diff options
| author | Jan Engelhardt <jengelh@gmx.de> | 2007-07-08 01:15:35 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2007-07-11 01:16:57 -0400 |
| commit | 1d93a9cbad608f6398ba6c5b588c504ccd35a2ca (patch) | |
| tree | df02632a70f0438efb0e5baab9900f4f2acf98a1 /net/ipv4 | |
| parent | cff533ac12494fa002e2c46acc94d670e5f636a2 (diff) | |
[NETFILTER]: x_tables: switch xt_match->match to bool
Switch the return type of match functions to boolean
Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 26 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_addrtype.c | 12 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_ah.c | 10 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_ecn.c | 38 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_iprange.c | 8 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_owner.c | 10 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_recent.c | 12 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_tos.c | 2 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ipt_ttl.c | 12 |
9 files changed, 65 insertions, 65 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index e2a89382565..b9c792dd489 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
| @@ -183,19 +183,19 @@ ipt_error(struct sk_buff **pskb, | |||
| 183 | } | 183 | } |
| 184 | 184 | ||
| 185 | static inline | 185 | static inline |
| 186 | int do_match(struct ipt_entry_match *m, | 186 | bool do_match(struct ipt_entry_match *m, |
| 187 | const struct sk_buff *skb, | 187 | const struct sk_buff *skb, |
| 188 | const struct net_device *in, | 188 | const struct net_device *in, |
| 189 | const struct net_device *out, | 189 | const struct net_device *out, |
| 190 | int offset, | 190 | int offset, |
| 191 | bool *hotdrop) | 191 | bool *hotdrop) |
| 192 | { | 192 | { |
| 193 | /* Stop iteration if it doesn't match */ | 193 | /* Stop iteration if it doesn't match */ |
| 194 | if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data, | 194 | if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data, |
| 195 | offset, ip_hdrlen(skb), hotdrop)) | 195 | offset, ip_hdrlen(skb), hotdrop)) |
| 196 | return 1; | 196 | return true; |
| 197 | else | 197 | else |
| 198 | return 0; | 198 | return false; |
| 199 | } | 199 | } |
| 200 | 200 | ||
| 201 | static inline struct ipt_entry * | 201 | static inline struct ipt_entry * |
| @@ -2105,16 +2105,16 @@ void ipt_unregister_table(struct xt_table *table) | |||
| 2105 | } | 2105 | } |
| 2106 | 2106 | ||
| 2107 | /* Returns 1 if the type and code is matched by the range, 0 otherwise */ | 2107 | /* Returns 1 if the type and code is matched by the range, 0 otherwise */ |
| 2108 | static inline int | 2108 | static inline bool |
| 2109 | icmp_type_code_match(u_int8_t test_type, u_int8_t min_code, u_int8_t max_code, | 2109 | icmp_type_code_match(u_int8_t test_type, u_int8_t min_code, u_int8_t max_code, |
| 2110 | u_int8_t type, u_int8_t code, | 2110 | u_int8_t type, u_int8_t code, |
| 2111 | int invert) | 2111 | bool invert) |
| 2112 | { | 2112 | { |
| 2113 | return ((test_type == 0xFF) || (type == test_type && code >= min_code && code <= max_code)) | 2113 | return ((test_type == 0xFF) || (type == test_type && code >= min_code && code <= max_code)) |
| 2114 | ^ invert; | 2114 | ^ invert; |
| 2115 | } | 2115 | } |
| 2116 | 2116 | ||
| 2117 | static int | 2117 | static bool |
| 2118 | icmp_match(const struct sk_buff *skb, | 2118 | icmp_match(const struct sk_buff *skb, |
| 2119 | const struct net_device *in, | 2119 | const struct net_device *in, |
| 2120 | const struct net_device *out, | 2120 | const struct net_device *out, |
| @@ -2129,7 +2129,7 @@ icmp_match(const struct sk_buff *skb, | |||
| 2129 | 2129 | ||
| 2130 | /* Must not be a fragment. */ | 2130 | /* Must not be a fragment. */ |
| 2131 | if (offset) | 2131 | if (offset) |
| 2132 | return 0; | 2132 | return false; |
| 2133 | 2133 | ||
| 2134 | ic = skb_header_pointer(skb, protoff, sizeof(_icmph), &_icmph); | 2134 | ic = skb_header_pointer(skb, protoff, sizeof(_icmph), &_icmph); |
| 2135 | if (ic == NULL) { | 2135 | if (ic == NULL) { |
| @@ -2138,7 +2138,7 @@ icmp_match(const struct sk_buff *skb, | |||
| 2138 | */ | 2138 | */ |
| 2139 | duprintf("Dropping evil ICMP tinygram.\n"); | 2139 | duprintf("Dropping evil ICMP tinygram.\n"); |
| 2140 | *hotdrop = true; | 2140 | *hotdrop = true; |
| 2141 | return 0; | 2141 | return false; |
| 2142 | } | 2142 | } |
| 2143 | 2143 | ||
| 2144 | return icmp_type_code_match(icmpinfo->type, | 2144 | return icmp_type_code_match(icmpinfo->type, |
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c index a9a9b750ff2..abea446a443 100644 --- a/net/ipv4/netfilter/ipt_addrtype.c +++ b/net/ipv4/netfilter/ipt_addrtype.c | |||
| @@ -22,19 +22,19 @@ MODULE_LICENSE("GPL"); | |||
| 22 | MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); | 22 | MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); |
| 23 | MODULE_DESCRIPTION("iptables addrtype match"); | 23 | MODULE_DESCRIPTION("iptables addrtype match"); |
| 24 | 24 | ||
| 25 | static inline int match_type(__be32 addr, u_int16_t mask) | 25 | static inline bool match_type(__be32 addr, u_int16_t mask) |
| 26 | { | 26 | { |
| 27 | return !!(mask & (1 << inet_addr_type(addr))); | 27 | return !!(mask & (1 << inet_addr_type(addr))); |
| 28 | } | 28 | } |
| 29 | 29 | ||
| 30 | static int match(const struct sk_buff *skb, | 30 | static bool match(const struct sk_buff *skb, |
| 31 | const struct net_device *in, const struct net_device *out, | 31 | const struct net_device *in, const struct net_device *out, |
| 32 | const struct xt_match *match, const void *matchinfo, | 32 | const struct xt_match *match, const void *matchinfo, |
| 33 | int offset, unsigned int protoff, bool *hotdrop) | 33 | int offset, unsigned int protoff, bool *hotdrop) |
| 34 | { | 34 | { |
| 35 | const struct ipt_addrtype_info *info = matchinfo; | 35 | const struct ipt_addrtype_info *info = matchinfo; |
| 36 | const struct iphdr *iph = ip_hdr(skb); | 36 | const struct iphdr *iph = ip_hdr(skb); |
| 37 | int ret = 1; | 37 | bool ret = true; |
| 38 | 38 | ||
| 39 | if (info->source) | 39 | if (info->source) |
| 40 | ret &= match_type(iph->saddr, info->source)^info->invert_source; | 40 | ret &= match_type(iph->saddr, info->source)^info->invert_source; |
diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c index 9a244e406a4..3da39ee92d8 100644 --- a/net/ipv4/netfilter/ipt_ah.c +++ b/net/ipv4/netfilter/ipt_ah.c | |||
| @@ -25,10 +25,10 @@ MODULE_DESCRIPTION("iptables AH SPI match module"); | |||
| 25 | #endif | 25 | #endif |
| 26 | 26 | ||
| 27 | /* Returns 1 if the spi is matched by the range, 0 otherwise */ | 27 | /* Returns 1 if the spi is matched by the range, 0 otherwise */ |
| 28 | static inline int | 28 | static inline bool |
| 29 | spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, int invert) | 29 | spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert) |
| 30 | { | 30 | { |
| 31 | int r=0; | 31 | bool r; |
| 32 | duprintf("ah spi_match:%c 0x%x <= 0x%x <= 0x%x",invert? '!':' ', | 32 | duprintf("ah spi_match:%c 0x%x <= 0x%x <= 0x%x",invert? '!':' ', |
| 33 | min,spi,max); | 33 | min,spi,max); |
| 34 | r=(spi >= min && spi <= max) ^ invert; | 34 | r=(spi >= min && spi <= max) ^ invert; |
| @@ -36,7 +36,7 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, int invert) | |||
| 36 | return r; | 36 | return r; |
| 37 | } | 37 | } |
| 38 | 38 | ||
| 39 | static int | 39 | static bool |
| 40 | match(const struct sk_buff *skb, | 40 | match(const struct sk_buff *skb, |
| 41 | const struct net_device *in, | 41 | const struct net_device *in, |
| 42 | const struct net_device *out, | 42 | const struct net_device *out, |
| @@ -51,7 +51,7 @@ match(const struct sk_buff *skb, | |||
| 51 | 51 | ||
| 52 | /* Must not be a fragment. */ | 52 | /* Must not be a fragment. */ |
| 53 | if (offset) | 53 | if (offset) |
| 54 | return 0; | 54 | return false; |
| 55 | 55 | ||
| 56 | ah = skb_header_pointer(skb, protoff, | 56 | ah = skb_header_pointer(skb, protoff, |
| 57 | sizeof(_ahdr), &_ahdr); | 57 | sizeof(_ahdr), &_ahdr); |
diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c index a47f3745553..ba3a17e0f84 100644 --- a/net/ipv4/netfilter/ipt_ecn.c +++ b/net/ipv4/netfilter/ipt_ecn.c | |||
| @@ -22,15 +22,15 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | |||
| 22 | MODULE_DESCRIPTION("iptables ECN matching module"); | 22 | MODULE_DESCRIPTION("iptables ECN matching module"); |
| 23 | MODULE_LICENSE("GPL"); | 23 | MODULE_LICENSE("GPL"); |
| 24 | 24 | ||
| 25 | static inline int match_ip(const struct sk_buff *skb, | 25 | static inline bool match_ip(const struct sk_buff *skb, |
| 26 | const struct ipt_ecn_info *einfo) | 26 | const struct ipt_ecn_info *einfo) |
| 27 | { | 27 | { |
| 28 | return (ip_hdr(skb)->tos & IPT_ECN_IP_MASK) == einfo->ip_ect; | 28 | return (ip_hdr(skb)->tos & IPT_ECN_IP_MASK) == einfo->ip_ect; |
| 29 | } | 29 | } |
| 30 | 30 | ||
| 31 | static inline int match_tcp(const struct sk_buff *skb, | 31 | static inline bool match_tcp(const struct sk_buff *skb, |
| 32 | const struct ipt_ecn_info *einfo, | 32 | const struct ipt_ecn_info *einfo, |
| 33 | bool *hotdrop) | 33 | bool *hotdrop) |
| 34 | { | 34 | { |
| 35 | struct tcphdr _tcph, *th; | 35 | struct tcphdr _tcph, *th; |
| 36 | 36 | ||
| @@ -40,51 +40,51 @@ static inline int match_tcp(const struct sk_buff *skb, | |||
| 40 | th = skb_header_pointer(skb, ip_hdrlen(skb), sizeof(_tcph), &_tcph); | 40 | th = skb_header_pointer(skb, ip_hdrlen(skb), sizeof(_tcph), &_tcph); |
| 41 | if (th == NULL) { | 41 | if (th == NULL) { |
| 42 | *hotdrop = false; | 42 | *hotdrop = false; |
| 43 | return 0; | 43 | return false; |
| 44 | } | 44 | } |
| 45 | 45 | ||
| 46 | if (einfo->operation & IPT_ECN_OP_MATCH_ECE) { | 46 | if (einfo->operation & IPT_ECN_OP_MATCH_ECE) { |
| 47 | if (einfo->invert & IPT_ECN_OP_MATCH_ECE) { | 47 | if (einfo->invert & IPT_ECN_OP_MATCH_ECE) { |
| 48 | if (th->ece == 1) | 48 | if (th->ece == 1) |
| 49 | return 0; | 49 | return false; |
| 50 | } else { | 50 | } else { |
| 51 | if (th->ece == 0) | 51 | if (th->ece == 0) |
| 52 | return 0; | 52 | return false; |
| 53 | } | 53 | } |
| 54 | } | 54 | } |
| 55 | 55 | ||
| 56 | if (einfo->operation & IPT_ECN_OP_MATCH_CWR) { | 56 | if (einfo->operation & IPT_ECN_OP_MATCH_CWR) { |
| 57 | if (einfo->invert & IPT_ECN_OP_MATCH_CWR) { | 57 | if (einfo->invert & IPT_ECN_OP_MATCH_CWR) { |
| 58 | if (th->cwr == 1) | 58 | if (th->cwr == 1) |
| 59 | return 0; | 59 | return false; |
| 60 | } else { | 60 | } else { |
| 61 | if (th->cwr == 0) | 61 | if (th->cwr == 0) |
| 62 | return 0; | 62 | return false; |
| 63 | } | 63 | } |
| 64 | } | 64 | } |
| 65 | 65 | ||
| 66 | return 1; | 66 | return true; |
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | static int match(const struct sk_buff *skb, | 69 | static bool match(const struct sk_buff *skb, |
| 70 | const struct net_device *in, const struct net_device *out, | 70 | const struct net_device *in, const struct net_device *out, |
| 71 | const struct xt_match *match, const void *matchinfo, | 71 | const struct xt_match *match, const void *matchinfo, |
| 72 | int offset, unsigned int protoff, bool *hotdrop) | 72 | int offset, unsigned int protoff, bool *hotdrop) |
| 73 | { | 73 | { |
| 74 | const struct ipt_ecn_info *info = matchinfo; | 74 | const struct ipt_ecn_info *info = matchinfo; |
| 75 | 75 | ||
| 76 | if (info->operation & IPT_ECN_OP_MATCH_IP) | 76 | if (info->operation & IPT_ECN_OP_MATCH_IP) |
| 77 | if (!match_ip(skb, info)) | 77 | if (!match_ip(skb, info)) |
| 78 | return 0; | 78 | return false; |
| 79 | 79 | ||
| 80 | if (info->operation & (IPT_ECN_OP_MATCH_ECE|IPT_ECN_OP_MATCH_CWR)) { | 80 | if (info->operation & (IPT_ECN_OP_MATCH_ECE|IPT_ECN_OP_MATCH_CWR)) { |
| 81 | if (ip_hdr(skb)->protocol != IPPROTO_TCP) | 81 | if (ip_hdr(skb)->protocol != IPPROTO_TCP) |
| 82 | return 0; | 82 | return false; |
| 83 | if (!match_tcp(skb, info, hotdrop)) | 83 | if (!match_tcp(skb, info, hotdrop)) |
| 84 | return 0; | 84 | return false; |
| 85 | } | 85 | } |
| 86 | 86 | ||
| 87 | return 1; | 87 | return true; |
| 88 | } | 88 | } |
| 89 | 89 | ||
| 90 | static int checkentry(const char *tablename, const void *ip_void, | 90 | static int checkentry(const char *tablename, const void *ip_void, |
diff --git a/net/ipv4/netfilter/ipt_iprange.c b/net/ipv4/netfilter/ipt_iprange.c index 86f225c1d06..b266d98aac8 100644 --- a/net/ipv4/netfilter/ipt_iprange.c +++ b/net/ipv4/netfilter/ipt_iprange.c | |||
| @@ -23,7 +23,7 @@ MODULE_DESCRIPTION("iptables arbitrary IP range match module"); | |||
| 23 | #define DEBUGP(format, args...) | 23 | #define DEBUGP(format, args...) |
| 24 | #endif | 24 | #endif |
| 25 | 25 | ||
| 26 | static int | 26 | static bool |
| 27 | match(const struct sk_buff *skb, | 27 | match(const struct sk_buff *skb, |
| 28 | const struct net_device *in, | 28 | const struct net_device *in, |
| 29 | const struct net_device *out, | 29 | const struct net_device *out, |
| @@ -44,7 +44,7 @@ match(const struct sk_buff *skb, | |||
| 44 | info->flags & IPRANGE_SRC_INV ? "(INV) " : "", | 44 | info->flags & IPRANGE_SRC_INV ? "(INV) " : "", |
| 45 | NIPQUAD(info->src.min_ip), | 45 | NIPQUAD(info->src.min_ip), |
| 46 | NIPQUAD(info->src.max_ip)); | 46 | NIPQUAD(info->src.max_ip)); |
| 47 | return 0; | 47 | return false; |
| 48 | } | 48 | } |
| 49 | } | 49 | } |
| 50 | if (info->flags & IPRANGE_DST) { | 50 | if (info->flags & IPRANGE_DST) { |
| @@ -57,10 +57,10 @@ match(const struct sk_buff *skb, | |||
| 57 | info->flags & IPRANGE_DST_INV ? "(INV) " : "", | 57 | info->flags & IPRANGE_DST_INV ? "(INV) " : "", |
| 58 | NIPQUAD(info->dst.min_ip), | 58 | NIPQUAD(info->dst.min_ip), |
| 59 | NIPQUAD(info->dst.max_ip)); | 59 | NIPQUAD(info->dst.max_ip)); |
| 60 | return 0; | 60 | return false; |
| 61 | } | 61 | } |
| 62 | } | 62 | } |
| 63 | return 1; | 63 | return true; |
| 64 | } | 64 | } |
| 65 | 65 | ||
| 66 | static struct xt_match iprange_match = { | 66 | static struct xt_match iprange_match = { |
diff --git a/net/ipv4/netfilter/ipt_owner.c b/net/ipv4/netfilter/ipt_owner.c index 92be562c4ac..8f441cef550 100644 --- a/net/ipv4/netfilter/ipt_owner.c +++ b/net/ipv4/netfilter/ipt_owner.c | |||
| @@ -21,7 +21,7 @@ MODULE_LICENSE("GPL"); | |||
| 21 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); | 21 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); |
| 22 | MODULE_DESCRIPTION("iptables owner match"); | 22 | MODULE_DESCRIPTION("iptables owner match"); |
| 23 | 23 | ||
| 24 | static int | 24 | static bool |
| 25 | match(const struct sk_buff *skb, | 25 | match(const struct sk_buff *skb, |
| 26 | const struct net_device *in, | 26 | const struct net_device *in, |
| 27 | const struct net_device *out, | 27 | const struct net_device *out, |
| @@ -34,21 +34,21 @@ match(const struct sk_buff *skb, | |||
| 34 | const struct ipt_owner_info *info = matchinfo; | 34 | const struct ipt_owner_info *info = matchinfo; |
| 35 | 35 | ||
| 36 | if (!skb->sk || !skb->sk->sk_socket || !skb->sk->sk_socket->file) | 36 | if (!skb->sk || !skb->sk->sk_socket || !skb->sk->sk_socket->file) |
| 37 | return 0; | 37 | return false; |
| 38 | 38 | ||
| 39 | if(info->match & IPT_OWNER_UID) { | 39 | if(info->match & IPT_OWNER_UID) { |
| 40 | if ((skb->sk->sk_socket->file->f_uid != info->uid) ^ | 40 | if ((skb->sk->sk_socket->file->f_uid != info->uid) ^ |
| 41 | !!(info->invert & IPT_OWNER_UID)) | 41 | !!(info->invert & IPT_OWNER_UID)) |
| 42 | return 0; | 42 | return false; |
| 43 | } | 43 | } |
| 44 | 44 | ||
| 45 | if(info->match & IPT_OWNER_GID) { | 45 | if(info->match & IPT_OWNER_GID) { |
| 46 | if ((skb->sk->sk_socket->file->f_gid != info->gid) ^ | 46 | if ((skb->sk->sk_socket->file->f_gid != info->gid) ^ |
| 47 | !!(info->invert & IPT_OWNER_GID)) | 47 | !!(info->invert & IPT_OWNER_GID)) |
| 48 | return 0; | 48 | return false; |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | return 1; | 51 | return true; |
| 52 | } | 52 | } |
| 53 | 53 | ||
| 54 | static int | 54 | static int |
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 81f1a017f31..2e513ed9b6e 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c | |||
| @@ -169,7 +169,7 @@ static void recent_table_flush(struct recent_table *t) | |||
| 169 | } | 169 | } |
| 170 | } | 170 | } |
| 171 | 171 | ||
| 172 | static int | 172 | static bool |
| 173 | ipt_recent_match(const struct sk_buff *skb, | 173 | ipt_recent_match(const struct sk_buff *skb, |
| 174 | const struct net_device *in, const struct net_device *out, | 174 | const struct net_device *in, const struct net_device *out, |
| 175 | const struct xt_match *match, const void *matchinfo, | 175 | const struct xt_match *match, const void *matchinfo, |
| @@ -180,7 +180,7 @@ ipt_recent_match(const struct sk_buff *skb, | |||
| 180 | struct recent_entry *e; | 180 | struct recent_entry *e; |
| 181 | __be32 addr; | 181 | __be32 addr; |
| 182 | u_int8_t ttl; | 182 | u_int8_t ttl; |
| 183 | int ret = info->invert; | 183 | bool ret = info->invert; |
| 184 | 184 | ||
| 185 | if (info->side == IPT_RECENT_DEST) | 185 | if (info->side == IPT_RECENT_DEST) |
| 186 | addr = ip_hdr(skb)->daddr; | 186 | addr = ip_hdr(skb)->daddr; |
| @@ -202,15 +202,15 @@ ipt_recent_match(const struct sk_buff *skb, | |||
| 202 | e = recent_entry_init(t, addr, ttl); | 202 | e = recent_entry_init(t, addr, ttl); |
| 203 | if (e == NULL) | 203 | if (e == NULL) |
| 204 | *hotdrop = true; | 204 | *hotdrop = true; |
| 205 | ret ^= 1; | 205 | ret = !ret; |
| 206 | goto out; | 206 | goto out; |
| 207 | } | 207 | } |
| 208 | 208 | ||
| 209 | if (info->check_set & IPT_RECENT_SET) | 209 | if (info->check_set & IPT_RECENT_SET) |
| 210 | ret ^= 1; | 210 | ret = !ret; |
| 211 | else if (info->check_set & IPT_RECENT_REMOVE) { | 211 | else if (info->check_set & IPT_RECENT_REMOVE) { |
| 212 | recent_entry_remove(t, e); | 212 | recent_entry_remove(t, e); |
| 213 | ret ^= 1; | 213 | ret = !ret; |
| 214 | } else if (info->check_set & (IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) { | 214 | } else if (info->check_set & (IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) { |
| 215 | unsigned long t = jiffies - info->seconds * HZ; | 215 | unsigned long t = jiffies - info->seconds * HZ; |
| 216 | unsigned int i, hits = 0; | 216 | unsigned int i, hits = 0; |
| @@ -219,7 +219,7 @@ ipt_recent_match(const struct sk_buff *skb, | |||
| 219 | if (info->seconds && time_after(t, e->stamps[i])) | 219 | if (info->seconds && time_after(t, e->stamps[i])) |
| 220 | continue; | 220 | continue; |
| 221 | if (++hits >= info->hit_count) { | 221 | if (++hits >= info->hit_count) { |
| 222 | ret ^= 1; | 222 | ret = !ret; |
| 223 | break; | 223 | break; |
| 224 | } | 224 | } |
| 225 | } | 225 | } |
diff --git a/net/ipv4/netfilter/ipt_tos.c b/net/ipv4/netfilter/ipt_tos.c index 803ed4c35b5..67699ae46d3 100644 --- a/net/ipv4/netfilter/ipt_tos.c +++ b/net/ipv4/netfilter/ipt_tos.c | |||
| @@ -18,7 +18,7 @@ | |||
| 18 | MODULE_LICENSE("GPL"); | 18 | MODULE_LICENSE("GPL"); |
| 19 | MODULE_DESCRIPTION("iptables TOS match module"); | 19 | MODULE_DESCRIPTION("iptables TOS match module"); |
| 20 | 20 | ||
| 21 | static int | 21 | static bool |
| 22 | match(const struct sk_buff *skb, | 22 | match(const struct sk_buff *skb, |
| 23 | const struct net_device *in, | 23 | const struct net_device *in, |
| 24 | const struct net_device *out, | 24 | const struct net_device *out, |
diff --git a/net/ipv4/netfilter/ipt_ttl.c b/net/ipv4/netfilter/ipt_ttl.c index e7316b27d2c..82fe4ea8ab7 100644 --- a/net/ipv4/netfilter/ipt_ttl.c +++ b/net/ipv4/netfilter/ipt_ttl.c | |||
| @@ -18,10 +18,10 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | |||
| 18 | MODULE_DESCRIPTION("IP tables TTL matching module"); | 18 | MODULE_DESCRIPTION("IP tables TTL matching module"); |
| 19 | MODULE_LICENSE("GPL"); | 19 | MODULE_LICENSE("GPL"); |
| 20 | 20 | ||
| 21 | static int match(const struct sk_buff *skb, | 21 | static bool match(const struct sk_buff *skb, |
| 22 | const struct net_device *in, const struct net_device *out, | 22 | const struct net_device *in, const struct net_device *out, |
| 23 | const struct xt_match *match, const void *matchinfo, | 23 | const struct xt_match *match, const void *matchinfo, |
| 24 | int offset, unsigned int protoff, bool *hotdrop) | 24 | int offset, unsigned int protoff, bool *hotdrop) |
| 25 | { | 25 | { |
| 26 | const struct ipt_ttl_info *info = matchinfo; | 26 | const struct ipt_ttl_info *info = matchinfo; |
| 27 | const u8 ttl = ip_hdr(skb)->ttl; | 27 | const u8 ttl = ip_hdr(skb)->ttl; |
| @@ -42,10 +42,10 @@ static int match(const struct sk_buff *skb, | |||
| 42 | default: | 42 | default: |
| 43 | printk(KERN_WARNING "ipt_ttl: unknown mode %d\n", | 43 | printk(KERN_WARNING "ipt_ttl: unknown mode %d\n", |
| 44 | info->mode); | 44 | info->mode); |
| 45 | return 0; | 45 | return false; |
| 46 | } | 46 | } |
| 47 | 47 | ||
| 48 | return 0; | 48 | return false; |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | static struct xt_match ttl_match = { | 51 | static struct xt_match ttl_match = { |