diff options
| author | Joe Perches <joe@perches.com> | 2016-06-24 16:25:22 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-07-03 04:55:07 -0400 |
| commit | c37a2dfa67f7920b14ea77dc9f9f9660f7a1f6dd (patch) | |
| tree | d170247b37a60ac138094e999f5dbed5a762b3a8 /include/linux | |
| parent | f1504307b9ab60e73ba31eece4be8298ebc9c1b7 (diff) | |
netfilter: Convert FWINV<[foo]> macros and uses to NF_INVF
netfilter uses multiple FWINV #defines with identical form that hide a
specific structure variable and dereference it with a invflags member.
$ git grep "#define FWINV"
include/linux/netfilter_bridge/ebtables.h:#define FWINV(bool,invflg) ((bool) ^ !!(info->invflags & invflg))
net/bridge/netfilter/ebtables.c:#define FWINV2(bool, invflg) ((bool) ^ !!(e->invflags & invflg))
net/ipv4/netfilter/arp_tables.c:#define FWINV(bool, invflg) ((bool) ^ !!(arpinfo->invflags & (invflg)))
net/ipv4/netfilter/ip_tables.c:#define FWINV(bool, invflg) ((bool) ^ !!(ipinfo->invflags & (invflg)))
net/ipv6/netfilter/ip6_tables.c:#define FWINV(bool, invflg) ((bool) ^ !!(ip6info->invflags & (invflg)))
net/netfilter/xt_tcpudp.c:#define FWINVTCP(bool, invflg) ((bool) ^ !!(tcpinfo->invflags & (invflg)))
Consolidate these macros into a single NF_INVF macro.
Miscellanea:
o Neaten the alignment around these uses
o A few lines are > 80 columns for intelligibility
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/netfilter/x_tables.h | 4 | ||||
| -rw-r--r-- | include/linux/netfilter_bridge/ebtables.h | 2 |
2 files changed, 4 insertions, 2 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index dc4f58a3cdcc..e94e81ab2b58 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
| @@ -6,6 +6,10 @@ | |||
| 6 | #include <linux/static_key.h> | 6 | #include <linux/static_key.h> |
| 7 | #include <uapi/linux/netfilter/x_tables.h> | 7 | #include <uapi/linux/netfilter/x_tables.h> |
| 8 | 8 | ||
| 9 | /* Test a struct->invflags and a boolean for inequality */ | ||
| 10 | #define NF_INVF(ptr, flag, boolean) \ | ||
| 11 | ((boolean) ^ !!((ptr)->invflags & (flag))) | ||
| 12 | |||
| 9 | /** | 13 | /** |
| 10 | * struct xt_action_param - parameters for matches/targets | 14 | * struct xt_action_param - parameters for matches/targets |
| 11 | * | 15 | * |
diff --git a/include/linux/netfilter_bridge/ebtables.h b/include/linux/netfilter_bridge/ebtables.h index 2ea517c7c6b9..984b2112c77b 100644 --- a/include/linux/netfilter_bridge/ebtables.h +++ b/include/linux/netfilter_bridge/ebtables.h | |||
| @@ -115,8 +115,6 @@ extern unsigned int ebt_do_table(struct sk_buff *skb, | |||
| 115 | const struct nf_hook_state *state, | 115 | const struct nf_hook_state *state, |
| 116 | struct ebt_table *table); | 116 | struct ebt_table *table); |
| 117 | 117 | ||
| 118 | /* Used in the kernel match() functions */ | ||
| 119 | #define FWINV(bool,invflg) ((bool) ^ !!(info->invflags & invflg)) | ||
| 120 | /* True if the hook mask denotes that the rule is in a base chain, | 118 | /* True if the hook mask denotes that the rule is in a base chain, |
| 121 | * used in the check() functions */ | 119 | * used in the check() functions */ |
| 122 | #define BASE_CHAIN (par->hook_mask & (1 << NF_BR_NUMHOOKS)) | 120 | #define BASE_CHAIN (par->hook_mask & (1 << NF_BR_NUMHOOKS)) |