mostly = {
+static struct xt_target notrack_tg_reg[] __read_mostly = {
{
.name = "NOTRACK",
.family = AF_INET,
- .target = target,
+ .target = notrack_tg,
.table = "raw",
.me = THIS_MODULE,
},
{
.name = "NOTRACK",
.family = AF_INET6,
- .target = target,
+ .target = notrack_tg,
.table = "raw",
.me = THIS_MODULE,
},
};
-static int __init xt_notrack_init(void)
+static int __init notrack_tg_init(void)
{
- return xt_register_targets(xt_notrack_target,
- ARRAY_SIZE(xt_notrack_target));
+ return xt_register_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg));
}
-static void __exit xt_notrack_fini(void)
+static void __exit notrack_tg_exit(void)
{
- xt_unregister_targets(xt_notrack_target, ARRAY_SIZE(xt_notrack_target));
+ xt_unregister_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg));
}
-module_init(xt_notrack_init);
-module_exit(xt_notrack_fini);
+module_init(notrack_tg_init);
+module_exit(notrack_tg_exit);
static u8 mode;
-static unsigned int target(struct sk_buff *skb, const struct net_device *in,
- const struct net_device *out, unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+secmark_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
u32 secmark = 0;
const struct xt_secmark_target_info *info = targinfo;
return true;
}
-static bool checkentry(const char *tablename, const void *entry,
- const struct xt_target *target, void *targinfo,
- unsigned int hook_mask)
+static bool
+secmark_tg_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
struct xt_secmark_target_info *info = targinfo;
return true;
}
-static struct xt_target xt_secmark_target[] __read_mostly = {
+static struct xt_target secmark_tg_reg[] __read_mostly = {
{
.name = "SECMARK",
.family = AF_INET,
- .checkentry = checkentry,
- .target = target,
+ .checkentry = secmark_tg_check,
+ .target = secmark_tg,
.targetsize = sizeof(struct xt_secmark_target_info),
.table = "mangle",
.me = THIS_MODULE,
{
.name = "SECMARK",
.family = AF_INET6,
- .checkentry = checkentry,
- .target = target,
+ .checkentry = secmark_tg_check,
+ .target = secmark_tg,
.targetsize = sizeof(struct xt_secmark_target_info),
.table = "mangle",
.me = THIS_MODULE,
},
};
-static int __init xt_secmark_init(void)
+static int __init secmark_tg_init(void)
{
- return xt_register_targets(xt_secmark_target,
- ARRAY_SIZE(xt_secmark_target));
+ return xt_register_targets(secmark_tg_reg, ARRAY_SIZE(secmark_tg_reg));
}
-static void __exit xt_secmark_fini(void)
+static void __exit secmark_tg_exit(void)
{
- xt_unregister_targets(xt_secmark_target, ARRAY_SIZE(xt_secmark_target));
+ xt_unregister_targets(secmark_tg_reg, ARRAY_SIZE(secmark_tg_reg));
}
-module_init(xt_secmark_init);
-module_exit(xt_secmark_fini);
+module_init(secmark_tg_init);
+module_exit(secmark_tg_exit);
}
static unsigned int
-xt_tcpmss_target4(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+tcpmss_tg4(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct iphdr *iph = ip_hdr(skb);
__be16 newlen;
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
static unsigned int
-xt_tcpmss_target6(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+tcpmss_tg6(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
struct ipv6hdr *ipv6h = ipv6_hdr(skb);
u8 nexthdr;
}
static bool
-xt_tcpmss_checkentry4(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+tcpmss_tg4_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct xt_tcpmss_info *info = targinfo;
const struct ipt_entry *e = entry;
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
static bool
-xt_tcpmss_checkentry6(const char *tablename,
- const void *entry,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hook_mask)
+tcpmss_tg6_check(const char *tablename, const void *entry,
+ const struct xt_target *target, void *targinfo,
+ unsigned int hook_mask)
{
const struct xt_tcpmss_info *info = targinfo;
const struct ip6t_entry *e = entry;
}
#endif
-static struct xt_target xt_tcpmss_reg[] __read_mostly = {
+static struct xt_target tcpmss_tg_reg[] __read_mostly = {
{
.family = AF_INET,
.name = "TCPMSS",
- .checkentry = xt_tcpmss_checkentry4,
- .target = xt_tcpmss_target4,
+ .checkentry = tcpmss_tg4_check,
+ .target = tcpmss_tg4,
.targetsize = sizeof(struct xt_tcpmss_info),
.proto = IPPROTO_TCP,
.me = THIS_MODULE,
{
.family = AF_INET6,
.name = "TCPMSS",
- .checkentry = xt_tcpmss_checkentry6,
- .target = xt_tcpmss_target6,
+ .checkentry = tcpmss_tg6_check,
+ .target = tcpmss_tg6,
.targetsize = sizeof(struct xt_tcpmss_info),
.proto = IPPROTO_TCP,
.me = THIS_MODULE,
#endif
};
-static int __init xt_tcpmss_init(void)
+static int __init tcpmss_tg_init(void)
{
- return xt_register_targets(xt_tcpmss_reg, ARRAY_SIZE(xt_tcpmss_reg));
+ return xt_register_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
}
-static void __exit xt_tcpmss_fini(void)
+static void __exit tcpmss_tg_exit(void)
{
- xt_unregister_targets(xt_tcpmss_reg, ARRAY_SIZE(xt_tcpmss_reg));
+ xt_unregister_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
}
-module_init(xt_tcpmss_init);
-module_exit(xt_tcpmss_fini);
+module_init(tcpmss_tg_init);
+module_exit(tcpmss_tg_exit);
MODULE_ALIAS("ip6t_TRACE");
static unsigned int
-target(struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+trace_tg(struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, unsigned int hooknum,
+ const struct xt_target *target, const void *targinfo)
{
skb->nf_trace = 1;
return XT_CONTINUE;
}
-static struct xt_target xt_trace_target[] __read_mostly = {
+static struct xt_target trace_tg_reg[] __read_mostly = {
{
.name = "TRACE",
.family = AF_INET,
- .target = target,
+ .target = trace_tg,
.table = "raw",
.me = THIS_MODULE,
},
{
.name = "TRACE",
.family = AF_INET6,
- .target = target,
+ .target = trace_tg,
.table = "raw",
.me = THIS_MODULE,
},
};
-static int __init xt_trace_init(void)
+static int __init trace_tg_init(void)
{
- return xt_register_targets(xt_trace_target,
- ARRAY_SIZE(xt_trace_target));
+ return xt_register_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
}
-static void __exit xt_trace_fini(void)
+static void __exit trace_tg_exit(void)
{
- xt_unregister_targets(xt_trace_target, ARRAY_SIZE(xt_trace_target));
+ xt_unregister_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
}
-module_init(xt_trace_init);
-module_exit(xt_trace_fini);
+module_init(trace_tg_init);
+module_exit(trace_tg_exit);
MODULE_ALIAS("ip6t_comment");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protooff,
- bool *hotdrop)
+comment_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protooff,
+ bool *hotdrop)
{
/* We always match */
return true;
}
-static struct xt_match xt_comment_match[] __read_mostly = {
+static struct xt_match comment_mt_reg[] __read_mostly = {
{
.name = "comment",
.family = AF_INET,
- .match = match,
+ .match = comment_mt,
.matchsize = sizeof(struct xt_comment_info),
.me = THIS_MODULE
},
{
.name = "comment",
.family = AF_INET6,
- .match = match,
+ .match = comment_mt,
.matchsize = sizeof(struct xt_comment_info),
.me = THIS_MODULE
},
};
-static int __init xt_comment_init(void)
+static int __init comment_mt_init(void)
{
- return xt_register_matches(xt_comment_match,
- ARRAY_SIZE(xt_comment_match));
+ return xt_register_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg));
}
-static void __exit xt_comment_fini(void)
+static void __exit comment_mt_exit(void)
{
- xt_unregister_matches(xt_comment_match, ARRAY_SIZE(xt_comment_match));
+ xt_unregister_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg));
}
-module_init(xt_comment_init);
-module_exit(xt_comment_fini);
+module_init(comment_mt_init);
+module_exit(comment_mt_exit);
MODULE_ALIAS("ip6t_connbytes");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+connbytes_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_connbytes_info *sinfo = matchinfo;
const struct nf_conn *ct;
return what >= sinfo->count.from;
}
-static bool check(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool
+connbytes_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_connbytes_info *sinfo = matchinfo;
}
static void
-destroy(const struct xt_match *match, void *matchinfo)
+connbytes_mt_destroy(const struct xt_match *match, void *matchinfo)
{
nf_ct_l3proto_module_put(match->family);
}
-static struct xt_match xt_connbytes_match[] __read_mostly = {
+static struct xt_match connbytes_mt_reg[] __read_mostly = {
{
.name = "connbytes",
.family = AF_INET,
- .checkentry = check,
- .match = match,
- .destroy = destroy,
+ .checkentry = connbytes_mt_check,
+ .match = connbytes_mt,
+ .destroy = connbytes_mt_destroy,
.matchsize = sizeof(struct xt_connbytes_info),
.me = THIS_MODULE
},
{
.name = "connbytes",
.family = AF_INET6,
- .checkentry = check,
- .match = match,
- .destroy = destroy,
+ .checkentry = connbytes_mt_check,
+ .match = connbytes_mt,
+ .destroy = connbytes_mt_destroy,
.matchsize = sizeof(struct xt_connbytes_info),
.me = THIS_MODULE
},
};
-static int __init xt_connbytes_init(void)
+static int __init connbytes_mt_init(void)
{
- return xt_register_matches(xt_connbytes_match,
- ARRAY_SIZE(xt_connbytes_match));
+ return xt_register_matches(connbytes_mt_reg,
+ ARRAY_SIZE(connbytes_mt_reg));
}
-static void __exit xt_connbytes_fini(void)
+static void __exit connbytes_mt_exit(void)
{
- xt_unregister_matches(xt_connbytes_match,
- ARRAY_SIZE(xt_connbytes_match));
+ xt_unregister_matches(connbytes_mt_reg, ARRAY_SIZE(connbytes_mt_reg));
}
-module_init(xt_connbytes_init);
-module_exit(xt_connbytes_fini);
+module_init(connbytes_mt_init);
+module_exit(connbytes_mt_exit);
static inline unsigned int
connlimit_iphash6(const union nf_conntrack_address *addr,
- const union nf_conntrack_address *mask)
+ const union nf_conntrack_address *mask)
{
union nf_conntrack_address res;
unsigned int i;
return matches;
}
-static bool connlimit_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo, int offset,
- unsigned int protoff, bool *hotdrop)
+static bool
+connlimit_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_connlimit_info *info = matchinfo;
union nf_conntrack_address addr, mask;
return false;
}
-static bool connlimit_check(const char *tablename, const void *ip,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
+static bool
+connlimit_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_connlimit_info *info = matchinfo;
unsigned int i;
return true;
}
-static void connlimit_destroy(const struct xt_match *match, void *matchinfo)
+static void
+connlimit_mt_destroy(const struct xt_match *match, void *matchinfo)
{
struct xt_connlimit_info *info = matchinfo;
struct xt_connlimit_conn *conn;
kfree(info->data);
}
-static struct xt_match connlimit_reg[] __read_mostly = {
+static struct xt_match connlimit_mt_reg[] __read_mostly = {
{
.name = "connlimit",
.family = AF_INET,
- .checkentry = connlimit_check,
- .match = connlimit_match,
+ .checkentry = connlimit_mt_check,
+ .match = connlimit_mt,
.matchsize = sizeof(struct xt_connlimit_info),
- .destroy = connlimit_destroy,
+ .destroy = connlimit_mt_destroy,
.me = THIS_MODULE,
},
{
.name = "connlimit",
.family = AF_INET6,
- .checkentry = connlimit_check,
- .match = connlimit_match,
+ .checkentry = connlimit_mt_check,
+ .match = connlimit_mt,
.matchsize = sizeof(struct xt_connlimit_info),
- .destroy = connlimit_destroy,
+ .destroy = connlimit_mt_destroy,
.me = THIS_MODULE,
},
};
-static int __init xt_connlimit_init(void)
+static int __init connlimit_mt_init(void)
{
- return xt_register_matches(connlimit_reg, ARRAY_SIZE(connlimit_reg));
+ return xt_register_matches(connlimit_mt_reg,
+ ARRAY_SIZE(connlimit_mt_reg));
}
-static void __exit xt_connlimit_exit(void)
+static void __exit connlimit_mt_exit(void)
{
- xt_unregister_matches(connlimit_reg, ARRAY_SIZE(connlimit_reg));
+ xt_unregister_matches(connlimit_mt_reg, ARRAY_SIZE(connlimit_mt_reg));
}
-module_init(xt_connlimit_init);
-module_exit(xt_connlimit_exit);
+module_init(connlimit_mt_init);
+module_exit(connlimit_mt_exit);
MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
MODULE_DESCRIPTION("netfilter xt_connlimit match module");
MODULE_LICENSE("GPL");
MODULE_ALIAS("ip6t_connmark");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+connmark_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_connmark_info *info = matchinfo;
const struct nf_conn *ct;
}
static bool
-checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+connmark_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_connmark_info *cm = matchinfo;
}
static void
-destroy(const struct xt_match *match, void *matchinfo)
+connmark_mt_destroy(const struct xt_match *match, void *matchinfo)
{
nf_ct_l3proto_module_put(match->family);
}
u_int16_t __pad2;
};
-static void compat_from_user(void *dst, void *src)
+static void connmark_mt_compat_from_user(void *dst, void *src)
{
const struct compat_xt_connmark_info *cm = src;
struct xt_connmark_info m = {
memcpy(dst, &m, sizeof(m));
}
-static int compat_to_user(void __user *dst, void *src)
+static int connmark_mt_compat_to_user(void __user *dst, void *src)
{
const struct xt_connmark_info *m = src;
struct compat_xt_connmark_info cm = {
}
#endif /* CONFIG_COMPAT */
-static struct xt_match xt_connmark_match[] __read_mostly = {
+static struct xt_match connmark_mt_reg[] __read_mostly = {
{
.name = "connmark",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
- .destroy = destroy,
+ .checkentry = connmark_mt_check,
+ .match = connmark_mt,
+ .destroy = connmark_mt_destroy,
.matchsize = sizeof(struct xt_connmark_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_connmark_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = connmark_mt_compat_from_user,
+ .compat_to_user = connmark_mt_compat_to_user,
#endif
.me = THIS_MODULE
},
{
.name = "connmark",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
- .destroy = destroy,
+ .checkentry = connmark_mt_check,
+ .match = connmark_mt,
+ .destroy = connmark_mt_destroy,
.matchsize = sizeof(struct xt_connmark_info),
.me = THIS_MODULE
},
};
-static int __init xt_connmark_init(void)
+static int __init connmark_mt_init(void)
{
- return xt_register_matches(xt_connmark_match,
- ARRAY_SIZE(xt_connmark_match));
+ return xt_register_matches(connmark_mt_reg,
+ ARRAY_SIZE(connmark_mt_reg));
}
-static void __exit xt_connmark_fini(void)
+static void __exit connmark_mt_exit(void)
{
- xt_unregister_matches(xt_connmark_match, ARRAY_SIZE(xt_connmark_match));
+ xt_unregister_matches(connmark_mt_reg, ARRAY_SIZE(connmark_mt_reg));
}
-module_init(xt_connmark_init);
-module_exit(xt_connmark_fini);
+module_init(connmark_mt_init);
+module_exit(connmark_mt_exit);
MODULE_ALIAS("ipt_conntrack");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_conntrack_info *sinfo = matchinfo;
const struct nf_conn *ct;
}
static bool
-checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+conntrack_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
return true;
}
-static void destroy(const struct xt_match *match, void *matchinfo)
+static void
+conntrack_mt_destroy(const struct xt_match *match, void *matchinfo)
{
nf_ct_l3proto_module_put(match->family);
}
u_int8_t invflags;
};
-static void compat_from_user(void *dst, void *src)
+static void conntrack_mt_compat_from_user(void *dst, void *src)
{
const struct compat_xt_conntrack_info *cm = src;
struct xt_conntrack_info m = {
memcpy(dst, &m, sizeof(m));
}
-static int compat_to_user(void __user *dst, void *src)
+static int conntrack_mt_compat_to_user(void __user *dst, void *src)
{
const struct xt_conntrack_info *m = src;
struct compat_xt_conntrack_info cm = {
}
#endif
-static struct xt_match conntrack_match __read_mostly = {
+static struct xt_match conntrack_mt_reg __read_mostly = {
.name = "conntrack",
- .match = match,
- .checkentry = checkentry,
- .destroy = destroy,
+ .match = conntrack_mt,
+ .checkentry = conntrack_mt_check,
+ .destroy = conntrack_mt_destroy,
.matchsize = sizeof(struct xt_conntrack_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_conntrack_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = conntrack_mt_compat_from_user,
+ .compat_to_user = conntrack_mt_compat_to_user,
#endif
.family = AF_INET,
.me = THIS_MODULE,
};
-static int __init xt_conntrack_init(void)
+static int __init conntrack_mt_init(void)
{
- return xt_register_match(&conntrack_match);
+ return xt_register_match(&conntrack_mt_reg);
}
-static void __exit xt_conntrack_fini(void)
+static void __exit conntrack_mt_exit(void)
{
- xt_unregister_match(&conntrack_match);
+ xt_unregister_match(&conntrack_mt_reg);
}
-module_init(xt_conntrack_init);
-module_exit(xt_conntrack_fini);
+module_init(conntrack_mt_init);
+module_exit(conntrack_mt_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+dccp_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_dccp_info *info = matchinfo;
struct dccp_hdr _dh, *dh;
}
static bool
-checkentry(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+dccp_mt_check(const char *tablename, const void *inf,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_dccp_info *info = matchinfo;
&& !(info->invflags & ~info->flags);
}
-static struct xt_match xt_dccp_match[] __read_mostly = {
+static struct xt_match dccp_mt_reg[] __read_mostly = {
{
.name = "dccp",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = dccp_mt_check,
+ .match = dccp_mt,
.matchsize = sizeof(struct xt_dccp_info),
.proto = IPPROTO_DCCP,
.me = THIS_MODULE,
{
.name = "dccp",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = dccp_mt_check,
+ .match = dccp_mt,
.matchsize = sizeof(struct xt_dccp_info),
.proto = IPPROTO_DCCP,
.me = THIS_MODULE,
},
};
-static int __init xt_dccp_init(void)
+static int __init dccp_mt_init(void)
{
int ret;
dccp_optbuf = kmalloc(256 * 4, GFP_KERNEL);
if (!dccp_optbuf)
return -ENOMEM;
- ret = xt_register_matches(xt_dccp_match, ARRAY_SIZE(xt_dccp_match));
+ ret = xt_register_matches(dccp_mt_reg, ARRAY_SIZE(dccp_mt_reg));
if (ret)
goto out_kfree;
return ret;
return ret;
}
-static void __exit xt_dccp_fini(void)
+static void __exit dccp_mt_exit(void)
{
- xt_unregister_matches(xt_dccp_match, ARRAY_SIZE(xt_dccp_match));
+ xt_unregister_matches(dccp_mt_reg, ARRAY_SIZE(dccp_mt_reg));
kfree(dccp_optbuf);
}
-module_init(xt_dccp_init);
-module_exit(xt_dccp_fini);
+module_init(dccp_mt_init);
+module_exit(dccp_mt_exit);
MODULE_ALIAS("ipt_dscp");
MODULE_ALIAS("ip6t_dscp");
-static bool match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+static bool
+dscp_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_dscp_info *info = matchinfo;
u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
return (dscp == info->dscp) ^ !!info->invert;
}
-static bool match6(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+static bool
+dscp_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_dscp_info *info = matchinfo;
u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
return (dscp == info->dscp) ^ !!info->invert;
}
-static bool checkentry(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool
+dscp_mt_check(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp;
return true;
}
-static struct xt_match xt_dscp_match[] __read_mostly = {
+static struct xt_match dscp_mt_reg[] __read_mostly = {
{
.name = "dscp",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = dscp_mt_check,
+ .match = dscp_mt,
.matchsize = sizeof(struct xt_dscp_info),
.me = THIS_MODULE,
},
{
.name = "dscp",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match6,
+ .checkentry = dscp_mt_check,
+ .match = dscp_mt6,
.matchsize = sizeof(struct xt_dscp_info),
.me = THIS_MODULE,
},
};
-static int __init xt_dscp_match_init(void)
+static int __init dscp_mt_init(void)
{
- return xt_register_matches(xt_dscp_match, ARRAY_SIZE(xt_dscp_match));
+ return xt_register_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
}
-static void __exit xt_dscp_match_fini(void)
+static void __exit dscp_mt_exit(void)
{
- xt_unregister_matches(xt_dscp_match, ARRAY_SIZE(xt_dscp_match));
+ xt_unregister_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
}
-module_init(xt_dscp_match_init);
-module_exit(xt_dscp_match_fini);
+module_init(dscp_mt_init);
+module_exit(dscp_mt_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+esp_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct ip_esp_hdr _esp, *eh;
const struct xt_esp *espinfo = matchinfo;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *ip_void,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+esp_mt_check(const char *tablename, const void *ip_void,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_esp *espinfo = matchinfo;
return true;
}
-static struct xt_match xt_esp_match[] __read_mostly = {
+static struct xt_match esp_mt_reg[] __read_mostly = {
{
.name = "esp",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = esp_mt_check,
+ .match = esp_mt,
.matchsize = sizeof(struct xt_esp),
.proto = IPPROTO_ESP,
.me = THIS_MODULE,
{
.name = "esp",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = esp_mt_check,
+ .match = esp_mt,
.matchsize = sizeof(struct xt_esp),
.proto = IPPROTO_ESP,
.me = THIS_MODULE,
},
};
-static int __init xt_esp_init(void)
+static int __init esp_mt_init(void)
{
- return xt_register_matches(xt_esp_match, ARRAY_SIZE(xt_esp_match));
+ return xt_register_matches(esp_mt_reg, ARRAY_SIZE(esp_mt_reg));
}
-static void __exit xt_esp_cleanup(void)
+static void __exit esp_mt_exit(void)
{
- xt_unregister_matches(xt_esp_match, ARRAY_SIZE(xt_esp_match));
+ xt_unregister_matches(esp_mt_reg, ARRAY_SIZE(esp_mt_reg));
}
-module_init(xt_esp_init);
-module_exit(xt_esp_cleanup);
+module_init(esp_mt_init);
+module_exit(esp_mt_exit);
}
static bool
-hashlimit_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+hashlimit_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_hashlimit_info *r =
((const struct xt_hashlimit_info *)matchinfo)->u.master;
}
static bool
-hashlimit_checkentry(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+hashlimit_mt_check(const char *tablename, const void *inf,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_hashlimit_info *r = matchinfo;
}
static void
-hashlimit_destroy(const struct xt_match *match, void *matchinfo)
+hashlimit_mt_destroy(const struct xt_match *match, void *matchinfo)
{
const struct xt_hashlimit_info *r = matchinfo;
compat_uptr_t master;
};
-static void compat_from_user(void *dst, void *src)
+static void hashlimit_mt_compat_from_user(void *dst, void *src)
{
int off = offsetof(struct compat_xt_hashlimit_info, hinfo);
memset(dst + off, 0, sizeof(struct compat_xt_hashlimit_info) - off);
}
-static int compat_to_user(void __user *dst, void *src)
+static int hashlimit_mt_compat_to_user(void __user *dst, void *src)
{
int off = offsetof(struct compat_xt_hashlimit_info, hinfo);
}
#endif
-static struct xt_match xt_hashlimit[] __read_mostly = {
+static struct xt_match hashlimit_mt_reg[] __read_mostly = {
{
.name = "hashlimit",
.family = AF_INET,
- .match = hashlimit_match,
+ .match = hashlimit_mt,
.matchsize = sizeof(struct xt_hashlimit_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_hashlimit_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = hashlimit_mt_compat_from_user,
+ .compat_to_user = hashlimit_mt_compat_to_user,
#endif
- .checkentry = hashlimit_checkentry,
- .destroy = hashlimit_destroy,
+ .checkentry = hashlimit_mt_check,
+ .destroy = hashlimit_mt_destroy,
.me = THIS_MODULE
},
{
.name = "hashlimit",
.family = AF_INET6,
- .match = hashlimit_match,
+ .match = hashlimit_mt,
.matchsize = sizeof(struct xt_hashlimit_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_hashlimit_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = hashlimit_mt_compat_from_user,
+ .compat_to_user = hashlimit_mt_compat_to_user,
#endif
- .checkentry = hashlimit_checkentry,
- .destroy = hashlimit_destroy,
+ .checkentry = hashlimit_mt_check,
+ .destroy = hashlimit_mt_destroy,
.me = THIS_MODULE
},
};
.release = seq_release
};
-static int __init xt_hashlimit_init(void)
+static int __init hashlimit_mt_init(void)
{
int err;
- err = xt_register_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit));
+ err = xt_register_matches(hashlimit_mt_reg,
+ ARRAY_SIZE(hashlimit_mt_reg));
if (err < 0)
goto err1;
err3:
kmem_cache_destroy(hashlimit_cachep);
err2:
- xt_unregister_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit));
+ xt_unregister_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg));
err1:
return err;
}
-static void __exit xt_hashlimit_fini(void)
+static void __exit hashlimit_mt_exit(void)
{
remove_proc_entry("ipt_hashlimit", init_net.proc_net);
remove_proc_entry("ip6t_hashlimit", init_net.proc_net);
kmem_cache_destroy(hashlimit_cachep);
- xt_unregister_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit));
+ xt_unregister_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg));
}
-module_init(xt_hashlimit_init);
-module_exit(xt_hashlimit_fini);
+module_init(hashlimit_mt_init);
+module_exit(hashlimit_mt_exit);
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+helper_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_helper_info *info = matchinfo;
const struct nf_conn *ct;
return ret;
}
-static bool check(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool
+helper_mt_check(const char *tablename, const void *inf,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_helper_info *info = matchinfo;
return true;
}
-static void
-destroy(const struct xt_match *match, void *matchinfo)
+static void helper_mt_destroy(const struct xt_match *match, void *matchinfo)
{
nf_ct_l3proto_module_put(match->family);
}
-static struct xt_match xt_helper_match[] __read_mostly = {
+static struct xt_match helper_mt_reg[] __read_mostly = {
{
.name = "helper",
.family = AF_INET,
- .checkentry = check,
- .match = match,
- .destroy = destroy,
+ .checkentry = helper_mt_check,
+ .match = helper_mt,
+ .destroy = helper_mt_destroy,
.matchsize = sizeof(struct xt_helper_info),
.me = THIS_MODULE,
},
{
.name = "helper",
.family = AF_INET6,
- .checkentry = check,
- .match = match,
- .destroy = destroy,
+ .checkentry = helper_mt_check,
+ .match = helper_mt,
+ .destroy = helper_mt_destroy,
.matchsize = sizeof(struct xt_helper_info),
.me = THIS_MODULE,
},
};
-static int __init xt_helper_init(void)
+static int __init helper_mt_init(void)
{
- return xt_register_matches(xt_helper_match,
- ARRAY_SIZE(xt_helper_match));
+ return xt_register_matches(helper_mt_reg, ARRAY_SIZE(helper_mt_reg));
}
-static void __exit xt_helper_fini(void)
+static void __exit helper_mt_exit(void)
{
- xt_unregister_matches(xt_helper_match, ARRAY_SIZE(xt_helper_match));
+ xt_unregister_matches(helper_mt_reg, ARRAY_SIZE(helper_mt_reg));
}
-module_init(xt_helper_init);
-module_exit(xt_helper_fini);
-
+module_init(helper_mt_init);
+module_exit(helper_mt_exit);
MODULE_ALIAS("ip6t_length");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+length_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_length_info *info = matchinfo;
u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len);
}
static bool
-match6(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+length_mt6(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_length_info *info = matchinfo;
const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) +
return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
}
-static struct xt_match xt_length_match[] __read_mostly = {
+static struct xt_match length_mt_reg[] __read_mostly = {
{
.name = "length",
.family = AF_INET,
- .match = match,
+ .match = length_mt,
.matchsize = sizeof(struct xt_length_info),
.me = THIS_MODULE,
},
{
.name = "length",
.family = AF_INET6,
- .match = match6,
+ .match = length_mt6,
.matchsize = sizeof(struct xt_length_info),
.me = THIS_MODULE,
},
};
-static int __init xt_length_init(void)
+static int __init length_mt_init(void)
{
- return xt_register_matches(xt_length_match,
- ARRAY_SIZE(xt_length_match));
+ return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
}
-static void __exit xt_length_fini(void)
+static void __exit length_mt_exit(void)
{
- xt_unregister_matches(xt_length_match, ARRAY_SIZE(xt_length_match));
+ xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
}
-module_init(xt_length_init);
-module_exit(xt_length_fini);
+module_init(length_mt_init);
+module_exit(length_mt_exit);
#define CREDITS_PER_JIFFY POW2_BELOW32(MAX_CPJ)
static bool
-ipt_limit_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+limit_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
struct xt_rateinfo *r =
((const struct xt_rateinfo *)matchinfo)->master;
}
static bool
-ipt_limit_checkentry(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+limit_mt_check(const char *tablename, const void *inf,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_rateinfo *r = matchinfo;
/* To keep the full "prev" timestamp, the upper 32 bits are stored in the
* master pointer, which does not need to be preserved. */
-static void compat_from_user(void *dst, void *src)
+static void limit_mt_compat_from_user(void *dst, void *src)
{
const struct compat_xt_rateinfo *cm = src;
struct xt_rateinfo m = {
memcpy(dst, &m, sizeof(m));
}
-static int compat_to_user(void __user *dst, void *src)
+static int limit_mt_compat_to_user(void __user *dst, void *src)
{
const struct xt_rateinfo *m = src;
struct compat_xt_rateinfo cm = {
}
#endif /* CONFIG_COMPAT */
-static struct xt_match xt_limit_match[] __read_mostly = {
+static struct xt_match limit_mt_reg[] __read_mostly = {
{
.name = "limit",
.family = AF_INET,
- .checkentry = ipt_limit_checkentry,
- .match = ipt_limit_match,
+ .checkentry = limit_mt_check,
+ .match = limit_mt,
.matchsize = sizeof(struct xt_rateinfo),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_rateinfo),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = limit_mt_compat_from_user,
+ .compat_to_user = limit_mt_compat_to_user,
#endif
.me = THIS_MODULE,
},
{
.name = "limit",
.family = AF_INET6,
- .checkentry = ipt_limit_checkentry,
- .match = ipt_limit_match,
+ .checkentry = limit_mt_check,
+ .match = limit_mt,
.matchsize = sizeof(struct xt_rateinfo),
.me = THIS_MODULE,
},
};
-static int __init xt_limit_init(void)
+static int __init limit_mt_init(void)
{
- return xt_register_matches(xt_limit_match, ARRAY_SIZE(xt_limit_match));
+ return xt_register_matches(limit_mt_reg, ARRAY_SIZE(limit_mt_reg));
}
-static void __exit xt_limit_fini(void)
+static void __exit limit_mt_exit(void)
{
- xt_unregister_matches(xt_limit_match, ARRAY_SIZE(xt_limit_match));
+ xt_unregister_matches(limit_mt_reg, ARRAY_SIZE(limit_mt_reg));
}
-module_init(xt_limit_init);
-module_exit(xt_limit_fini);
+module_init(limit_mt_init);
+module_exit(limit_mt_exit);
MODULE_ALIAS("ip6t_mac");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+mac_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_mac_info *info = matchinfo;
^ info->invert);
}
-static struct xt_match xt_mac_match[] __read_mostly = {
+static struct xt_match mac_mt_reg[] __read_mostly = {
{
.name = "mac",
.family = AF_INET,
- .match = match,
+ .match = mac_mt,
.matchsize = sizeof(struct xt_mac_info),
.hooks = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_LOCAL_IN) |
{
.name = "mac",
.family = AF_INET6,
- .match = match,
+ .match = mac_mt,
.matchsize = sizeof(struct xt_mac_info),
.hooks = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_LOCAL_IN) |
},
};
-static int __init xt_mac_init(void)
+static int __init mac_mt_init(void)
{
- return xt_register_matches(xt_mac_match, ARRAY_SIZE(xt_mac_match));
+ return xt_register_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg));
}
-static void __exit xt_mac_fini(void)
+static void __exit mac_mt_exit(void)
{
- xt_unregister_matches(xt_mac_match, ARRAY_SIZE(xt_mac_match));
+ xt_unregister_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg));
}
-module_init(xt_mac_init);
-module_exit(xt_mac_fini);
+module_init(mac_mt_init);
+module_exit(mac_mt_exit);
MODULE_ALIAS("ip6t_mark");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+mark_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_mark_info *info = matchinfo;
}
static bool
-checkentry(const char *tablename,
- const void *entry,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+mark_mt_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_mark_info *minfo = matchinfo;
u_int16_t __pad2;
};
-static void compat_from_user(void *dst, void *src)
+static void mark_mt_compat_from_user(void *dst, void *src)
{
const struct compat_xt_mark_info *cm = src;
struct xt_mark_info m = {
memcpy(dst, &m, sizeof(m));
}
-static int compat_to_user(void __user *dst, void *src)
+static int mark_mt_compat_to_user(void __user *dst, void *src)
{
const struct xt_mark_info *m = src;
struct compat_xt_mark_info cm = {
}
#endif /* CONFIG_COMPAT */
-static struct xt_match xt_mark_match[] __read_mostly = {
+static struct xt_match mark_mt_reg[] __read_mostly = {
{
.name = "mark",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = mark_mt_check,
+ .match = mark_mt,
.matchsize = sizeof(struct xt_mark_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_xt_mark_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user = mark_mt_compat_from_user,
+ .compat_to_user = mark_mt_compat_to_user,
#endif
.me = THIS_MODULE,
},
{
.name = "mark",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = mark_mt_check,
+ .match = mark_mt,
.matchsize = sizeof(struct xt_mark_info),
.me = THIS_MODULE,
},
};
-static int __init xt_mark_init(void)
+static int __init mark_mt_init(void)
{
- return xt_register_matches(xt_mark_match, ARRAY_SIZE(xt_mark_match));
+ return xt_register_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
}
-static void __exit xt_mark_fini(void)
+static void __exit mark_mt_exit(void)
{
- xt_unregister_matches(xt_mark_match, ARRAY_SIZE(xt_mark_match));
+ xt_unregister_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
}
-module_init(xt_mark_init);
-module_exit(xt_mark_fini);
+module_init(mark_mt_init);
+module_exit(mark_mt_exit);
/* Returns 1 if the port is matched by the test, 0 otherwise. */
static inline bool
-ports_match(const u_int16_t *portlist, enum xt_multiport_flags flags,
- u_int8_t count, u_int16_t src, u_int16_t dst)
+ports_match_v0(const u_int16_t *portlist, enum xt_multiport_flags flags,
+ u_int8_t count, u_int16_t src, u_int16_t dst)
{
unsigned int i;
for (i = 0; i < count; i++) {
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+multiport_mt_v0(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
__be16 _ports[2], *pptr;
const struct xt_multiport *multiinfo = matchinfo;
return false;
}
- return ports_match(multiinfo->ports,
- multiinfo->flags, multiinfo->count,
- ntohs(pptr[0]), ntohs(pptr[1]));
+ return ports_match_v0(multiinfo->ports, multiinfo->flags,
+ multiinfo->count, ntohs(pptr[0]), ntohs(pptr[1]));
}
static bool
-match_v1(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+multiport_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
__be16 _ports[2], *pptr;
const struct xt_multiport_v1 *multiinfo = matchinfo;
/* Called when user tries to insert an entry of this type. */
static bool
-checkentry(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+multiport_mt_check_v0(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ipt_ip *ip = info;
const struct xt_multiport *multiinfo = matchinfo;
}
static bool
-checkentry_v1(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+multiport_mt_check(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ipt_ip *ip = info;
const struct xt_multiport_v1 *multiinfo = matchinfo;
}
static bool
-checkentry6(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+multiport_mt6_check_v0(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_ip6 *ip = info;
const struct xt_multiport *multiinfo = matchinfo;
}
static bool
-checkentry6_v1(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+multiport_mt6_check(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct ip6t_ip6 *ip = info;
const struct xt_multiport_v1 *multiinfo = matchinfo;
multiinfo->count);
}
-static struct xt_match xt_multiport_match[] __read_mostly = {
+static struct xt_match multiport_mt_reg[] __read_mostly = {
{
.name = "multiport",
.family = AF_INET,
.revision = 0,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = multiport_mt_check_v0,
+ .match = multiport_mt_v0,
.matchsize = sizeof(struct xt_multiport),
.me = THIS_MODULE,
},
.name = "multiport",
.family = AF_INET,
.revision = 1,
- .checkentry = checkentry_v1,
- .match = match_v1,
+ .checkentry = multiport_mt_check,
+ .match = multiport_mt,
.matchsize = sizeof(struct xt_multiport_v1),
.me = THIS_MODULE,
},
.name = "multiport",
.family = AF_INET6,
.revision = 0,
- .checkentry = checkentry6,
- .match = match,
+ .checkentry = multiport_mt6_check_v0,
+ .match = multiport_mt_v0,
.matchsize = sizeof(struct xt_multiport),
.me = THIS_MODULE,
},
.name = "multiport",
.family = AF_INET6,
.revision = 1,
- .checkentry = checkentry6_v1,
- .match = match_v1,
+ .checkentry = multiport_mt6_check,
+ .match = multiport_mt,
.matchsize = sizeof(struct xt_multiport_v1),
.me = THIS_MODULE,
},
};
-static int __init xt_multiport_init(void)
+static int __init multiport_mt_init(void)
{
- return xt_register_matches(xt_multiport_match,
- ARRAY_SIZE(xt_multiport_match));
+ return xt_register_matches(multiport_mt_reg,
+ ARRAY_SIZE(multiport_mt_reg));
}
-static void __exit xt_multiport_fini(void)
+static void __exit multiport_mt_exit(void)
{
- xt_unregister_matches(xt_multiport_match,
- ARRAY_SIZE(xt_multiport_match));
+ xt_unregister_matches(multiport_mt_reg, ARRAY_SIZE(multiport_mt_reg));
}
-module_init(xt_multiport_init);
-module_exit(xt_multiport_fini);
+module_init(multiport_mt_init);
+module_exit(multiport_mt_exit);
MODULE_ALIAS("ip6t_physdev");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+physdev_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
int i;
static const char nulldevname[IFNAMSIZ];
}
static bool
-checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+physdev_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_physdev_info *info = matchinfo;
return true;
}
-static struct xt_match xt_physdev_match[] __read_mostly = {
+static struct xt_match physdev_mt_reg[] __read_mostly = {
{
.name = "physdev",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = physdev_mt_check,
+ .match = physdev_mt,
.matchsize = sizeof(struct xt_physdev_info),
.me = THIS_MODULE,
},
{
.name = "physdev",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = physdev_mt_check,
+ .match = physdev_mt,
.matchsize = sizeof(struct xt_physdev_info),
.me = THIS_MODULE,
},
};
-static int __init xt_physdev_init(void)
+static int __init physdev_mt_init(void)
{
- return xt_register_matches(xt_physdev_match,
- ARRAY_SIZE(xt_physdev_match));
+ return xt_register_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg));
}
-static void __exit xt_physdev_fini(void)
+static void __exit physdev_mt_exit(void)
{
- xt_unregister_matches(xt_physdev_match, ARRAY_SIZE(xt_physdev_match));
+ xt_unregister_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg));
}
-module_init(xt_physdev_init);
-module_exit(xt_physdev_fini);
+module_init(physdev_mt_init);
+module_exit(physdev_mt_exit);
MODULE_ALIAS("ipt_pkttype");
MODULE_ALIAS("ip6t_pkttype");
-static bool match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+static bool
+pkttype_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
u_int8_t type;
const struct xt_pkttype_info *info = matchinfo;
return (type == info->pkttype) ^ info->invert;
}
-static struct xt_match xt_pkttype_match[] __read_mostly = {
+static struct xt_match pkttype_mt_reg[] __read_mostly = {
{
.name = "pkttype",
.family = AF_INET,
- .match = match,
+ .match = pkttype_mt,
.matchsize = sizeof(struct xt_pkttype_info),
.me = THIS_MODULE,
},
{
.name = "pkttype",
.family = AF_INET6,
- .match = match,
+ .match = pkttype_mt,
.matchsize = sizeof(struct xt_pkttype_info),
.me = THIS_MODULE,
},
};
-static int __init xt_pkttype_init(void)
+static int __init pkttype_mt_init(void)
{
- return xt_register_matches(xt_pkttype_match,
- ARRAY_SIZE(xt_pkttype_match));
+ return xt_register_matches(pkttype_mt_reg, ARRAY_SIZE(pkttype_mt_reg));
}
-static void __exit xt_pkttype_fini(void)
+static void __exit pkttype_mt_exit(void)
{
- xt_unregister_matches(xt_pkttype_match, ARRAY_SIZE(xt_pkttype_match));
+ xt_unregister_matches(pkttype_mt_reg, ARRAY_SIZE(pkttype_mt_reg));
}
-module_init(xt_pkttype_init);
-module_exit(xt_pkttype_fini);
+module_init(pkttype_mt_init);
+module_exit(pkttype_mt_exit);
return strict ? i == info->len : 0;
}
-static bool match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+static bool
+policy_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_policy_info *info = matchinfo;
int ret;
return ret;
}
-static bool checkentry(const char *tablename, const void *ip_void,
- const struct xt_match *match,
- void *matchinfo, unsigned int hook_mask)
+static bool
+policy_mt_check(const char *tablename, const void *ip_void,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_policy_info *info = matchinfo;
return true;
}
-static struct xt_match xt_policy_match[] __read_mostly = {
+static struct xt_match policy_mt_reg[] __read_mostly = {
{
.name = "policy",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = policy_mt_check,
+ .match = policy_mt,
.matchsize = sizeof(struct xt_policy_info),
.me = THIS_MODULE,
},
{
.name = "policy",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = policy_mt_check,
+ .match = policy_mt,
.matchsize = sizeof(struct xt_policy_info),
.me = THIS_MODULE,
},
};
-static int __init init(void)
+static int __init policy_mt_init(void)
{
- return xt_register_matches(xt_policy_match,
- ARRAY_SIZE(xt_policy_match));
+ return xt_register_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg));
}
-static void __exit fini(void)
+static void __exit policy_mt_exit(void)
{
- xt_unregister_matches(xt_policy_match, ARRAY_SIZE(xt_policy_match));
+ xt_unregister_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg));
}
-module_init(init);
-module_exit(fini);
+module_init(policy_mt_init);
+module_exit(policy_mt_exit);
MODULE_ALIAS("ipt_policy");
MODULE_ALIAS("ip6t_policy");
static DEFINE_SPINLOCK(quota_lock);
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+quota_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
struct xt_quota_info *q =
((const struct xt_quota_info *)matchinfo)->master;
}
static bool
-checkentry(const char *tablename, const void *entry,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
+quota_mt_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_quota_info *q = matchinfo;
return true;
}
-static struct xt_match xt_quota_match[] __read_mostly = {
+static struct xt_match quota_mt_reg[] __read_mostly = {
{
.name = "quota",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = quota_mt_check,
+ .match = quota_mt,
.matchsize = sizeof(struct xt_quota_info),
.me = THIS_MODULE
},
{
.name = "quota",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = quota_mt_check,
+ .match = quota_mt,
.matchsize = sizeof(struct xt_quota_info),
.me = THIS_MODULE
},
};
-static int __init xt_quota_init(void)
+static int __init quota_mt_init(void)
{
- return xt_register_matches(xt_quota_match, ARRAY_SIZE(xt_quota_match));
+ return xt_register_matches(quota_mt_reg, ARRAY_SIZE(quota_mt_reg));
}
-static void __exit xt_quota_fini(void)
+static void __exit quota_mt_exit(void)
{
- xt_unregister_matches(xt_quota_match, ARRAY_SIZE(xt_quota_match));
+ xt_unregister_matches(quota_mt_reg, ARRAY_SIZE(quota_mt_reg));
}
-module_init(xt_quota_init);
-module_exit(xt_quota_fini);
+module_init(quota_mt_init);
+module_exit(quota_mt_exit);
MODULE_ALIAS("ipt_realm");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+realm_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_realm_info *info = matchinfo;
const struct dst_entry *dst = skb->dst;
return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
}
-static struct xt_match realm_match __read_mostly = {
+static struct xt_match realm_mt_reg __read_mostly = {
.name = "realm",
- .match = match,
+ .match = realm_mt,
.matchsize = sizeof(struct xt_realm_info),
.hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) |
(1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN),
.me = THIS_MODULE
};
-static int __init xt_realm_init(void)
+static int __init realm_mt_init(void)
{
- return xt_register_match(&realm_match);
+ return xt_register_match(&realm_mt_reg);
}
-static void __exit xt_realm_fini(void)
+static void __exit realm_mt_exit(void)
{
- xt_unregister_match(&realm_match);
+ xt_unregister_match(&realm_mt_reg);
}
-module_init(xt_realm_init);
-module_exit(xt_realm_fini);
+module_init(realm_mt_init);
+module_exit(realm_mt_exit);
}
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+sctp_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_sctp_info *info = matchinfo;
sctp_sctphdr_t _sh, *sh;
}
static bool
-checkentry(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+sctp_mt_check(const char *tablename, const void *inf,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_sctp_info *info = matchinfo;
| SCTP_CHUNK_MATCH_ONLY)));
}
-static struct xt_match xt_sctp_match[] __read_mostly = {
+static struct xt_match sctp_mt_reg[] __read_mostly = {
{
.name = "sctp",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = sctp_mt_check,
+ .match = sctp_mt,
.matchsize = sizeof(struct xt_sctp_info),
.proto = IPPROTO_SCTP,
.me = THIS_MODULE
{
.name = "sctp",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = sctp_mt_check,
+ .match = sctp_mt,
.matchsize = sizeof(struct xt_sctp_info),
.proto = IPPROTO_SCTP,
.me = THIS_MODULE
},
};
-static int __init xt_sctp_init(void)
+static int __init sctp_mt_init(void)
{
- return xt_register_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match));
+ return xt_register_matches(sctp_mt_reg, ARRAY_SIZE(sctp_mt_reg));
}
-static void __exit xt_sctp_fini(void)
+static void __exit sctp_mt_exit(void)
{
- xt_unregister_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match));
+ xt_unregister_matches(sctp_mt_reg, ARRAY_SIZE(sctp_mt_reg));
}
-module_init(xt_sctp_init);
-module_exit(xt_sctp_fini);
+module_init(sctp_mt_init);
+module_exit(sctp_mt_exit);
MODULE_ALIAS("ip6t_state");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+state_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_state_info *sinfo = matchinfo;
enum ip_conntrack_info ctinfo;
return (sinfo->statemask & statebit);
}
-static bool check(const char *tablename,
- const void *inf,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool
+state_mt_check(const char *tablename, const void *inf,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
return true;
}
-static void
-destroy(const struct xt_match *match, void *matchinfo)
+static void state_mt_destroy(const struct xt_match *match, void *matchinfo)
{
nf_ct_l3proto_module_put(match->family);
}
-static struct xt_match xt_state_match[] __read_mostly = {
+static struct xt_match state_mt_reg[] __read_mostly = {
{
.name = "state",
.family = AF_INET,
- .checkentry = check,
- .match = match,
- .destroy = destroy,
+ .checkentry = state_mt_check,
+ .match = state_mt,
+ .destroy = state_mt_destroy,
.matchsize = sizeof(struct xt_state_info),
.me = THIS_MODULE,
},
{
.name = "state",
.family = AF_INET6,
- .checkentry = check,
- .match = match,
- .destroy = destroy,
+ .checkentry = state_mt_check,
+ .match = state_mt,
+ .destroy = state_mt_destroy,
.matchsize = sizeof(struct xt_state_info),
.me = THIS_MODULE,
},
};
-static int __init xt_state_init(void)
+static int __init state_mt_init(void)
{
- return xt_register_matches(xt_state_match, ARRAY_SIZE(xt_state_match));
+ return xt_register_matches(state_mt_reg, ARRAY_SIZE(state_mt_reg));
}
-static void __exit xt_state_fini(void)
+static void __exit state_mt_exit(void)
{
- xt_unregister_matches(xt_state_match, ARRAY_SIZE(xt_state_match));
+ xt_unregister_matches(state_mt_reg, ARRAY_SIZE(state_mt_reg));
}
-module_init(xt_state_init);
-module_exit(xt_state_fini);
+module_init(state_mt_init);
+module_exit(state_mt_exit);
static DEFINE_SPINLOCK(nth_lock);
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in, const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+statistic_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
struct xt_statistic_info *info = (struct xt_statistic_info *)matchinfo;
bool ret = info->flags & XT_STATISTIC_INVERT;
}
static bool
-checkentry(const char *tablename, const void *entry,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
+statistic_mt_check(const char *tablename, const void *entry,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_statistic_info *info = matchinfo;
return true;
}
-static struct xt_match xt_statistic_match[] __read_mostly = {
+static struct xt_match statistic_mt_reg[] __read_mostly = {
{
.name = "statistic",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = statistic_mt_check,
+ .match = statistic_mt,
.matchsize = sizeof(struct xt_statistic_info),
.me = THIS_MODULE,
},
{
.name = "statistic",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
+ .checkentry = statistic_mt_check,
+ .match = statistic_mt,
.matchsize = sizeof(struct xt_statistic_info),
.me = THIS_MODULE,
},
};
-static int __init xt_statistic_init(void)
+static int __init statistic_mt_init(void)
{
- return xt_register_matches(xt_statistic_match,
- ARRAY_SIZE(xt_statistic_match));
+ return xt_register_matches(statistic_mt_reg,
+ ARRAY_SIZE(statistic_mt_reg));
}
-static void __exit xt_statistic_fini(void)
+static void __exit statistic_mt_exit(void)
{
- xt_unregister_matches(xt_statistic_match,
- ARRAY_SIZE(xt_statistic_match));
+ xt_unregister_matches(statistic_mt_reg,
+ ARRAY_SIZE(statistic_mt_reg));
}
-module_init(xt_statistic_init);
-module_exit(xt_statistic_fini);
+module_init(statistic_mt_init);
+module_exit(statistic_mt_exit);
MODULE_ALIAS("ipt_string");
MODULE_ALIAS("ip6t_string");
-static bool match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+static bool
+string_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_string_info *conf = matchinfo;
struct ts_state state;
#define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m)
-static bool checkentry(const char *tablename,
- const void *ip,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+static bool
+string_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_string_info *conf = matchinfo;
struct ts_config *ts_conf;
return true;
}
-static void destroy(const struct xt_match *match, void *matchinfo)
+static void string_mt_destroy(const struct xt_match *match, void *matchinfo)
{
textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config);
}
-static struct xt_match xt_string_match[] __read_mostly = {
+static struct xt_match string_mt_reg[] __read_mostly = {
{
.name = "string",
.family = AF_INET,
- .checkentry = checkentry,
- .match = match,
- .destroy = destroy,
+ .checkentry = string_mt_check,
+ .match = string_mt,
+ .destroy = string_mt_destroy,
.matchsize = sizeof(struct xt_string_info),
.me = THIS_MODULE
},
{
.name = "string",
.family = AF_INET6,
- .checkentry = checkentry,
- .match = match,
- .destroy = destroy,
+ .checkentry = string_mt_check,
+ .match = string_mt,
+ .destroy = string_mt_destroy,
.matchsize = sizeof(struct xt_string_info),
.me = THIS_MODULE
},
};
-static int __init xt_string_init(void)
+static int __init string_mt_init(void)
{
- return xt_register_matches(xt_string_match, ARRAY_SIZE(xt_string_match));
+ return xt_register_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg));
}
-static void __exit xt_string_fini(void)
+static void __exit string_mt_exit(void)
{
- xt_unregister_matches(xt_string_match, ARRAY_SIZE(xt_string_match));
+ xt_unregister_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg));
}
-module_init(xt_string_init);
-module_exit(xt_string_fini);
+module_init(string_mt_init);
+module_exit(string_mt_exit);
MODULE_ALIAS("ip6t_tcpmss");
static bool
-match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+tcpmss_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff,
+ bool *hotdrop)
{
const struct xt_tcpmss_match_info *info = matchinfo;
struct tcphdr _tcph, *th;
return false;
}
-static struct xt_match xt_tcpmss_match[] __read_mostly = {
+static struct xt_match tcpmss_mt_reg[] __read_mostly = {
{
.name = "tcpmss",
.family = AF_INET,
- .match = match,
+ .match = tcpmss_mt,
.matchsize = sizeof(struct xt_tcpmss_match_info),
.proto = IPPROTO_TCP,
.me = THIS_MODULE,
{
.name = "tcpmss",
.family = AF_INET6,
- .match = match,
+ .match = tcpmss_mt,
.matchsize = sizeof(struct xt_tcpmss_match_info),
.proto = IPPROTO_TCP,
.me = THIS_MODULE,
},
};
-static int __init xt_tcpmss_init(void)
+static int __init tcpmss_mt_init(void)
{
- return xt_register_matches(xt_tcpmss_match,
- ARRAY_SIZE(xt_tcpmss_match));
+ return xt_register_matches(tcpmss_mt_reg, ARRAY_SIZE(tcpmss_mt_reg));
}
-static void __exit xt_tcpmss_fini(void)
+static void __exit tcpmss_mt_exit(void)
{
- xt_unregister_matches(xt_tcpmss_match, ARRAY_SIZE(xt_tcpmss_match));
+ xt_unregister_matches(tcpmss_mt_reg, ARRAY_SIZE(tcpmss_mt_reg));
}
-module_init(xt_tcpmss_init);
-module_exit(xt_tcpmss_fini);
+module_init(tcpmss_mt_init);
+module_exit(tcpmss_mt_exit);
}
static bool
-tcp_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+tcp_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct tcphdr _tcph, *th;
const struct xt_tcp *tcpinfo = matchinfo;
/* Called when user tries to insert an entry of this type. */
static bool
-tcp_checkentry(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+tcp_mt_check(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_tcp *tcpinfo = matchinfo;
}
static bool
-udp_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
+udp_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
struct udphdr _udph, *uh;
const struct xt_udp *udpinfo = matchinfo;
/* Called when user tries to insert an entry of this type. */
static bool
-udp_checkentry(const char *tablename,
- const void *info,
- const struct xt_match *match,
- void *matchinfo,
- unsigned int hook_mask)
+udp_mt_check(const char *tablename, const void *info,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
const struct xt_udp *udpinfo = matchinfo;
return !(udpinfo->invflags & ~XT_UDP_INV_MASK);
}
-static struct xt_match xt_tcpudp_match[] __read_mostly = {
+static struct xt_match tcpudp_mt_reg[] __read_mostly = {
{
.name = "tcp",
.family = AF_INET,
- .checkentry = tcp_checkentry,
- .match = tcp_match,
+ .checkentry = tcp_mt_check,
+ .match = tcp_mt,
.matchsize = sizeof(struct xt_tcp),
.proto = IPPROTO_TCP,
.me = THIS_MODULE,
{
.name = "tcp",
.family = AF_INET6,
- .checkentry = tcp_checkentry,
- .match = tcp_match,
+ .checkentry = tcp_mt_check,
+ .match = tcp_mt,
.matchsize = sizeof(struct xt_tcp),
.proto = IPPROTO_TCP,
.me = THIS_MODULE,
{
.name = "udp",
.family = AF_INET,
- .checkentry = udp_checkentry,
- .match = udp_match,
+ .checkentry = udp_mt_check,
+ .match = udp_mt,
.matchsize = sizeof(struct xt_udp),
.proto = IPPROTO_UDP,
.me = THIS_MODULE,
{
.name = "udp",
.family = AF_INET6,
- .checkentry = udp_checkentry,
- .match = udp_match,
+ .checkentry = udp_mt_check,
+ .match = udp_mt,
.matchsize = sizeof(struct xt_udp),
.proto = IPPROTO_UDP,
.me = THIS_MODULE,
{
.name = "udplite",
.family = AF_INET,
- .checkentry = udp_checkentry,
- .match = udp_match,
+ .checkentry = udp_mt_check,
+ .match = udp_mt,
.matchsize = sizeof(struct xt_udp),
.proto = IPPROTO_UDPLITE,
.me = THIS_MODULE,
{
.name = "udplite",
.family = AF_INET6,
- .checkentry = udp_checkentry,
- .match = udp_match,
+ .checkentry = udp_mt_check,
+ .match = udp_mt,
.matchsize = sizeof(struct xt_udp),
.proto = IPPROTO_UDPLITE,
.me = THIS_MODULE,
},
};
-static int __init xt_tcpudp_init(void)
+static int __init tcpudp_mt_init(void)
{
- return xt_register_matches(xt_tcpudp_match,
- ARRAY_SIZE(xt_tcpudp_match));
+ return xt_register_matches(tcpudp_mt_reg, ARRAY_SIZE(tcpudp_mt_reg));
}
-static void __exit xt_tcpudp_fini(void)
+static void __exit tcpudp_mt_exit(void)
{
- xt_unregister_matches(xt_tcpudp_match, ARRAY_SIZE(xt_tcpudp_match));
+ xt_unregister_matches(tcpudp_mt_reg, ARRAY_SIZE(tcpudp_mt_reg));
}
-module_init(xt_tcpudp_init);
-module_exit(xt_tcpudp_fini);
+module_init(tcpudp_mt_init);
+module_exit(tcpudp_mt_exit);
return;
}
-static bool xt_time_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+static bool
+time_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_time_info *info = matchinfo;
unsigned int packet_time;
return true;
}
-static bool xt_time_check(const char *tablename, const void *ip,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
+static bool
+time_mt_check(const char *tablename, const void *ip,
+ const struct xt_match *match, void *matchinfo,
+ unsigned int hook_mask)
{
struct xt_time_info *info = matchinfo;
return true;
}
-static struct xt_match xt_time_reg[] __read_mostly = {
+static struct xt_match time_mt_reg[] __read_mostly = {
{
.name = "time",
.family = AF_INET,
- .match = xt_time_match,
+ .match = time_mt,
.matchsize = sizeof(struct xt_time_info),
- .checkentry = xt_time_check,
+ .checkentry = time_mt_check,
.me = THIS_MODULE,
},
{
.name = "time",
.family = AF_INET6,
- .match = xt_time_match,
+ .match = time_mt,
.matchsize = sizeof(struct xt_time_info),
- .checkentry = xt_time_check,
+ .checkentry = time_mt_check,
.me = THIS_MODULE,
},
};
-static int __init xt_time_init(void)
+static int __init time_mt_init(void)
{
- return xt_register_matches(xt_time_reg, ARRAY_SIZE(xt_time_reg));
+ return xt_register_matches(time_mt_reg, ARRAY_SIZE(time_mt_reg));
}
-static void __exit xt_time_exit(void)
+static void __exit time_mt_exit(void)
{
- xt_unregister_matches(xt_time_reg, ARRAY_SIZE(xt_time_reg));
+ xt_unregister_matches(time_mt_reg, ARRAY_SIZE(time_mt_reg));
}
-module_init(xt_time_init);
-module_exit(xt_time_exit);
+module_init(time_mt_init);
+module_exit(time_mt_exit);
MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
MODULE_DESCRIPTION("netfilter time match");
MODULE_LICENSE("GPL");
return true;
}
-static bool u32_match(const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, bool *hotdrop)
+static bool
+u32_mt(const struct sk_buff *skb, const struct net_device *in,
+ const struct net_device *out, const struct xt_match *match,
+ const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
{
const struct xt_u32 *data = matchinfo;
bool ret;
return ret ^ data->invert;
}
-static struct xt_match u32_reg[] __read_mostly = {
+static struct xt_match u32_mt_reg[] __read_mostly = {
{
.name = "u32",
.family = AF_INET,
- .match = u32_match,
+ .match = u32_mt,
.matchsize = sizeof(struct xt_u32),
.me = THIS_MODULE,
},
{
.name = "u32",
.family = AF_INET6,
- .match = u32_match,
+ .match = u32_mt,
.matchsize = sizeof(struct xt_u32),
.me = THIS_MODULE,
},
};
-static int __init xt_u32_init(void)
+static int __init u32_mt_init(void)
{
- return xt_register_matches(u32_reg, ARRAY_SIZE(u32_reg));
+ return xt_register_matches(u32_mt_reg, ARRAY_SIZE(u32_mt_reg));
}
-static void __exit xt_u32_exit(void)
+static void __exit u32_mt_exit(void)
{
- xt_unregister_matches(u32_reg, ARRAY_SIZE(u32_reg));
+ xt_unregister_matches(u32_mt_reg, ARRAY_SIZE(u32_mt_reg));
}
-module_init(xt_u32_init);
-module_exit(xt_u32_exit);
+module_init(u32_mt_init);
+module_exit(u32_mt_exit);
MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
MODULE_DESCRIPTION("netfilter u32 match module");
MODULE_LICENSE("GPL");
projects / linux-2.6 / commitdiff