[NETFILTER]: x_tables: add port of hashlimit match for IPv4 and IPv6

Signed-off-by: Patrick McHardy <kaber@trash.net>

3 files changed, 49 insertions, 34 deletions

diff --git a/include/linux/netfilter/Kbuild b/include/linux/netfilter/Kbuild
index 312bd2ffee3..e379a2d89ea 100644
--- a/include/linux/netfilter/Kbuild
+++ b/include/linux/netfilter/Kbuild
@@ -14,6 +14,7 @@ header-y += xt_dscp.h
 header-y += xt_DSCP.h
 header-y += xt_esp.h
 header-y += xt_helper.h
+header-y += xt_hashlimit.h
 header-y += xt_length.h
 header-y += xt_limit.h
 header-y += xt_mac.h
diff --git a/include/linux/netfilter/xt_hashlimit.h b/include/linux/netfilter/xt_hashlimit.h
new file mode 100644
index 00000000000..b4556b8edbf
--- /dev/null
+++ b/include/linux/netfilter/xt_hashlimit.h
@@ -0,0 +1,40 @@
+#ifndef _XT_HASHLIMIT_H
+#define _XT_HASHLIMIT_H
+
+/* timings are in milliseconds. */
+#define XT_HASHLIMIT_SCALE 10000
+/* 1/10,000 sec period => max of 10,000/sec.  Min rate is then 429490
+   seconds, or one every 59 hours. */
+
+/* details of this structure hidden by the implementation */
+struct xt_hashlimit_htable;
+
+#define XT_HASHLIMIT_HASH_DIP   0x0001
+#define XT_HASHLIMIT_HASH_DPT   0x0002
+#define XT_HASHLIMIT_HASH_SIP   0x0004
+#define XT_HASHLIMIT_HASH_SPT   0x0008
+
+struct hashlimit_cfg {
+        u_int32_t mode;   /* bitmask of IPT_HASHLIMIT_HASH_* */
+        u_int32_t avg;    /* Average secs between packets * scale */
+        u_int32_t burst;  /* Period multiplier for upper limit. */
+
+        /* user specified */
+        u_int32_t size;         /* how many buckets */
+        u_int32_t max;          /* max number of entries */
+        u_int32_t gc_interval;  /* gc interval */
+        u_int32_t expire;       /* when do entries expire? */
+};
+
+struct xt_hashlimit_info {
+        char name [IFNAMSIZ];           /* name */
+        struct hashlimit_cfg cfg;
+        struct xt_hashlimit_htable *hinfo;
+
+        /* Used internally by the kernel */
+        union {
+                void *ptr;
+                struct xt_hashlimit_info *master;
+        } u;
+};
+#endif /*_XT_HASHLIMIT_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_hashlimit.h b/include/linux/netfilter_ipv4/ipt_hashlimit.h
index ac2cb64ecd7..5662120a3d7 100644
--- a/include/linux/netfilter_ipv4/ipt_hashlimit.h
+++ b/include/linux/netfilter_ipv4/ipt_hashlimit.h
@@ -1,40 +1,14 @@
 #ifndef _IPT_HASHLIMIT_H
 #define _IPT_HASHLIMIT_H
 
-/* timings are in milliseconds. */
-#define IPT_HASHLIMIT_SCALE 10000
-/* 1/10,000 sec period => max of 10,000/sec.  Min rate is then 429490
-   seconds, or one every 59 hours. */
+#include <linux/netfilter/xt_hashlimit.h>
 
-/* details of this structure hidden by the implementation */
-struct ipt_hashlimit_htable;
+#define IPT_HASHLIMIT_SCALE     XT_HASHLIMIT_SCALE
+#define IPT_HASHLIMIT_HASH_DIP  XT_HASHLIMIT_HASH_DIP
+#define IPT_HASHLIMIT_HASH_DPT  XT_HASHLIMIT_HASH_DPT
+#define IPT_HASHLIMIT_HASH_SIP  XT_HASHLIMIT_HASH_SIP
+#define IPT_HASHLIMIT_HASH_SPT  XT_HASHLIMIT_HASH_SPT
 
-#define IPT_HASHLIMIT_HASH_DIP  0x0001
-#define IPT_HASHLIMIT_HASH_DPT  0x0002
-#define IPT_HASHLIMIT_HASH_SIP  0x0004
-#define IPT_HASHLIMIT_HASH_SPT  0x0008
+#define ipt_hashlimit_info xt_hashlimit_info
 
-struct hashlimit_cfg {
-        u_int32_t mode;   /* bitmask of IPT_HASHLIMIT_HASH_* */
-        u_int32_t avg;    /* Average secs between packets * scale */
-        u_int32_t burst;  /* Period multiplier for upper limit. */
-
-        /* user specified */
-        u_int32_t size;         /* how many buckets */
-        u_int32_t max;          /* max number of entries */
-        u_int32_t gc_interval;  /* gc interval */
-        u_int32_t expire;       /* when do entries expire? */
-};
-
-struct ipt_hashlimit_info {
-        char name [IFNAMSIZ];           /* name */
-        struct hashlimit_cfg cfg;
-        struct ipt_hashlimit_htable *hinfo;
-
-        /* Used internally by the kernel */
-        union {
-                void *ptr;
-                struct ipt_hashlimit_info *master;
-        } u;
-};
-#endif /*_IPT_HASHLIMIT_H*/
+#endif /* _IPT_HASHLIMIT_H */