diff options
| author | Jan Engelhardt <jengelh@computergmbh.de> | 2008-10-08 05:35:01 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 05:35:01 -0400 |
| commit | 55b69e91040c685a064198bd76e59885b7ad26c6 (patch) | |
| tree | f106ca5825afdda752b89cae7e7d384ba55a7d44 /net/netfilter/xt_CLASSIFY.c | |
| parent | ee999d8b9573df1b547aacdc6d79f86eb79c25cd (diff) | |
netfilter: implement NFPROTO_UNSPEC as a wildcard for extensions
When a match or target is looked up using xt_find_{match,target},
Xtables will also search the NFPROTO_UNSPEC module list. This allows
for protocol-independent extensions (like xt_time) to be reused from
other components (e.g. arptables, ebtables).
Extensions that take different codepaths depending on match->family
or target->family of course cannot use NFPROTO_UNSPEC within the
registration structure (e.g. xt_pkttype).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter/xt_CLASSIFY.c')
| -rw-r--r-- | net/netfilter/xt_CLASSIFY.c | 38 |
1 files changed, 12 insertions, 26 deletions
diff --git a/net/netfilter/xt_CLASSIFY.c b/net/netfilter/xt_CLASSIFY.c index 9d68da1748b..8cffa295dd3 100644 --- a/net/netfilter/xt_CLASSIFY.c +++ b/net/netfilter/xt_CLASSIFY.c | |||
| @@ -37,40 +37,26 @@ classify_tg(struct sk_buff *skb, const struct net_device *in, | |||
| 37 | return XT_CONTINUE; | 37 | return XT_CONTINUE; |
| 38 | } | 38 | } |
| 39 | 39 | ||
| 40 | static struct xt_target classify_tg_reg[] __read_mostly = { | 40 | static struct xt_target classify_tg_reg __read_mostly = { |
| 41 | { | 41 | .name = "CLASSIFY", |
| 42 | .family = NFPROTO_IPV4, | 42 | .revision = 0, |
| 43 | .name = "CLASSIFY", | 43 | .family = NFPROTO_UNSPEC, |
| 44 | .target = classify_tg, | 44 | .table = "mangle", |
| 45 | .targetsize = sizeof(struct xt_classify_target_info), | 45 | .hooks = (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_FORWARD) | |
| 46 | .table = "mangle", | 46 | (1 << NF_INET_POST_ROUTING), |
| 47 | .hooks = (1 << NF_INET_LOCAL_OUT) | | 47 | .target = classify_tg, |
| 48 | (1 << NF_INET_FORWARD) | | 48 | .targetsize = sizeof(struct xt_classify_target_info), |
| 49 | (1 << NF_INET_POST_ROUTING), | 49 | .me = THIS_MODULE, |
| 50 | .me = THIS_MODULE, | ||
| 51 | }, | ||
| 52 | { | ||
| 53 | .name = "CLASSIFY", | ||
| 54 | .family = NFPROTO_IPV6, | ||
| 55 | .target = classify_tg, | ||
| 56 | .targetsize = sizeof(struct xt_classify_target_info), | ||
| 57 | .table = "mangle", | ||
| 58 | .hooks = (1 << NF_INET_LOCAL_OUT) | | ||
| 59 | (1 << NF_INET_FORWARD) | | ||
| 60 | (1 << NF_INET_POST_ROUTING), | ||
| 61 | .me = THIS_MODULE, | ||
| 62 | }, | ||
| 63 | }; | 50 | }; |
| 64 | 51 | ||
| 65 | static int __init classify_tg_init(void) | 52 | static int __init classify_tg_init(void) |
| 66 | { | 53 | { |
| 67 | return xt_register_targets(classify_tg_reg, | 54 | return xt_register_target(&classify_tg_reg); |
| 68 | ARRAY_SIZE(classify_tg_reg)); | ||
| 69 | } | 55 | } |
| 70 | 56 | ||
| 71 | static void __exit classify_tg_exit(void) | 57 | static void __exit classify_tg_exit(void) |
| 72 | { | 58 | { |
| 73 | xt_unregister_targets(classify_tg_reg, ARRAY_SIZE(classify_tg_reg)); | 59 | xt_unregister_target(&classify_tg_reg); |
| 74 | } | 60 | } |
| 75 | 61 | ||
| 76 | module_init(classify_tg_init); | 62 | module_init(classify_tg_init); |