aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@computergmbh.de>2007-12-05 02:24:03 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:55:53 -0500
commitd3c5ee6d545b5372fd525ebe16988a5b6efeceb0 (patch)
tree97efd14cfb818ac5fb56a023efe9217f78ad240f /net
parent4c610979576d8778c401a9b1d247ed14f6cee998 (diff)
[NETFILTER]: x_tables: consistent and unique symbol names
Give all Netfilter modules consistent and unique symbol names. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/netfilter/ipt_CLUSTERIP.c41
-rw-r--r--net/ipv4/netfilter/ipt_ECN.c35
-rw-r--r--net/ipv4/netfilter/ipt_LOG.c36
-rw-r--r--net/ipv4/netfilter/ipt_MASQUERADE.c35
-rw-r--r--net/ipv4/netfilter/ipt_NETMAP.c35
-rw-r--r--net/ipv4/netfilter/ipt_REDIRECT.c35
-rw-r--r--net/ipv4/netfilter/ipt_REJECT.c37
-rw-r--r--net/ipv4/netfilter/ipt_SAME.c40
-rw-r--r--net/ipv4/netfilter/ipt_TOS.c35
-rw-r--r--net/ipv4/netfilter/ipt_TTL.c34
-rw-r--r--net/ipv4/netfilter/ipt_ULOG.c45
-rw-r--r--net/ipv4/netfilter/ipt_addrtype.c25
-rw-r--r--net/ipv4/netfilter/ipt_ah.c37
-rw-r--r--net/ipv4/netfilter/ipt_ecn.c33
-rw-r--r--net/ipv4/netfilter/ipt_iprange.c26
-rw-r--r--net/ipv4/netfilter/ipt_owner.c38
-rw-r--r--net/ipv4/netfilter/ipt_recent.c39
-rw-r--r--net/ipv4/netfilter/ipt_tos.c27
-rw-r--r--net/ipv4/netfilter/ipt_ttl.c24
-rw-r--r--net/ipv6/netfilter/ip6t_HL.c37
-rw-r--r--net/ipv6/netfilter/ip6t_LOG.c36
-rw-r--r--net/ipv6/netfilter/ip6t_REJECT.c37
-rw-r--r--net/ipv6/netfilter/ip6t_ah.c37
-rw-r--r--net/ipv6/netfilter/ip6t_eui64.c28
-rw-r--r--net/ipv6/netfilter/ip6t_frag.c38
-rw-r--r--net/ipv6/netfilter/ip6t_hbh.c42
-rw-r--r--net/ipv6/netfilter/ip6t_hl.c24
-rw-r--r--net/ipv6/netfilter/ip6t_ipv6header.c38
-rw-r--r--net/ipv6/netfilter/ip6t_mh.c37
-rw-r--r--net/ipv6/netfilter/ip6t_owner.c38
-rw-r--r--net/ipv6/netfilter/ip6t_rt.c37
-rw-r--r--net/netfilter/xt_CLASSIFY.c30
-rw-r--r--net/netfilter/xt_CONNMARK.c56
-rw-r--r--net/netfilter/xt_CONNSECMARK.c47
-rw-r--r--net/netfilter/xt_DSCP.c51
-rw-r--r--net/netfilter/xt_MARK.c69
-rw-r--r--net/netfilter/xt_NFLOG.c36
-rw-r--r--net/netfilter/xt_NFQUEUE.c30
-rw-r--r--net/netfilter/xt_NOTRACK.c28
-rw-r--r--net/netfilter/xt_SECMARK.c38
-rw-r--r--net/netfilter/xt_TCPMSS.c56
-rw-r--r--net/netfilter/xt_TRACE.c28
-rw-r--r--net/netfilter/xt_comment.c31
-rw-r--r--net/netfilter/xt_connbytes.c52
-rw-r--r--net/netfilter/xt_connlimit.c50
-rw-r--r--net/netfilter/xt_connmark.c58
-rw-r--r--net/netfilter/xt_conntrack.c51
-rw-r--r--net/netfilter/xt_dccp.c41
-rw-r--r--net/netfilter/xt_dscp.c56
-rw-r--r--net/netfilter/xt_esp.c41
-rw-r--r--net/netfilter/xt_hashlimit.c63
-rw-r--r--net/netfilter/xt_helper.c52
-rw-r--r--net/netfilter/xt_length.c43
-rw-r--r--net/netfilter/xt_limit.c50
-rw-r--r--net/netfilter/xt_mac.c29
-rw-r--r--net/netfilter/xt_mark.c49
-rw-r--r--net/netfilter/xt_multiport.c98
-rw-r--r--net/netfilter/xt_physdev.c43
-rw-r--r--net/netfilter/xt_pkttype.c32
-rw-r--r--net/netfilter/xt_policy.c43
-rw-r--r--net/netfilter/xt_quota.c36
-rw-r--r--net/netfilter/xt_realm.c28
-rw-r--r--net/netfilter/xt_sctp.c41
-rw-r--r--net/netfilter/xt_state.c50
-rw-r--r--net/netfilter/xt_statistic.c40
-rw-r--r--net/netfilter/xt_string.c50
-rw-r--r--net/netfilter/xt_tcpmss.c31
-rw-r--r--net/netfilter/xt_tcpudp.c77
-rw-r--r--net/netfilter/xt_time.c38
-rw-r--r--net/netfilter/xt_u32.c27
70 files changed, 1262 insertions, 1593 deletions
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index 311361e1272..b5de6bd3e43 100644
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -287,12 +287,9 @@ clusterip_responsible(const struct clusterip_config *config, u_int32_t hash)
287 ***********************************************************************/ 287 ***********************************************************************/
288 288
289static unsigned int 289static unsigned int
290target(struct sk_buff *skb, 290clusterip_tg(struct sk_buff *skb, const struct net_device *in,
291 const struct net_device *in, 291 const struct net_device *out, unsigned int hooknum,
292 const struct net_device *out, 292 const struct xt_target *target, const void *targinfo)
293 unsigned int hooknum,
294 const struct xt_target *target,
295 const void *targinfo)
296{ 293{
297 const struct ipt_clusterip_tgt_info *cipinfo = targinfo; 294 const struct ipt_clusterip_tgt_info *cipinfo = targinfo;
298 struct nf_conn *ct; 295 struct nf_conn *ct;
@@ -359,11 +356,9 @@ target(struct sk_buff *skb,
359} 356}
360 357
361static bool 358static bool
362checkentry(const char *tablename, 359clusterip_tg_check(const char *tablename, const void *e_void,
363 const void *e_void, 360 const struct xt_target *target, void *targinfo,
364 const struct xt_target *target, 361 unsigned int hook_mask)
365 void *targinfo,
366 unsigned int hook_mask)
367{ 362{
368 struct ipt_clusterip_tgt_info *cipinfo = targinfo; 363 struct ipt_clusterip_tgt_info *cipinfo = targinfo;
369 const struct ipt_entry *e = e_void; 364 const struct ipt_entry *e = e_void;
@@ -427,7 +422,7 @@ checkentry(const char *tablename,
427} 422}
428 423
429/* drop reference count of cluster config when rule is deleted */ 424/* drop reference count of cluster config when rule is deleted */
430static void destroy(const struct xt_target *target, void *targinfo) 425static void clusterip_tg_destroy(const struct xt_target *target, void *targinfo)
431{ 426{
432 struct ipt_clusterip_tgt_info *cipinfo = targinfo; 427 struct ipt_clusterip_tgt_info *cipinfo = targinfo;
433 428
@@ -454,12 +449,12 @@ struct compat_ipt_clusterip_tgt_info
454}; 449};
455#endif /* CONFIG_COMPAT */ 450#endif /* CONFIG_COMPAT */
456 451
457static struct xt_target clusterip_tgt __read_mostly = { 452static struct xt_target clusterip_tg_reg __read_mostly = {
458 .name = "CLUSTERIP", 453 .name = "CLUSTERIP",
459 .family = AF_INET, 454 .family = AF_INET,
460 .target = target, 455 .target = clusterip_tg,
461 .checkentry = checkentry, 456 .checkentry = clusterip_tg_check,
462 .destroy = destroy, 457 .destroy = clusterip_tg_destroy,
463 .targetsize = sizeof(struct ipt_clusterip_tgt_info), 458 .targetsize = sizeof(struct ipt_clusterip_tgt_info),
464#ifdef CONFIG_COMPAT 459#ifdef CONFIG_COMPAT
465 .compatsize = sizeof(struct compat_ipt_clusterip_tgt_info), 460 .compatsize = sizeof(struct compat_ipt_clusterip_tgt_info),
@@ -712,11 +707,11 @@ static const struct file_operations clusterip_proc_fops = {
712 707
713#endif /* CONFIG_PROC_FS */ 708#endif /* CONFIG_PROC_FS */
714 709
715static int __init ipt_clusterip_init(void) 710static int __init clusterip_tg_init(void)
716{ 711{
717 int ret; 712 int ret;
718 713
719 ret = xt_register_target(&clusterip_tgt); 714 ret = xt_register_target(&clusterip_tg_reg);
720 if (ret < 0) 715 if (ret < 0)
721 return ret; 716 return ret;
722 717
@@ -742,11 +737,11 @@ cleanup_hook:
742 nf_unregister_hook(&cip_arp_ops); 737 nf_unregister_hook(&cip_arp_ops);
743#endif /* CONFIG_PROC_FS */ 738#endif /* CONFIG_PROC_FS */
744cleanup_target: 739cleanup_target:
745 xt_unregister_target(&clusterip_tgt); 740 xt_unregister_target(&clusterip_tg_reg);
746 return ret; 741 return ret;
747} 742}
748 743
749static void __exit ipt_clusterip_fini(void) 744static void __exit clusterip_tg_exit(void)
750{ 745{
751 printk(KERN_NOTICE "ClusterIP Version %s unloading\n", 746 printk(KERN_NOTICE "ClusterIP Version %s unloading\n",
752 CLUSTERIP_VERSION); 747 CLUSTERIP_VERSION);
@@ -754,8 +749,8 @@ static void __exit ipt_clusterip_fini(void)
754 remove_proc_entry(clusterip_procdir->name, clusterip_procdir->parent); 749 remove_proc_entry(clusterip_procdir->name, clusterip_procdir->parent);
755#endif 750#endif
756 nf_unregister_hook(&cip_arp_ops); 751 nf_unregister_hook(&cip_arp_ops);
757 xt_unregister_target(&clusterip_tgt); 752 xt_unregister_target(&clusterip_tg_reg);
758} 753}
759 754
760module_init(ipt_clusterip_init); 755module_init(clusterip_tg_init);
761module_exit(ipt_clusterip_fini); 756module_exit(clusterip_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c
index e8d5f686797..ab417649161 100644
--- a/net/ipv4/netfilter/ipt_ECN.c
+++ b/net/ipv4/netfilter/ipt_ECN.c
@@ -77,12 +77,9 @@ set_ect_tcp(struct sk_buff *skb, const struct ipt_ECN_info *einfo)
77} 77}
78 78
79static unsigned int 79static unsigned int
80target(struct sk_buff *skb, 80ecn_tg(struct sk_buff *skb, const struct net_device *in,
81 const struct net_device *in, 81 const struct net_device *out, unsigned int hooknum,
82 const struct net_device *out, 82 const struct xt_target *target, const void *targinfo)
83 unsigned int hooknum,
84 const struct xt_target *target,
85 const void *targinfo)
86{ 83{
87 const struct ipt_ECN_info *einfo = targinfo; 84 const struct ipt_ECN_info *einfo = targinfo;
88 85
@@ -99,11 +96,9 @@ target(struct sk_buff *skb,
99} 96}
100 97
101static bool 98static bool
102checkentry(const char *tablename, 99ecn_tg_check(const char *tablename, const void *e_void,
103 const void *e_void, 100 const struct xt_target *target, void *targinfo,
104 const struct xt_target *target, 101 unsigned int hook_mask)
105 void *targinfo,
106 unsigned int hook_mask)
107{ 102{
108 const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo; 103 const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo;
109 const struct ipt_entry *e = e_void; 104 const struct ipt_entry *e = e_void;
@@ -127,25 +122,25 @@ checkentry(const char *tablename,
127 return true; 122 return true;
128} 123}
129 124
130static struct xt_target ipt_ecn_reg __read_mostly = { 125static struct xt_target ecn_tg_reg __read_mostly = {
131 .name = "ECN", 126 .name = "ECN",
132 .family = AF_INET, 127 .family = AF_INET,
133 .target = target, 128 .target = ecn_tg,
134 .targetsize = sizeof(struct ipt_ECN_info), 129 .targetsize = sizeof(struct ipt_ECN_info),
135 .table = "mangle", 130 .table = "mangle",
136 .checkentry = checkentry, 131 .checkentry = ecn_tg_check,
137 .me = THIS_MODULE, 132 .me = THIS_MODULE,
138}; 133};
139 134
140static int __init ipt_ecn_init(void) 135static int __init ecn_tg_init(void)
141{ 136{
142 return xt_register_target(&ipt_ecn_reg); 137 return xt_register_target(&ecn_tg_reg);
143} 138}
144 139
145static void __exit ipt_ecn_fini(void) 140static void __exit ecn_tg_exit(void)
146{ 141{
147 xt_unregister_target(&ipt_ecn_reg); 142 xt_unregister_target(&ecn_tg_reg);
148} 143}
149 144
150module_init(ipt_ecn_init); 145module_init(ecn_tg_init);
151module_exit(ipt_ecn_fini); 146module_exit(ecn_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c
index 4b5e8216a4e..fba2155ffa3 100644
--- a/net/ipv4/netfilter/ipt_LOG.c
+++ b/net/ipv4/netfilter/ipt_LOG.c
@@ -418,12 +418,9 @@ ipt_log_packet(unsigned int pf,
418} 418}
419 419
420static unsigned int 420static unsigned int
421ipt_log_target(struct sk_buff *skb, 421log_tg(struct sk_buff *skb, const struct net_device *in,
422 const struct net_device *in, 422 const struct net_device *out, unsigned int hooknum,
423 const struct net_device *out, 423 const struct xt_target *target, const void *targinfo)
424 unsigned int hooknum,
425 const struct xt_target *target,
426 const void *targinfo)
427{ 424{
428 const struct ipt_log_info *loginfo = targinfo; 425 const struct ipt_log_info *loginfo = targinfo;
429 struct nf_loginfo li; 426 struct nf_loginfo li;
@@ -437,11 +434,10 @@ ipt_log_target(struct sk_buff *skb,
437 return XT_CONTINUE; 434 return XT_CONTINUE;
438} 435}
439 436
440static bool ipt_log_checkentry(const char *tablename, 437static bool
441 const void *e, 438log_tg_check(const char *tablename, const void *e,
442 const struct xt_target *target, 439 const struct xt_target *target, void *targinfo,
443 void *targinfo, 440 unsigned int hook_mask)
444 unsigned int hook_mask)
445{ 441{
446 const struct ipt_log_info *loginfo = targinfo; 442 const struct ipt_log_info *loginfo = targinfo;
447 443
@@ -457,12 +453,12 @@ static bool ipt_log_checkentry(const char *tablename,
457 return true; 453 return true;
458} 454}
459 455
460static struct xt_target ipt_log_reg __read_mostly = { 456static struct xt_target log_tg_reg __read_mostly = {
461 .name = "LOG", 457 .name = "LOG",
462 .family = AF_INET, 458 .family = AF_INET,
463 .target = ipt_log_target, 459 .target = log_tg,
464 .targetsize = sizeof(struct ipt_log_info), 460 .targetsize = sizeof(struct ipt_log_info),
465 .checkentry = ipt_log_checkentry, 461 .checkentry = log_tg_check,
466 .me = THIS_MODULE, 462 .me = THIS_MODULE,
467}; 463};
468 464
@@ -472,22 +468,22 @@ static struct nf_logger ipt_log_logger ={
472 .me = THIS_MODULE, 468 .me = THIS_MODULE,
473}; 469};
474 470
475static int __init ipt_log_init(void) 471static int __init log_tg_init(void)
476{ 472{
477 int ret; 473 int ret;
478 474
479 ret = xt_register_target(&ipt_log_reg); 475 ret = xt_register_target(&log_tg_reg);
480 if (ret < 0) 476 if (ret < 0)
481 return ret; 477 return ret;
482 nf_log_register(PF_INET, &ipt_log_logger); 478 nf_log_register(PF_INET, &ipt_log_logger);
483 return 0; 479 return 0;
484} 480}
485 481
486static void __exit ipt_log_fini(void) 482static void __exit log_tg_exit(void)
487{ 483{
488 nf_log_unregister(&ipt_log_logger); 484 nf_log_unregister(&ipt_log_logger);
489 xt_unregister_target(&ipt_log_reg); 485 xt_unregister_target(&log_tg_reg);
490} 486}
491 487
492module_init(ipt_log_init); 488module_init(log_tg_init);
493module_exit(ipt_log_fini); 489module_exit(log_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
index 5a18997bb3d..f54150356ce 100644
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -32,11 +32,9 @@ static DEFINE_RWLOCK(masq_lock);
32 32
33/* FIXME: Multiple targets. --RR */ 33/* FIXME: Multiple targets. --RR */
34static bool 34static bool
35masquerade_check(const char *tablename, 35masquerade_tg_check(const char *tablename, const void *e,
36 const void *e, 36 const struct xt_target *target, void *targinfo,
37 const struct xt_target *target, 37 unsigned int hook_mask)
38 void *targinfo,
39 unsigned int hook_mask)
40{ 38{
41 const struct nf_nat_multi_range_compat *mr = targinfo; 39 const struct nf_nat_multi_range_compat *mr = targinfo;
42 40
@@ -52,12 +50,9 @@ masquerade_check(const char *tablename,
52} 50}
53 51
54static unsigned int 52static unsigned int
55masquerade_target(struct sk_buff *skb, 53masquerade_tg(struct sk_buff *skb, const struct net_device *in,
56 const struct net_device *in, 54 const struct net_device *out, unsigned int hooknum,
57 const struct net_device *out, 55 const struct xt_target *target, const void *targinfo)
58 unsigned int hooknum,
59 const struct xt_target *target,
60 const void *targinfo)
61{ 56{
62 struct nf_conn *ct; 57 struct nf_conn *ct;
63 struct nf_conn_nat *nat; 58 struct nf_conn_nat *nat;
@@ -166,22 +161,22 @@ static struct notifier_block masq_inet_notifier = {
166 .notifier_call = masq_inet_event, 161 .notifier_call = masq_inet_event,
167}; 162};
168 163
169static struct xt_target masquerade __read_mostly = { 164static struct xt_target masquerade_tg_reg __read_mostly = {
170 .name = "MASQUERADE", 165 .name = "MASQUERADE",
171 .family = AF_INET, 166 .family = AF_INET,
172 .target = masquerade_target, 167 .target = masquerade_tg,
173 .targetsize = sizeof(struct nf_nat_multi_range_compat), 168 .targetsize = sizeof(struct nf_nat_multi_range_compat),
174 .table = "nat", 169 .table = "nat",
175 .hooks = 1 << NF_INET_POST_ROUTING, 170 .hooks = 1 << NF_INET_POST_ROUTING,
176 .checkentry = masquerade_check, 171 .checkentry = masquerade_tg_check,
177 .me = THIS_MODULE, 172 .me = THIS_MODULE,
178}; 173};
179 174
180static int __init ipt_masquerade_init(void) 175static int __init masquerade_tg_init(void)
181{ 176{
182 int ret; 177 int ret;
183 178
184 ret = xt_register_target(&masquerade); 179 ret = xt_register_target(&masquerade_tg_reg);
185 180
186 if (ret == 0) { 181 if (ret == 0) {
187 /* Register for device down reports */ 182 /* Register for device down reports */
@@ -193,12 +188,12 @@ static int __init ipt_masquerade_init(void)
193 return ret; 188 return ret;
194} 189}
195 190
196static void __exit ipt_masquerade_fini(void) 191static void __exit masquerade_tg_exit(void)
197{ 192{
198 xt_unregister_target(&masquerade); 193 xt_unregister_target(&masquerade_tg_reg);
199 unregister_netdevice_notifier(&masq_dev_notifier); 194 unregister_netdevice_notifier(&masq_dev_notifier);
200 unregister_inetaddr_notifier(&masq_inet_notifier); 195 unregister_inetaddr_notifier(&masq_inet_notifier);
201} 196}
202 197
203module_init(ipt_masquerade_init); 198module_init(masquerade_tg_init);
204module_exit(ipt_masquerade_fini); 199module_exit(masquerade_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c
index 973bbee7ee1..8b8263e6357 100644
--- a/net/ipv4/netfilter/ipt_NETMAP.c
+++ b/net/ipv4/netfilter/ipt_NETMAP.c
@@ -23,11 +23,9 @@ MODULE_AUTHOR("Svenning Soerensen <svenning@post5.tele.dk>");
23MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target"); 23MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");
24 24
25static bool 25static bool
26check(const char *tablename, 26netmap_tg_check(const char *tablename, const void *e,
27 const void *e, 27 const struct xt_target *target, void *targinfo,
28 const struct xt_target *target, 28 unsigned int hook_mask)
29 void *targinfo,
30 unsigned int hook_mask)
31{ 29{
32 const struct nf_nat_multi_range_compat *mr = targinfo; 30 const struct nf_nat_multi_range_compat *mr = targinfo;
33 31
@@ -43,12 +41,9 @@ check(const char *tablename,
43} 41}
44 42
45static unsigned int 43static unsigned int
46target(struct sk_buff *skb, 44netmap_tg(struct sk_buff *skb, const struct net_device *in,
47 const struct net_device *in, 45 const struct net_device *out, unsigned int hooknum,
48 const struct net_device *out, 46 const struct xt_target *target, const void *targinfo)
49 unsigned int hooknum,
50 const struct xt_target *target,
51 const void *targinfo)
52{ 47{
53 struct nf_conn *ct; 48 struct nf_conn *ct;
54 enum ip_conntrack_info ctinfo; 49 enum ip_conntrack_info ctinfo;
@@ -78,28 +73,28 @@ target(struct sk_buff *skb,
78 return nf_nat_setup_info(ct, &newrange, hooknum); 73 return nf_nat_setup_info(ct, &newrange, hooknum);
79} 74}
80 75
81static struct xt_target target_module __read_mostly = { 76static struct xt_target netmap_tg_reg __read_mostly = {
82 .name = "NETMAP", 77 .name = "NETMAP",
83 .family = AF_INET, 78 .family = AF_INET,
84 .target = target, 79 .target = netmap_tg,
85 .targetsize = sizeof(struct nf_nat_multi_range_compat), 80 .targetsize = sizeof(struct nf_nat_multi_range_compat),
86 .table = "nat", 81 .table = "nat",
87 .hooks = (1 << NF_INET_PRE_ROUTING) | 82 .hooks = (1 << NF_INET_PRE_ROUTING) |
88 (1 << NF_INET_POST_ROUTING) | 83 (1 << NF_INET_POST_ROUTING) |
89 (1 << NF_INET_LOCAL_OUT), 84 (1 << NF_INET_LOCAL_OUT),
90 .checkentry = check, 85 .checkentry = netmap_tg_check,
91 .me = THIS_MODULE 86 .me = THIS_MODULE
92}; 87};
93 88
94static int __init ipt_netmap_init(void) 89static int __init netmap_tg_init(void)
95{ 90{
96 return xt_register_target(&target_module); 91 return xt_register_target(&netmap_tg_reg);
97} 92}
98 93
99static void __exit ipt_netmap_fini(void) 94static void __exit netmap_tg_exit(void)
100{ 95{
101 xt_unregister_target(&target_module); 96 xt_unregister_target(&netmap_tg_reg);
102} 97}
103 98
104module_init(ipt_netmap_init); 99module_init(netmap_tg_init);
105module_exit(ipt_netmap_fini); 100module_exit(netmap_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c
index 4757af293ba..74ce7e1e9d7 100644
--- a/net/ipv4/netfilter/ipt_REDIRECT.c
+++ b/net/ipv4/netfilter/ipt_REDIRECT.c
@@ -27,11 +27,9 @@ MODULE_DESCRIPTION("iptables REDIRECT target module");
27 27
28/* FIXME: Take multiple ranges --RR */ 28/* FIXME: Take multiple ranges --RR */
29static bool 29static bool
30redirect_check(const char *tablename, 30redirect_tg_check(const char *tablename, const void *e,
31 const void *e, 31 const struct xt_target *target, void *targinfo,
32 const struct xt_target *target, 32 unsigned int hook_mask)
33 void *targinfo,
34 unsigned int hook_mask)
35{ 33{
36 const struct nf_nat_multi_range_compat *mr = targinfo; 34 const struct nf_nat_multi_range_compat *mr = targinfo;
37 35
@@ -47,12 +45,9 @@ redirect_check(const char *tablename,
47} 45}
48 46
49static unsigned int 47static unsigned int
50redirect_target(struct sk_buff *skb, 48redirect_tg(struct sk_buff *skb, const struct net_device *in,
51 const struct net_device *in, 49 const struct net_device *out, unsigned int hooknum,
52 const struct net_device *out, 50 const struct xt_target *target, const void *targinfo)
53 unsigned int hooknum,
54 const struct xt_target *target,
55 const void *targinfo)
56{ 51{
57 struct nf_conn *ct; 52 struct nf_conn *ct;
58 enum ip_conntrack_info ctinfo; 53 enum ip_conntrack_info ctinfo;
@@ -95,26 +90,26 @@ redirect_target(struct sk_buff *skb,
95 return nf_nat_setup_info(ct, &newrange, hooknum); 90 return nf_nat_setup_info(ct, &newrange, hooknum);
96} 91}
97 92
98static struct xt_target redirect_reg __read_mostly = { 93static struct xt_target redirect_tg_reg __read_mostly = {
99 .name = "REDIRECT", 94 .name = "REDIRECT",
100 .family = AF_INET, 95 .family = AF_INET,
101 .target = redirect_target, 96 .target = redirect_tg,
102 .targetsize = sizeof(struct nf_nat_multi_range_compat), 97 .targetsize = sizeof(struct nf_nat_multi_range_compat),
103 .table = "nat", 98 .table = "nat",
104 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT), 99 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_OUT),
105 .checkentry = redirect_check, 100 .checkentry = redirect_tg_check,
106 .me = THIS_MODULE, 101 .me = THIS_MODULE,
107}; 102};
108 103
109static int __init ipt_redirect_init(void) 104static int __init redirect_tg_init(void)
110{ 105{
111 return xt_register_target(&redirect_reg); 106 return xt_register_target(&redirect_tg_reg);
112} 107}
113 108
114static void __exit ipt_redirect_fini(void) 109static void __exit redirect_tg_exit(void)
115{ 110{
116 xt_unregister_target(&redirect_reg); 111 xt_unregister_target(&redirect_tg_reg);
117} 112}
118 113
119module_init(ipt_redirect_init); 114module_init(redirect_tg_init);
120module_exit(ipt_redirect_fini); 115module_exit(redirect_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c
index d55b262bf60..a299cebbd89 100644
--- a/net/ipv4/netfilter/ipt_REJECT.c
+++ b/net/ipv4/netfilter/ipt_REJECT.c
@@ -156,12 +156,10 @@ static inline void send_unreach(struct sk_buff *skb_in, int code)
156 icmp_send(skb_in, ICMP_DEST_UNREACH, code, 0); 156 icmp_send(skb_in, ICMP_DEST_UNREACH, code, 0);
157} 157}
158 158
159static unsigned int reject(struct sk_buff *skb, 159static unsigned int
160 const struct net_device *in, 160reject_tg(struct sk_buff *skb, const struct net_device *in,
161 const struct net_device *out, 161 const struct net_device *out, unsigned int hooknum,
162 unsigned int hooknum, 162 const struct xt_target *target, const void *targinfo)
163 const struct xt_target *target,
164 const void *targinfo)
165{ 163{
166 const struct ipt_reject_info *reject = targinfo; 164 const struct ipt_reject_info *reject = targinfo;
167 165
@@ -205,11 +203,10 @@ static unsigned int reject(struct sk_buff *skb,
205 return NF_DROP; 203 return NF_DROP;
206} 204}
207 205
208static bool check(const char *tablename, 206static bool
209 const void *e_void, 207reject_tg_check(const char *tablename, const void *e_void,
210 const struct xt_target *target, 208 const struct xt_target *target, void *targinfo,
211 void *targinfo, 209 unsigned int hook_mask)
212 unsigned int hook_mask)
213{ 210{
214 const struct ipt_reject_info *rejinfo = targinfo; 211 const struct ipt_reject_info *rejinfo = targinfo;
215 const struct ipt_entry *e = e_void; 212 const struct ipt_entry *e = e_void;
@@ -228,27 +225,27 @@ static bool check(const char *tablename,
228 return true; 225 return true;
229} 226}
230 227
231static struct xt_target ipt_reject_reg __read_mostly = { 228static struct xt_target reject_tg_reg __read_mostly = {
232 .name = "REJECT", 229 .name = "REJECT",
233 .family = AF_INET, 230 .family = AF_INET,
234 .target = reject, 231 .target = reject_tg,
235 .targetsize = sizeof(struct ipt_reject_info), 232 .targetsize = sizeof(struct ipt_reject_info),
236 .table = "filter", 233 .table = "filter",
237 .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) | 234 .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
238 (1 << NF_INET_LOCAL_OUT), 235 (1 << NF_INET_LOCAL_OUT),
239 .checkentry = check, 236 .checkentry = reject_tg_check,
240 .me = THIS_MODULE, 237 .me = THIS_MODULE,
241}; 238};
242 239
243static int __init ipt_reject_init(void) 240static int __init reject_tg_init(void)
244{ 241{
245 return xt_register_target(&ipt_reject_reg); 242 return xt_register_target(&reject_tg_reg);
246} 243}
247 244
248static void __exit ipt_reject_fini(void) 245static void __exit reject_tg_exit(void)
249{ 246{
250 xt_unregister_target(&ipt_reject_reg); 247 xt_unregister_target(&reject_tg_reg);
251} 248}
252 249
253module_init(ipt_reject_init); 250module_init(reject_tg_init);
254module_exit(ipt_reject_fini); 251module_exit(reject_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c
index f2f62b5ce9a..a43923dab1e 100644
--- a/net/ipv4/netfilter/ipt_SAME.c
+++ b/net/ipv4/netfilter/ipt_SAME.c
@@ -28,11 +28,9 @@ MODULE_AUTHOR("Martin Josefsson <gandalf@wlug.westbo.se>");
28MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip"); 28MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip");
29 29
30static bool 30static bool
31same_check(const char *tablename, 31same_tg_check(const char *tablename, const void *e,
32 const void *e, 32 const struct xt_target *target, void *targinfo,
33 const struct xt_target *target, 33 unsigned int hook_mask)
34 void *targinfo,
35 unsigned int hook_mask)
36{ 34{
37 unsigned int count, countess, rangeip, index = 0; 35 unsigned int count, countess, rangeip, index = 0;
38 struct ipt_same_info *mr = targinfo; 36 struct ipt_same_info *mr = targinfo;
@@ -92,8 +90,7 @@ same_check(const char *tablename,
92 return true; 90 return true;
93} 91}
94 92
95static void 93static void same_tg_destroy(const struct xt_target *target, void *targinfo)
96same_destroy(const struct xt_target *target, void *targinfo)
97{ 94{
98 struct ipt_same_info *mr = targinfo; 95 struct ipt_same_info *mr = targinfo;
99 96
@@ -104,12 +101,9 @@ same_destroy(const struct xt_target *target, void *targinfo)
104} 101}
105 102
106static unsigned int 103static unsigned int
107same_target(struct sk_buff *skb, 104same_tg(struct sk_buff *skb, const struct net_device *in,
108 const struct net_device *in, 105 const struct net_device *out, unsigned int hooknum,
109 const struct net_device *out, 106 const struct xt_target *target, const void *targinfo)
110 unsigned int hooknum,
111 const struct xt_target *target,
112 const void *targinfo)
113{ 107{
114 struct nf_conn *ct; 108 struct nf_conn *ct;
115 enum ip_conntrack_info ctinfo; 109 enum ip_conntrack_info ctinfo;
@@ -152,29 +146,29 @@ same_target(struct sk_buff *skb,
152 return nf_nat_setup_info(ct, &newrange, hooknum); 146 return nf_nat_setup_info(ct, &newrange, hooknum);
153} 147}
154 148
155static struct xt_target same_reg __read_mostly = { 149static struct xt_target same_tg_reg __read_mostly = {
156 .name = "SAME", 150 .name = "SAME",
157 .family = AF_INET, 151 .family = AF_INET,
158 .target = same_target, 152 .target = same_tg,
159 .targetsize = sizeof(struct ipt_same_info), 153 .targetsize = sizeof(struct ipt_same_info),
160 .table = "nat", 154 .table = "nat",
161 .hooks = (1 << NF_INET_PRE_ROUTING) | 155 .hooks = (1 << NF_INET_PRE_ROUTING) |
162 (1 << NF_INET_POST_ROUTING), 156 (1 << NF_INET_POST_ROUTING),
163 .checkentry = same_check, 157 .checkentry = same_tg_check,
164 .destroy = same_destroy, 158 .destroy = same_tg_destroy,
165 .me = THIS_MODULE, 159 .me = THIS_MODULE,
166}; 160};
167 161
168static int __init ipt_same_init(void) 162static int __init same_tg_init(void)
169{ 163{
170 return xt_register_target(&same_reg); 164 return xt_register_target(&same_tg_reg);
171} 165}
172 166
173static void __exit ipt_same_fini(void) 167static void __exit same_tg_exit(void)
174{ 168{
175 xt_unregister_target(&same_reg); 169 xt_unregister_target(&same_tg_reg);
176} 170}
177 171
178module_init(ipt_same_init); 172module_init(same_tg_init);
179module_exit(ipt_same_fini); 173module_exit(same_tg_exit);
180 174
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c
index 7b4a6cac399..1a9244104b1 100644
--- a/net/ipv4/netfilter/ipt_TOS.c
+++ b/net/ipv4/netfilter/ipt_TOS.c
@@ -21,12 +21,9 @@ MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
21MODULE_DESCRIPTION("iptables TOS mangling module"); 21MODULE_DESCRIPTION("iptables TOS mangling module");
22 22
23static unsigned int 23static unsigned int
24target(struct sk_buff *skb, 24tos_tg(struct sk_buff *skb, const struct net_device *in,
25 const struct net_device *in, 25 const struct net_device *out, unsigned int hooknum,
26 const struct net_device *out, 26 const struct xt_target *target, const void *targinfo)
27 unsigned int hooknum,
28 const struct xt_target *target,
29 const void *targinfo)
30{ 27{
31 const struct ipt_tos_target_info *tosinfo = targinfo; 28 const struct ipt_tos_target_info *tosinfo = targinfo;
32 struct iphdr *iph = ip_hdr(skb); 29 struct iphdr *iph = ip_hdr(skb);
@@ -44,11 +41,9 @@ target(struct sk_buff *skb,
44} 41}
45 42
46static bool 43static bool
47checkentry(const char *tablename, 44tos_tg_check(const char *tablename, const void *e_void,
48 const void *e_void, 45 const struct xt_target *target, void *targinfo,
49 const struct xt_target *target, 46 unsigned int hook_mask)
50 void *targinfo,
51 unsigned int hook_mask)
52{ 47{
53 const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos; 48 const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos;
54 49
@@ -63,25 +58,25 @@ checkentry(const char *tablename,
63 return true; 58 return true;
64} 59}
65 60
66static struct xt_target ipt_tos_reg __read_mostly = { 61static struct xt_target tos_tg_reg __read_mostly = {
67 .name = "TOS", 62 .name = "TOS",
68 .family = AF_INET, 63 .family = AF_INET,
69 .target = target, 64 .target = tos_tg,
70 .targetsize = sizeof(struct ipt_tos_target_info), 65 .targetsize = sizeof(struct ipt_tos_target_info),
71 .table = "mangle", 66 .table = "mangle",
72 .checkentry = checkentry, 67 .checkentry = tos_tg_check,
73 .me = THIS_MODULE, 68 .me = THIS_MODULE,
74}; 69};
75 70
76static int __init ipt_tos_init(void) 71static int __init tos_tg_init(void)
77{ 72{
78 return xt_register_target(&ipt_tos_reg); 73 return xt_register_target(&tos_tg_reg);
79} 74}
80 75
81static void __exit ipt_tos_fini(void) 76static void __exit tos_tg_exit(void)
82{ 77{
83 xt_unregister_target(&ipt_tos_reg); 78 xt_unregister_target(&tos_tg_reg);
84} 79}
85 80
86module_init(ipt_tos_init); 81module_init(tos_tg_init);
87module_exit(ipt_tos_fini); 82module_exit(tos_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c
index 00ddfbea279..fa13cf6162b 100644
--- a/net/ipv4/netfilter/ipt_TTL.c
+++ b/net/ipv4/netfilter/ipt_TTL.c
@@ -20,10 +20,9 @@ MODULE_DESCRIPTION("IP tables TTL modification module");
20MODULE_LICENSE("GPL"); 20MODULE_LICENSE("GPL");
21 21
22static unsigned int 22static unsigned int
23ipt_ttl_target(struct sk_buff *skb, 23ttl_tg(struct sk_buff *skb, const struct net_device *in,
24 const struct net_device *in, const struct net_device *out, 24 const struct net_device *out, unsigned int hooknum,
25 unsigned int hooknum, const struct xt_target *target, 25 const struct xt_target *target, const void *targinfo)
26 const void *targinfo)
27{ 26{
28 struct iphdr *iph; 27 struct iphdr *iph;
29 const struct ipt_TTL_info *info = targinfo; 28 const struct ipt_TTL_info *info = targinfo;
@@ -62,11 +61,10 @@ ipt_ttl_target(struct sk_buff *skb,
62 return XT_CONTINUE; 61 return XT_CONTINUE;
63} 62}
64 63
65static bool ipt_ttl_checkentry(const char *tablename, 64static bool
66 const void *e, 65ttl_tg_check(const char *tablename, const void *e,
67 const struct xt_target *target, 66 const struct xt_target *target, void *targinfo,
68 void *targinfo, 67 unsigned int hook_mask)
69 unsigned int hook_mask)
70{ 68{
71 const struct ipt_TTL_info *info = targinfo; 69 const struct ipt_TTL_info *info = targinfo;
72 70
@@ -80,25 +78,25 @@ static bool ipt_ttl_checkentry(const char *tablename,
80 return true; 78 return true;
81} 79}
82 80
83static struct xt_target ipt_TTL __read_mostly = { 81static struct xt_target ttl_tg_reg __read_mostly = {
84 .name = "TTL", 82 .name = "TTL",
85 .family = AF_INET, 83 .family = AF_INET,
86 .target = ipt_ttl_target, 84 .target = ttl_tg,
87 .targetsize = sizeof(struct ipt_TTL_info), 85 .targetsize = sizeof(struct ipt_TTL_info),
88 .table = "mangle", 86 .table = "mangle",
89 .checkentry = ipt_ttl_checkentry, 87 .checkentry = ttl_tg_check,
90 .me = THIS_MODULE, 88 .me = THIS_MODULE,
91}; 89};
92 90
93static int __init ipt_ttl_init(void) 91static int __init ttl_tg_init(void)
94{ 92{
95 return xt_register_target(&ipt_TTL); 93 return xt_register_target(&ttl_tg_reg);
96} 94}
97 95
98static void __exit ipt_ttl_fini(void) 96static void __exit ttl_tg_exit(void)
99{ 97{
100 xt_unregister_target(&ipt_TTL); 98 xt_unregister_target(&ttl_tg_reg);
101} 99}
102 100
103module_init(ipt_ttl_init); 101module_init(ttl_tg_init);
104module_exit(ipt_ttl_fini); 102module_exit(ttl_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c
index 212b830765a..4139042a63a 100644
--- a/net/ipv4/netfilter/ipt_ULOG.c
+++ b/net/ipv4/netfilter/ipt_ULOG.c
@@ -279,12 +279,10 @@ alloc_failure:
279 spin_unlock_bh(&ulog_lock); 279 spin_unlock_bh(&ulog_lock);
280} 280}
281 281
282static unsigned int ipt_ulog_target(struct sk_buff *skb, 282static unsigned int
283 const struct net_device *in, 283ulog_tg(struct sk_buff *skb, const struct net_device *in,
284 const struct net_device *out, 284 const struct net_device *out, unsigned int hooknum,
285 unsigned int hooknum, 285 const struct xt_target *target, const void *targinfo)
286 const struct xt_target *target,
287 const void *targinfo)
288{ 286{
289 struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; 287 struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
290 288
@@ -318,11 +316,10 @@ static void ipt_logfn(unsigned int pf,
318 ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix); 316 ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
319} 317}
320 318
321static bool ipt_ulog_checkentry(const char *tablename, 319static bool
322 const void *e, 320ulog_tg_check(const char *tablename, const void *e,
323 const struct xt_target *target, 321 const struct xt_target *target, void *targinfo,
324 void *targinfo, 322 unsigned int hookmask)
325 unsigned int hookmask)
326{ 323{
327 const struct ipt_ulog_info *loginfo = targinfo; 324 const struct ipt_ulog_info *loginfo = targinfo;
328 325
@@ -347,7 +344,7 @@ struct compat_ipt_ulog_info {
347 char prefix[ULOG_PREFIX_LEN]; 344 char prefix[ULOG_PREFIX_LEN];
348}; 345};
349 346
350static void compat_from_user(void *dst, void *src) 347static void ulog_tg_compat_from_user(void *dst, void *src)
351{ 348{
352 const struct compat_ipt_ulog_info *cl = src; 349 const struct compat_ipt_ulog_info *cl = src;
353 struct ipt_ulog_info l = { 350 struct ipt_ulog_info l = {
@@ -360,7 +357,7 @@ static void compat_from_user(void *dst, void *src)
360 memcpy(dst, &l, sizeof(l)); 357 memcpy(dst, &l, sizeof(l));
361} 358}
362 359
363static int compat_to_user(void __user *dst, void *src) 360static int ulog_tg_compat_to_user(void __user *dst, void *src)
364{ 361{
365 const struct ipt_ulog_info *l = src; 362 const struct ipt_ulog_info *l = src;
366 struct compat_ipt_ulog_info cl = { 363 struct compat_ipt_ulog_info cl = {
@@ -374,16 +371,16 @@ static int compat_to_user(void __user *dst, void *src)
374} 371}
375#endif /* CONFIG_COMPAT */ 372#endif /* CONFIG_COMPAT */
376 373
377static struct xt_target ipt_ulog_reg __read_mostly = { 374static struct xt_target ulog_tg_reg __read_mostly = {
378 .name = "ULOG", 375 .name = "ULOG",
379 .family = AF_INET, 376 .family = AF_INET,
380 .target = ipt_ulog_target, 377 .target = ulog_tg,
381 .targetsize = sizeof(struct ipt_ulog_info), 378 .targetsize = sizeof(struct ipt_ulog_info),
382 .checkentry = ipt_ulog_checkentry, 379 .checkentry = ulog_tg_check,
383#ifdef CONFIG_COMPAT 380#ifdef CONFIG_COMPAT
384 .compatsize = sizeof(struct compat_ipt_ulog_info), 381 .compatsize = sizeof(struct compat_ipt_ulog_info),
385 .compat_from_user = compat_from_user, 382 .compat_from_user = ulog_tg_compat_from_user,
386 .compat_to_user = compat_to_user, 383 .compat_to_user = ulog_tg_compat_to_user,
387#endif 384#endif
388 .me = THIS_MODULE, 385 .me = THIS_MODULE,
389}; 386};
@@ -394,7 +391,7 @@ static struct nf_logger ipt_ulog_logger = {
394 .me = THIS_MODULE, 391 .me = THIS_MODULE,
395}; 392};
396 393
397static int __init ipt_ulog_init(void) 394static int __init ulog_tg_init(void)
398{ 395{
399 int ret, i; 396 int ret, i;
400 397
@@ -415,7 +412,7 @@ static int __init ipt_ulog_init(void)
415 if (!nflognl) 412 if (!nflognl)
416 return -ENOMEM; 413 return -ENOMEM;
417 414
418 ret = xt_register_target(&ipt_ulog_reg); 415 ret = xt_register_target(&ulog_tg_reg);
419 if (ret < 0) { 416 if (ret < 0) {
420 sock_release(nflognl->sk_socket); 417 sock_release(nflognl->sk_socket);
421 return ret; 418 return ret;
@@ -426,7 +423,7 @@ static int __init ipt_ulog_init(void)
426 return 0; 423 return 0;
427} 424}
428 425
429static void __exit ipt_ulog_fini(void) 426static void __exit ulog_tg_exit(void)
430{ 427{
431 ulog_buff_t *ub; 428 ulog_buff_t *ub;
432 int i; 429 int i;
@@ -435,7 +432,7 @@ static void __exit ipt_ulog_fini(void)
435 432
436 if (nflog) 433 if (nflog)
437 nf_log_unregister(&ipt_ulog_logger); 434 nf_log_unregister(&ipt_ulog_logger);
438 xt_unregister_target(&ipt_ulog_reg); 435 xt_unregister_target(&ulog_tg_reg);
439 sock_release(nflognl->sk_socket); 436 sock_release(nflognl->sk_socket);
440 437
441 /* remove pending timers and free allocated skb's */ 438 /* remove pending timers and free allocated skb's */
@@ -453,5 +450,5 @@ static void __exit ipt_ulog_fini(void)
453 } 450 }
454} 451}
455 452
456module_init(ipt_ulog_init); 453module_init(ulog_tg_init);
457module_exit(ipt_ulog_fini); 454module_exit(ulog_tg_exit);
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c
index 59f01f7ba6b..b75421c5e08 100644
--- a/net/ipv4/netfilter/ipt_addrtype.c
+++ b/net/ipv4/netfilter/ipt_addrtype.c
@@ -27,10 +27,11 @@ static inline bool match_type(__be32 addr, u_int16_t mask)
27 return !!(mask & (1 << inet_addr_type(addr))); 27 return !!(mask & (1 << inet_addr_type(addr)));
28} 28}
29 29
30static bool match(const struct sk_buff *skb, 30static bool
31 const struct net_device *in, const struct net_device *out, 31addrtype_mt(const struct sk_buff *skb, const struct net_device *in,
32 const struct xt_match *match, const void *matchinfo, 32 const struct net_device *out, const struct xt_match *match,
33 int offset, unsigned int protoff, bool *hotdrop) 33 const void *matchinfo, int offset, unsigned int protoff,
34 bool *hotdrop)
34{ 35{
35 const struct ipt_addrtype_info *info = matchinfo; 36 const struct ipt_addrtype_info *info = matchinfo;
36 const struct iphdr *iph = ip_hdr(skb); 37 const struct iphdr *iph = ip_hdr(skb);
@@ -44,23 +45,23 @@ static bool match(const struct sk_buff *skb,
44 return ret; 45 return ret;
45} 46}
46 47
47static struct xt_match addrtype_match __read_mostly = { 48static struct xt_match addrtype_mt_reg __read_mostly = {
48 .name = "addrtype", 49 .name = "addrtype",
49 .family = AF_INET, 50 .family = AF_INET,
50 .match = match, 51 .match = addrtype_mt,
51 .matchsize = sizeof(struct ipt_addrtype_info), 52 .matchsize = sizeof(struct ipt_addrtype_info),
52 .me = THIS_MODULE 53 .me = THIS_MODULE
53}; 54};
54 55
55static int __init ipt_addrtype_init(void) 56static int __init addrtype_mt_init(void)
56{ 57{
57 return xt_register_match(&addrtype_match); 58 return xt_register_match(&addrtype_mt_reg);
58} 59}
59 60
60static void __exit ipt_addrtype_fini(void) 61static void __exit addrtype_mt_exit(void)
61{ 62{
62 xt_unregister_match(&addrtype_match); 63 xt_unregister_match(&addrtype_mt_reg);
63} 64}
64 65
65module_init(ipt_addrtype_init); 66module_init(addrtype_mt_init);
66module_exit(ipt_addrtype_fini); 67module_exit(addrtype_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c
index 61b017fd743..2b2fb26c12a 100644
--- a/net/ipv4/netfilter/ipt_ah.c
+++ b/net/ipv4/netfilter/ipt_ah.c
@@ -37,14 +37,9 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)
37} 37}
38 38
39static bool 39static bool
40match(const struct sk_buff *skb, 40ah_mt(const struct sk_buff *skb, const struct net_device *in,
41 const struct net_device *in, 41 const struct net_device *out, const struct xt_match *match,
42 const struct net_device *out, 42 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
43 const struct xt_match *match,
44 const void *matchinfo,
45 int offset,
46 unsigned int protoff,
47 bool *hotdrop)
48{ 43{
49 struct ip_auth_hdr _ahdr; 44 struct ip_auth_hdr _ahdr;
50 const struct ip_auth_hdr *ah; 45 const struct ip_auth_hdr *ah;
@@ -72,11 +67,9 @@ match(const struct sk_buff *skb,
72 67
73/* Called when user tries to insert an entry of this type. */ 68/* Called when user tries to insert an entry of this type. */
74static bool 69static bool
75checkentry(const char *tablename, 70ah_mt_check(const char *tablename, const void *ip_void,
76 const void *ip_void, 71 const struct xt_match *match, void *matchinfo,
77 const struct xt_match *match, 72 unsigned int hook_mask)
78 void *matchinfo,
79 unsigned int hook_mask)
80{ 73{
81 const struct ipt_ah *ahinfo = matchinfo; 74 const struct ipt_ah *ahinfo = matchinfo;
82 75
@@ -88,25 +81,25 @@ checkentry(const char *tablename,
88 return true; 81 return true;
89} 82}
90 83
91static struct xt_match ah_match __read_mostly = { 84static struct xt_match ah_mt_reg __read_mostly = {
92 .name = "ah", 85 .name = "ah",
93 .family = AF_INET, 86 .family = AF_INET,
94 .match = match, 87 .match = ah_mt,
95 .matchsize = sizeof(struct ipt_ah), 88 .matchsize = sizeof(struct ipt_ah),
96 .proto = IPPROTO_AH, 89 .proto = IPPROTO_AH,
97 .checkentry = checkentry, 90 .checkentry = ah_mt_check,
98 .me = THIS_MODULE, 91 .me = THIS_MODULE,
99}; 92};
100 93
101static int __init ipt_ah_init(void) 94static int __init ah_mt_init(void)
102{ 95{
103 return xt_register_match(&ah_match); 96 return xt_register_match(&ah_mt_reg);
104} 97}
105 98
106static void __exit ipt_ah_fini(void) 99static void __exit ah_mt_exit(void)
107{ 100{
108 xt_unregister_match(&ah_match); 101 xt_unregister_match(&ah_mt_reg);
109} 102}
110 103
111module_init(ipt_ah_init); 104module_init(ah_mt_init);
112module_exit(ipt_ah_fini); 105module_exit(ah_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c
index d6925c67406..ea1378460b0 100644
--- a/net/ipv4/netfilter/ipt_ecn.c
+++ b/net/ipv4/netfilter/ipt_ecn.c
@@ -67,10 +67,10 @@ static inline bool match_tcp(const struct sk_buff *skb,
67 return true; 67 return true;
68} 68}
69 69
70static bool match(const struct sk_buff *skb, 70static bool
71 const struct net_device *in, const struct net_device *out, 71ecn_mt(const struct sk_buff *skb, const struct net_device *in,
72 const struct xt_match *match, const void *matchinfo, 72 const struct net_device *out, const struct xt_match *match,
73 int offset, unsigned int protoff, bool *hotdrop) 73 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
74{ 74{
75 const struct ipt_ecn_info *info = matchinfo; 75 const struct ipt_ecn_info *info = matchinfo;
76 76
@@ -88,9 +88,10 @@ static bool match(const struct sk_buff *skb,
88 return true; 88 return true;
89} 89}
90 90
91static bool checkentry(const char *tablename, const void *ip_void, 91static bool
92 const struct xt_match *match, 92ecn_mt_check(const char *tablename, const void *ip_void,
93 void *matchinfo, unsigned int hook_mask) 93 const struct xt_match *match, void *matchinfo,
94 unsigned int hook_mask)
94{ 95{
95 const struct ipt_ecn_info *info = matchinfo; 96 const struct ipt_ecn_info *info = matchinfo;
96 const struct ipt_ip *ip = ip_void; 97 const struct ipt_ip *ip = ip_void;
@@ -111,24 +112,24 @@ static bool checkentry(const char *tablename, const void *ip_void,
111 return true; 112 return true;
112} 113}
113 114
114static struct xt_match ecn_match __read_mostly = { 115static struct xt_match ecn_mt_reg __read_mostly = {
115 .name = "ecn", 116 .name = "ecn",
116 .family = AF_INET, 117 .family = AF_INET,
117 .match = match, 118 .match = ecn_mt,
118 .matchsize = sizeof(struct ipt_ecn_info), 119 .matchsize = sizeof(struct ipt_ecn_info),
119 .checkentry = checkentry, 120 .checkentry = ecn_mt_check,
120 .me = THIS_MODULE, 121 .me = THIS_MODULE,
121}; 122};
122 123
123static int __init ipt_ecn_init(void) 124static int __init ecn_mt_init(void)
124{ 125{
125 return xt_register_match(&ecn_match); 126 return xt_register_match(&ecn_mt_reg);
126} 127}
127 128
128static void __exit ipt_ecn_fini(void) 129static void __exit ecn_mt_exit(void)
129{ 130{
130 xt_unregister_match(&ecn_match); 131 xt_unregister_match(&ecn_mt_reg);
131} 132}
132 133
133module_init(ipt_ecn_init); 134module_init(ecn_mt_init);
134module_exit(ipt_ecn_fini); 135module_exit(ecn_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_iprange.c b/net/ipv4/netfilter/ipt_iprange.c
index 0106dc955a6..82208ed5f70 100644
--- a/net/ipv4/netfilter/ipt_iprange.c
+++ b/net/ipv4/netfilter/ipt_iprange.c
@@ -18,12 +18,10 @@ MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
18MODULE_DESCRIPTION("iptables arbitrary IP range match module"); 18MODULE_DESCRIPTION("iptables arbitrary IP range match module");
19 19
20static bool 20static bool
21match(const struct sk_buff *skb, 21iprange_mt(const struct sk_buff *skb, const struct net_device *in,
22 const struct net_device *in, 22 const struct net_device *out, const struct xt_match *match,
23 const struct net_device *out, 23 const void *matchinfo, int offset, unsigned int protoff,
24 const struct xt_match *match, 24 bool *hotdrop)
25 const void *matchinfo,
26 int offset, unsigned int protoff, bool *hotdrop)
27{ 25{
28 const struct ipt_iprange_info *info = matchinfo; 26 const struct ipt_iprange_info *info = matchinfo;
29 const struct iphdr *iph = ip_hdr(skb); 27 const struct iphdr *iph = ip_hdr(skb);
@@ -57,23 +55,23 @@ match(const struct sk_buff *skb,
57 return true; 55 return true;
58} 56}
59 57
60static struct xt_match iprange_match __read_mostly = { 58static struct xt_match iprange_mt_reg __read_mostly = {
61 .name = "iprange", 59 .name = "iprange",
62 .family = AF_INET, 60 .family = AF_INET,
63 .match = match, 61 .match = iprange_mt,
64 .matchsize = sizeof(struct ipt_iprange_info), 62 .matchsize = sizeof(struct ipt_iprange_info),
65 .me = THIS_MODULE 63 .me = THIS_MODULE
66}; 64};
67 65
68static int __init ipt_iprange_init(void) 66static int __init iprange_mt_init(void)
69{ 67{
70 return xt_register_match(&iprange_match); 68 return xt_register_match(&iprange_mt_reg);
71} 69}
72 70
73static void __exit ipt_iprange_fini(void) 71static void __exit iprange_mt_exit(void)
74{ 72{
75 xt_unregister_match(&iprange_match); 73 xt_unregister_match(&iprange_mt_reg);
76} 74}
77 75
78module_init(ipt_iprange_init); 76module_init(iprange_mt_init);
79module_exit(ipt_iprange_fini); 77module_exit(iprange_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_owner.c b/net/ipv4/netfilter/ipt_owner.c
index 6bc4bfea66d..4f1aa897d4b 100644
--- a/net/ipv4/netfilter/ipt_owner.c
+++ b/net/ipv4/netfilter/ipt_owner.c
@@ -22,14 +22,10 @@ MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
22MODULE_DESCRIPTION("iptables owner match"); 22MODULE_DESCRIPTION("iptables owner match");
23 23
24static bool 24static bool
25match(const struct sk_buff *skb, 25owner_mt(const struct sk_buff *skb, const struct net_device *in,
26 const struct net_device *in, 26 const struct net_device *out, const struct xt_match *match,
27 const struct net_device *out, 27 const void *matchinfo, int offset, unsigned int protoff,
28 const struct xt_match *match, 28 bool *hotdrop)
29 const void *matchinfo,
30 int offset,
31 unsigned int protoff,
32 bool *hotdrop)
33{ 29{
34 const struct ipt_owner_info *info = matchinfo; 30 const struct ipt_owner_info *info = matchinfo;
35 31
@@ -52,11 +48,9 @@ match(const struct sk_buff *skb,
52} 48}
53 49
54static bool 50static bool
55checkentry(const char *tablename, 51owner_mt_check(const char *tablename, const void *ip,
56 const void *ip, 52 const struct xt_match *match, void *matchinfo,
57 const struct xt_match *match, 53 unsigned int hook_mask)
58 void *matchinfo,
59 unsigned int hook_mask)
60{ 54{
61 const struct ipt_owner_info *info = matchinfo; 55 const struct ipt_owner_info *info = matchinfo;
62 56
@@ -68,26 +62,26 @@ checkentry(const char *tablename,
68 return true; 62 return true;
69} 63}
70 64
71static struct xt_match owner_match __read_mostly = { 65static struct xt_match owner_mt_reg __read_mostly = {
72 .name = "owner", 66 .name = "owner",
73 .family = AF_INET, 67 .family = AF_INET,
74 .match = match, 68 .match = owner_mt,
75 .matchsize = sizeof(struct ipt_owner_info), 69 .matchsize = sizeof(struct ipt_owner_info),
76 .hooks = (1 << NF_INET_LOCAL_OUT) | 70 .hooks = (1 << NF_INET_LOCAL_OUT) |
77 (1 << NF_INET_POST_ROUTING), 71 (1 << NF_INET_POST_ROUTING),
78 .checkentry = checkentry, 72 .checkentry = owner_mt_check,
79 .me = THIS_MODULE, 73 .me = THIS_MODULE,
80}; 74};
81 75
82static int __init ipt_owner_init(void) 76static int __init owner_mt_init(void)
83{ 77{
84 return xt_register_match(&owner_match); 78 return xt_register_match(&owner_mt_reg);
85} 79}
86 80
87static void __exit ipt_owner_fini(void) 81static void __exit owner_mt_exit(void)
88{ 82{
89 xt_unregister_match(&owner_match); 83 xt_unregister_match(&owner_mt_reg);
90} 84}
91 85
92module_init(ipt_owner_init); 86module_init(owner_mt_init);
93module_exit(ipt_owner_fini); 87module_exit(owner_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c
index 11d39fb5f38..4f3700d937a 100644
--- a/net/ipv4/netfilter/ipt_recent.c
+++ b/net/ipv4/netfilter/ipt_recent.c
@@ -170,10 +170,10 @@ static void recent_table_flush(struct recent_table *t)
170} 170}
171 171
172static bool 172static bool
173ipt_recent_match(const struct sk_buff *skb, 173recent_mt(const struct sk_buff *skb, const struct net_device *in,
174 const struct net_device *in, const struct net_device *out, 174 const struct net_device *out, const struct xt_match *match,
175 const struct xt_match *match, const void *matchinfo, 175 const void *matchinfo, int offset, unsigned int protoff,
176 int offset, unsigned int protoff, bool *hotdrop) 176 bool *hotdrop)
177{ 177{
178 const struct ipt_recent_info *info = matchinfo; 178 const struct ipt_recent_info *info = matchinfo;
179 struct recent_table *t; 179 struct recent_table *t;
@@ -236,9 +236,9 @@ out:
236} 236}
237 237
238static bool 238static bool
239ipt_recent_checkentry(const char *tablename, const void *ip, 239recent_mt_check(const char *tablename, const void *ip,
240 const struct xt_match *match, void *matchinfo, 240 const struct xt_match *match, void *matchinfo,
241 unsigned int hook_mask) 241 unsigned int hook_mask)
242{ 242{
243 const struct ipt_recent_info *info = matchinfo; 243 const struct ipt_recent_info *info = matchinfo;
244 struct recent_table *t; 244 struct recent_table *t;
@@ -293,8 +293,7 @@ out:
293 return ret; 293 return ret;
294} 294}
295 295
296static void 296static void recent_mt_destroy(const struct xt_match *match, void *matchinfo)
297ipt_recent_destroy(const struct xt_match *match, void *matchinfo)
298{ 297{
299 const struct ipt_recent_info *info = matchinfo; 298 const struct ipt_recent_info *info = matchinfo;
300 struct recent_table *t; 299 struct recent_table *t;
@@ -455,17 +454,17 @@ static const struct file_operations recent_fops = {
455}; 454};
456#endif /* CONFIG_PROC_FS */ 455#endif /* CONFIG_PROC_FS */
457 456
458static struct xt_match recent_match __read_mostly = { 457static struct xt_match recent_mt_reg __read_mostly = {
459 .name = "recent", 458 .name = "recent",
460 .family = AF_INET, 459 .family = AF_INET,
461 .match = ipt_recent_match, 460 .match = recent_mt,
462 .matchsize = sizeof(struct ipt_recent_info), 461 .matchsize = sizeof(struct ipt_recent_info),
463 .checkentry = ipt_recent_checkentry, 462 .checkentry = recent_mt_check,
464 .destroy = ipt_recent_destroy, 463 .destroy = recent_mt_destroy,
465 .me = THIS_MODULE, 464 .me = THIS_MODULE,
466}; 465};
467 466
468static int __init ipt_recent_init(void) 467static int __init recent_mt_init(void)
469{ 468{
470 int err; 469 int err;
471 470
@@ -473,27 +472,27 @@ static int __init ipt_recent_init(void)
473 return -EINVAL; 472 return -EINVAL;
474 ip_list_hash_size = 1 << fls(ip_list_tot); 473 ip_list_hash_size = 1 << fls(ip_list_tot);
475 474
476 err = xt_register_match(&recent_match); 475 err = xt_register_match(&recent_mt_reg);
477#ifdef CONFIG_PROC_FS 476#ifdef CONFIG_PROC_FS
478 if (err) 477 if (err)
479 return err; 478 return err;
480 proc_dir = proc_mkdir("ipt_recent", init_net.proc_net); 479 proc_dir = proc_mkdir("ipt_recent", init_net.proc_net);
481 if (proc_dir == NULL) { 480 if (proc_dir == NULL) {
482 xt_unregister_match(&recent_match); 481 xt_unregister_match(&recent_mt_reg);
483 err = -ENOMEM; 482 err = -ENOMEM;
484 } 483 }
485#endif 484#endif
486 return err; 485 return err;
487} 486}
488 487
489static void __exit ipt_recent_exit(void) 488static void __exit recent_mt_exit(void)
490{ 489{
491 BUG_ON(!list_empty(&tables)); 490 BUG_ON(!list_empty(&tables));
492 xt_unregister_match(&recent_match); 491 xt_unregister_match(&recent_mt_reg);
493#ifdef CONFIG_PROC_FS 492#ifdef CONFIG_PROC_FS
494 remove_proc_entry("ipt_recent", init_net.proc_net); 493 remove_proc_entry("ipt_recent", init_net.proc_net);
495#endif 494#endif
496} 495}
497 496
498module_init(ipt_recent_init); 497module_init(recent_mt_init);
499module_exit(ipt_recent_exit); 498module_exit(recent_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_tos.c b/net/ipv4/netfilter/ipt_tos.c
index e740441c973..7d608682584 100644
--- a/net/ipv4/netfilter/ipt_tos.c
+++ b/net/ipv4/netfilter/ipt_tos.c
@@ -19,37 +19,32 @@ MODULE_LICENSE("GPL");
19MODULE_DESCRIPTION("iptables TOS match module"); 19MODULE_DESCRIPTION("iptables TOS match module");
20 20
21static bool 21static bool
22match(const struct sk_buff *skb, 22tos_mt(const struct sk_buff *skb, const struct net_device *in,
23 const struct net_device *in, 23 const struct net_device *out, const struct xt_match *match,
24 const struct net_device *out, 24 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
25 const struct xt_match *match,
26 const void *matchinfo,
27 int offset,
28 unsigned int protoff,
29 bool *hotdrop)
30{ 25{
31 const struct ipt_tos_info *info = matchinfo; 26 const struct ipt_tos_info *info = matchinfo;
32 27
33 return (ip_hdr(skb)->tos == info->tos) ^ info->invert; 28 return (ip_hdr(skb)->tos == info->tos) ^ info->invert;
34} 29}
35 30
36static struct xt_match tos_match __read_mostly = { 31static struct xt_match tos_mt_reg __read_mostly = {
37 .name = "tos", 32 .name = "tos",
38 .family = AF_INET, 33 .family = AF_INET,
39 .match = match, 34 .match = tos_mt,
40 .matchsize = sizeof(struct ipt_tos_info), 35 .matchsize = sizeof(struct ipt_tos_info),
41 .me = THIS_MODULE, 36 .me = THIS_MODULE,
42}; 37};
43 38
44static int __init ipt_multiport_init(void) 39static int __init tos_mt_init(void)
45{ 40{
46 return xt_register_match(&tos_match); 41 return xt_register_match(&tos_mt_reg);
47} 42}
48 43
49static void __exit ipt_multiport_fini(void) 44static void __exit tos_mt_exit(void)
50{ 45{
51 xt_unregister_match(&tos_match); 46 xt_unregister_match(&tos_mt_reg);
52} 47}
53 48
54module_init(ipt_multiport_init); 49module_init(tos_mt_init);
55module_exit(ipt_multiport_fini); 50module_exit(tos_mt_exit);
diff --git a/net/ipv4/netfilter/ipt_ttl.c b/net/ipv4/netfilter/ipt_ttl.c
index a439900a4ba..b18d39162ff 100644
--- a/net/ipv4/netfilter/ipt_ttl.c
+++ b/net/ipv4/netfilter/ipt_ttl.c
@@ -18,10 +18,10 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
18MODULE_DESCRIPTION("IP tables TTL matching module"); 18MODULE_DESCRIPTION("IP tables TTL matching module");
19MODULE_LICENSE("GPL"); 19MODULE_LICENSE("GPL");
20 20
21static bool match(const struct sk_buff *skb, 21static bool
22 const struct net_device *in, const struct net_device *out, 22ttl_mt(const struct sk_buff *skb, const struct net_device *in,
23 const struct xt_match *match, const void *matchinfo, 23 const struct net_device *out, const struct xt_match *match,
24 int offset, unsigned int protoff, bool *hotdrop) 24 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
25{ 25{
26 const struct ipt_ttl_info *info = matchinfo; 26 const struct ipt_ttl_info *info = matchinfo;
27 const u8 ttl = ip_hdr(skb)->ttl; 27 const u8 ttl = ip_hdr(skb)->ttl;
@@ -44,23 +44,23 @@ static bool match(const struct sk_buff *skb,
44 return false; 44 return false;
45} 45}
46 46
47static struct xt_match ttl_match __read_mostly = { 47static struct xt_match ttl_mt_reg __read_mostly = {
48 .name = "ttl", 48 .name = "ttl",
49 .family = AF_INET, 49 .family = AF_INET,
50 .match = match, 50 .match = ttl_mt,
51 .matchsize = sizeof(struct ipt_ttl_info), 51 .matchsize = sizeof(struct ipt_ttl_info),
52 .me = THIS_MODULE, 52 .me = THIS_MODULE,
53}; 53};
54 54
55static int __init ipt_ttl_init(void) 55static int __init ttl_mt_init(void)
56{ 56{
57 return xt_register_match(&ttl_match); 57 return xt_register_match(&ttl_mt_reg);
58} 58}
59 59
60static void __exit ipt_ttl_fini(void) 60static void __exit ttl_mt_exit(void)
61{ 61{
62 xt_unregister_match(&ttl_match); 62 xt_unregister_match(&ttl_mt_reg);
63} 63}
64 64
65module_init(ipt_ttl_init); 65module_init(ttl_mt_init);
66module_exit(ipt_ttl_fini); 66module_exit(ttl_mt_exit);
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c
index 9afc836fd45..cefb4253711 100644
--- a/net/ipv6/netfilter/ip6t_HL.c
+++ b/net/ipv6/netfilter/ip6t_HL.c
@@ -18,12 +18,10 @@ MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>");
18MODULE_DESCRIPTION("IP6 tables Hop Limit modification module"); 18MODULE_DESCRIPTION("IP6 tables Hop Limit modification module");
19MODULE_LICENSE("GPL"); 19MODULE_LICENSE("GPL");
20 20
21static unsigned int ip6t_hl_target(struct sk_buff *skb, 21static unsigned int
22 const struct net_device *in, 22hl_tg6(struct sk_buff *skb, const struct net_device *in,
23 const struct net_device *out, 23 const struct net_device *out, unsigned int hooknum,
24 unsigned int hooknum, 24 const struct xt_target *target, const void *targinfo)
25 const struct xt_target *target,
26 const void *targinfo)
27{ 25{
28 struct ipv6hdr *ip6h; 26 struct ipv6hdr *ip6h;
29 const struct ip6t_HL_info *info = targinfo; 27 const struct ip6t_HL_info *info = targinfo;
@@ -58,11 +56,10 @@ static unsigned int ip6t_hl_target(struct sk_buff *skb,
58 return XT_CONTINUE; 56 return XT_CONTINUE;
59} 57}
60 58
61static bool ip6t_hl_checkentry(const char *tablename, 59static bool
62 const void *entry, 60hl_tg6_check(const char *tablename, const void *entry,
63 const struct xt_target *target, 61 const struct xt_target *target, void *targinfo,
64 void *targinfo, 62 unsigned int hook_mask)
65 unsigned int hook_mask)
66{ 63{
67 const struct ip6t_HL_info *info = targinfo; 64 const struct ip6t_HL_info *info = targinfo;
68 65
@@ -79,25 +76,25 @@ static bool ip6t_hl_checkentry(const char *tablename,
79 return true; 76 return true;
80} 77}
81 78
82static struct xt_target ip6t_HL __read_mostly = { 79static struct xt_target hl_tg6_reg __read_mostly = {
83 .name = "HL", 80 .name = "HL",
84 .family = AF_INET6, 81 .family = AF_INET6,
85 .target = ip6t_hl_target, 82 .target = hl_tg6,
86 .targetsize = sizeof(struct ip6t_HL_info), 83 .targetsize = sizeof(struct ip6t_HL_info),
87 .table = "mangle", 84 .table = "mangle",
88 .checkentry = ip6t_hl_checkentry, 85 .checkentry = hl_tg6_check,
89 .me = THIS_MODULE 86 .me = THIS_MODULE
90}; 87};
91 88
92static int __init ip6t_hl_init(void) 89static int __init hl_tg6_init(void)
93{ 90{
94 return xt_register_target(&ip6t_HL); 91 return xt_register_target(&hl_tg6_reg);
95} 92}
96 93
97static void __exit ip6t_hl_fini(void) 94static void __exit hl_tg6_exit(void)
98{ 95{
99 xt_unregister_target(&ip6t_HL); 96 xt_unregister_target(&hl_tg6_reg);
100} 97}
101 98
102module_init(ip6t_hl_init); 99module_init(hl_tg6_init);
103module_exit(ip6t_hl_fini); 100module_exit(hl_tg6_exit);
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c
index 7a48c342df4..cd51c42727f 100644
--- a/net/ipv6/netfilter/ip6t_LOG.c
+++ b/net/ipv6/netfilter/ip6t_LOG.c
@@ -431,12 +431,9 @@ ip6t_log_packet(unsigned int pf,
431} 431}
432 432
433static unsigned int 433static unsigned int
434ip6t_log_target(struct sk_buff *skb, 434log_tg6(struct sk_buff *skb, const struct net_device *in,
435 const struct net_device *in, 435 const struct net_device *out, unsigned int hooknum,
436 const struct net_device *out, 436 const struct xt_target *target, const void *targinfo)
437 unsigned int hooknum,
438 const struct xt_target *target,
439 const void *targinfo)
440{ 437{
441 const struct ip6t_log_info *loginfo = targinfo; 438 const struct ip6t_log_info *loginfo = targinfo;
442 struct nf_loginfo li; 439 struct nf_loginfo li;
@@ -450,11 +447,10 @@ ip6t_log_target(struct sk_buff *skb,
450} 447}
451 448
452 449
453static bool ip6t_log_checkentry(const char *tablename, 450static bool
454 const void *entry, 451log_tg6_check(const char *tablename, const void *entry,
455 const struct xt_target *target, 452 const struct xt_target *target, void *targinfo,
456 void *targinfo, 453 unsigned int hook_mask)
457 unsigned int hook_mask)
458{ 454{
459 const struct ip6t_log_info *loginfo = targinfo; 455 const struct ip6t_log_info *loginfo = targinfo;
460 456
@@ -470,12 +466,12 @@ static bool ip6t_log_checkentry(const char *tablename,
470 return true; 466 return true;
471} 467}
472 468
473static struct xt_target ip6t_log_reg __read_mostly = { 469static struct xt_target log_tg6_reg __read_mostly = {
474 .name = "LOG", 470 .name = "LOG",
475 .family = AF_INET6, 471 .family = AF_INET6,
476 .target = ip6t_log_target, 472 .target = log_tg6,
477 .targetsize = sizeof(struct ip6t_log_info), 473 .targetsize = sizeof(struct ip6t_log_info),
478 .checkentry = ip6t_log_checkentry, 474 .checkentry = log_tg6_check,
479 .me = THIS_MODULE, 475 .me = THIS_MODULE,
480}; 476};
481 477
@@ -485,22 +481,22 @@ static struct nf_logger ip6t_logger = {
485 .me = THIS_MODULE, 481 .me = THIS_MODULE,
486}; 482};
487 483
488static int __init ip6t_log_init(void) 484static int __init log_tg6_init(void)
489{ 485{
490 int ret; 486 int ret;
491 487
492 ret = xt_register_target(&ip6t_log_reg); 488 ret = xt_register_target(&log_tg6_reg);
493 if (ret < 0) 489 if (ret < 0)
494 return ret; 490 return ret;
495 nf_log_register(PF_INET6, &ip6t_logger); 491 nf_log_register(PF_INET6, &ip6t_logger);
496 return 0; 492 return 0;
497} 493}
498 494
499static void __exit ip6t_log_fini(void) 495static void __exit log_tg6_exit(void)
500{ 496{
501 nf_log_unregister(&ip6t_logger); 497 nf_log_unregister(&ip6t_logger);
502 xt_unregister_target(&ip6t_log_reg); 498 xt_unregister_target(&log_tg6_reg);
503} 499}
504 500
505module_init(ip6t_log_init); 501module_init(log_tg6_init);
506module_exit(ip6t_log_fini); 502module_exit(log_tg6_exit);
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index 960ba1780a9..a951c2cb6de 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -170,12 +170,10 @@ send_unreach(struct sk_buff *skb_in, unsigned char code, unsigned int hooknum)
170 icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0, NULL); 170 icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0, NULL);
171} 171}
172 172
173static unsigned int reject6_target(struct sk_buff *skb, 173static unsigned int
174 const struct net_device *in, 174reject_tg6(struct sk_buff *skb, const struct net_device *in,
175 const struct net_device *out, 175 const struct net_device *out, unsigned int hooknum,
176 unsigned int hooknum, 176 const struct xt_target *target, const void *targinfo)
177 const struct xt_target *target,
178 const void *targinfo)
179{ 177{
180 const struct ip6t_reject_info *reject = targinfo; 178 const struct ip6t_reject_info *reject = targinfo;
181 179
@@ -214,11 +212,10 @@ static unsigned int reject6_target(struct sk_buff *skb,
214 return NF_DROP; 212 return NF_DROP;
215} 213}
216 214
217static bool check(const char *tablename, 215static bool
218 const void *entry, 216reject_tg6_check(const char *tablename, const void *entry,
219 const struct xt_target *target, 217 const struct xt_target *target, void *targinfo,
220 void *targinfo, 218 unsigned int hook_mask)
221 unsigned int hook_mask)
222{ 219{
223 const struct ip6t_reject_info *rejinfo = targinfo; 220 const struct ip6t_reject_info *rejinfo = targinfo;
224 const struct ip6t_entry *e = entry; 221 const struct ip6t_entry *e = entry;
@@ -237,27 +234,27 @@ static bool check(const char *tablename,
237 return true; 234 return true;
238} 235}
239 236
240static struct xt_target ip6t_reject_reg __read_mostly = { 237static struct xt_target reject_tg6_reg __read_mostly = {
241 .name = "REJECT", 238 .name = "REJECT",
242 .family = AF_INET6, 239 .family = AF_INET6,
243 .target = reject6_target, 240 .target = reject_tg6,
244 .targetsize = sizeof(struct ip6t_reject_info), 241 .targetsize = sizeof(struct ip6t_reject_info),
245 .table = "filter", 242 .table = "filter",
246 .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) | 243 .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
247 (1 << NF_INET_LOCAL_OUT), 244 (1 << NF_INET_LOCAL_OUT),
248 .checkentry = check, 245 .checkentry = reject_tg6_check,
249 .me = THIS_MODULE 246 .me = THIS_MODULE
250}; 247};
251 248
252static int __init ip6t_reject_init(void) 249static int __init reject_tg6_init(void)
253{ 250{
254 return xt_register_target(&ip6t_reject_reg); 251 return xt_register_target(&reject_tg6_reg);
255} 252}
256 253
257static void __exit ip6t_reject_fini(void) 254static void __exit reject_tg6_exit(void)
258{ 255{
259 xt_unregister_target(&ip6t_reject_reg); 256 xt_unregister_target(&reject_tg6_reg);
260} 257}
261 258
262module_init(ip6t_reject_init); 259module_init(reject_tg6_init);
263module_exit(ip6t_reject_fini); 260module_exit(reject_tg6_exit);
diff --git a/net/ipv6/netfilter/ip6t_ah.c b/net/ipv6/netfilter/ip6t_ah.c
index 2a25fe25e0e..f5d08a8c011 100644
--- a/net/ipv6/netfilter/ip6t_ah.c
+++ b/net/ipv6/netfilter/ip6t_ah.c
@@ -37,14 +37,9 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)
37} 37}
38 38
39static bool 39static bool
40match(const struct sk_buff *skb, 40ah_mt6(const struct sk_buff *skb, const struct net_device *in,
41 const struct net_device *in, 41 const struct net_device *out, const struct xt_match *match,
42 const struct net_device *out, 42 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
43 const struct xt_match *match,
44 const void *matchinfo,
45 int offset,
46 unsigned int protoff,
47 bool *hotdrop)
48{ 43{
49 struct ip_auth_hdr _ah; 44 struct ip_auth_hdr _ah;
50 const struct ip_auth_hdr *ah; 45 const struct ip_auth_hdr *ah;
@@ -100,11 +95,9 @@ match(const struct sk_buff *skb,
100 95
101/* Called when user tries to insert an entry of this type. */ 96/* Called when user tries to insert an entry of this type. */
102static bool 97static bool
103checkentry(const char *tablename, 98ah_mt6_check(const char *tablename, const void *entry,
104 const void *entry, 99 const struct xt_match *match, void *matchinfo,
105 const struct xt_match *match, 100 unsigned int hook_mask)
106 void *matchinfo,
107 unsigned int hook_mask)
108{ 101{
109 const struct ip6t_ah *ahinfo = matchinfo; 102 const struct ip6t_ah *ahinfo = matchinfo;
110 103
@@ -115,24 +108,24 @@ checkentry(const char *tablename,
115 return true; 108 return true;
116} 109}
117 110
118static struct xt_match ah_match __read_mostly = { 111static struct xt_match ah_mt6_reg __read_mostly = {
119 .name = "ah", 112 .name = "ah",
120 .family = AF_INET6, 113 .family = AF_INET6,
121 .match = match, 114 .match = ah_mt6,
122 .matchsize = sizeof(struct ip6t_ah), 115 .matchsize = sizeof(struct ip6t_ah),
123 .checkentry = checkentry, 116 .checkentry = ah_mt6_check,
124 .me = THIS_MODULE, 117 .me = THIS_MODULE,
125}; 118};
126 119
127static int __init ip6t_ah_init(void) 120static int __init ah_mt6_init(void)
128{ 121{
129 return xt_register_match(&ah_match); 122 return xt_register_match(&ah_mt6_reg);
130} 123}
131 124
132static void __exit ip6t_ah_fini(void) 125static void __exit ah_mt6_exit(void)
133{ 126{
134 xt_unregister_match(&ah_match); 127 xt_unregister_match(&ah_mt6_reg);
135} 128}
136 129
137module_init(ip6t_ah_init); 130module_init(ah_mt6_init);
138module_exit(ip6t_ah_fini); 131module_exit(ah_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_eui64.c b/net/ipv6/netfilter/ip6t_eui64.c
index ff71269579d..dd9e67df914 100644
--- a/net/ipv6/netfilter/ip6t_eui64.c
+++ b/net/ipv6/netfilter/ip6t_eui64.c
@@ -20,14 +20,10 @@ MODULE_LICENSE("GPL");
20MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>"); 20MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
21 21
22static bool 22static bool
23match(const struct sk_buff *skb, 23eui64_mt6(const struct sk_buff *skb, const struct net_device *in,
24 const struct net_device *in, 24 const struct net_device *out, const struct xt_match *match,
25 const struct net_device *out, 25 const void *matchinfo, int offset, unsigned int protoff,
26 const struct xt_match *match, 26 bool *hotdrop)
27 const void *matchinfo,
28 int offset,
29 unsigned int protoff,
30 bool *hotdrop)
31{ 27{
32 unsigned char eui64[8]; 28 unsigned char eui64[8];
33 int i = 0; 29 int i = 0;
@@ -62,25 +58,25 @@ match(const struct sk_buff *skb,
62 return false; 58 return false;
63} 59}
64 60
65static struct xt_match eui64_match __read_mostly = { 61static struct xt_match eui64_mt6_reg __read_mostly = {
66 .name = "eui64", 62 .name = "eui64",
67 .family = AF_INET6, 63 .family = AF_INET6,
68 .match = match, 64 .match = eui64_mt6,
69 .matchsize = sizeof(int), 65 .matchsize = sizeof(int),
70 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) | 66 .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) |
71 (1 << NF_INET_FORWARD), 67 (1 << NF_INET_FORWARD),
72 .me = THIS_MODULE, 68 .me = THIS_MODULE,
73}; 69};
74 70
75static int __init ip6t_eui64_init(void) 71static int __init eui64_mt6_init(void)
76{ 72{
77 return xt_register_match(&eui64_match); 73 return xt_register_match(&eui64_mt6_reg);
78} 74}
79 75
80static void __exit ip6t_eui64_fini(void) 76static void __exit eui64_mt6_exit(void)
81{ 77{
82 xt_unregister_match(&eui64_match); 78 xt_unregister_match(&eui64_mt6_reg);
83} 79}
84 80
85module_init(ip6t_eui64_init); 81module_init(eui64_mt6_init);
86module_exit(ip6t_eui64_fini); 82module_exit(eui64_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_frag.c b/net/ipv6/netfilter/ip6t_frag.c
index 968aeba0207..ae8c714a80d 100644
--- a/net/ipv6/netfilter/ip6t_frag.c
+++ b/net/ipv6/netfilter/ip6t_frag.c
@@ -35,14 +35,10 @@ id_match(u_int32_t min, u_int32_t max, u_int32_t id, bool invert)
35} 35}
36 36
37static bool 37static bool
38match(const struct sk_buff *skb, 38frag_mt6(const struct sk_buff *skb, const struct net_device *in,
39 const struct net_device *in, 39 const struct net_device *out, const struct xt_match *match,
40 const struct net_device *out, 40 const void *matchinfo, int offset, unsigned int protoff,
41 const struct xt_match *match, 41 bool *hotdrop)
42 const void *matchinfo,
43 int offset,
44 unsigned int protoff,
45 bool *hotdrop)
46{ 42{
47 struct frag_hdr _frag; 43 struct frag_hdr _frag;
48 const struct frag_hdr *fh; 44 const struct frag_hdr *fh;
@@ -116,11 +112,9 @@ match(const struct sk_buff *skb,
116 112
117/* Called when user tries to insert an entry of this type. */ 113/* Called when user tries to insert an entry of this type. */
118static bool 114static bool
119checkentry(const char *tablename, 115frag_mt6_check(const char *tablename, const void *ip,
120 const void *ip, 116 const struct xt_match *match, void *matchinfo,
121 const struct xt_match *match, 117 unsigned int hook_mask)
122 void *matchinfo,
123 unsigned int hook_mask)
124{ 118{
125 const struct ip6t_frag *fraginfo = matchinfo; 119 const struct ip6t_frag *fraginfo = matchinfo;
126 120
@@ -131,24 +125,24 @@ checkentry(const char *tablename,
131 return true; 125 return true;
132} 126}
133 127
134static struct xt_match frag_match __read_mostly = { 128static struct xt_match frag_mt6_reg __read_mostly = {
135 .name = "frag", 129 .name = "frag",
136 .family = AF_INET6, 130 .family = AF_INET6,
137 .match = match, 131 .match = frag_mt6,
138 .matchsize = sizeof(struct ip6t_frag), 132 .matchsize = sizeof(struct ip6t_frag),
139 .checkentry = checkentry, 133 .checkentry = frag_mt6_check,
140 .me = THIS_MODULE, 134 .me = THIS_MODULE,
141}; 135};
142 136
143static int __init ip6t_frag_init(void) 137static int __init frag_mt6_init(void)
144{ 138{
145 return xt_register_match(&frag_match); 139 return xt_register_match(&frag_mt6_reg);
146} 140}
147 141
148static void __exit ip6t_frag_fini(void) 142static void __exit frag_mt6_exit(void)
149{ 143{
150 xt_unregister_match(&frag_match); 144 xt_unregister_match(&frag_mt6_reg);
151} 145}
152 146
153module_init(ip6t_frag_init); 147module_init(frag_mt6_init);
154module_exit(ip6t_frag_fini); 148module_exit(frag_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_hbh.c b/net/ipv6/netfilter/ip6t_hbh.c
index e6ca6018b1e..b76e27dc73d 100644
--- a/net/ipv6/netfilter/ip6t_hbh.c
+++ b/net/ipv6/netfilter/ip6t_hbh.c
@@ -42,14 +42,10 @@ MODULE_ALIAS("ip6t_dst");
42 */ 42 */
43 43
44static bool 44static bool
45match(const struct sk_buff *skb, 45hbh_mt6(const struct sk_buff *skb, const struct net_device *in,
46 const struct net_device *in, 46 const struct net_device *out, const struct xt_match *match,
47 const struct net_device *out, 47 const void *matchinfo, int offset, unsigned int protoff,
48 const struct xt_match *match, 48 bool *hotdrop)
49 const void *matchinfo,
50 int offset,
51 unsigned int protoff,
52 bool *hotdrop)
53{ 49{
54 struct ipv6_opt_hdr _optsh; 50 struct ipv6_opt_hdr _optsh;
55 const struct ipv6_opt_hdr *oh; 51 const struct ipv6_opt_hdr *oh;
@@ -171,11 +167,9 @@ match(const struct sk_buff *skb,
171 167
172/* Called when user tries to insert an entry of this type. */ 168/* Called when user tries to insert an entry of this type. */
173static bool 169static bool
174checkentry(const char *tablename, 170hbh_mt6_check(const char *tablename, const void *entry,
175 const void *entry, 171 const struct xt_match *match, void *matchinfo,
176 const struct xt_match *match, 172 unsigned int hook_mask)
177 void *matchinfo,
178 unsigned int hook_mask)
179{ 173{
180 const struct ip6t_opts *optsinfo = matchinfo; 174 const struct ip6t_opts *optsinfo = matchinfo;
181 175
@@ -186,36 +180,36 @@ checkentry(const char *tablename,
186 return true; 180 return true;
187} 181}
188 182
189static struct xt_match opts_match[] __read_mostly = { 183static struct xt_match hbh_mt6_reg[] __read_mostly = {
190 { 184 {
191 .name = "hbh", 185 .name = "hbh",
192 .family = AF_INET6, 186 .family = AF_INET6,
193 .match = match, 187 .match = hbh_mt6,
194 .matchsize = sizeof(struct ip6t_opts), 188 .matchsize = sizeof(struct ip6t_opts),
195 .checkentry = checkentry, 189 .checkentry = hbh_mt6_check,
196 .me = THIS_MODULE, 190 .me = THIS_MODULE,
197 .data = NEXTHDR_HOP, 191 .data = NEXTHDR_HOP,
198 }, 192 },
199 { 193 {
200 .name = "dst", 194 .name = "dst",
201 .family = AF_INET6, 195 .family = AF_INET6,
202 .match = match, 196 .match = hbh_mt6,
203 .matchsize = sizeof(struct ip6t_opts), 197 .matchsize = sizeof(struct ip6t_opts),
204 .checkentry = checkentry, 198 .checkentry = hbh_mt6_check,
205 .me = THIS_MODULE, 199 .me = THIS_MODULE,
206 .data = NEXTHDR_DEST, 200 .data = NEXTHDR_DEST,
207 }, 201 },
208}; 202};
209 203
210static int __init ip6t_hbh_init(void) 204static int __init hbh_mt6_init(void)
211{ 205{
212 return xt_register_matches(opts_match, ARRAY_SIZE(opts_match)); 206 return xt_register_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
213} 207}
214 208
215static void __exit ip6t_hbh_fini(void) 209static void __exit hbh_mt6_exit(void)
216{ 210{
217 xt_unregister_matches(opts_match, ARRAY_SIZE(opts_match)); 211 xt_unregister_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
218} 212}
219 213
220module_init(ip6t_hbh_init); 214module_init(hbh_mt6_init);
221module_exit(ip6t_hbh_fini); 215module_exit(hbh_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_hl.c b/net/ipv6/netfilter/ip6t_hl.c
index ca29ec00dc1..8f2d7d0ab40 100644
--- a/net/ipv6/netfilter/ip6t_hl.c
+++ b/net/ipv6/netfilter/ip6t_hl.c
@@ -19,10 +19,10 @@ MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>");
19MODULE_DESCRIPTION("IP tables Hop Limit matching module"); 19MODULE_DESCRIPTION("IP tables Hop Limit matching module");
20MODULE_LICENSE("GPL"); 20MODULE_LICENSE("GPL");
21 21
22static bool match(const struct sk_buff *skb, 22static bool
23 const struct net_device *in, const struct net_device *out, 23hl_mt6(const struct sk_buff *skb, const struct net_device *in,
24 const struct xt_match *match, const void *matchinfo, 24 const struct net_device *out, const struct xt_match *match,
25 int offset, unsigned int protoff, bool *hotdrop) 25 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
26{ 26{
27 const struct ip6t_hl_info *info = matchinfo; 27 const struct ip6t_hl_info *info = matchinfo;
28 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 28 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
@@ -49,23 +49,23 @@ static bool match(const struct sk_buff *skb,
49 return false; 49 return false;
50} 50}
51 51
52static struct xt_match hl_match __read_mostly = { 52static struct xt_match hl_mt6_reg __read_mostly = {
53 .name = "hl", 53 .name = "hl",
54 .family = AF_INET6, 54 .family = AF_INET6,
55 .match = match, 55 .match = hl_mt6,
56 .matchsize = sizeof(struct ip6t_hl_info), 56 .matchsize = sizeof(struct ip6t_hl_info),
57 .me = THIS_MODULE, 57 .me = THIS_MODULE,
58}; 58};
59 59
60static int __init ip6t_hl_init(void) 60static int __init hl_mt6_init(void)
61{ 61{
62 return xt_register_match(&hl_match); 62 return xt_register_match(&hl_mt6_reg);
63} 63}
64 64
65static void __exit ip6t_hl_fini(void) 65static void __exit hl_mt6_exit(void)
66{ 66{
67 xt_unregister_match(&hl_match); 67 xt_unregister_match(&hl_mt6_reg);
68} 68}
69 69
70module_init(ip6t_hl_init); 70module_init(hl_mt6_init);
71module_exit(ip6t_hl_fini); 71module_exit(hl_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_ipv6header.c b/net/ipv6/netfilter/ip6t_ipv6header.c
index 2c65c2f9a4a..ae497e7ac11 100644
--- a/net/ipv6/netfilter/ip6t_ipv6header.c
+++ b/net/ipv6/netfilter/ip6t_ipv6header.c
@@ -27,14 +27,10 @@ MODULE_DESCRIPTION("IPv6 headers match");
27MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>"); 27MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
28 28
29static bool 29static bool
30ipv6header_match(const struct sk_buff *skb, 30ipv6header_mt6(const struct sk_buff *skb, const struct net_device *in,
31 const struct net_device *in, 31 const struct net_device *out, const struct xt_match *match,
32 const struct net_device *out, 32 const void *matchinfo, int offset, unsigned int protoff,
33 const struct xt_match *match, 33 bool *hotdrop)
34 const void *matchinfo,
35 int offset,
36 unsigned int protoff,
37 bool *hotdrop)
38{ 34{
39 const struct ip6t_ipv6header_info *info = matchinfo; 35 const struct ip6t_ipv6header_info *info = matchinfo;
40 unsigned int temp; 36 unsigned int temp;
@@ -125,11 +121,9 @@ ipv6header_match(const struct sk_buff *skb,
125} 121}
126 122
127static bool 123static bool
128ipv6header_checkentry(const char *tablename, 124ipv6header_mt6_check(const char *tablename, const void *ip,
129 const void *ip, 125 const struct xt_match *match, void *matchinfo,
130 const struct xt_match *match, 126 unsigned int hook_mask)
131 void *matchinfo,
132 unsigned int hook_mask)
133{ 127{
134 const struct ip6t_ipv6header_info *info = matchinfo; 128 const struct ip6t_ipv6header_info *info = matchinfo;
135 129
@@ -141,25 +135,25 @@ ipv6header_checkentry(const char *tablename,
141 return true; 135 return true;
142} 136}
143 137
144static struct xt_match ip6t_ipv6header_match __read_mostly = { 138static struct xt_match ipv6header_mt6_reg __read_mostly = {
145 .name = "ipv6header", 139 .name = "ipv6header",
146 .family = AF_INET6, 140 .family = AF_INET6,
147 .match = &ipv6header_match, 141 .match = ipv6header_mt6,
148 .matchsize = sizeof(struct ip6t_ipv6header_info), 142 .matchsize = sizeof(struct ip6t_ipv6header_info),
149 .checkentry = &ipv6header_checkentry, 143 .checkentry = ipv6header_mt6_check,
150 .destroy = NULL, 144 .destroy = NULL,
151 .me = THIS_MODULE, 145 .me = THIS_MODULE,
152}; 146};
153 147
154static int __init ipv6header_init(void) 148static int __init ipv6header_mt6_init(void)
155{ 149{
156 return xt_register_match(&ip6t_ipv6header_match); 150 return xt_register_match(&ipv6header_mt6_reg);
157} 151}
158 152
159static void __exit ipv6header_exit(void) 153static void __exit ipv6header_mt6_exit(void)
160{ 154{
161 xt_unregister_match(&ip6t_ipv6header_match); 155 xt_unregister_match(&ipv6header_mt6_reg);
162} 156}
163 157
164module_init(ipv6header_init); 158module_init(ipv6header_mt6_init);
165module_exit(ipv6header_exit); 159module_exit(ipv6header_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_mh.c b/net/ipv6/netfilter/ip6t_mh.c
index 0fa714092dc..618e6b94b03 100644
--- a/net/ipv6/netfilter/ip6t_mh.c
+++ b/net/ipv6/netfilter/ip6t_mh.c
@@ -38,14 +38,9 @@ type_match(u_int8_t min, u_int8_t max, u_int8_t type, bool invert)
38} 38}
39 39
40static bool 40static bool
41match(const struct sk_buff *skb, 41mh_mt6(const struct sk_buff *skb, const struct net_device *in,
42 const struct net_device *in, 42 const struct net_device *out, const struct xt_match *match,
43 const struct net_device *out, 43 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
44 const struct xt_match *match,
45 const void *matchinfo,
46 int offset,
47 unsigned int protoff,
48 bool *hotdrop)
49{ 44{
50 struct ip6_mh _mh; 45 struct ip6_mh _mh;
51 const struct ip6_mh *mh; 46 const struct ip6_mh *mh;
@@ -77,11 +72,9 @@ match(const struct sk_buff *skb,
77 72
78/* Called when user tries to insert an entry of this type. */ 73/* Called when user tries to insert an entry of this type. */
79static bool 74static bool
80mh_checkentry(const char *tablename, 75mh_mt6_check(const char *tablename, const void *entry,
81 const void *entry, 76 const struct xt_match *match, void *matchinfo,
82 const struct xt_match *match, 77 unsigned int hook_mask)
83 void *matchinfo,
84 unsigned int hook_mask)
85{ 78{
86 const struct ip6t_mh *mhinfo = matchinfo; 79 const struct ip6t_mh *mhinfo = matchinfo;
87 80
@@ -89,25 +82,25 @@ mh_checkentry(const char *tablename,
89 return !(mhinfo->invflags & ~IP6T_MH_INV_MASK); 82 return !(mhinfo->invflags & ~IP6T_MH_INV_MASK);
90} 83}
91 84
92static struct xt_match mh_match __read_mostly = { 85static struct xt_match mh_mt6_reg __read_mostly = {
93 .name = "mh", 86 .name = "mh",
94 .family = AF_INET6, 87 .family = AF_INET6,
95 .checkentry = mh_checkentry, 88 .checkentry = mh_mt6_check,
96 .match = match, 89 .match = mh_mt6,
97 .matchsize = sizeof(struct ip6t_mh), 90 .matchsize = sizeof(struct ip6t_mh),
98 .proto = IPPROTO_MH, 91 .proto = IPPROTO_MH,
99 .me = THIS_MODULE, 92 .me = THIS_MODULE,
100}; 93};
101 94
102static int __init ip6t_mh_init(void) 95static int __init mh_mt6_init(void)
103{ 96{
104 return xt_register_match(&mh_match); 97 return xt_register_match(&mh_mt6_reg);
105} 98}
106 99
107static void __exit ip6t_mh_fini(void) 100static void __exit mh_mt6_exit(void)
108{ 101{
109 xt_unregister_match(&mh_match); 102 xt_unregister_match(&mh_mt6_reg);
110} 103}
111 104
112module_init(ip6t_mh_init); 105module_init(mh_mt6_init);
113module_exit(ip6t_mh_fini); 106module_exit(mh_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_owner.c b/net/ipv6/netfilter/ip6t_owner.c
index 1e0dc4a972c..6a52ed98516 100644
--- a/net/ipv6/netfilter/ip6t_owner.c
+++ b/net/ipv6/netfilter/ip6t_owner.c
@@ -24,14 +24,10 @@ MODULE_LICENSE("GPL");
24 24
25 25
26static bool 26static bool
27match(const struct sk_buff *skb, 27owner_mt6(const struct sk_buff *skb, const struct net_device *in,
28 const struct net_device *in, 28 const struct net_device *out, const struct xt_match *match,
29 const struct net_device *out, 29 const void *matchinfo, int offset, unsigned int protoff,
30 const struct xt_match *match, 30 bool *hotdrop)
31 const void *matchinfo,
32 int offset,
33 unsigned int protoff,
34 bool *hotdrop)
35{ 31{
36 const struct ip6t_owner_info *info = matchinfo; 32 const struct ip6t_owner_info *info = matchinfo;
37 33
@@ -52,11 +48,9 @@ match(const struct sk_buff *skb,
52} 48}
53 49
54static bool 50static bool
55checkentry(const char *tablename, 51owner_mt6_check(const char *tablename, const void *ip,
56 const void *ip, 52 const struct xt_match *match, void *matchinfo,
57 const struct xt_match *match, 53 unsigned int hook_mask)
58 void *matchinfo,
59 unsigned int hook_mask)
60{ 54{
61 const struct ip6t_owner_info *info = matchinfo; 55 const struct ip6t_owner_info *info = matchinfo;
62 56
@@ -68,26 +62,26 @@ checkentry(const char *tablename,
68 return true; 62 return true;
69} 63}
70 64
71static struct xt_match owner_match __read_mostly = { 65static struct xt_match owner_mt6_reg __read_mostly = {
72 .name = "owner", 66 .name = "owner",
73 .family = AF_INET6, 67 .family = AF_INET6,
74 .match = match, 68 .match = owner_mt6,
75 .matchsize = sizeof(struct ip6t_owner_info), 69 .matchsize = sizeof(struct ip6t_owner_info),
76 .hooks = (1 << NF_INET_LOCAL_OUT) | 70 .hooks = (1 << NF_INET_LOCAL_OUT) |
77 (1 << NF_INET_POST_ROUTING), 71 (1 << NF_INET_POST_ROUTING),
78 .checkentry = checkentry, 72 .checkentry = owner_mt6_check,
79 .me = THIS_MODULE, 73 .me = THIS_MODULE,
80}; 74};
81 75
82static int __init ip6t_owner_init(void) 76static int __init owner_mt6_init(void)
83{ 77{
84 return xt_register_match(&owner_match); 78 return xt_register_match(&owner_mt6_reg);
85} 79}
86 80
87static void __exit ip6t_owner_fini(void) 81static void __exit owner_mt6_exit(void)
88{ 82{
89 xt_unregister_match(&owner_match); 83 xt_unregister_match(&owner_mt6_reg);
90} 84}
91 85
92module_init(ip6t_owner_init); 86module_init(owner_mt6_init);
93module_exit(ip6t_owner_fini); 87module_exit(owner_mt6_exit);
diff --git a/net/ipv6/netfilter/ip6t_rt.c b/net/ipv6/netfilter/ip6t_rt.c
index 357cea703bd..038cea6407d 100644
--- a/net/ipv6/netfilter/ip6t_rt.c
+++ b/net/ipv6/netfilter/ip6t_rt.c
@@ -37,14 +37,9 @@ segsleft_match(u_int32_t min, u_int32_t max, u_int32_t id, bool invert)
37} 37}
38 38
39static bool 39static bool
40match(const struct sk_buff *skb, 40rt_mt6(const struct sk_buff *skb, const struct net_device *in,
41 const struct net_device *in, 41 const struct net_device *out, const struct xt_match *match,
42 const struct net_device *out, 42 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
43 const struct xt_match *match,
44 const void *matchinfo,
45 int offset,
46 unsigned int protoff,
47 bool *hotdrop)
48{ 43{
49 struct ipv6_rt_hdr _route; 44 struct ipv6_rt_hdr _route;
50 const struct ipv6_rt_hdr *rh; 45 const struct ipv6_rt_hdr *rh;
@@ -195,11 +190,9 @@ match(const struct sk_buff *skb,
195 190
196/* Called when user tries to insert an entry of this type. */ 191/* Called when user tries to insert an entry of this type. */
197static bool 192static bool
198checkentry(const char *tablename, 193rt_mt6_check(const char *tablename, const void *entry,
199 const void *entry, 194 const struct xt_match *match, void *matchinfo,
200 const struct xt_match *match, 195 unsigned int hook_mask)
201 void *matchinfo,
202 unsigned int hook_mask)
203{ 196{
204 const struct ip6t_rt *rtinfo = matchinfo; 197 const struct ip6t_rt *rtinfo = matchinfo;
205 198
@@ -218,24 +211,24 @@ checkentry(const char *tablename,
218 return true; 211 return true;
219} 212}
220 213
221static struct xt_match rt_match __read_mostly = { 214static struct xt_match rt_mt6_reg __read_mostly = {
222 .name = "rt", 215 .name = "rt",
223 .family = AF_INET6, 216 .family = AF_INET6,
224 .match = match, 217 .match = rt_mt6,
225 .matchsize = sizeof(struct ip6t_rt), 218 .matchsize = sizeof(struct ip6t_rt),
226 .checkentry = checkentry, 219 .checkentry = rt_mt6_check,
227 .me = THIS_MODULE, 220 .me = THIS_MODULE,
228}; 221};
229 222
230static int __init ip6t_rt_init(void) 223static int __init rt_mt6_init(void)
231{ 224{
232 return xt_register_match(&rt_match); 225 return xt_register_match(&rt_mt6_reg);
233} 226}
234 227
235static void __exit ip6t_rt_fini(void) 228static void __exit rt_mt6_exit(void)
236{ 229{
237 xt_unregister_match(&rt_match); 230 xt_unregister_match(&rt_mt6_reg);
238} 231}
239 232
240module_init(ip6t_rt_init); 233module_init(rt_mt6_init);
241module_exit(ip6t_rt_fini); 234module_exit(rt_mt6_exit);
diff --git a/net/netfilter/xt_CLASSIFY.c b/net/netfilter/xt_CLASSIFY.c
index e4f7f86d7dd..8e83dd4c13a 100644
--- a/net/netfilter/xt_CLASSIFY.c
+++ b/net/netfilter/xt_CLASSIFY.c
@@ -27,12 +27,9 @@ MODULE_ALIAS("ipt_CLASSIFY");
27MODULE_ALIAS("ip6t_CLASSIFY"); 27MODULE_ALIAS("ip6t_CLASSIFY");
28 28
29static unsigned int 29static unsigned int
30target(struct sk_buff *skb, 30classify_tg(struct sk_buff *skb, const struct net_device *in,
31 const struct net_device *in, 31 const struct net_device *out, unsigned int hooknum,
32 const struct net_device *out, 32 const struct xt_target *target, const void *targinfo)
33 unsigned int hooknum,
34 const struct xt_target *target,
35 const void *targinfo)
36{ 33{
37 const struct xt_classify_target_info *clinfo = targinfo; 34 const struct xt_classify_target_info *clinfo = targinfo;
38 35
@@ -40,11 +37,11 @@ target(struct sk_buff *skb,
40 return XT_CONTINUE; 37 return XT_CONTINUE;
41} 38}
42 39
43static struct xt_target xt_classify_target[] __read_mostly = { 40static struct xt_target classify_tg_reg[] __read_mostly = {
44 { 41 {
45 .family = AF_INET, 42 .family = AF_INET,
46 .name = "CLASSIFY", 43 .name = "CLASSIFY",
47 .target = target, 44 .target = classify_tg,
48 .targetsize = sizeof(struct xt_classify_target_info), 45 .targetsize = sizeof(struct xt_classify_target_info),
49 .table = "mangle", 46 .table = "mangle",
50 .hooks = (1 << NF_INET_LOCAL_OUT) | 47 .hooks = (1 << NF_INET_LOCAL_OUT) |
@@ -55,7 +52,7 @@ static struct xt_target xt_classify_target[] __read_mostly = {
55 { 52 {
56 .name = "CLASSIFY", 53 .name = "CLASSIFY",
57 .family = AF_INET6, 54 .family = AF_INET6,
58 .target = target, 55 .target = classify_tg,
59 .targetsize = sizeof(struct xt_classify_target_info), 56 .targetsize = sizeof(struct xt_classify_target_info),
60 .table = "mangle", 57 .table = "mangle",
61 .hooks = (1 << NF_INET_LOCAL_OUT) | 58 .hooks = (1 << NF_INET_LOCAL_OUT) |
@@ -65,17 +62,16 @@ static struct xt_target xt_classify_target[] __read_mostly = {
65 }, 62 },
66}; 63};
67 64
68static int __init xt_classify_init(void) 65static int __init classify_tg_init(void)
69{ 66{
70 return xt_register_targets(xt_classify_target, 67 return xt_register_targets(classify_tg_reg,
71 ARRAY_SIZE(xt_classify_target)); 68 ARRAY_SIZE(classify_tg_reg));
72} 69}
73 70
74static void __exit xt_classify_fini(void) 71static void __exit classify_tg_exit(void)
75{ 72{
76 xt_unregister_targets(xt_classify_target, 73 xt_unregister_targets(classify_tg_reg, ARRAY_SIZE(classify_tg_reg));
77 ARRAY_SIZE(xt_classify_target));
78} 74}
79 75
80module_init(xt_classify_init); 76module_init(classify_tg_init);
81module_exit(xt_classify_fini); 77module_exit(classify_tg_exit);
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c
index 0621ca7de3b..0250bbea4c8 100644
--- a/net/netfilter/xt_CONNMARK.c
+++ b/net/netfilter/xt_CONNMARK.c
@@ -34,12 +34,9 @@ MODULE_ALIAS("ip6t_CONNMARK");
34#include <net/netfilter/nf_conntrack_ecache.h> 34#include <net/netfilter/nf_conntrack_ecache.h>
35 35
36static unsigned int 36static unsigned int
37target(struct sk_buff *skb, 37connmark_tg(struct sk_buff *skb, const struct net_device *in,
38 const struct net_device *in, 38 const struct net_device *out, unsigned int hooknum,
39 const struct net_device *out, 39 const struct xt_target *target, const void *targinfo)
40 unsigned int hooknum,
41 const struct xt_target *target,
42 const void *targinfo)
43{ 40{
44 const struct xt_connmark_target_info *markinfo = targinfo; 41 const struct xt_connmark_target_info *markinfo = targinfo;
45 struct nf_conn *ct; 42 struct nf_conn *ct;
@@ -78,11 +75,9 @@ target(struct sk_buff *skb,
78} 75}
79 76
80static bool 77static bool
81checkentry(const char *tablename, 78connmark_tg_check(const char *tablename, const void *entry,
82 const void *entry, 79 const struct xt_target *target, void *targinfo,
83 const struct xt_target *target, 80 unsigned int hook_mask)
84 void *targinfo,
85 unsigned int hook_mask)
86{ 81{
87 const struct xt_connmark_target_info *matchinfo = targinfo; 82 const struct xt_connmark_target_info *matchinfo = targinfo;
88 83
@@ -107,7 +102,7 @@ checkentry(const char *tablename,
107} 102}
108 103
109static void 104static void
110destroy(const struct xt_target *target, void *targinfo) 105connmark_tg_destroy(const struct xt_target *target, void *targinfo)
111{ 106{
112 nf_ct_l3proto_module_put(target->family); 107 nf_ct_l3proto_module_put(target->family);
113} 108}
@@ -120,7 +115,7 @@ struct compat_xt_connmark_target_info {
120 u_int16_t __pad2; 115 u_int16_t __pad2;
121}; 116};
122 117
123static void compat_from_user(void *dst, void *src) 118static void connmark_tg_compat_from_user(void *dst, void *src)
124{ 119{
125 const struct compat_xt_connmark_target_info *cm = src; 120 const struct compat_xt_connmark_target_info *cm = src;
126 struct xt_connmark_target_info m = { 121 struct xt_connmark_target_info m = {
@@ -131,7 +126,7 @@ static void compat_from_user(void *dst, void *src)
131 memcpy(dst, &m, sizeof(m)); 126 memcpy(dst, &m, sizeof(m));
132} 127}
133 128
134static int compat_to_user(void __user *dst, void *src) 129static int connmark_tg_compat_to_user(void __user *dst, void *src)
135{ 130{
136 const struct xt_connmark_target_info *m = src; 131 const struct xt_connmark_target_info *m = src;
137 struct compat_xt_connmark_target_info cm = { 132 struct compat_xt_connmark_target_info cm = {
@@ -143,43 +138,42 @@ static int compat_to_user(void __user *dst, void *src)
143} 138}
144#endif /* CONFIG_COMPAT */ 139#endif /* CONFIG_COMPAT */
145 140
146static struct xt_target xt_connmark_target[] __read_mostly = { 141static struct xt_target connmark_tg_reg[] __read_mostly = {
147 { 142 {
148 .name = "CONNMARK", 143 .name = "CONNMARK",
149 .family = AF_INET, 144 .family = AF_INET,
150 .checkentry = checkentry, 145 .checkentry = connmark_tg_check,
151 .destroy = destroy, 146 .destroy = connmark_tg_destroy,
152 .target = target, 147 .target = connmark_tg,
153 .targetsize = sizeof(struct xt_connmark_target_info), 148 .targetsize = sizeof(struct xt_connmark_target_info),
154#ifdef CONFIG_COMPAT 149#ifdef CONFIG_COMPAT
155 .compatsize = sizeof(struct compat_xt_connmark_target_info), 150 .compatsize = sizeof(struct compat_xt_connmark_target_info),
156 .compat_from_user = compat_from_user, 151 .compat_from_user = connmark_tg_compat_from_user,
157 .compat_to_user = compat_to_user, 152 .compat_to_user = connmark_tg_compat_to_user,
158#endif 153#endif
159 .me = THIS_MODULE 154 .me = THIS_MODULE
160 }, 155 },
161 { 156 {
162 .name = "CONNMARK", 157 .name = "CONNMARK",
163 .family = AF_INET6, 158 .family = AF_INET6,
164 .checkentry = checkentry, 159 .checkentry = connmark_tg_check,
165 .destroy = destroy, 160 .destroy = connmark_tg_destroy,
166 .target = target, 161 .target = connmark_tg,
167 .targetsize = sizeof(struct xt_connmark_target_info), 162 .targetsize = sizeof(struct xt_connmark_target_info),
168 .me = THIS_MODULE 163 .me = THIS_MODULE
169 }, 164 },
170}; 165};
171 166
172static int __init xt_connmark_init(void) 167static int __init connmark_tg_init(void)
173{ 168{
174 return xt_register_targets(xt_connmark_target, 169 return xt_register_targets(connmark_tg_reg,
175 ARRAY_SIZE(xt_connmark_target)); 170 ARRAY_SIZE(connmark_tg_reg));
176} 171}
177 172
178static void __exit xt_connmark_fini(void) 173static void __exit connmark_tg_exit(void)
179{ 174{
180 xt_unregister_targets(xt_connmark_target, 175 xt_unregister_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg));
181 ARRAY_SIZE(xt_connmark_target));
182} 176}
183 177
184module_init(xt_connmark_init); 178module_init(connmark_tg_init);
185module_exit(xt_connmark_fini); 179module_exit(connmark_tg_exit);
diff --git a/net/netfilter/xt_CONNSECMARK.c b/net/netfilter/xt_CONNSECMARK.c
index d8feba9bdb4..2c265e87f39 100644
--- a/net/netfilter/xt_CONNSECMARK.c
+++ b/net/netfilter/xt_CONNSECMARK.c
@@ -61,10 +61,10 @@ static void secmark_restore(struct sk_buff *skb)
61 } 61 }
62} 62}
63 63
64static unsigned int target(struct sk_buff *skb, const struct net_device *in, 64static unsigned int
65 const struct net_device *out, unsigned int hooknum, 65connsecmark_tg(struct sk_buff *skb, const struct net_device *in,
66 const struct xt_target *target, 66 const struct net_device *out, unsigned int hooknum,
67 const void *targinfo) 67 const struct xt_target *target, const void *targinfo)
68{ 68{
69 const struct xt_connsecmark_target_info *info = targinfo; 69 const struct xt_connsecmark_target_info *info = targinfo;
70 70
@@ -84,9 +84,10 @@ static unsigned int target(struct sk_buff *skb, const struct net_device *in,
84 return XT_CONTINUE; 84 return XT_CONTINUE;
85} 85}
86 86
87static bool checkentry(const char *tablename, const void *entry, 87static bool
88 const struct xt_target *target, void *targinfo, 88connsecmark_tg_check(const char *tablename, const void *entry,
89 unsigned int hook_mask) 89 const struct xt_target *target, void *targinfo,
90 unsigned int hook_mask)
90{ 91{
91 const struct xt_connsecmark_target_info *info = targinfo; 92 const struct xt_connsecmark_target_info *info = targinfo;
92 93
@@ -109,18 +110,18 @@ static bool checkentry(const char *tablename, const void *entry,
109} 110}
110 111
111static void 112static void
112destroy(const struct xt_target *target, void *targinfo) 113connsecmark_tg_destroy(const struct xt_target *target, void *targinfo)
113{ 114{
114 nf_ct_l3proto_module_put(target->family); 115 nf_ct_l3proto_module_put(target->family);
115} 116}
116 117
117static struct xt_target xt_connsecmark_target[] __read_mostly = { 118static struct xt_target connsecmark_tg_reg[] __read_mostly = {
118 { 119 {
119 .name = "CONNSECMARK", 120 .name = "CONNSECMARK",
120 .family = AF_INET, 121 .family = AF_INET,
121 .checkentry = checkentry, 122 .checkentry = connsecmark_tg_check,
122 .destroy = destroy, 123 .destroy = connsecmark_tg_destroy,
123 .target = target, 124 .target = connsecmark_tg,
124 .targetsize = sizeof(struct xt_connsecmark_target_info), 125 .targetsize = sizeof(struct xt_connsecmark_target_info),
125 .table = "mangle", 126 .table = "mangle",
126 .me = THIS_MODULE, 127 .me = THIS_MODULE,
@@ -128,26 +129,26 @@ static struct xt_target xt_connsecmark_target[] __read_mostly = {
128 { 129 {
129 .name = "CONNSECMARK", 130 .name = "CONNSECMARK",
130 .family = AF_INET6, 131 .family = AF_INET6,
131 .checkentry = checkentry, 132 .checkentry = connsecmark_tg_check,
132 .destroy = destroy, 133 .destroy = connsecmark_tg_destroy,
133 .target = target, 134 .target = connsecmark_tg,
134 .targetsize = sizeof(struct xt_connsecmark_target_info), 135 .targetsize = sizeof(struct xt_connsecmark_target_info),
135 .table = "mangle", 136 .table = "mangle",
136 .me = THIS_MODULE, 137 .me = THIS_MODULE,
137 }, 138 },
138}; 139};
139 140
140static int __init xt_connsecmark_init(void) 141static int __init connsecmark_tg_init(void)
141{ 142{
142 return xt_register_targets(xt_connsecmark_target, 143 return xt_register_targets(connsecmark_tg_reg,
143 ARRAY_SIZE(xt_connsecmark_target)); 144 ARRAY_SIZE(connsecmark_tg_reg));
144} 145}
145 146
146static void __exit xt_connsecmark_fini(void) 147static void __exit connsecmark_tg_exit(void)
147{ 148{
148 xt_unregister_targets(xt_connsecmark_target, 149 xt_unregister_targets(connsecmark_tg_reg,
149 ARRAY_SIZE(xt_connsecmark_target)); 150 ARRAY_SIZE(connsecmark_tg_reg));
150} 151}
151 152
152module_init(xt_connsecmark_init); 153module_init(connsecmark_tg_init);
153module_exit(xt_connsecmark_fini); 154module_exit(connsecmark_tg_exit);
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c
index 6322a933ab7..18823558797 100644
--- a/net/netfilter/xt_DSCP.c
+++ b/net/netfilter/xt_DSCP.c
@@ -25,12 +25,10 @@ MODULE_LICENSE("GPL");
25MODULE_ALIAS("ipt_DSCP"); 25MODULE_ALIAS("ipt_DSCP");
26MODULE_ALIAS("ip6t_DSCP"); 26MODULE_ALIAS("ip6t_DSCP");
27 27
28static unsigned int target(struct sk_buff *skb, 28static unsigned int
29 const struct net_device *in, 29dscp_tg(struct sk_buff *skb, const struct net_device *in,
30 const struct net_device *out, 30 const struct net_device *out, unsigned int hooknum,
31 unsigned int hooknum, 31 const struct xt_target *target, const void *targinfo)
32 const struct xt_target *target,
33 const void *targinfo)
34{ 32{
35 const struct xt_DSCP_info *dinfo = targinfo; 33 const struct xt_DSCP_info *dinfo = targinfo;
36 u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT; 34 u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
@@ -46,12 +44,10 @@ static unsigned int target(struct sk_buff *skb,
46 return XT_CONTINUE; 44 return XT_CONTINUE;
47} 45}
48 46
49static unsigned int target6(struct sk_buff *skb, 47static unsigned int
50 const struct net_device *in, 48dscp_tg6(struct sk_buff *skb, const struct net_device *in,
51 const struct net_device *out, 49 const struct net_device *out, unsigned int hooknum,
52 unsigned int hooknum, 50 const struct xt_target *target, const void *targinfo)
53 const struct xt_target *target,
54 const void *targinfo)
55{ 51{
56 const struct xt_DSCP_info *dinfo = targinfo; 52 const struct xt_DSCP_info *dinfo = targinfo;
57 u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT; 53 u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
@@ -66,11 +62,10 @@ static unsigned int target6(struct sk_buff *skb,
66 return XT_CONTINUE; 62 return XT_CONTINUE;
67} 63}
68 64
69static bool checkentry(const char *tablename, 65static bool
70 const void *e_void, 66dscp_tg_check(const char *tablename, const void *e_void,
71 const struct xt_target *target, 67 const struct xt_target *target, void *targinfo,
72 void *targinfo, 68 unsigned int hook_mask)
73 unsigned int hook_mask)
74{ 69{
75 const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp; 70 const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;
76 71
@@ -81,12 +76,12 @@ static bool checkentry(const char *tablename,
81 return true; 76 return true;
82} 77}
83 78
84static struct xt_target xt_dscp_target[] __read_mostly = { 79static struct xt_target dscp_tg_reg[] __read_mostly = {
85 { 80 {
86 .name = "DSCP", 81 .name = "DSCP",
87 .family = AF_INET, 82 .family = AF_INET,
88 .checkentry = checkentry, 83 .checkentry = dscp_tg_check,
89 .target = target, 84 .target = dscp_tg,
90 .targetsize = sizeof(struct xt_DSCP_info), 85 .targetsize = sizeof(struct xt_DSCP_info),
91 .table = "mangle", 86 .table = "mangle",
92 .me = THIS_MODULE, 87 .me = THIS_MODULE,
@@ -94,23 +89,23 @@ static struct xt_target xt_dscp_target[] __read_mostly = {
94 { 89 {
95 .name = "DSCP", 90 .name = "DSCP",
96 .family = AF_INET6, 91 .family = AF_INET6,
97 .checkentry = checkentry, 92 .checkentry = dscp_tg_check,
98 .target = target6, 93 .target = dscp_tg6,
99 .targetsize = sizeof(struct xt_DSCP_info), 94 .targetsize = sizeof(struct xt_DSCP_info),
100 .table = "mangle", 95 .table = "mangle",
101 .me = THIS_MODULE, 96 .me = THIS_MODULE,
102 }, 97 },
103}; 98};
104 99
105static int __init xt_dscp_target_init(void) 100static int __init dscp_tg_init(void)
106{ 101{
107 return xt_register_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target)); 102 return xt_register_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
108} 103}
109 104
110static void __exit xt_dscp_target_fini(void) 105static void __exit dscp_tg_exit(void)
111{ 106{
112 xt_unregister_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target)); 107 xt_unregister_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
113} 108}
114 109
115module_init(xt_dscp_target_init); 110module_init(dscp_tg_init);
116module_exit(xt_dscp_target_fini); 111module_exit(dscp_tg_exit);
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c
index bc6503d77d7..de32aa5b57f 100644
--- a/net/netfilter/xt_MARK.c
+++ b/net/netfilter/xt_MARK.c
@@ -22,12 +22,9 @@ MODULE_ALIAS("ipt_MARK");
22MODULE_ALIAS("ip6t_MARK"); 22MODULE_ALIAS("ip6t_MARK");
23 23
24static unsigned int 24static unsigned int
25target_v0(struct sk_buff *skb, 25mark_tg_v0(struct sk_buff *skb, const struct net_device *in,
26 const struct net_device *in, 26 const struct net_device *out, unsigned int hooknum,
27 const struct net_device *out, 27 const struct xt_target *target, const void *targinfo)
28 unsigned int hooknum,
29 const struct xt_target *target,
30 const void *targinfo)
31{ 28{
32 const struct xt_mark_target_info *markinfo = targinfo; 29 const struct xt_mark_target_info *markinfo = targinfo;
33 30
@@ -36,12 +33,9 @@ target_v0(struct sk_buff *skb,
36} 33}
37 34
38static unsigned int 35static unsigned int
39target_v1(struct sk_buff *skb, 36mark_tg(struct sk_buff *skb, const struct net_device *in,
40 const struct net_device *in, 37 const struct net_device *out, unsigned int hooknum,
41 const struct net_device *out, 38 const struct xt_target *target, const void *targinfo)
42 unsigned int hooknum,
43 const struct xt_target *target,
44 const void *targinfo)
45{ 39{
46 const struct xt_mark_target_info_v1 *markinfo = targinfo; 40 const struct xt_mark_target_info_v1 *markinfo = targinfo;
47 int mark = 0; 41 int mark = 0;
@@ -64,13 +58,10 @@ target_v1(struct sk_buff *skb,
64 return XT_CONTINUE; 58 return XT_CONTINUE;
65} 59}
66 60
67
68static bool 61static bool
69checkentry_v0(const char *tablename, 62mark_tg_check_v0(const char *tablename, const void *entry,
70 const void *entry, 63 const struct xt_target *target, void *targinfo,
71 const struct xt_target *target, 64 unsigned int hook_mask)
72 void *targinfo,
73 unsigned int hook_mask)
74{ 65{
75 const struct xt_mark_target_info *markinfo = targinfo; 66 const struct xt_mark_target_info *markinfo = targinfo;
76 67
@@ -82,11 +73,9 @@ checkentry_v0(const char *tablename,
82} 73}
83 74
84static bool 75static bool
85checkentry_v1(const char *tablename, 76mark_tg_check(const char *tablename, const void *entry,
86 const void *entry, 77 const struct xt_target *target, void *targinfo,
87 const struct xt_target *target, 78 unsigned int hook_mask)
88 void *targinfo,
89 unsigned int hook_mask)
90{ 79{
91 const struct xt_mark_target_info_v1 *markinfo = targinfo; 80 const struct xt_mark_target_info_v1 *markinfo = targinfo;
92 81
@@ -112,7 +101,7 @@ struct compat_xt_mark_target_info_v1 {
112 u_int16_t __pad2; 101 u_int16_t __pad2;
113}; 102};
114 103
115static void compat_from_user_v1(void *dst, void *src) 104static void mark_tg_compat_from_user(void *dst, void *src)
116{ 105{
117 const struct compat_xt_mark_target_info_v1 *cm = src; 106 const struct compat_xt_mark_target_info_v1 *cm = src;
118 struct xt_mark_target_info_v1 m = { 107 struct xt_mark_target_info_v1 m = {
@@ -122,7 +111,7 @@ static void compat_from_user_v1(void *dst, void *src)
122 memcpy(dst, &m, sizeof(m)); 111 memcpy(dst, &m, sizeof(m));
123} 112}
124 113
125static int compat_to_user_v1(void __user *dst, void *src) 114static int mark_tg_compat_to_user(void __user *dst, void *src)
126{ 115{
127 const struct xt_mark_target_info_v1 *m = src; 116 const struct xt_mark_target_info_v1 *m = src;
128 struct compat_xt_mark_target_info_v1 cm = { 117 struct compat_xt_mark_target_info_v1 cm = {
@@ -133,13 +122,13 @@ static int compat_to_user_v1(void __user *dst, void *src)
133} 122}
134#endif /* CONFIG_COMPAT */ 123#endif /* CONFIG_COMPAT */
135 124
136static struct xt_target xt_mark_target[] __read_mostly = { 125static struct xt_target mark_tg_reg[] __read_mostly = {
137 { 126 {
138 .name = "MARK", 127 .name = "MARK",
139 .family = AF_INET, 128 .family = AF_INET,
140 .revision = 0, 129 .revision = 0,
141 .checkentry = checkentry_v0, 130 .checkentry = mark_tg_check_v0,
142 .target = target_v0, 131 .target = mark_tg_v0,
143 .targetsize = sizeof(struct xt_mark_target_info), 132 .targetsize = sizeof(struct xt_mark_target_info),
144 .table = "mangle", 133 .table = "mangle",
145 .me = THIS_MODULE, 134 .me = THIS_MODULE,
@@ -148,13 +137,13 @@ static struct xt_target xt_mark_target[] __read_mostly = {
148 .name = "MARK", 137 .name = "MARK",
149 .family = AF_INET, 138 .family = AF_INET,
150 .revision = 1, 139 .revision = 1,
151 .checkentry = checkentry_v1, 140 .checkentry = mark_tg_check,
152 .target = target_v1, 141 .target = mark_tg,
153 .targetsize = sizeof(struct xt_mark_target_info_v1), 142 .targetsize = sizeof(struct xt_mark_target_info_v1),
154#ifdef CONFIG_COMPAT 143#ifdef CONFIG_COMPAT
155 .compatsize = sizeof(struct compat_xt_mark_target_info_v1), 144 .compatsize = sizeof(struct compat_xt_mark_target_info_v1),
156 .compat_from_user = compat_from_user_v1, 145 .compat_from_user = mark_tg_compat_from_user,
157 .compat_to_user = compat_to_user_v1, 146 .compat_to_user = mark_tg_compat_to_user,
158#endif 147#endif
159 .table = "mangle", 148 .table = "mangle",
160 .me = THIS_MODULE, 149 .me = THIS_MODULE,
@@ -163,23 +152,23 @@ static struct xt_target xt_mark_target[] __read_mostly = {
163 .name = "MARK", 152 .name = "MARK",
164 .family = AF_INET6, 153 .family = AF_INET6,
165 .revision = 0, 154 .revision = 0,
166 .checkentry = checkentry_v0, 155 .checkentry = mark_tg_check_v0,
167 .target = target_v0, 156 .target = mark_tg_v0,
168 .targetsize = sizeof(struct xt_mark_target_info), 157 .targetsize = sizeof(struct xt_mark_target_info),
169 .table = "mangle", 158 .table = "mangle",
170 .me = THIS_MODULE, 159 .me = THIS_MODULE,
171 }, 160 },
172}; 161};
173 162
174static int __init xt_mark_init(void) 163static int __init mark_tg_init(void)
175{ 164{
176 return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); 165 return xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
177} 166}
178 167
179static void __exit xt_mark_fini(void) 168static void __exit mark_tg_exit(void)
180{ 169{
181 xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); 170 xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
182} 171}
183 172
184module_init(xt_mark_init); 173module_init(mark_tg_init);
185module_exit(xt_mark_fini); 174module_exit(mark_tg_exit);
diff --git a/net/netfilter/xt_NFLOG.c b/net/netfilter/xt_NFLOG.c
index 9fb449ffbf8..83af124e88c 100644
--- a/net/netfilter/xt_NFLOG.c
+++ b/net/netfilter/xt_NFLOG.c
@@ -20,10 +20,9 @@ MODULE_ALIAS("ipt_NFLOG");
20MODULE_ALIAS("ip6t_NFLOG"); 20MODULE_ALIAS("ip6t_NFLOG");
21 21
22static unsigned int 22static unsigned int
23nflog_target(struct sk_buff *skb, 23nflog_tg(struct sk_buff *skb, const struct net_device *in,
24 const struct net_device *in, const struct net_device *out, 24 const struct net_device *out, unsigned int hooknum,
25 unsigned int hooknum, const struct xt_target *target, 25 const struct xt_target *target, const void *targinfo)
26 const void *targinfo)
27{ 26{
28 const struct xt_nflog_info *info = targinfo; 27 const struct xt_nflog_info *info = targinfo;
29 struct nf_loginfo li; 28 struct nf_loginfo li;
@@ -39,9 +38,9 @@ nflog_target(struct sk_buff *skb,
39} 38}
40 39
41static bool 40static bool
42nflog_checkentry(const char *tablename, const void *entry, 41nflog_tg_check(const char *tablename, const void *entry,
43 const struct xt_target *target, void *targetinfo, 42 const struct xt_target *target, void *targetinfo,
44 unsigned int hookmask) 43 unsigned int hookmask)
45{ 44{
46 const struct xt_nflog_info *info = targetinfo; 45 const struct xt_nflog_info *info = targetinfo;
47 46
@@ -52,35 +51,34 @@ nflog_checkentry(const char *tablename, const void *entry,
52 return true; 51 return true;
53} 52}
54 53
55static struct xt_target xt_nflog_target[] __read_mostly = { 54static struct xt_target nflog_tg_reg[] __read_mostly = {
56 { 55 {
57 .name = "NFLOG", 56 .name = "NFLOG",
58 .family = AF_INET, 57 .family = AF_INET,
59 .checkentry = nflog_checkentry, 58 .checkentry = nflog_tg_check,
60 .target = nflog_target, 59 .target = nflog_tg,
61 .targetsize = sizeof(struct xt_nflog_info), 60 .targetsize = sizeof(struct xt_nflog_info),
62 .me = THIS_MODULE, 61 .me = THIS_MODULE,
63 }, 62 },
64 { 63 {
65 .name = "NFLOG", 64 .name = "NFLOG",
66 .family = AF_INET6, 65 .family = AF_INET6,
67 .checkentry = nflog_checkentry, 66 .checkentry = nflog_tg_check,
68 .target = nflog_target, 67 .target = nflog_tg,
69 .targetsize = sizeof(struct xt_nflog_info), 68 .targetsize = sizeof(struct xt_nflog_info),
70 .me = THIS_MODULE, 69 .me = THIS_MODULE,
71 }, 70 },
72}; 71};
73 72
74static int __init xt_nflog_init(void) 73static int __init nflog_tg_init(void)
75{ 74{
76 return xt_register_targets(xt_nflog_target, 75 return xt_register_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
77 ARRAY_SIZE(xt_nflog_target));
78} 76}
79 77
80static void __exit xt_nflog_fini(void) 78static void __exit nflog_tg_exit(void)
81{ 79{
82 xt_unregister_targets(xt_nflog_target, ARRAY_SIZE(xt_nflog_target)); 80 xt_unregister_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
83} 81}
84 82
85module_init(xt_nflog_init); 83module_init(nflog_tg_init);
86module_exit(xt_nflog_fini); 84module_exit(nflog_tg_exit);
diff --git a/net/netfilter/xt_NFQUEUE.c b/net/netfilter/xt_NFQUEUE.c
index c3984e9f766..16b57c23f35 100644
--- a/net/netfilter/xt_NFQUEUE.c
+++ b/net/netfilter/xt_NFQUEUE.c
@@ -24,52 +24,48 @@ MODULE_ALIAS("ip6t_NFQUEUE");
24MODULE_ALIAS("arpt_NFQUEUE"); 24MODULE_ALIAS("arpt_NFQUEUE");
25 25
26static unsigned int 26static unsigned int
27target(struct sk_buff *skb, 27nfqueue_tg(struct sk_buff *skb, const struct net_device *in,
28 const struct net_device *in, 28 const struct net_device *out, unsigned int hooknum,
29 const struct net_device *out, 29 const struct xt_target *target, const void *targinfo)
30 unsigned int hooknum,
31 const struct xt_target *target,
32 const void *targinfo)
33{ 30{
34 const struct xt_NFQ_info *tinfo = targinfo; 31 const struct xt_NFQ_info *tinfo = targinfo;
35 32
36 return NF_QUEUE_NR(tinfo->queuenum); 33 return NF_QUEUE_NR(tinfo->queuenum);
37} 34}
38 35
39static struct xt_target xt_nfqueue_target[] __read_mostly = { 36static struct xt_target nfqueue_tg_reg[] __read_mostly = {
40 { 37 {
41 .name = "NFQUEUE", 38 .name = "NFQUEUE",
42 .family = AF_INET, 39 .family = AF_INET,
43 .target = target, 40 .target = nfqueue_tg,
44 .targetsize = sizeof(struct xt_NFQ_info), 41 .targetsize = sizeof(struct xt_NFQ_info),
45 .me = THIS_MODULE, 42 .me = THIS_MODULE,
46 }, 43 },
47 { 44 {
48 .name = "NFQUEUE", 45 .name = "NFQUEUE",
49 .family = AF_INET6, 46 .family = AF_INET6,
50 .target = target, 47 .target = nfqueue_tg,
51 .targetsize = sizeof(struct xt_NFQ_info), 48 .targetsize = sizeof(struct xt_NFQ_info),
52 .me = THIS_MODULE, 49 .me = THIS_MODULE,
53 }, 50 },
54 { 51 {
55 .name = "NFQUEUE", 52 .name = "NFQUEUE",
56 .family = NF_ARP, 53 .family = NF_ARP,
57 .target = target, 54 .target = nfqueue_tg,
58 .targetsize = sizeof(struct xt_NFQ_info), 55 .targetsize = sizeof(struct xt_NFQ_info),
59 .me = THIS_MODULE, 56 .me = THIS_MODULE,
60 }, 57 },
61}; 58};
62 59
63static int __init xt_nfqueue_init(void) 60static int __init nfqueue_tg_init(void)
64{ 61{
65 return xt_register_targets(xt_nfqueue_target, 62 return xt_register_targets(nfqueue_tg_reg, ARRAY_SIZE(nfqueue_tg_reg));
66 ARRAY_SIZE(xt_nfqueue_target));
67} 63}
68 64
69static void __exit xt_nfqueue_fini(void) 65static void __exit nfqueue_tg_exit(void)
70{ 66{
71 xt_unregister_targets(xt_nfqueue_target, ARRAY_SIZE(xt_nfqueue_target)); 67 xt_unregister_targets(nfqueue_tg_reg, ARRAY_SIZE(nfqueue_tg_reg));
72} 68}
73 69
74module_init(xt_nfqueue_init); 70module_init(nfqueue_tg_init);
75module_exit(xt_nfqueue_fini); 71module_exit(nfqueue_tg_exit);
diff --git a/net/netfilter/xt_NOTRACK.c b/net/netfilter/xt_NOTRACK.c
index 4976ce18661..95712e4e997 100644
--- a/net/netfilter/xt_NOTRACK.c
+++ b/net/netfilter/xt_NOTRACK.c
@@ -12,12 +12,9 @@ MODULE_ALIAS("ipt_NOTRACK");
12MODULE_ALIAS("ip6t_NOTRACK"); 12MODULE_ALIAS("ip6t_NOTRACK");
13 13
14static unsigned int 14static unsigned int
15target(struct sk_buff *skb, 15notrack_tg(struct sk_buff *skb, const struct net_device *in,
16 const struct net_device *in, 16 const struct net_device *out, unsigned int hooknum,
17 const struct net_device *out, 17 const struct xt_target *target, const void *targinfo)
18 unsigned int hooknum,
19 const struct xt_target *target,
20 const void *targinfo)
21{ 18{
22 /* Previously seen (loopback)? Ignore. */ 19 /* Previously seen (loopback)? Ignore. */
23 if (skb->nfct != NULL) 20 if (skb->nfct != NULL)
@@ -34,33 +31,32 @@ target(struct sk_buff *skb,
34 return XT_CONTINUE; 31 return XT_CONTINUE;
35} 32}
36 33
37static struct xt_target xt_notrack_target[] __read_mostly = { 34static struct xt_target notrack_tg_reg[] __read_mostly = {
38 { 35 {
39 .name = "NOTRACK", 36 .name = "NOTRACK",
40 .family = AF_INET, 37 .family = AF_INET,
41 .target = target, 38 .target = notrack_tg,
42 .table = "raw", 39 .table = "raw",
43 .me = THIS_MODULE, 40 .me = THIS_MODULE,
44 }, 41 },
45 { 42 {
46 .name = "NOTRACK", 43 .name = "NOTRACK",
47 .family = AF_INET6, 44 .family = AF_INET6,
48 .target = target, 45 .target = notrack_tg,
49 .table = "raw", 46 .table = "raw",
50 .me = THIS_MODULE, 47 .me = THIS_MODULE,
51 }, 48 },
52}; 49};
53 50
54static int __init xt_notrack_init(void) 51static int __init notrack_tg_init(void)
55{ 52{
56 return xt_register_targets(xt_notrack_target, 53 return xt_register_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg));
57 ARRAY_SIZE(xt_notrack_target));
58} 54}
59 55
60static void __exit xt_notrack_fini(void) 56static void __exit notrack_tg_exit(void)
61{ 57{
62 xt_unregister_targets(xt_notrack_target, ARRAY_SIZE(xt_notrack_target)); 58 xt_unregister_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg));
63} 59}
64 60
65module_init(xt_notrack_init); 61module_init(notrack_tg_init);
66module_exit(xt_notrack_fini); 62module_exit(notrack_tg_exit);
diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c
index 235806eb6ec..7d5439c9f18 100644
--- a/net/netfilter/xt_SECMARK.c
+++ b/net/netfilter/xt_SECMARK.c
@@ -28,10 +28,10 @@ MODULE_ALIAS("ip6t_SECMARK");
28 28
29static u8 mode; 29static u8 mode;
30 30
31static unsigned int target(struct sk_buff *skb, const struct net_device *in, 31static unsigned int
32 const struct net_device *out, unsigned int hooknum, 32secmark_tg(struct sk_buff *skb, const struct net_device *in,
33 const struct xt_target *target, 33 const struct net_device *out, unsigned int hooknum,
34 const void *targinfo) 34 const struct xt_target *target, const void *targinfo)
35{ 35{
36 u32 secmark = 0; 36 u32 secmark = 0;
37 const struct xt_secmark_target_info *info = targinfo; 37 const struct xt_secmark_target_info *info = targinfo;
@@ -81,9 +81,10 @@ static bool checkentry_selinux(struct xt_secmark_target_info *info)
81 return true; 81 return true;
82} 82}
83 83
84static bool checkentry(const char *tablename, const void *entry, 84static bool
85 const struct xt_target *target, void *targinfo, 85secmark_tg_check(const char *tablename, const void *entry,
86 unsigned int hook_mask) 86 const struct xt_target *target, void *targinfo,
87 unsigned int hook_mask)
87{ 88{
88 struct xt_secmark_target_info *info = targinfo; 89 struct xt_secmark_target_info *info = targinfo;
89 90
@@ -109,12 +110,12 @@ static bool checkentry(const char *tablename, const void *entry,
109 return true; 110 return true;
110} 111}
111 112
112static struct xt_target xt_secmark_target[] __read_mostly = { 113static struct xt_target secmark_tg_reg[] __read_mostly = {
113 { 114 {
114 .name = "SECMARK", 115 .name = "SECMARK",
115 .family = AF_INET, 116 .family = AF_INET,
116 .checkentry = checkentry, 117 .checkentry = secmark_tg_check,
117 .target = target, 118 .target = secmark_tg,
118 .targetsize = sizeof(struct xt_secmark_target_info), 119 .targetsize = sizeof(struct xt_secmark_target_info),
119 .table = "mangle", 120 .table = "mangle",
120 .me = THIS_MODULE, 121 .me = THIS_MODULE,
@@ -122,24 +123,23 @@ static struct xt_target xt_secmark_target[] __read_mostly = {
122 { 123 {
123 .name = "SECMARK", 124 .name = "SECMARK",
124 .family = AF_INET6, 125 .family = AF_INET6,
125 .checkentry = checkentry, 126 .checkentry = secmark_tg_check,
126 .target = target, 127 .target = secmark_tg,
127 .targetsize = sizeof(struct xt_secmark_target_info), 128 .targetsize = sizeof(struct xt_secmark_target_info),
128 .table = "mangle", 129 .table = "mangle",
129 .me = THIS_MODULE, 130 .me = THIS_MODULE,
130 }, 131 },
131}; 132};
132 133
133static int __init xt_secmark_init(void) 134static int __init secmark_tg_init(void)
134{ 135{
135 return xt_register_targets(xt_secmark_target, 136 return xt_register_targets(secmark_tg_reg, ARRAY_SIZE(secmark_tg_reg));
136 ARRAY_SIZE(xt_secmark_target));
137} 137}
138 138
139static void __exit xt_secmark_fini(void) 139static void __exit secmark_tg_exit(void)
140{ 140{
141 xt_unregister_targets(xt_secmark_target, ARRAY_SIZE(xt_secmark_target)); 141 xt_unregister_targets(secmark_tg_reg, ARRAY_SIZE(secmark_tg_reg));
142} 142}
143 143
144module_init(xt_secmark_init); 144module_init(secmark_tg_init);
145module_exit(xt_secmark_fini); 145module_exit(secmark_tg_exit);
diff --git a/net/netfilter/xt_TCPMSS.c b/net/netfilter/xt_TCPMSS.c
index bf6249e4406..e4ee4bc81ff 100644
--- a/net/netfilter/xt_TCPMSS.c
+++ b/net/netfilter/xt_TCPMSS.c
@@ -135,12 +135,9 @@ tcpmss_mangle_packet(struct sk_buff *skb,
135} 135}
136 136
137static unsigned int 137static unsigned int
138xt_tcpmss_target4(struct sk_buff *skb, 138tcpmss_tg4(struct sk_buff *skb, const struct net_device *in,
139 const struct net_device *in, 139 const struct net_device *out, unsigned int hooknum,
140 const struct net_device *out, 140 const struct xt_target *target, const void *targinfo)
141 unsigned int hooknum,
142 const struct xt_target *target,
143 const void *targinfo)
144{ 141{
145 struct iphdr *iph = ip_hdr(skb); 142 struct iphdr *iph = ip_hdr(skb);
146 __be16 newlen; 143 __be16 newlen;
@@ -161,12 +158,9 @@ xt_tcpmss_target4(struct sk_buff *skb,
161 158
162#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE) 159#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
163static unsigned int 160static unsigned int
164xt_tcpmss_target6(struct sk_buff *skb, 161tcpmss_tg6(struct sk_buff *skb, const struct net_device *in,
165 const struct net_device *in, 162 const struct net_device *out, unsigned int hooknum,
166 const struct net_device *out, 163 const struct xt_target *target, const void *targinfo)
167 unsigned int hooknum,
168 const struct xt_target *target,
169 const void *targinfo)
170{ 164{
171 struct ipv6hdr *ipv6h = ipv6_hdr(skb); 165 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
172 u8 nexthdr; 166 u8 nexthdr;
@@ -205,11 +199,9 @@ static inline bool find_syn_match(const struct xt_entry_match *m)
205} 199}
206 200
207static bool 201static bool
208xt_tcpmss_checkentry4(const char *tablename, 202tcpmss_tg4_check(const char *tablename, const void *entry,
209 const void *entry, 203 const struct xt_target *target, void *targinfo,
210 const struct xt_target *target, 204 unsigned int hook_mask)
211 void *targinfo,
212 unsigned int hook_mask)
213{ 205{
214 const struct xt_tcpmss_info *info = targinfo; 206 const struct xt_tcpmss_info *info = targinfo;
215 const struct ipt_entry *e = entry; 207 const struct ipt_entry *e = entry;
@@ -230,11 +222,9 @@ xt_tcpmss_checkentry4(const char *tablename,
230 222
231#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE) 223#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
232static bool 224static bool
233xt_tcpmss_checkentry6(const char *tablename, 225tcpmss_tg6_check(const char *tablename, const void *entry,
234 const void *entry, 226 const struct xt_target *target, void *targinfo,
235 const struct xt_target *target, 227 unsigned int hook_mask)
236 void *targinfo,
237 unsigned int hook_mask)
238{ 228{
239 const struct xt_tcpmss_info *info = targinfo; 229 const struct xt_tcpmss_info *info = targinfo;
240 const struct ip6t_entry *e = entry; 230 const struct ip6t_entry *e = entry;
@@ -254,12 +244,12 @@ xt_tcpmss_checkentry6(const char *tablename,
254} 244}
255#endif 245#endif
256 246
257static struct xt_target xt_tcpmss_reg[] __read_mostly = { 247static struct xt_target tcpmss_tg_reg[] __read_mostly = {
258 { 248 {
259 .family = AF_INET, 249 .family = AF_INET,
260 .name = "TCPMSS", 250 .name = "TCPMSS",
261 .checkentry = xt_tcpmss_checkentry4, 251 .checkentry = tcpmss_tg4_check,
262 .target = xt_tcpmss_target4, 252 .target = tcpmss_tg4,
263 .targetsize = sizeof(struct xt_tcpmss_info), 253 .targetsize = sizeof(struct xt_tcpmss_info),
264 .proto = IPPROTO_TCP, 254 .proto = IPPROTO_TCP,
265 .me = THIS_MODULE, 255 .me = THIS_MODULE,
@@ -268,8 +258,8 @@ static struct xt_target xt_tcpmss_reg[] __read_mostly = {
268 { 258 {
269 .family = AF_INET6, 259 .family = AF_INET6,
270 .name = "TCPMSS", 260 .name = "TCPMSS",
271 .checkentry = xt_tcpmss_checkentry6, 261 .checkentry = tcpmss_tg6_check,
272 .target = xt_tcpmss_target6, 262 .target = tcpmss_tg6,
273 .targetsize = sizeof(struct xt_tcpmss_info), 263 .targetsize = sizeof(struct xt_tcpmss_info),
274 .proto = IPPROTO_TCP, 264 .proto = IPPROTO_TCP,
275 .me = THIS_MODULE, 265 .me = THIS_MODULE,
@@ -277,15 +267,15 @@ static struct xt_target xt_tcpmss_reg[] __read_mostly = {
277#endif 267#endif
278}; 268};
279 269
280static int __init xt_tcpmss_init(void) 270static int __init tcpmss_tg_init(void)
281{ 271{
282 return xt_register_targets(xt_tcpmss_reg, ARRAY_SIZE(xt_tcpmss_reg)); 272 return xt_register_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
283} 273}
284 274
285static void __exit xt_tcpmss_fini(void) 275static void __exit tcpmss_tg_exit(void)
286{ 276{
287 xt_unregister_targets(xt_tcpmss_reg, ARRAY_SIZE(xt_tcpmss_reg)); 277 xt_unregister_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
288} 278}
289 279
290module_init(xt_tcpmss_init); 280module_init(tcpmss_tg_init);
291module_exit(xt_tcpmss_fini); 281module_exit(tcpmss_tg_exit);
diff --git a/net/netfilter/xt_TRACE.c b/net/netfilter/xt_TRACE.c
index 26c5d08ab2c..219b9d2445c 100644
--- a/net/netfilter/xt_TRACE.c
+++ b/net/netfilter/xt_TRACE.c
@@ -10,44 +10,40 @@ MODULE_ALIAS("ipt_TRACE");
10MODULE_ALIAS("ip6t_TRACE"); 10MODULE_ALIAS("ip6t_TRACE");
11 11
12static unsigned int 12static unsigned int
13target(struct sk_buff *skb, 13trace_tg(struct sk_buff *skb, const struct net_device *in,
14 const struct net_device *in, 14 const struct net_device *out, unsigned int hooknum,
15 const struct net_device *out, 15 const struct xt_target *target, const void *targinfo)
16 unsigned int hooknum,
17 const struct xt_target *target,
18 const void *targinfo)
19{ 16{
20 skb->nf_trace = 1; 17 skb->nf_trace = 1;
21 return XT_CONTINUE; 18 return XT_CONTINUE;
22} 19}
23 20
24static struct xt_target xt_trace_target[] __read_mostly = { 21static struct xt_target trace_tg_reg[] __read_mostly = {
25 { 22 {
26 .name = "TRACE", 23 .name = "TRACE",
27 .family = AF_INET, 24 .family = AF_INET,
28 .target = target, 25 .target = trace_tg,
29 .table = "raw", 26 .table = "raw",
30 .me = THIS_MODULE, 27 .me = THIS_MODULE,
31 }, 28 },
32 { 29 {
33 .name = "TRACE", 30 .name = "TRACE",
34 .family = AF_INET6, 31 .family = AF_INET6,
35 .target = target, 32 .target = trace_tg,
36 .table = "raw", 33 .table = "raw",
37 .me = THIS_MODULE, 34 .me = THIS_MODULE,
38 }, 35 },
39}; 36};
40 37
41static int __init xt_trace_init(void) 38static int __init trace_tg_init(void)
42{ 39{
43 return xt_register_targets(xt_trace_target, 40 return xt_register_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
44 ARRAY_SIZE(xt_trace_target));
45} 41}
46 42
47static void __exit xt_trace_fini(void) 43static void __exit trace_tg_exit(void)
48{ 44{
49 xt_unregister_targets(xt_trace_target, ARRAY_SIZE(xt_trace_target)); 45 xt_unregister_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
50} 46}
51 47
52module_init(xt_trace_init); 48module_init(trace_tg_init);
53module_exit(xt_trace_fini); 49module_exit(trace_tg_exit);
diff --git a/net/netfilter/xt_comment.c b/net/netfilter/xt_comment.c
index 64bcdb0fe1e..4539d435ec7 100644
--- a/net/netfilter/xt_comment.c
+++ b/net/netfilter/xt_comment.c
@@ -16,46 +16,41 @@ MODULE_ALIAS("ipt_comment");
16MODULE_ALIAS("ip6t_comment"); 16MODULE_ALIAS("ip6t_comment");
17 17
18static bool 18static bool
19match(const struct sk_buff *skb, 19comment_mt(const struct sk_buff *skb, const struct net_device *in,
20 const struct net_device *in, 20 const struct net_device *out, const struct xt_match *match,
21 const struct net_device *out, 21 const void *matchinfo, int offset, unsigned int protooff,
22 const struct xt_match *match, 22 bool *hotdrop)
23 const void *matchinfo,
24 int offset,
25 unsigned int protooff,
26 bool *hotdrop)
27{ 23{
28 /* We always match */ 24 /* We always match */
29 return true; 25 return true;
30} 26}
31 27
32static struct xt_match xt_comment_match[] __read_mostly = { 28static struct xt_match comment_mt_reg[] __read_mostly = {
33 { 29 {
34 .name = "comment", 30 .name = "comment",
35 .family = AF_INET, 31 .family = AF_INET,
36 .match = match, 32 .match = comment_mt,
37 .matchsize = sizeof(struct xt_comment_info), 33 .matchsize = sizeof(struct xt_comment_info),
38 .me = THIS_MODULE 34 .me = THIS_MODULE
39 }, 35 },
40 { 36 {
41 .name = "comment", 37 .name = "comment",
42 .family = AF_INET6, 38 .family = AF_INET6,
43 .match = match, 39 .match = comment_mt,
44 .matchsize = sizeof(struct xt_comment_info), 40 .matchsize = sizeof(struct xt_comment_info),
45 .me = THIS_MODULE 41 .me = THIS_MODULE
46 }, 42 },
47}; 43};
48 44
49static int __init xt_comment_init(void) 45static int __init comment_mt_init(void)
50{ 46{
51 return xt_register_matches(xt_comment_match, 47 return xt_register_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg));
52 ARRAY_SIZE(xt_comment_match));
53} 48}
54 49
55static void __exit xt_comment_fini(void) 50static void __exit comment_mt_exit(void)
56{ 51{
57 xt_unregister_matches(xt_comment_match, ARRAY_SIZE(xt_comment_match)); 52 xt_unregister_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg));
58} 53}
59 54
60module_init(xt_comment_init); 55module_init(comment_mt_init);
61module_exit(xt_comment_fini); 56module_exit(comment_mt_exit);
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c
index 9ec50139b9a..752b7d8bbc9 100644
--- a/net/netfilter/xt_connbytes.c
+++ b/net/netfilter/xt_connbytes.c
@@ -17,14 +17,10 @@ MODULE_ALIAS("ipt_connbytes");
17MODULE_ALIAS("ip6t_connbytes"); 17MODULE_ALIAS("ip6t_connbytes");
18 18
19static bool 19static bool
20match(const struct sk_buff *skb, 20connbytes_mt(const struct sk_buff *skb, const struct net_device *in,
21 const struct net_device *in, 21 const struct net_device *out, const struct xt_match *match,
22 const struct net_device *out, 22 const void *matchinfo, int offset, unsigned int protoff,
23 const struct xt_match *match, 23 bool *hotdrop)
24 const void *matchinfo,
25 int offset,
26 unsigned int protoff,
27 bool *hotdrop)
28{ 24{
29 const struct xt_connbytes_info *sinfo = matchinfo; 25 const struct xt_connbytes_info *sinfo = matchinfo;
30 const struct nf_conn *ct; 26 const struct nf_conn *ct;
@@ -96,11 +92,10 @@ match(const struct sk_buff *skb,
96 return what >= sinfo->count.from; 92 return what >= sinfo->count.from;
97} 93}
98 94
99static bool check(const char *tablename, 95static bool
100 const void *ip, 96connbytes_mt_check(const char *tablename, const void *ip,
101 const struct xt_match *match, 97 const struct xt_match *match, void *matchinfo,
102 void *matchinfo, 98 unsigned int hook_mask)
103 unsigned int hook_mask)
104{ 99{
105 const struct xt_connbytes_info *sinfo = matchinfo; 100 const struct xt_connbytes_info *sinfo = matchinfo;
106 101
@@ -124,43 +119,42 @@ static bool check(const char *tablename,
124} 119}
125 120
126static void 121static void
127destroy(const struct xt_match *match, void *matchinfo) 122connbytes_mt_destroy(const struct xt_match *match, void *matchinfo)
128{ 123{
129 nf_ct_l3proto_module_put(match->family); 124 nf_ct_l3proto_module_put(match->family);
130} 125}
131 126
132static struct xt_match xt_connbytes_match[] __read_mostly = { 127static struct xt_match connbytes_mt_reg[] __read_mostly = {
133 { 128 {
134 .name = "connbytes", 129 .name = "connbytes",
135 .family = AF_INET, 130 .family = AF_INET,
136 .checkentry = check, 131 .checkentry = connbytes_mt_check,
137 .match = match, 132 .match = connbytes_mt,
138 .destroy = destroy, 133 .destroy = connbytes_mt_destroy,
139 .matchsize = sizeof(struct xt_connbytes_info), 134 .matchsize = sizeof(struct xt_connbytes_info),
140 .me = THIS_MODULE 135 .me = THIS_MODULE
141 }, 136 },
142 { 137 {
143 .name = "connbytes", 138 .name = "connbytes",
144 .family = AF_INET6, 139 .family = AF_INET6,
145 .checkentry = check, 140 .checkentry = connbytes_mt_check,
146 .match = match, 141 .match = connbytes_mt,
147 .destroy = destroy, 142 .destroy = connbytes_mt_destroy,
148 .matchsize = sizeof(struct xt_connbytes_info), 143 .matchsize = sizeof(struct xt_connbytes_info),
149 .me = THIS_MODULE 144 .me = THIS_MODULE
150 }, 145 },
151}; 146};
152 147
153static int __init xt_connbytes_init(void) 148static int __init connbytes_mt_init(void)
154{ 149{
155 return xt_register_matches(xt_connbytes_match, 150 return xt_register_matches(connbytes_mt_reg,
156 ARRAY_SIZE(xt_connbytes_match)); 151 ARRAY_SIZE(connbytes_mt_reg));
157} 152}
158 153
159static void __exit xt_connbytes_fini(void) 154static void __exit connbytes_mt_exit(void)
160{ 155{
161 xt_unregister_matches(xt_connbytes_match, 156 xt_unregister_matches(connbytes_mt_reg, ARRAY_SIZE(connbytes_mt_reg));
162 ARRAY_SIZE(xt_connbytes_match));
163} 157}
164 158
165module_init(xt_connbytes_init); 159module_init(connbytes_mt_init);
166module_exit(xt_connbytes_fini); 160module_exit(connbytes_mt_exit);
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index d7becf08a93..26d12b00a9c 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -54,7 +54,7 @@ static inline unsigned int connlimit_iphash(__be32 addr)
54 54
55static inline unsigned int 55static inline unsigned int
56connlimit_iphash6(const union nf_conntrack_address *addr, 56connlimit_iphash6(const union nf_conntrack_address *addr,
57 const union nf_conntrack_address *mask) 57 const union nf_conntrack_address *mask)
58{ 58{
59 union nf_conntrack_address res; 59 union nf_conntrack_address res;
60 unsigned int i; 60 unsigned int i;
@@ -178,12 +178,11 @@ static int count_them(struct xt_connlimit_data *data,
178 return matches; 178 return matches;
179} 179}
180 180
181static bool connlimit_match(const struct sk_buff *skb, 181static bool
182 const struct net_device *in, 182connlimit_mt(const struct sk_buff *skb, const struct net_device *in,
183 const struct net_device *out, 183 const struct net_device *out, const struct xt_match *match,
184 const struct xt_match *match, 184 const void *matchinfo, int offset, unsigned int protoff,
185 const void *matchinfo, int offset, 185 bool *hotdrop)
186 unsigned int protoff, bool *hotdrop)
187{ 186{
188 const struct xt_connlimit_info *info = matchinfo; 187 const struct xt_connlimit_info *info = matchinfo;
189 union nf_conntrack_address addr, mask; 188 union nf_conntrack_address addr, mask;
@@ -227,9 +226,10 @@ static bool connlimit_match(const struct sk_buff *skb,
227 return false; 226 return false;
228} 227}
229 228
230static bool connlimit_check(const char *tablename, const void *ip, 229static bool
231 const struct xt_match *match, void *matchinfo, 230connlimit_mt_check(const char *tablename, const void *ip,
232 unsigned int hook_mask) 231 const struct xt_match *match, void *matchinfo,
232 unsigned int hook_mask)
233{ 233{
234 struct xt_connlimit_info *info = matchinfo; 234 struct xt_connlimit_info *info = matchinfo;
235 unsigned int i; 235 unsigned int i;
@@ -254,7 +254,8 @@ static bool connlimit_check(const char *tablename, const void *ip,
254 return true; 254 return true;
255} 255}
256 256
257static void connlimit_destroy(const struct xt_match *match, void *matchinfo) 257static void
258connlimit_mt_destroy(const struct xt_match *match, void *matchinfo)
258{ 259{
259 struct xt_connlimit_info *info = matchinfo; 260 struct xt_connlimit_info *info = matchinfo;
260 struct xt_connlimit_conn *conn; 261 struct xt_connlimit_conn *conn;
@@ -274,39 +275,40 @@ static void connlimit_destroy(const struct xt_match *match, void *matchinfo)
274 kfree(info->data); 275 kfree(info->data);
275} 276}
276 277
277static struct xt_match connlimit_reg[] __read_mostly = { 278static struct xt_match connlimit_mt_reg[] __read_mostly = {
278 { 279 {
279 .name = "connlimit", 280 .name = "connlimit",
280 .family = AF_INET, 281 .family = AF_INET,
281 .checkentry = connlimit_check, 282 .checkentry = connlimit_mt_check,
282 .match = connlimit_match, 283 .match = connlimit_mt,
283 .matchsize = sizeof(struct xt_connlimit_info), 284 .matchsize = sizeof(struct xt_connlimit_info),
284 .destroy = connlimit_destroy, 285 .destroy = connlimit_mt_destroy,
285 .me = THIS_MODULE, 286 .me = THIS_MODULE,
286 }, 287 },
287 { 288 {
288 .name = "connlimit", 289 .name = "connlimit",
289 .family = AF_INET6, 290 .family = AF_INET6,
290 .checkentry = connlimit_check, 291 .checkentry = connlimit_mt_check,
291 .match = connlimit_match, 292 .match = connlimit_mt,
292 .matchsize = sizeof(struct xt_connlimit_info), 293 .matchsize = sizeof(struct xt_connlimit_info),
293 .destroy = connlimit_destroy, 294 .destroy = connlimit_mt_destroy,
294 .me = THIS_MODULE, 295 .me = THIS_MODULE,
295 }, 296 },
296}; 297};
297 298
298static int __init xt_connlimit_init(void) 299static int __init connlimit_mt_init(void)
299{ 300{
300 return xt_register_matches(connlimit_reg, ARRAY_SIZE(connlimit_reg)); 301 return xt_register_matches(connlimit_mt_reg,
302 ARRAY_SIZE(connlimit_mt_reg));
301} 303}
302 304
303static void __exit xt_connlimit_exit(void) 305static void __exit connlimit_mt_exit(void)
304{ 306{
305 xt_unregister_matches(connlimit_reg, ARRAY_SIZE(connlimit_reg)); 307 xt_unregister_matches(connlimit_mt_reg, ARRAY_SIZE(connlimit_mt_reg));
306} 308}
307 309
308module_init(xt_connlimit_init); 310module_init(connlimit_mt_init);
309module_exit(xt_connlimit_exit); 311module_exit(connlimit_mt_exit);
310MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>"); 312MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
311MODULE_DESCRIPTION("netfilter xt_connlimit match module"); 313MODULE_DESCRIPTION("netfilter xt_connlimit match module");
312MODULE_LICENSE("GPL"); 314MODULE_LICENSE("GPL");
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index 9f67920af41..7e0874af318 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -32,14 +32,10 @@ MODULE_ALIAS("ipt_connmark");
32MODULE_ALIAS("ip6t_connmark"); 32MODULE_ALIAS("ip6t_connmark");
33 33
34static bool 34static bool
35match(const struct sk_buff *skb, 35connmark_mt(const struct sk_buff *skb, const struct net_device *in,
36 const struct net_device *in, 36 const struct net_device *out, const struct xt_match *match,
37 const struct net_device *out, 37 const void *matchinfo, int offset, unsigned int protoff,
38 const struct xt_match *match, 38 bool *hotdrop)
39 const void *matchinfo,
40 int offset,
41 unsigned int protoff,
42 bool *hotdrop)
43{ 39{
44 const struct xt_connmark_info *info = matchinfo; 40 const struct xt_connmark_info *info = matchinfo;
45 const struct nf_conn *ct; 41 const struct nf_conn *ct;
@@ -53,11 +49,9 @@ match(const struct sk_buff *skb,
53} 49}
54 50
55static bool 51static bool
56checkentry(const char *tablename, 52connmark_mt_check(const char *tablename, const void *ip,
57 const void *ip, 53 const struct xt_match *match, void *matchinfo,
58 const struct xt_match *match, 54 unsigned int hook_mask)
59 void *matchinfo,
60 unsigned int hook_mask)
61{ 55{
62 const struct xt_connmark_info *cm = matchinfo; 56 const struct xt_connmark_info *cm = matchinfo;
63 57
@@ -74,7 +68,7 @@ checkentry(const char *tablename,
74} 68}
75 69
76static void 70static void
77destroy(const struct xt_match *match, void *matchinfo) 71connmark_mt_destroy(const struct xt_match *match, void *matchinfo)
78{ 72{
79 nf_ct_l3proto_module_put(match->family); 73 nf_ct_l3proto_module_put(match->family);
80} 74}
@@ -87,7 +81,7 @@ struct compat_xt_connmark_info {
87 u_int16_t __pad2; 81 u_int16_t __pad2;
88}; 82};
89 83
90static void compat_from_user(void *dst, void *src) 84static void connmark_mt_compat_from_user(void *dst, void *src)
91{ 85{
92 const struct compat_xt_connmark_info *cm = src; 86 const struct compat_xt_connmark_info *cm = src;
93 struct xt_connmark_info m = { 87 struct xt_connmark_info m = {
@@ -98,7 +92,7 @@ static void compat_from_user(void *dst, void *src)
98 memcpy(dst, &m, sizeof(m)); 92 memcpy(dst, &m, sizeof(m));
99} 93}
100 94
101static int compat_to_user(void __user *dst, void *src) 95static int connmark_mt_compat_to_user(void __user *dst, void *src)
102{ 96{
103 const struct xt_connmark_info *m = src; 97 const struct xt_connmark_info *m = src;
104 struct compat_xt_connmark_info cm = { 98 struct compat_xt_connmark_info cm = {
@@ -110,42 +104,42 @@ static int compat_to_user(void __user *dst, void *src)
110} 104}
111#endif /* CONFIG_COMPAT */ 105#endif /* CONFIG_COMPAT */
112 106
113static struct xt_match xt_connmark_match[] __read_mostly = { 107static struct xt_match connmark_mt_reg[] __read_mostly = {
114 { 108 {
115 .name = "connmark", 109 .name = "connmark",
116 .family = AF_INET, 110 .family = AF_INET,
117 .checkentry = checkentry, 111 .checkentry = connmark_mt_check,
118 .match = match, 112 .match = connmark_mt,
119 .destroy = destroy, 113 .destroy = connmark_mt_destroy,
120 .matchsize = sizeof(struct xt_connmark_info), 114 .matchsize = sizeof(struct xt_connmark_info),
121#ifdef CONFIG_COMPAT 115#ifdef CONFIG_COMPAT
122 .compatsize = sizeof(struct compat_xt_connmark_info), 116 .compatsize = sizeof(struct compat_xt_connmark_info),
123 .compat_from_user = compat_from_user, 117 .compat_from_user = connmark_mt_compat_from_user,
124 .compat_to_user = compat_to_user, 118 .compat_to_user = connmark_mt_compat_to_user,
125#endif 119#endif
126 .me = THIS_MODULE 120 .me = THIS_MODULE
127 }, 121 },
128 { 122 {
129 .name = "connmark", 123 .name = "connmark",
130 .family = AF_INET6, 124 .family = AF_INET6,
131 .checkentry = checkentry, 125 .checkentry = connmark_mt_check,
132 .match = match, 126 .match = connmark_mt,
133 .destroy = destroy, 127 .destroy = connmark_mt_destroy,
134 .matchsize = sizeof(struct xt_connmark_info), 128 .matchsize = sizeof(struct xt_connmark_info),
135 .me = THIS_MODULE 129 .me = THIS_MODULE
136 }, 130 },
137}; 131};
138 132
139static int __init xt_connmark_init(void) 133static int __init connmark_mt_init(void)
140{ 134{
141 return xt_register_matches(xt_connmark_match, 135 return xt_register_matches(connmark_mt_reg,
142 ARRAY_SIZE(xt_connmark_match)); 136 ARRAY_SIZE(connmark_mt_reg));
143} 137}
144 138
145static void __exit xt_connmark_fini(void) 139static void __exit connmark_mt_exit(void)
146{ 140{
147 xt_unregister_matches(xt_connmark_match, ARRAY_SIZE(xt_connmark_match)); 141 xt_unregister_matches(connmark_mt_reg, ARRAY_SIZE(connmark_mt_reg));
148} 142}
149 143
150module_init(xt_connmark_init); 144module_init(connmark_mt_init);
151module_exit(xt_connmark_fini); 145module_exit(connmark_mt_exit);
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index ca4b69f020a..eb7e135ca6c 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -20,14 +20,10 @@ MODULE_DESCRIPTION("iptables connection tracking match module");
20MODULE_ALIAS("ipt_conntrack"); 20MODULE_ALIAS("ipt_conntrack");
21 21
22static bool 22static bool
23match(const struct sk_buff *skb, 23conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
24 const struct net_device *in, 24 const struct net_device *out, const struct xt_match *match,
25 const struct net_device *out, 25 const void *matchinfo, int offset, unsigned int protoff,
26 const struct xt_match *match, 26 bool *hotdrop)
27 const void *matchinfo,
28 int offset,
29 unsigned int protoff,
30 bool *hotdrop)
31{ 27{
32 const struct xt_conntrack_info *sinfo = matchinfo; 28 const struct xt_conntrack_info *sinfo = matchinfo;
33 const struct nf_conn *ct; 29 const struct nf_conn *ct;
@@ -115,11 +111,9 @@ match(const struct sk_buff *skb,
115} 111}
116 112
117static bool 113static bool
118checkentry(const char *tablename, 114conntrack_mt_check(const char *tablename, const void *ip,
119 const void *ip, 115 const struct xt_match *match, void *matchinfo,
120 const struct xt_match *match, 116 unsigned int hook_mask)
121 void *matchinfo,
122 unsigned int hook_mask)
123{ 117{
124 if (nf_ct_l3proto_try_module_get(match->family) < 0) { 118 if (nf_ct_l3proto_try_module_get(match->family) < 0) {
125 printk(KERN_WARNING "can't load conntrack support for " 119 printk(KERN_WARNING "can't load conntrack support for "
@@ -129,7 +123,8 @@ checkentry(const char *tablename,
129 return true; 123 return true;
130} 124}
131 125
132static void destroy(const struct xt_match *match, void *matchinfo) 126static void
127conntrack_mt_destroy(const struct xt_match *match, void *matchinfo)
133{ 128{
134 nf_ct_l3proto_module_put(match->family); 129 nf_ct_l3proto_module_put(match->family);
135} 130}
@@ -148,7 +143,7 @@ struct compat_xt_conntrack_info
148 u_int8_t invflags; 143 u_int8_t invflags;
149}; 144};
150 145
151static void compat_from_user(void *dst, void *src) 146static void conntrack_mt_compat_from_user(void *dst, void *src)
152{ 147{
153 const struct compat_xt_conntrack_info *cm = src; 148 const struct compat_xt_conntrack_info *cm = src;
154 struct xt_conntrack_info m = { 149 struct xt_conntrack_info m = {
@@ -165,7 +160,7 @@ static void compat_from_user(void *dst, void *src)
165 memcpy(dst, &m, sizeof(m)); 160 memcpy(dst, &m, sizeof(m));
166} 161}
167 162
168static int compat_to_user(void __user *dst, void *src) 163static int conntrack_mt_compat_to_user(void __user *dst, void *src)
169{ 164{
170 const struct xt_conntrack_info *m = src; 165 const struct xt_conntrack_info *m = src;
171 struct compat_xt_conntrack_info cm = { 166 struct compat_xt_conntrack_info cm = {
@@ -183,30 +178,30 @@ static int compat_to_user(void __user *dst, void *src)
183} 178}
184#endif 179#endif
185 180
186static struct xt_match conntrack_match __read_mostly = { 181static struct xt_match conntrack_mt_reg __read_mostly = {
187 .name = "conntrack", 182 .name = "conntrack",
188 .match = match, 183 .match = conntrack_mt,
189 .checkentry = checkentry, 184 .checkentry = conntrack_mt_check,
190 .destroy = destroy, 185 .destroy = conntrack_mt_destroy,
191 .matchsize = sizeof(struct xt_conntrack_info), 186 .matchsize = sizeof(struct xt_conntrack_info),
192#ifdef CONFIG_COMPAT 187#ifdef CONFIG_COMPAT
193 .compatsize = sizeof(struct compat_xt_conntrack_info), 188 .compatsize = sizeof(struct compat_xt_conntrack_info),
194 .compat_from_user = compat_from_user, 189 .compat_from_user = conntrack_mt_compat_from_user,
195 .compat_to_user = compat_to_user, 190 .compat_to_user = conntrack_mt_compat_to_user,
196#endif 191#endif
197 .family = AF_INET, 192 .family = AF_INET,
198 .me = THIS_MODULE, 193 .me = THIS_MODULE,
199}; 194};
200 195
201static int __init xt_conntrack_init(void) 196static int __init conntrack_mt_init(void)
202{ 197{
203 return xt_register_match(&conntrack_match); 198 return xt_register_match(&conntrack_mt_reg);
204} 199}
205 200
206static void __exit xt_conntrack_fini(void) 201static void __exit conntrack_mt_exit(void)
207{ 202{
208 xt_unregister_match(&conntrack_match); 203 xt_unregister_match(&conntrack_mt_reg);
209} 204}
210 205
211module_init(xt_conntrack_init); 206module_init(conntrack_mt_init);
212module_exit(xt_conntrack_fini); 207module_exit(conntrack_mt_exit);
diff --git a/net/netfilter/xt_dccp.c b/net/netfilter/xt_dccp.c
index c2b1b24ee33..ab2f7e9f75a 100644
--- a/net/netfilter/xt_dccp.c
+++ b/net/netfilter/xt_dccp.c
@@ -93,14 +93,9 @@ match_option(u_int8_t option, const struct sk_buff *skb, unsigned int protoff,
93} 93}
94 94
95static bool 95static bool
96match(const struct sk_buff *skb, 96dccp_mt(const struct sk_buff *skb, const struct net_device *in,
97 const struct net_device *in, 97 const struct net_device *out, const struct xt_match *match,
98 const struct net_device *out, 98 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
99 const struct xt_match *match,
100 const void *matchinfo,
101 int offset,
102 unsigned int protoff,
103 bool *hotdrop)
104{ 99{
105 const struct xt_dccp_info *info = matchinfo; 100 const struct xt_dccp_info *info = matchinfo;
106 struct dccp_hdr _dh, *dh; 101 struct dccp_hdr _dh, *dh;
@@ -128,11 +123,9 @@ match(const struct sk_buff *skb,
128} 123}
129 124
130static bool 125static bool
131checkentry(const char *tablename, 126dccp_mt_check(const char *tablename, const void *inf,
132 const void *inf, 127 const struct xt_match *match, void *matchinfo,
133 const struct xt_match *match, 128 unsigned int hook_mask)
134 void *matchinfo,
135 unsigned int hook_mask)
136{ 129{
137 const struct xt_dccp_info *info = matchinfo; 130 const struct xt_dccp_info *info = matchinfo;
138 131
@@ -141,12 +134,12 @@ checkentry(const char *tablename,
141 && !(info->invflags & ~info->flags); 134 && !(info->invflags & ~info->flags);
142} 135}
143 136
144static struct xt_match xt_dccp_match[] __read_mostly = { 137static struct xt_match dccp_mt_reg[] __read_mostly = {
145 { 138 {
146 .name = "dccp", 139 .name = "dccp",
147 .family = AF_INET, 140 .family = AF_INET,
148 .checkentry = checkentry, 141 .checkentry = dccp_mt_check,
149 .match = match, 142 .match = dccp_mt,
150 .matchsize = sizeof(struct xt_dccp_info), 143 .matchsize = sizeof(struct xt_dccp_info),
151 .proto = IPPROTO_DCCP, 144 .proto = IPPROTO_DCCP,
152 .me = THIS_MODULE, 145 .me = THIS_MODULE,
@@ -154,15 +147,15 @@ static struct xt_match xt_dccp_match[] __read_mostly = {
154 { 147 {
155 .name = "dccp", 148 .name = "dccp",
156 .family = AF_INET6, 149 .family = AF_INET6,
157 .checkentry = checkentry, 150 .checkentry = dccp_mt_check,
158 .match = match, 151 .match = dccp_mt,
159 .matchsize = sizeof(struct xt_dccp_info), 152 .matchsize = sizeof(struct xt_dccp_info),
160 .proto = IPPROTO_DCCP, 153 .proto = IPPROTO_DCCP,
161 .me = THIS_MODULE, 154 .me = THIS_MODULE,
162 }, 155 },
163}; 156};
164 157
165static int __init xt_dccp_init(void) 158static int __init dccp_mt_init(void)
166{ 159{
167 int ret; 160 int ret;
168 161
@@ -172,7 +165,7 @@ static int __init xt_dccp_init(void)
172 dccp_optbuf = kmalloc(256 * 4, GFP_KERNEL); 165 dccp_optbuf = kmalloc(256 * 4, GFP_KERNEL);
173 if (!dccp_optbuf) 166 if (!dccp_optbuf)
174 return -ENOMEM; 167 return -ENOMEM;
175 ret = xt_register_matches(xt_dccp_match, ARRAY_SIZE(xt_dccp_match)); 168 ret = xt_register_matches(dccp_mt_reg, ARRAY_SIZE(dccp_mt_reg));
176 if (ret) 169 if (ret)
177 goto out_kfree; 170 goto out_kfree;
178 return ret; 171 return ret;
@@ -182,11 +175,11 @@ out_kfree:
182 return ret; 175 return ret;
183} 176}
184 177
185static void __exit xt_dccp_fini(void) 178static void __exit dccp_mt_exit(void)
186{ 179{
187 xt_unregister_matches(xt_dccp_match, ARRAY_SIZE(xt_dccp_match)); 180 xt_unregister_matches(dccp_mt_reg, ARRAY_SIZE(dccp_mt_reg));
188 kfree(dccp_optbuf); 181 kfree(dccp_optbuf);
189} 182}
190 183
191module_init(xt_dccp_init); 184module_init(dccp_mt_init);
192module_exit(xt_dccp_fini); 185module_exit(dccp_mt_exit);
diff --git a/net/netfilter/xt_dscp.c b/net/netfilter/xt_dscp.c
index dde6d66e0d3..63f7354ca9a 100644
--- a/net/netfilter/xt_dscp.c
+++ b/net/netfilter/xt_dscp.c
@@ -22,14 +22,10 @@ MODULE_LICENSE("GPL");
22MODULE_ALIAS("ipt_dscp"); 22MODULE_ALIAS("ipt_dscp");
23MODULE_ALIAS("ip6t_dscp"); 23MODULE_ALIAS("ip6t_dscp");
24 24
25static bool match(const struct sk_buff *skb, 25static bool
26 const struct net_device *in, 26dscp_mt(const struct sk_buff *skb, const struct net_device *in,
27 const struct net_device *out, 27 const struct net_device *out, const struct xt_match *match,
28 const struct xt_match *match, 28 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
29 const void *matchinfo,
30 int offset,
31 unsigned int protoff,
32 bool *hotdrop)
33{ 29{
34 const struct xt_dscp_info *info = matchinfo; 30 const struct xt_dscp_info *info = matchinfo;
35 u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT; 31 u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
@@ -37,14 +33,11 @@ static bool match(const struct sk_buff *skb,
37 return (dscp == info->dscp) ^ !!info->invert; 33 return (dscp == info->dscp) ^ !!info->invert;
38} 34}
39 35
40static bool match6(const struct sk_buff *skb, 36static bool
41 const struct net_device *in, 37dscp_mt6(const struct sk_buff *skb, const struct net_device *in,
42 const struct net_device *out, 38 const struct net_device *out, const struct xt_match *match,
43 const struct xt_match *match, 39 const void *matchinfo, int offset, unsigned int protoff,
44 const void *matchinfo, 40 bool *hotdrop)
45 int offset,
46 unsigned int protoff,
47 bool *hotdrop)
48{ 41{
49 const struct xt_dscp_info *info = matchinfo; 42 const struct xt_dscp_info *info = matchinfo;
50 u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT; 43 u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
@@ -52,11 +45,10 @@ static bool match6(const struct sk_buff *skb,
52 return (dscp == info->dscp) ^ !!info->invert; 45 return (dscp == info->dscp) ^ !!info->invert;
53} 46}
54 47
55static bool checkentry(const char *tablename, 48static bool
56 const void *info, 49dscp_mt_check(const char *tablename, const void *info,
57 const struct xt_match *match, 50 const struct xt_match *match, void *matchinfo,
58 void *matchinfo, 51 unsigned int hook_mask)
59 unsigned int hook_mask)
60{ 52{
61 const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp; 53 const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp;
62 54
@@ -68,34 +60,34 @@ static bool checkentry(const char *tablename,
68 return true; 60 return true;
69} 61}
70 62
71static struct xt_match xt_dscp_match[] __read_mostly = { 63static struct xt_match dscp_mt_reg[] __read_mostly = {
72 { 64 {
73 .name = "dscp", 65 .name = "dscp",
74 .family = AF_INET, 66 .family = AF_INET,
75 .checkentry = checkentry, 67 .checkentry = dscp_mt_check,
76 .match = match, 68 .match = dscp_mt,
77 .matchsize = sizeof(struct xt_dscp_info), 69 .matchsize = sizeof(struct xt_dscp_info),
78 .me = THIS_MODULE, 70 .me = THIS_MODULE,
79 }, 71 },
80 { 72 {
81 .name = "dscp", 73 .name = "dscp",
82 .family = AF_INET6, 74 .family = AF_INET6,
83 .checkentry = checkentry, 75 .checkentry = dscp_mt_check,
84 .match = match6, 76 .match = dscp_mt6,
85 .matchsize = sizeof(struct xt_dscp_info), 77 .matchsize = sizeof(struct xt_dscp_info),
86 .me = THIS_MODULE, 78 .me = THIS_MODULE,
87 }, 79 },
88}; 80};
89 81
90static int __init xt_dscp_match_init(void) 82static int __init dscp_mt_init(void)
91{ 83{
92 return xt_register_matches(xt_dscp_match, ARRAY_SIZE(xt_dscp_match)); 84 return xt_register_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
93} 85}
94 86
95static void __exit xt_dscp_match_fini(void) 87static void __exit dscp_mt_exit(void)
96{ 88{
97 xt_unregister_matches(xt_dscp_match, ARRAY_SIZE(xt_dscp_match)); 89 xt_unregister_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
98} 90}
99 91
100module_init(xt_dscp_match_init); 92module_init(dscp_mt_init);
101module_exit(xt_dscp_match_fini); 93module_exit(dscp_mt_exit);
diff --git a/net/netfilter/xt_esp.c b/net/netfilter/xt_esp.c
index b11378e001b..d7c90ac393d 100644
--- a/net/netfilter/xt_esp.c
+++ b/net/netfilter/xt_esp.c
@@ -43,14 +43,9 @@ spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)
43} 43}
44 44
45static bool 45static bool
46match(const struct sk_buff *skb, 46esp_mt(const struct sk_buff *skb, const struct net_device *in,
47 const struct net_device *in, 47 const struct net_device *out, const struct xt_match *match,
48 const struct net_device *out, 48 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
49 const struct xt_match *match,
50 const void *matchinfo,
51 int offset,
52 unsigned int protoff,
53 bool *hotdrop)
54{ 49{
55 struct ip_esp_hdr _esp, *eh; 50 struct ip_esp_hdr _esp, *eh;
56 const struct xt_esp *espinfo = matchinfo; 51 const struct xt_esp *espinfo = matchinfo;
@@ -75,11 +70,9 @@ match(const struct sk_buff *skb,
75 70
76/* Called when user tries to insert an entry of this type. */ 71/* Called when user tries to insert an entry of this type. */
77static bool 72static bool
78checkentry(const char *tablename, 73esp_mt_check(const char *tablename, const void *ip_void,
79 const void *ip_void, 74 const struct xt_match *match, void *matchinfo,
80 const struct xt_match *match, 75 unsigned int hook_mask)
81 void *matchinfo,
82 unsigned int hook_mask)
83{ 76{
84 const struct xt_esp *espinfo = matchinfo; 77 const struct xt_esp *espinfo = matchinfo;
85 78
@@ -91,12 +84,12 @@ checkentry(const char *tablename,
91 return true; 84 return true;
92} 85}
93 86
94static struct xt_match xt_esp_match[] __read_mostly = { 87static struct xt_match esp_mt_reg[] __read_mostly = {
95 { 88 {
96 .name = "esp", 89 .name = "esp",
97 .family = AF_INET, 90 .family = AF_INET,
98 .checkentry = checkentry, 91 .checkentry = esp_mt_check,
99 .match = match, 92 .match = esp_mt,
100 .matchsize = sizeof(struct xt_esp), 93 .matchsize = sizeof(struct xt_esp),
101 .proto = IPPROTO_ESP, 94 .proto = IPPROTO_ESP,
102 .me = THIS_MODULE, 95 .me = THIS_MODULE,
@@ -104,23 +97,23 @@ static struct xt_match xt_esp_match[] __read_mostly = {
104 { 97 {
105 .name = "esp", 98 .name = "esp",
106 .family = AF_INET6, 99 .family = AF_INET6,
107 .checkentry = checkentry, 100 .checkentry = esp_mt_check,
108 .match = match, 101 .match = esp_mt,
109 .matchsize = sizeof(struct xt_esp), 102 .matchsize = sizeof(struct xt_esp),
110 .proto = IPPROTO_ESP, 103 .proto = IPPROTO_ESP,
111 .me = THIS_MODULE, 104 .me = THIS_MODULE,
112 }, 105 },
113}; 106};
114 107
115static int __init xt_esp_init(void) 108static int __init esp_mt_init(void)
116{ 109{
117 return xt_register_matches(xt_esp_match, ARRAY_SIZE(xt_esp_match)); 110 return xt_register_matches(esp_mt_reg, ARRAY_SIZE(esp_mt_reg));
118} 111}
119 112
120static void __exit xt_esp_cleanup(void) 113static void __exit esp_mt_exit(void)
121{ 114{
122 xt_unregister_matches(xt_esp_match, ARRAY_SIZE(xt_esp_match)); 115 xt_unregister_matches(esp_mt_reg, ARRAY_SIZE(esp_mt_reg));
123} 116}
124 117
125module_init(xt_esp_init); 118module_init(esp_mt_init);
126module_exit(xt_esp_cleanup); 119module_exit(esp_mt_exit);
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 2ef44d8560c..49a9e691dc1 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -441,14 +441,10 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
441} 441}
442 442
443static bool 443static bool
444hashlimit_match(const struct sk_buff *skb, 444hashlimit_mt(const struct sk_buff *skb, const struct net_device *in,
445 const struct net_device *in, 445 const struct net_device *out, const struct xt_match *match,
446 const struct net_device *out, 446 const void *matchinfo, int offset, unsigned int protoff,
447 const struct xt_match *match, 447 bool *hotdrop)
448 const void *matchinfo,
449 int offset,
450 unsigned int protoff,
451 bool *hotdrop)
452{ 448{
453 const struct xt_hashlimit_info *r = 449 const struct xt_hashlimit_info *r =
454 ((const struct xt_hashlimit_info *)matchinfo)->u.master; 450 ((const struct xt_hashlimit_info *)matchinfo)->u.master;
@@ -500,11 +496,9 @@ hotdrop:
500} 496}
501 497
502static bool 498static bool
503hashlimit_checkentry(const char *tablename, 499hashlimit_mt_check(const char *tablename, const void *inf,
504 const void *inf, 500 const struct xt_match *match, void *matchinfo,
505 const struct xt_match *match, 501 unsigned int hook_mask)
506 void *matchinfo,
507 unsigned int hook_mask)
508{ 502{
509 struct xt_hashlimit_info *r = matchinfo; 503 struct xt_hashlimit_info *r = matchinfo;
510 504
@@ -548,7 +542,7 @@ hashlimit_checkentry(const char *tablename,
548} 542}
549 543
550static void 544static void
551hashlimit_destroy(const struct xt_match *match, void *matchinfo) 545hashlimit_mt_destroy(const struct xt_match *match, void *matchinfo)
552{ 546{
553 const struct xt_hashlimit_info *r = matchinfo; 547 const struct xt_hashlimit_info *r = matchinfo;
554 548
@@ -563,7 +557,7 @@ struct compat_xt_hashlimit_info {
563 compat_uptr_t master; 557 compat_uptr_t master;
564}; 558};
565 559
566static void compat_from_user(void *dst, void *src) 560static void hashlimit_mt_compat_from_user(void *dst, void *src)
567{ 561{
568 int off = offsetof(struct compat_xt_hashlimit_info, hinfo); 562 int off = offsetof(struct compat_xt_hashlimit_info, hinfo);
569 563
@@ -571,7 +565,7 @@ static void compat_from_user(void *dst, void *src)
571 memset(dst + off, 0, sizeof(struct compat_xt_hashlimit_info) - off); 565 memset(dst + off, 0, sizeof(struct compat_xt_hashlimit_info) - off);
572} 566}
573 567
574static int compat_to_user(void __user *dst, void *src) 568static int hashlimit_mt_compat_to_user(void __user *dst, void *src)
575{ 569{
576 int off = offsetof(struct compat_xt_hashlimit_info, hinfo); 570 int off = offsetof(struct compat_xt_hashlimit_info, hinfo);
577 571
@@ -579,33 +573,33 @@ static int compat_to_user(void __user *dst, void *src)
579} 573}
580#endif 574#endif
581 575
582static struct xt_match xt_hashlimit[] __read_mostly = { 576static struct xt_match hashlimit_mt_reg[] __read_mostly = {
583 { 577 {
584 .name = "hashlimit", 578 .name = "hashlimit",
585 .family = AF_INET, 579 .family = AF_INET,
586 .match = hashlimit_match, 580 .match = hashlimit_mt,
587 .matchsize = sizeof(struct xt_hashlimit_info), 581 .matchsize = sizeof(struct xt_hashlimit_info),
588#ifdef CONFIG_COMPAT 582#ifdef CONFIG_COMPAT
589 .compatsize = sizeof(struct compat_xt_hashlimit_info), 583 .compatsize = sizeof(struct compat_xt_hashlimit_info),
590 .compat_from_user = compat_from_user, 584 .compat_from_user = hashlimit_mt_compat_from_user,
591 .compat_to_user = compat_to_user, 585 .compat_to_user = hashlimit_mt_compat_to_user,
592#endif 586#endif
593 .checkentry = hashlimit_checkentry, 587 .checkentry = hashlimit_mt_check,
594 .destroy = hashlimit_destroy, 588 .destroy = hashlimit_mt_destroy,
595 .me = THIS_MODULE 589 .me = THIS_MODULE
596 }, 590 },
597 { 591 {
598 .name = "hashlimit", 592 .name = "hashlimit",
599 .family = AF_INET6, 593 .family = AF_INET6,
600 .match = hashlimit_match, 594 .match = hashlimit_mt,
601 .matchsize = sizeof(struct xt_hashlimit_info), 595 .matchsize = sizeof(struct xt_hashlimit_info),
602#ifdef CONFIG_COMPAT 596#ifdef CONFIG_COMPAT
603 .compatsize = sizeof(struct compat_xt_hashlimit_info), 597 .compatsize = sizeof(struct compat_xt_hashlimit_info),
604 .compat_from_user = compat_from_user, 598 .compat_from_user = hashlimit_mt_compat_from_user,
605 .compat_to_user = compat_to_user, 599 .compat_to_user = hashlimit_mt_compat_to_user,
606#endif 600#endif
607 .checkentry = hashlimit_checkentry, 601 .checkentry = hashlimit_mt_check,
608 .destroy = hashlimit_destroy, 602 .destroy = hashlimit_mt_destroy,
609 .me = THIS_MODULE 603 .me = THIS_MODULE
610 }, 604 },
611}; 605};
@@ -728,11 +722,12 @@ static const struct file_operations dl_file_ops = {
728 .release = seq_release 722 .release = seq_release
729}; 723};
730 724
731static int __init xt_hashlimit_init(void) 725static int __init hashlimit_mt_init(void)
732{ 726{
733 int err; 727 int err;
734 728
735 err = xt_register_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit)); 729 err = xt_register_matches(hashlimit_mt_reg,
730 ARRAY_SIZE(hashlimit_mt_reg));
736 if (err < 0) 731 if (err < 0)
737 goto err1; 732 goto err1;
738 733
@@ -762,19 +757,19 @@ err4:
762err3: 757err3:
763 kmem_cache_destroy(hashlimit_cachep); 758 kmem_cache_destroy(hashlimit_cachep);
764err2: 759err2:
765 xt_unregister_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit)); 760 xt_unregister_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg));
766err1: 761err1:
767 return err; 762 return err;
768 763
769} 764}
770 765
771static void __exit xt_hashlimit_fini(void) 766static void __exit hashlimit_mt_exit(void)
772{ 767{
773 remove_proc_entry("ipt_hashlimit", init_net.proc_net); 768 remove_proc_entry("ipt_hashlimit", init_net.proc_net);
774 remove_proc_entry("ip6t_hashlimit", init_net.proc_net); 769 remove_proc_entry("ip6t_hashlimit", init_net.proc_net);
775 kmem_cache_destroy(hashlimit_cachep); 770 kmem_cache_destroy(hashlimit_cachep);
776 xt_unregister_matches(xt_hashlimit, ARRAY_SIZE(xt_hashlimit)); 771 xt_unregister_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg));
777} 772}
778 773
779module_init(xt_hashlimit_init); 774module_init(hashlimit_mt_init);
780module_exit(xt_hashlimit_fini); 775module_exit(hashlimit_mt_exit);
diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c
index d842c4a6d63..f342788a576 100644
--- a/net/netfilter/xt_helper.c
+++ b/net/netfilter/xt_helper.c
@@ -24,14 +24,10 @@ MODULE_ALIAS("ip6t_helper");
24 24
25 25
26static bool 26static bool
27match(const struct sk_buff *skb, 27helper_mt(const struct sk_buff *skb, const struct net_device *in,
28 const struct net_device *in, 28 const struct net_device *out, const struct xt_match *match,
29 const struct net_device *out, 29 const void *matchinfo, int offset, unsigned int protoff,
30 const struct xt_match *match, 30 bool *hotdrop)
31 const void *matchinfo,
32 int offset,
33 unsigned int protoff,
34 bool *hotdrop)
35{ 31{
36 const struct xt_helper_info *info = matchinfo; 32 const struct xt_helper_info *info = matchinfo;
37 const struct nf_conn *ct; 33 const struct nf_conn *ct;
@@ -61,11 +57,10 @@ match(const struct sk_buff *skb,
61 return ret; 57 return ret;
62} 58}
63 59
64static bool check(const char *tablename, 60static bool
65 const void *inf, 61helper_mt_check(const char *tablename, const void *inf,
66 const struct xt_match *match, 62 const struct xt_match *match, void *matchinfo,
67 void *matchinfo, 63 unsigned int hook_mask)
68 unsigned int hook_mask)
69{ 64{
70 struct xt_helper_info *info = matchinfo; 65 struct xt_helper_info *info = matchinfo;
71 66
@@ -78,44 +73,41 @@ static bool check(const char *tablename,
78 return true; 73 return true;
79} 74}
80 75
81static void 76static void helper_mt_destroy(const struct xt_match *match, void *matchinfo)
82destroy(const struct xt_match *match, void *matchinfo)
83{ 77{
84 nf_ct_l3proto_module_put(match->family); 78 nf_ct_l3proto_module_put(match->family);
85} 79}
86 80
87static struct xt_match xt_helper_match[] __read_mostly = { 81static struct xt_match helper_mt_reg[] __read_mostly = {
88 { 82 {
89 .name = "helper", 83 .name = "helper",
90 .family = AF_INET, 84 .family = AF_INET,
91 .checkentry = check, 85 .checkentry = helper_mt_check,
92 .match = match, 86 .match = helper_mt,
93 .destroy = destroy, 87 .destroy = helper_mt_destroy,
94 .matchsize = sizeof(struct xt_helper_info), 88 .matchsize = sizeof(struct xt_helper_info),
95 .me = THIS_MODULE, 89 .me = THIS_MODULE,
96 }, 90 },
97 { 91 {
98 .name = "helper", 92 .name = "helper",
99 .family = AF_INET6, 93 .family = AF_INET6,
100 .checkentry = check, 94 .checkentry = helper_mt_check,
101 .match = match, 95 .match = helper_mt,
102 .destroy = destroy, 96 .destroy = helper_mt_destroy,
103 .matchsize = sizeof(struct xt_helper_info), 97 .matchsize = sizeof(struct xt_helper_info),
104 .me = THIS_MODULE, 98 .me = THIS_MODULE,
105 }, 99 },
106}; 100};
107 101
108static int __init xt_helper_init(void) 102static int __init helper_mt_init(void)
109{ 103{
110 return xt_register_matches(xt_helper_match, 104 return xt_register_matches(helper_mt_reg, ARRAY_SIZE(helper_mt_reg));
111 ARRAY_SIZE(xt_helper_match));
112} 105}
113 106
114static void __exit xt_helper_fini(void) 107static void __exit helper_mt_exit(void)
115{ 108{
116 xt_unregister_matches(xt_helper_match, ARRAY_SIZE(xt_helper_match)); 109 xt_unregister_matches(helper_mt_reg, ARRAY_SIZE(helper_mt_reg));
117} 110}
118 111
119module_init(xt_helper_init); 112module_init(helper_mt_init);
120module_exit(xt_helper_fini); 113module_exit(helper_mt_exit);
121
diff --git a/net/netfilter/xt_length.c b/net/netfilter/xt_length.c
index 3dad173d973..ea545785965 100644
--- a/net/netfilter/xt_length.c
+++ b/net/netfilter/xt_length.c
@@ -21,14 +21,10 @@ MODULE_ALIAS("ipt_length");
21MODULE_ALIAS("ip6t_length"); 21MODULE_ALIAS("ip6t_length");
22 22
23static bool 23static bool
24match(const struct sk_buff *skb, 24length_mt(const struct sk_buff *skb, const struct net_device *in,
25 const struct net_device *in, 25 const struct net_device *out, const struct xt_match *match,
26 const struct net_device *out, 26 const void *matchinfo, int offset, unsigned int protoff,
27 const struct xt_match *match, 27 bool *hotdrop)
28 const void *matchinfo,
29 int offset,
30 unsigned int protoff,
31 bool *hotdrop)
32{ 28{
33 const struct xt_length_info *info = matchinfo; 29 const struct xt_length_info *info = matchinfo;
34 u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len); 30 u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len);
@@ -37,14 +33,10 @@ match(const struct sk_buff *skb,
37} 33}
38 34
39static bool 35static bool
40match6(const struct sk_buff *skb, 36length_mt6(const struct sk_buff *skb, const struct net_device *in,
41 const struct net_device *in, 37 const struct net_device *out, const struct xt_match *match,
42 const struct net_device *out, 38 const void *matchinfo, int offset, unsigned int protoff,
43 const struct xt_match *match, 39 bool *hotdrop)
44 const void *matchinfo,
45 int offset,
46 unsigned int protoff,
47 bool *hotdrop)
48{ 40{
49 const struct xt_length_info *info = matchinfo; 41 const struct xt_length_info *info = matchinfo;
50 const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) + 42 const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) +
@@ -53,33 +45,32 @@ match6(const struct sk_buff *skb,
53 return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 45 return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
54} 46}
55 47
56static struct xt_match xt_length_match[] __read_mostly = { 48static struct xt_match length_mt_reg[] __read_mostly = {
57 { 49 {
58 .name = "length", 50 .name = "length",
59 .family = AF_INET, 51 .family = AF_INET,
60 .match = match, 52 .match = length_mt,
61 .matchsize = sizeof(struct xt_length_info), 53 .matchsize = sizeof(struct xt_length_info),
62 .me = THIS_MODULE, 54 .me = THIS_MODULE,
63 }, 55 },
64 { 56 {
65 .name = "length", 57 .name = "length",
66 .family = AF_INET6, 58 .family = AF_INET6,
67 .match = match6, 59 .match = length_mt6,
68 .matchsize = sizeof(struct xt_length_info), 60 .matchsize = sizeof(struct xt_length_info),
69 .me = THIS_MODULE, 61 .me = THIS_MODULE,
70 }, 62 },
71}; 63};
72 64
73static int __init xt_length_init(void) 65static int __init length_mt_init(void)
74{ 66{
75 return xt_register_matches(xt_length_match, 67 return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
76 ARRAY_SIZE(xt_length_match));
77} 68}
78 69
79static void __exit xt_length_fini(void) 70static void __exit length_mt_exit(void)
80{ 71{
81 xt_unregister_matches(xt_length_match, ARRAY_SIZE(xt_length_match)); 72 xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
82} 73}
83 74
84module_init(xt_length_init); 75module_init(length_mt_init);
85module_exit(xt_length_fini); 76module_exit(length_mt_exit);
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c
index f263a77e57b..c9352dbf3a1 100644
--- a/net/netfilter/xt_limit.c
+++ b/net/netfilter/xt_limit.c
@@ -58,14 +58,10 @@ static DEFINE_SPINLOCK(limit_lock);
58#define CREDITS_PER_JIFFY POW2_BELOW32(MAX_CPJ) 58#define CREDITS_PER_JIFFY POW2_BELOW32(MAX_CPJ)
59 59
60static bool 60static bool
61ipt_limit_match(const struct sk_buff *skb, 61limit_mt(const struct sk_buff *skb, const struct net_device *in,
62 const struct net_device *in, 62 const struct net_device *out, const struct xt_match *match,
63 const struct net_device *out, 63 const void *matchinfo, int offset, unsigned int protoff,
64 const struct xt_match *match, 64 bool *hotdrop)
65 const void *matchinfo,
66 int offset,
67 unsigned int protoff,
68 bool *hotdrop)
69{ 65{
70 struct xt_rateinfo *r = 66 struct xt_rateinfo *r =
71 ((const struct xt_rateinfo *)matchinfo)->master; 67 ((const struct xt_rateinfo *)matchinfo)->master;
@@ -100,11 +96,9 @@ user2credits(u_int32_t user)
100} 96}
101 97
102static bool 98static bool
103ipt_limit_checkentry(const char *tablename, 99limit_mt_check(const char *tablename, const void *inf,
104 const void *inf, 100 const struct xt_match *match, void *matchinfo,
105 const struct xt_match *match, 101 unsigned int hook_mask)
106 void *matchinfo,
107 unsigned int hook_mask)
108{ 102{
109 struct xt_rateinfo *r = matchinfo; 103 struct xt_rateinfo *r = matchinfo;
110 104
@@ -143,7 +137,7 @@ struct compat_xt_rateinfo {
143 137
144/* To keep the full "prev" timestamp, the upper 32 bits are stored in the 138/* To keep the full "prev" timestamp, the upper 32 bits are stored in the
145 * master pointer, which does not need to be preserved. */ 139 * master pointer, which does not need to be preserved. */
146static void compat_from_user(void *dst, void *src) 140static void limit_mt_compat_from_user(void *dst, void *src)
147{ 141{
148 const struct compat_xt_rateinfo *cm = src; 142 const struct compat_xt_rateinfo *cm = src;
149 struct xt_rateinfo m = { 143 struct xt_rateinfo m = {
@@ -157,7 +151,7 @@ static void compat_from_user(void *dst, void *src)
157 memcpy(dst, &m, sizeof(m)); 151 memcpy(dst, &m, sizeof(m));
158} 152}
159 153
160static int compat_to_user(void __user *dst, void *src) 154static int limit_mt_compat_to_user(void __user *dst, void *src)
161{ 155{
162 const struct xt_rateinfo *m = src; 156 const struct xt_rateinfo *m = src;
163 struct compat_xt_rateinfo cm = { 157 struct compat_xt_rateinfo cm = {
@@ -173,39 +167,39 @@ static int compat_to_user(void __user *dst, void *src)
173} 167}
174#endif /* CONFIG_COMPAT */ 168#endif /* CONFIG_COMPAT */
175 169
176static struct xt_match xt_limit_match[] __read_mostly = { 170static struct xt_match limit_mt_reg[] __read_mostly = {
177 { 171 {
178 .name = "limit", 172 .name = "limit",
179 .family = AF_INET, 173 .family = AF_INET,
180 .checkentry = ipt_limit_checkentry, 174 .checkentry = limit_mt_check,
181 .match = ipt_limit_match, 175 .match = limit_mt,
182 .matchsize = sizeof(struct xt_rateinfo), 176 .matchsize = sizeof(struct xt_rateinfo),
183#ifdef CONFIG_COMPAT 177#ifdef CONFIG_COMPAT
184 .compatsize = sizeof(struct compat_xt_rateinfo), 178 .compatsize = sizeof(struct compat_xt_rateinfo),
185 .compat_from_user = compat_from_user, 179 .compat_from_user = limit_mt_compat_from_user,
186 .compat_to_user = compat_to_user, 180 .compat_to_user = limit_mt_compat_to_user,
187#endif 181#endif
188 .me = THIS_MODULE, 182 .me = THIS_MODULE,
189 }, 183 },
190 { 184 {
191 .name = "limit", 185 .name = "limit",
192 .family = AF_INET6, 186 .family = AF_INET6,
193 .checkentry = ipt_limit_checkentry, 187 .checkentry = limit_mt_check,
194 .match = ipt_limit_match, 188 .match = limit_mt,
195 .matchsize = sizeof(struct xt_rateinfo), 189 .matchsize = sizeof(struct xt_rateinfo),
196 .me = THIS_MODULE, 190 .me = THIS_MODULE,
197 }, 191 },
198}; 192};
199 193
200static int __init xt_limit_init(void) 194static int __init limit_mt_init(void)
201{ 195{
202 return xt_register_matches(xt_limit_match, ARRAY_SIZE(xt_limit_match)); 196 return xt_register_matches(limit_mt_reg, ARRAY_SIZE(limit_mt_reg));
203} 197}
204 198
205static void __exit xt_limit_fini(void) 199static void __exit limit_mt_exit(void)
206{ 200{
207 xt_unregister_matches(xt_limit_match, ARRAY_SIZE(xt_limit_match)); 201 xt_unregister_matches(limit_mt_reg, ARRAY_SIZE(limit_mt_reg));
208} 202}
209 203
210module_init(xt_limit_init); 204module_init(limit_mt_init);
211module_exit(xt_limit_fini); 205module_exit(limit_mt_exit);
diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c
index 6ff4479ca63..7d89863a78b 100644
--- a/net/netfilter/xt_mac.c
+++ b/net/netfilter/xt_mac.c
@@ -25,14 +25,9 @@ MODULE_ALIAS("ipt_mac");
25MODULE_ALIAS("ip6t_mac"); 25MODULE_ALIAS("ip6t_mac");
26 26
27static bool 27static bool
28match(const struct sk_buff *skb, 28mac_mt(const struct sk_buff *skb, const struct net_device *in,
29 const struct net_device *in, 29 const struct net_device *out, const struct xt_match *match,
30 const struct net_device *out, 30 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
31 const struct xt_match *match,
32 const void *matchinfo,
33 int offset,
34 unsigned int protoff,
35 bool *hotdrop)
36{ 31{
37 const struct xt_mac_info *info = matchinfo; 32 const struct xt_mac_info *info = matchinfo;
38 33
@@ -44,11 +39,11 @@ match(const struct sk_buff *skb,
44 ^ info->invert); 39 ^ info->invert);
45} 40}
46 41
47static struct xt_match xt_mac_match[] __read_mostly = { 42static struct xt_match mac_mt_reg[] __read_mostly = {
48 { 43 {
49 .name = "mac", 44 .name = "mac",
50 .family = AF_INET, 45 .family = AF_INET,
51 .match = match, 46 .match = mac_mt,
52 .matchsize = sizeof(struct xt_mac_info), 47 .matchsize = sizeof(struct xt_mac_info),
53 .hooks = (1 << NF_INET_PRE_ROUTING) | 48 .hooks = (1 << NF_INET_PRE_ROUTING) |
54 (1 << NF_INET_LOCAL_IN) | 49 (1 << NF_INET_LOCAL_IN) |
@@ -58,7 +53,7 @@ static struct xt_match xt_mac_match[] __read_mostly = {
58 { 53 {
59 .name = "mac", 54 .name = "mac",
60 .family = AF_INET6, 55 .family = AF_INET6,
61 .match = match, 56 .match = mac_mt,
62 .matchsize = sizeof(struct xt_mac_info), 57 .matchsize = sizeof(struct xt_mac_info),
63 .hooks = (1 << NF_INET_PRE_ROUTING) | 58 .hooks = (1 << NF_INET_PRE_ROUTING) |
64 (1 << NF_INET_LOCAL_IN) | 59 (1 << NF_INET_LOCAL_IN) |
@@ -67,15 +62,15 @@ static struct xt_match xt_mac_match[] __read_mostly = {
67 }, 62 },
68}; 63};
69 64
70static int __init xt_mac_init(void) 65static int __init mac_mt_init(void)
71{ 66{
72 return xt_register_matches(xt_mac_match, ARRAY_SIZE(xt_mac_match)); 67 return xt_register_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg));
73} 68}
74 69
75static void __exit xt_mac_fini(void) 70static void __exit mac_mt_exit(void)
76{ 71{
77 xt_unregister_matches(xt_mac_match, ARRAY_SIZE(xt_mac_match)); 72 xt_unregister_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg));
78} 73}
79 74
80module_init(xt_mac_init); 75module_init(mac_mt_init);
81module_exit(xt_mac_fini); 76module_exit(mac_mt_exit);
diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c
index c02a7f8f392..650cdea97e7 100644
--- a/net/netfilter/xt_mark.c
+++ b/net/netfilter/xt_mark.c
@@ -20,14 +20,9 @@ MODULE_ALIAS("ipt_mark");
20MODULE_ALIAS("ip6t_mark"); 20MODULE_ALIAS("ip6t_mark");
21 21
22static bool 22static bool
23match(const struct sk_buff *skb, 23mark_mt(const struct sk_buff *skb, const struct net_device *in,
24 const struct net_device *in, 24 const struct net_device *out, const struct xt_match *match,
25 const struct net_device *out, 25 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
26 const struct xt_match *match,
27 const void *matchinfo,
28 int offset,
29 unsigned int protoff,
30 bool *hotdrop)
31{ 26{
32 const struct xt_mark_info *info = matchinfo; 27 const struct xt_mark_info *info = matchinfo;
33 28
@@ -35,11 +30,9 @@ match(const struct sk_buff *skb,
35} 30}
36 31
37static bool 32static bool
38checkentry(const char *tablename, 33mark_mt_check(const char *tablename, const void *entry,
39 const void *entry, 34 const struct xt_match *match, void *matchinfo,
40 const struct xt_match *match, 35 unsigned int hook_mask)
41 void *matchinfo,
42 unsigned int hook_mask)
43{ 36{
44 const struct xt_mark_info *minfo = matchinfo; 37 const struct xt_mark_info *minfo = matchinfo;
45 38
@@ -58,7 +51,7 @@ struct compat_xt_mark_info {
58 u_int16_t __pad2; 51 u_int16_t __pad2;
59}; 52};
60 53
61static void compat_from_user(void *dst, void *src) 54static void mark_mt_compat_from_user(void *dst, void *src)
62{ 55{
63 const struct compat_xt_mark_info *cm = src; 56 const struct compat_xt_mark_info *cm = src;
64 struct xt_mark_info m = { 57 struct xt_mark_info m = {
@@ -69,7 +62,7 @@ static void compat_from_user(void *dst, void *src)
69 memcpy(dst, &m, sizeof(m)); 62 memcpy(dst, &m, sizeof(m));
70} 63}
71 64
72static int compat_to_user(void __user *dst, void *src) 65static int mark_mt_compat_to_user(void __user *dst, void *src)
73{ 66{
74 const struct xt_mark_info *m = src; 67 const struct xt_mark_info *m = src;
75 struct compat_xt_mark_info cm = { 68 struct compat_xt_mark_info cm = {
@@ -81,39 +74,39 @@ static int compat_to_user(void __user *dst, void *src)
81} 74}
82#endif /* CONFIG_COMPAT */ 75#endif /* CONFIG_COMPAT */
83 76
84static struct xt_match xt_mark_match[] __read_mostly = { 77static struct xt_match mark_mt_reg[] __read_mostly = {
85 { 78 {
86 .name = "mark", 79 .name = "mark",
87 .family = AF_INET, 80 .family = AF_INET,
88 .checkentry = checkentry, 81 .checkentry = mark_mt_check,
89 .match = match, 82 .match = mark_mt,
90 .matchsize = sizeof(struct xt_mark_info), 83 .matchsize = sizeof(struct xt_mark_info),
91#ifdef CONFIG_COMPAT 84#ifdef CONFIG_COMPAT
92 .compatsize = sizeof(struct compat_xt_mark_info), 85 .compatsize = sizeof(struct compat_xt_mark_info),
93 .compat_from_user = compat_from_user, 86 .compat_from_user = mark_mt_compat_from_user,
94 .compat_to_user = compat_to_user, 87 .compat_to_user = mark_mt_compat_to_user,
95#endif 88#endif
96 .me = THIS_MODULE, 89 .me = THIS_MODULE,
97 }, 90 },
98 { 91 {
99 .name = "mark", 92 .name = "mark",
100 .family = AF_INET6, 93 .family = AF_INET6,
101 .checkentry = checkentry, 94 .checkentry = mark_mt_check,
102 .match = match, 95 .match = mark_mt,
103 .matchsize = sizeof(struct xt_mark_info), 96 .matchsize = sizeof(struct xt_mark_info),
104 .me = THIS_MODULE, 97 .me = THIS_MODULE,
105 }, 98 },
106}; 99};
107 100
108static int __init xt_mark_init(void) 101static int __init mark_mt_init(void)
109{ 102{
110 return xt_register_matches(xt_mark_match, ARRAY_SIZE(xt_mark_match)); 103 return xt_register_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
111} 104}
112 105
113static void __exit xt_mark_fini(void) 106static void __exit mark_mt_exit(void)
114{ 107{
115 xt_unregister_matches(xt_mark_match, ARRAY_SIZE(xt_mark_match)); 108 xt_unregister_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
116} 109}
117 110
118module_init(xt_mark_init); 111module_init(mark_mt_init);
119module_exit(xt_mark_fini); 112module_exit(mark_mt_exit);
diff --git a/net/netfilter/xt_multiport.c b/net/netfilter/xt_multiport.c
index e8ae10284ac..d03cc376811 100644
--- a/net/netfilter/xt_multiport.c
+++ b/net/netfilter/xt_multiport.c
@@ -34,8 +34,8 @@ MODULE_ALIAS("ip6t_multiport");
34 34
35/* Returns 1 if the port is matched by the test, 0 otherwise. */ 35/* Returns 1 if the port is matched by the test, 0 otherwise. */
36static inline bool 36static inline bool
37ports_match(const u_int16_t *portlist, enum xt_multiport_flags flags, 37ports_match_v0(const u_int16_t *portlist, enum xt_multiport_flags flags,
38 u_int8_t count, u_int16_t src, u_int16_t dst) 38 u_int8_t count, u_int16_t src, u_int16_t dst)
39{ 39{
40 unsigned int i; 40 unsigned int i;
41 for (i = 0; i < count; i++) { 41 for (i = 0; i < count; i++) {
@@ -95,14 +95,10 @@ ports_match_v1(const struct xt_multiport_v1 *minfo,
95} 95}
96 96
97static bool 97static bool
98match(const struct sk_buff *skb, 98multiport_mt_v0(const struct sk_buff *skb, const struct net_device *in,
99 const struct net_device *in, 99 const struct net_device *out, const struct xt_match *match,
100 const struct net_device *out, 100 const void *matchinfo, int offset, unsigned int protoff,
101 const struct xt_match *match, 101 bool *hotdrop)
102 const void *matchinfo,
103 int offset,
104 unsigned int protoff,
105 bool *hotdrop)
106{ 102{
107 __be16 _ports[2], *pptr; 103 __be16 _ports[2], *pptr;
108 const struct xt_multiport *multiinfo = matchinfo; 104 const struct xt_multiport *multiinfo = matchinfo;
@@ -120,20 +116,15 @@ match(const struct sk_buff *skb,
120 return false; 116 return false;
121 } 117 }
122 118
123 return ports_match(multiinfo->ports, 119 return ports_match_v0(multiinfo->ports, multiinfo->flags,
124 multiinfo->flags, multiinfo->count, 120 multiinfo->count, ntohs(pptr[0]), ntohs(pptr[1]));
125 ntohs(pptr[0]), ntohs(pptr[1]));
126} 121}
127 122
128static bool 123static bool
129match_v1(const struct sk_buff *skb, 124multiport_mt(const struct sk_buff *skb, const struct net_device *in,
130 const struct net_device *in, 125 const struct net_device *out, const struct xt_match *match,
131 const struct net_device *out, 126 const void *matchinfo, int offset, unsigned int protoff,
132 const struct xt_match *match, 127 bool *hotdrop)
133 const void *matchinfo,
134 int offset,
135 unsigned int protoff,
136 bool *hotdrop)
137{ 128{
138 __be16 _ports[2], *pptr; 129 __be16 _ports[2], *pptr;
139 const struct xt_multiport_v1 *multiinfo = matchinfo; 130 const struct xt_multiport_v1 *multiinfo = matchinfo;
@@ -173,11 +164,9 @@ check(u_int16_t proto,
173 164
174/* Called when user tries to insert an entry of this type. */ 165/* Called when user tries to insert an entry of this type. */
175static bool 166static bool
176checkentry(const char *tablename, 167multiport_mt_check_v0(const char *tablename, const void *info,
177 const void *info, 168 const struct xt_match *match, void *matchinfo,
178 const struct xt_match *match, 169 unsigned int hook_mask)
179 void *matchinfo,
180 unsigned int hook_mask)
181{ 170{
182 const struct ipt_ip *ip = info; 171 const struct ipt_ip *ip = info;
183 const struct xt_multiport *multiinfo = matchinfo; 172 const struct xt_multiport *multiinfo = matchinfo;
@@ -187,11 +176,9 @@ checkentry(const char *tablename,
187} 176}
188 177
189static bool 178static bool
190checkentry_v1(const char *tablename, 179multiport_mt_check(const char *tablename, const void *info,
191 const void *info, 180 const struct xt_match *match, void *matchinfo,
192 const struct xt_match *match, 181 unsigned int hook_mask)
193 void *matchinfo,
194 unsigned int hook_mask)
195{ 182{
196 const struct ipt_ip *ip = info; 183 const struct ipt_ip *ip = info;
197 const struct xt_multiport_v1 *multiinfo = matchinfo; 184 const struct xt_multiport_v1 *multiinfo = matchinfo;
@@ -201,11 +188,9 @@ checkentry_v1(const char *tablename,
201} 188}
202 189
203static bool 190static bool
204checkentry6(const char *tablename, 191multiport_mt6_check_v0(const char *tablename, const void *info,
205 const void *info, 192 const struct xt_match *match, void *matchinfo,
206 const struct xt_match *match, 193 unsigned int hook_mask)
207 void *matchinfo,
208 unsigned int hook_mask)
209{ 194{
210 const struct ip6t_ip6 *ip = info; 195 const struct ip6t_ip6 *ip = info;
211 const struct xt_multiport *multiinfo = matchinfo; 196 const struct xt_multiport *multiinfo = matchinfo;
@@ -215,11 +200,9 @@ checkentry6(const char *tablename,
215} 200}
216 201
217static bool 202static bool
218checkentry6_v1(const char *tablename, 203multiport_mt6_check(const char *tablename, const void *info,
219 const void *info, 204 const struct xt_match *match, void *matchinfo,
220 const struct xt_match *match, 205 unsigned int hook_mask)
221 void *matchinfo,
222 unsigned int hook_mask)
223{ 206{
224 const struct ip6t_ip6 *ip = info; 207 const struct ip6t_ip6 *ip = info;
225 const struct xt_multiport_v1 *multiinfo = matchinfo; 208 const struct xt_multiport_v1 *multiinfo = matchinfo;
@@ -228,13 +211,13 @@ checkentry6_v1(const char *tablename,
228 multiinfo->count); 211 multiinfo->count);
229} 212}
230 213
231static struct xt_match xt_multiport_match[] __read_mostly = { 214static struct xt_match multiport_mt_reg[] __read_mostly = {
232 { 215 {
233 .name = "multiport", 216 .name = "multiport",
234 .family = AF_INET, 217 .family = AF_INET,
235 .revision = 0, 218 .revision = 0,
236 .checkentry = checkentry, 219 .checkentry = multiport_mt_check_v0,
237 .match = match, 220 .match = multiport_mt_v0,
238 .matchsize = sizeof(struct xt_multiport), 221 .matchsize = sizeof(struct xt_multiport),
239 .me = THIS_MODULE, 222 .me = THIS_MODULE,
240 }, 223 },
@@ -242,8 +225,8 @@ static struct xt_match xt_multiport_match[] __read_mostly = {
242 .name = "multiport", 225 .name = "multiport",
243 .family = AF_INET, 226 .family = AF_INET,
244 .revision = 1, 227 .revision = 1,
245 .checkentry = checkentry_v1, 228 .checkentry = multiport_mt_check,
246 .match = match_v1, 229 .match = multiport_mt,
247 .matchsize = sizeof(struct xt_multiport_v1), 230 .matchsize = sizeof(struct xt_multiport_v1),
248 .me = THIS_MODULE, 231 .me = THIS_MODULE,
249 }, 232 },
@@ -251,8 +234,8 @@ static struct xt_match xt_multiport_match[] __read_mostly = {
251 .name = "multiport", 234 .name = "multiport",
252 .family = AF_INET6, 235 .family = AF_INET6,
253 .revision = 0, 236 .revision = 0,
254 .checkentry = checkentry6, 237 .checkentry = multiport_mt6_check_v0,
255 .match = match, 238 .match = multiport_mt_v0,
256 .matchsize = sizeof(struct xt_multiport), 239 .matchsize = sizeof(struct xt_multiport),
257 .me = THIS_MODULE, 240 .me = THIS_MODULE,
258 }, 241 },
@@ -260,24 +243,23 @@ static struct xt_match xt_multiport_match[] __read_mostly = {
260 .name = "multiport", 243 .name = "multiport",
261 .family = AF_INET6, 244 .family = AF_INET6,
262 .revision = 1, 245 .revision = 1,
263 .checkentry = checkentry6_v1, 246 .checkentry = multiport_mt6_check,
264 .match = match_v1, 247 .match = multiport_mt,
265 .matchsize = sizeof(struct xt_multiport_v1), 248 .matchsize = sizeof(struct xt_multiport_v1),
266 .me = THIS_MODULE, 249 .me = THIS_MODULE,
267 }, 250 },
268}; 251};
269 252
270static int __init xt_multiport_init(void) 253static int __init multiport_mt_init(void)
271{ 254{
272 return xt_register_matches(xt_multiport_match, 255 return xt_register_matches(multiport_mt_reg,
273 ARRAY_SIZE(xt_multiport_match)); 256 ARRAY_SIZE(multiport_mt_reg));
274} 257}
275 258
276static void __exit xt_multiport_fini(void) 259static void __exit multiport_mt_exit(void)
277{ 260{
278 xt_unregister_matches(xt_multiport_match, 261 xt_unregister_matches(multiport_mt_reg, ARRAY_SIZE(multiport_mt_reg));
279 ARRAY_SIZE(xt_multiport_match));
280} 262}
281 263
282module_init(xt_multiport_init); 264module_init(multiport_mt_init);
283module_exit(xt_multiport_fini); 265module_exit(multiport_mt_exit);
diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c
index e91aee74de5..678b6833a80 100644
--- a/net/netfilter/xt_physdev.c
+++ b/net/netfilter/xt_physdev.c
@@ -21,14 +21,10 @@ MODULE_ALIAS("ipt_physdev");
21MODULE_ALIAS("ip6t_physdev"); 21MODULE_ALIAS("ip6t_physdev");
22 22
23static bool 23static bool
24match(const struct sk_buff *skb, 24physdev_mt(const struct sk_buff *skb, const struct net_device *in,
25 const struct net_device *in, 25 const struct net_device *out, const struct xt_match *match,
26 const struct net_device *out, 26 const void *matchinfo, int offset, unsigned int protoff,
27 const struct xt_match *match, 27 bool *hotdrop)
28 const void *matchinfo,
29 int offset,
30 unsigned int protoff,
31 bool *hotdrop)
32{ 28{
33 int i; 29 int i;
34 static const char nulldevname[IFNAMSIZ]; 30 static const char nulldevname[IFNAMSIZ];
@@ -99,11 +95,9 @@ match_outdev:
99} 95}
100 96
101static bool 97static bool
102checkentry(const char *tablename, 98physdev_mt_check(const char *tablename, const void *ip,
103 const void *ip, 99 const struct xt_match *match, void *matchinfo,
104 const struct xt_match *match, 100 unsigned int hook_mask)
105 void *matchinfo,
106 unsigned int hook_mask)
107{ 101{
108 const struct xt_physdev_info *info = matchinfo; 102 const struct xt_physdev_info *info = matchinfo;
109 103
@@ -124,35 +118,34 @@ checkentry(const char *tablename,
124 return true; 118 return true;
125} 119}
126 120
127static struct xt_match xt_physdev_match[] __read_mostly = { 121static struct xt_match physdev_mt_reg[] __read_mostly = {
128 { 122 {
129 .name = "physdev", 123 .name = "physdev",
130 .family = AF_INET, 124 .family = AF_INET,
131 .checkentry = checkentry, 125 .checkentry = physdev_mt_check,
132 .match = match, 126 .match = physdev_mt,
133 .matchsize = sizeof(struct xt_physdev_info), 127 .matchsize = sizeof(struct xt_physdev_info),
134 .me = THIS_MODULE, 128 .me = THIS_MODULE,
135 }, 129 },
136 { 130 {
137 .name = "physdev", 131 .name = "physdev",
138 .family = AF_INET6, 132 .family = AF_INET6,
139 .checkentry = checkentry, 133 .checkentry = physdev_mt_check,
140 .match = match, 134 .match = physdev_mt,
141 .matchsize = sizeof(struct xt_physdev_info), 135 .matchsize = sizeof(struct xt_physdev_info),
142 .me = THIS_MODULE, 136 .me = THIS_MODULE,
143 }, 137 },
144}; 138};
145 139
146static int __init xt_physdev_init(void) 140static int __init physdev_mt_init(void)
147{ 141{
148 return xt_register_matches(xt_physdev_match, 142 return xt_register_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg));
149 ARRAY_SIZE(xt_physdev_match));
150} 143}
151 144
152static void __exit xt_physdev_fini(void) 145static void __exit physdev_mt_exit(void)
153{ 146{
154 xt_unregister_matches(xt_physdev_match, ARRAY_SIZE(xt_physdev_match)); 147 xt_unregister_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg));
155} 148}
156 149
157module_init(xt_physdev_init); 150module_init(physdev_mt_init);
158module_exit(xt_physdev_fini); 151module_exit(physdev_mt_exit);
diff --git a/net/netfilter/xt_pkttype.c b/net/netfilter/xt_pkttype.c
index a52925f12f3..c598bbed8e0 100644
--- a/net/netfilter/xt_pkttype.c
+++ b/net/netfilter/xt_pkttype.c
@@ -21,14 +21,11 @@ MODULE_DESCRIPTION("IP tables match to match on linklayer packet type");
21MODULE_ALIAS("ipt_pkttype"); 21MODULE_ALIAS("ipt_pkttype");
22MODULE_ALIAS("ip6t_pkttype"); 22MODULE_ALIAS("ip6t_pkttype");
23 23
24static bool match(const struct sk_buff *skb, 24static bool
25 const struct net_device *in, 25pkttype_mt(const struct sk_buff *skb, const struct net_device *in,
26 const struct net_device *out, 26 const struct net_device *out, const struct xt_match *match,
27 const struct xt_match *match, 27 const void *matchinfo, int offset, unsigned int protoff,
28 const void *matchinfo, 28 bool *hotdrop)
29 int offset,
30 unsigned int protoff,
31 bool *hotdrop)
32{ 29{
33 u_int8_t type; 30 u_int8_t type;
34 const struct xt_pkttype_info *info = matchinfo; 31 const struct xt_pkttype_info *info = matchinfo;
@@ -43,33 +40,32 @@ static bool match(const struct sk_buff *skb,
43 return (type == info->pkttype) ^ info->invert; 40 return (type == info->pkttype) ^ info->invert;
44} 41}
45 42
46static struct xt_match xt_pkttype_match[] __read_mostly = { 43static struct xt_match pkttype_mt_reg[] __read_mostly = {
47 { 44 {
48 .name = "pkttype", 45 .name = "pkttype",
49 .family = AF_INET, 46 .family = AF_INET,
50 .match = match, 47 .match = pkttype_mt,
51 .matchsize = sizeof(struct xt_pkttype_info), 48 .matchsize = sizeof(struct xt_pkttype_info),
52 .me = THIS_MODULE, 49 .me = THIS_MODULE,
53 }, 50 },
54 { 51 {
55 .name = "pkttype", 52 .name = "pkttype",
56 .family = AF_INET6, 53 .family = AF_INET6,
57 .match = match, 54 .match = pkttype_mt,
58 .matchsize = sizeof(struct xt_pkttype_info), 55 .matchsize = sizeof(struct xt_pkttype_info),
59 .me = THIS_MODULE, 56 .me = THIS_MODULE,
60 }, 57 },
61}; 58};
62 59
63static int __init xt_pkttype_init(void) 60static int __init pkttype_mt_init(void)
64{ 61{
65 return xt_register_matches(xt_pkttype_match, 62 return xt_register_matches(pkttype_mt_reg, ARRAY_SIZE(pkttype_mt_reg));
66 ARRAY_SIZE(xt_pkttype_match));
67} 63}
68 64
69static void __exit xt_pkttype_fini(void) 65static void __exit pkttype_mt_exit(void)
70{ 66{
71 xt_unregister_matches(xt_pkttype_match, ARRAY_SIZE(xt_pkttype_match)); 67 xt_unregister_matches(pkttype_mt_reg, ARRAY_SIZE(pkttype_mt_reg));
72} 68}
73 69
74module_init(xt_pkttype_init); 70module_init(pkttype_mt_init);
75module_exit(xt_pkttype_fini); 71module_exit(pkttype_mt_exit);
diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c
index 2eaa6fd089c..5a017b8b72d 100644
--- a/net/netfilter/xt_policy.c
+++ b/net/netfilter/xt_policy.c
@@ -108,14 +108,11 @@ match_policy_out(const struct sk_buff *skb, const struct xt_policy_info *info,
108 return strict ? i == info->len : 0; 108 return strict ? i == info->len : 0;
109} 109}
110 110
111static bool match(const struct sk_buff *skb, 111static bool
112 const struct net_device *in, 112policy_mt(const struct sk_buff *skb, const struct net_device *in,
113 const struct net_device *out, 113 const struct net_device *out, const struct xt_match *match,
114 const struct xt_match *match, 114 const void *matchinfo, int offset, unsigned int protoff,
115 const void *matchinfo, 115 bool *hotdrop)
116 int offset,
117 unsigned int protoff,
118 bool *hotdrop)
119{ 116{
120 const struct xt_policy_info *info = matchinfo; 117 const struct xt_policy_info *info = matchinfo;
121 int ret; 118 int ret;
@@ -133,9 +130,10 @@ static bool match(const struct sk_buff *skb,
133 return ret; 130 return ret;
134} 131}
135 132
136static bool checkentry(const char *tablename, const void *ip_void, 133static bool
137 const struct xt_match *match, 134policy_mt_check(const char *tablename, const void *ip_void,
138 void *matchinfo, unsigned int hook_mask) 135 const struct xt_match *match, void *matchinfo,
136 unsigned int hook_mask)
139{ 137{
140 struct xt_policy_info *info = matchinfo; 138 struct xt_policy_info *info = matchinfo;
141 139
@@ -163,37 +161,36 @@ static bool checkentry(const char *tablename, const void *ip_void,
163 return true; 161 return true;
164} 162}
165 163
166static struct xt_match xt_policy_match[] __read_mostly = { 164static struct xt_match policy_mt_reg[] __read_mostly = {
167 { 165 {
168 .name = "policy", 166 .name = "policy",
169 .family = AF_INET, 167 .family = AF_INET,
170 .checkentry = checkentry, 168 .checkentry = policy_mt_check,
171 .match = match, 169 .match = policy_mt,
172 .matchsize = sizeof(struct xt_policy_info), 170 .matchsize = sizeof(struct xt_policy_info),
173 .me = THIS_MODULE, 171 .me = THIS_MODULE,
174 }, 172 },
175 { 173 {
176 .name = "policy", 174 .name = "policy",
177 .family = AF_INET6, 175 .family = AF_INET6,
178 .checkentry = checkentry, 176 .checkentry = policy_mt_check,
179 .match = match, 177 .match = policy_mt,
180 .matchsize = sizeof(struct xt_policy_info), 178 .matchsize = sizeof(struct xt_policy_info),
181 .me = THIS_MODULE, 179 .me = THIS_MODULE,
182 }, 180 },
183}; 181};
184 182
185static int __init init(void) 183static int __init policy_mt_init(void)
186{ 184{
187 return xt_register_matches(xt_policy_match, 185 return xt_register_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg));
188 ARRAY_SIZE(xt_policy_match));
189} 186}
190 187
191static void __exit fini(void) 188static void __exit policy_mt_exit(void)
192{ 189{
193 xt_unregister_matches(xt_policy_match, ARRAY_SIZE(xt_policy_match)); 190 xt_unregister_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg));
194} 191}
195 192
196module_init(init); 193module_init(policy_mt_init);
197module_exit(fini); 194module_exit(policy_mt_exit);
198MODULE_ALIAS("ipt_policy"); 195MODULE_ALIAS("ipt_policy");
199MODULE_ALIAS("ip6t_policy"); 196MODULE_ALIAS("ip6t_policy");
diff --git a/net/netfilter/xt_quota.c b/net/netfilter/xt_quota.c
index dae97445b87..887874b5684 100644
--- a/net/netfilter/xt_quota.c
+++ b/net/netfilter/xt_quota.c
@@ -17,10 +17,10 @@ MODULE_ALIAS("ip6t_quota");
17static DEFINE_SPINLOCK(quota_lock); 17static DEFINE_SPINLOCK(quota_lock);
18 18
19static bool 19static bool
20match(const struct sk_buff *skb, 20quota_mt(const struct sk_buff *skb, const struct net_device *in,
21 const struct net_device *in, const struct net_device *out, 21 const struct net_device *out, const struct xt_match *match,
22 const struct xt_match *match, const void *matchinfo, 22 const void *matchinfo, int offset, unsigned int protoff,
23 int offset, unsigned int protoff, bool *hotdrop) 23 bool *hotdrop)
24{ 24{
25 struct xt_quota_info *q = 25 struct xt_quota_info *q =
26 ((const struct xt_quota_info *)matchinfo)->master; 26 ((const struct xt_quota_info *)matchinfo)->master;
@@ -40,9 +40,9 @@ match(const struct sk_buff *skb,
40} 40}
41 41
42static bool 42static bool
43checkentry(const char *tablename, const void *entry, 43quota_mt_check(const char *tablename, const void *entry,
44 const struct xt_match *match, void *matchinfo, 44 const struct xt_match *match, void *matchinfo,
45 unsigned int hook_mask) 45 unsigned int hook_mask)
46{ 46{
47 struct xt_quota_info *q = matchinfo; 47 struct xt_quota_info *q = matchinfo;
48 48
@@ -53,34 +53,34 @@ checkentry(const char *tablename, const void *entry,
53 return true; 53 return true;
54} 54}
55 55
56static struct xt_match xt_quota_match[] __read_mostly = { 56static struct xt_match quota_mt_reg[] __read_mostly = {
57 { 57 {
58 .name = "quota", 58 .name = "quota",
59 .family = AF_INET, 59 .family = AF_INET,
60 .checkentry = checkentry, 60 .checkentry = quota_mt_check,
61 .match = match, 61 .match = quota_mt,
62 .matchsize = sizeof(struct xt_quota_info), 62 .matchsize = sizeof(struct xt_quota_info),
63 .me = THIS_MODULE 63 .me = THIS_MODULE
64 }, 64 },
65 { 65 {
66 .name = "quota", 66 .name = "quota",
67 .family = AF_INET6, 67 .family = AF_INET6,
68 .checkentry = checkentry, 68 .checkentry = quota_mt_check,
69 .match = match, 69 .match = quota_mt,
70 .matchsize = sizeof(struct xt_quota_info), 70 .matchsize = sizeof(struct xt_quota_info),
71 .me = THIS_MODULE 71 .me = THIS_MODULE
72 }, 72 },
73}; 73};
74 74
75static int __init xt_quota_init(void) 75static int __init quota_mt_init(void)
76{ 76{
77 return xt_register_matches(xt_quota_match, ARRAY_SIZE(xt_quota_match)); 77 return xt_register_matches(quota_mt_reg, ARRAY_SIZE(quota_mt_reg));
78} 78}
79 79
80static void __exit xt_quota_fini(void) 80static void __exit quota_mt_exit(void)
81{ 81{
82 xt_unregister_matches(xt_quota_match, ARRAY_SIZE(xt_quota_match)); 82 xt_unregister_matches(quota_mt_reg, ARRAY_SIZE(quota_mt_reg));
83} 83}
84 84
85module_init(xt_quota_init); 85module_init(quota_mt_init);
86module_exit(xt_quota_fini); 86module_exit(quota_mt_exit);
diff --git a/net/netfilter/xt_realm.c b/net/netfilter/xt_realm.c
index 91113dcbe0f..63289b40c8d 100644
--- a/net/netfilter/xt_realm.c
+++ b/net/netfilter/xt_realm.c
@@ -22,14 +22,10 @@ MODULE_DESCRIPTION("X_tables realm match");
22MODULE_ALIAS("ipt_realm"); 22MODULE_ALIAS("ipt_realm");
23 23
24static bool 24static bool
25match(const struct sk_buff *skb, 25realm_mt(const struct sk_buff *skb, const struct net_device *in,
26 const struct net_device *in, 26 const struct net_device *out, const struct xt_match *match,
27 const struct net_device *out, 27 const void *matchinfo, int offset, unsigned int protoff,
28 const struct xt_match *match, 28 bool *hotdrop)
29 const void *matchinfo,
30 int offset,
31 unsigned int protoff,
32 bool *hotdrop)
33{ 29{
34 const struct xt_realm_info *info = matchinfo; 30 const struct xt_realm_info *info = matchinfo;
35 const struct dst_entry *dst = skb->dst; 31 const struct dst_entry *dst = skb->dst;
@@ -37,9 +33,9 @@ match(const struct sk_buff *skb,
37 return (info->id == (dst->tclassid & info->mask)) ^ info->invert; 33 return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
38} 34}
39 35
40static struct xt_match realm_match __read_mostly = { 36static struct xt_match realm_mt_reg __read_mostly = {
41 .name = "realm", 37 .name = "realm",
42 .match = match, 38 .match = realm_mt,
43 .matchsize = sizeof(struct xt_realm_info), 39 .matchsize = sizeof(struct xt_realm_info),
44 .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) | 40 .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) |
45 (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN), 41 (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN),
@@ -47,15 +43,15 @@ static struct xt_match realm_match __read_mostly = {
47 .me = THIS_MODULE 43 .me = THIS_MODULE
48}; 44};
49 45
50static int __init xt_realm_init(void) 46static int __init realm_mt_init(void)
51{ 47{
52 return xt_register_match(&realm_match); 48 return xt_register_match(&realm_mt_reg);
53} 49}
54 50
55static void __exit xt_realm_fini(void) 51static void __exit realm_mt_exit(void)
56{ 52{
57 xt_unregister_match(&realm_match); 53 xt_unregister_match(&realm_mt_reg);
58} 54}
59 55
60module_init(xt_realm_init); 56module_init(realm_mt_init);
61module_exit(xt_realm_fini); 57module_exit(realm_mt_exit);
diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c
index 3358273a47b..1c8a4ee9cd0 100644
--- a/net/netfilter/xt_sctp.c
+++ b/net/netfilter/xt_sctp.c
@@ -116,14 +116,9 @@ match_packet(const struct sk_buff *skb,
116} 116}
117 117
118static bool 118static bool
119match(const struct sk_buff *skb, 119sctp_mt(const struct sk_buff *skb, const struct net_device *in,
120 const struct net_device *in, 120 const struct net_device *out, const struct xt_match *match,
121 const struct net_device *out, 121 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
122 const struct xt_match *match,
123 const void *matchinfo,
124 int offset,
125 unsigned int protoff,
126 bool *hotdrop)
127{ 122{
128 const struct xt_sctp_info *info = matchinfo; 123 const struct xt_sctp_info *info = matchinfo;
129 sctp_sctphdr_t _sh, *sh; 124 sctp_sctphdr_t _sh, *sh;
@@ -153,11 +148,9 @@ match(const struct sk_buff *skb,
153} 148}
154 149
155static bool 150static bool
156checkentry(const char *tablename, 151sctp_mt_check(const char *tablename, const void *inf,
157 const void *inf, 152 const struct xt_match *match, void *matchinfo,
158 const struct xt_match *match, 153 unsigned int hook_mask)
159 void *matchinfo,
160 unsigned int hook_mask)
161{ 154{
162 const struct xt_sctp_info *info = matchinfo; 155 const struct xt_sctp_info *info = matchinfo;
163 156
@@ -171,12 +164,12 @@ checkentry(const char *tablename,
171 | SCTP_CHUNK_MATCH_ONLY))); 164 | SCTP_CHUNK_MATCH_ONLY)));
172} 165}
173 166
174static struct xt_match xt_sctp_match[] __read_mostly = { 167static struct xt_match sctp_mt_reg[] __read_mostly = {
175 { 168 {
176 .name = "sctp", 169 .name = "sctp",
177 .family = AF_INET, 170 .family = AF_INET,
178 .checkentry = checkentry, 171 .checkentry = sctp_mt_check,
179 .match = match, 172 .match = sctp_mt,
180 .matchsize = sizeof(struct xt_sctp_info), 173 .matchsize = sizeof(struct xt_sctp_info),
181 .proto = IPPROTO_SCTP, 174 .proto = IPPROTO_SCTP,
182 .me = THIS_MODULE 175 .me = THIS_MODULE
@@ -184,23 +177,23 @@ static struct xt_match xt_sctp_match[] __read_mostly = {
184 { 177 {
185 .name = "sctp", 178 .name = "sctp",
186 .family = AF_INET6, 179 .family = AF_INET6,
187 .checkentry = checkentry, 180 .checkentry = sctp_mt_check,
188 .match = match, 181 .match = sctp_mt,
189 .matchsize = sizeof(struct xt_sctp_info), 182 .matchsize = sizeof(struct xt_sctp_info),
190 .proto = IPPROTO_SCTP, 183 .proto = IPPROTO_SCTP,
191 .me = THIS_MODULE 184 .me = THIS_MODULE
192 }, 185 },
193}; 186};
194 187
195static int __init xt_sctp_init(void) 188static int __init sctp_mt_init(void)
196{ 189{
197 return xt_register_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match)); 190 return xt_register_matches(sctp_mt_reg, ARRAY_SIZE(sctp_mt_reg));
198} 191}
199 192
200static void __exit xt_sctp_fini(void) 193static void __exit sctp_mt_exit(void)
201{ 194{
202 xt_unregister_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match)); 195 xt_unregister_matches(sctp_mt_reg, ARRAY_SIZE(sctp_mt_reg));
203} 196}
204 197
205module_init(xt_sctp_init); 198module_init(sctp_mt_init);
206module_exit(xt_sctp_fini); 199module_exit(sctp_mt_exit);
diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c
index e0a528df19a..2e1716d425b 100644
--- a/net/netfilter/xt_state.c
+++ b/net/netfilter/xt_state.c
@@ -21,14 +21,10 @@ MODULE_ALIAS("ipt_state");
21MODULE_ALIAS("ip6t_state"); 21MODULE_ALIAS("ip6t_state");
22 22
23static bool 23static bool
24match(const struct sk_buff *skb, 24state_mt(const struct sk_buff *skb, const struct net_device *in,
25 const struct net_device *in, 25 const struct net_device *out, const struct xt_match *match,
26 const struct net_device *out, 26 const void *matchinfo, int offset, unsigned int protoff,
27 const struct xt_match *match, 27 bool *hotdrop)
28 const void *matchinfo,
29 int offset,
30 unsigned int protoff,
31 bool *hotdrop)
32{ 28{
33 const struct xt_state_info *sinfo = matchinfo; 29 const struct xt_state_info *sinfo = matchinfo;
34 enum ip_conntrack_info ctinfo; 30 enum ip_conntrack_info ctinfo;
@@ -44,11 +40,10 @@ match(const struct sk_buff *skb,
44 return (sinfo->statemask & statebit); 40 return (sinfo->statemask & statebit);
45} 41}
46 42
47static bool check(const char *tablename, 43static bool
48 const void *inf, 44state_mt_check(const char *tablename, const void *inf,
49 const struct xt_match *match, 45 const struct xt_match *match, void *matchinfo,
50 void *matchinfo, 46 unsigned int hook_mask)
51 unsigned int hook_mask)
52{ 47{
53 if (nf_ct_l3proto_try_module_get(match->family) < 0) { 48 if (nf_ct_l3proto_try_module_get(match->family) < 0) {
54 printk(KERN_WARNING "can't load conntrack support for " 49 printk(KERN_WARNING "can't load conntrack support for "
@@ -58,42 +53,41 @@ static bool check(const char *tablename,
58 return true; 53 return true;
59} 54}
60 55
61static void 56static void state_mt_destroy(const struct xt_match *match, void *matchinfo)
62destroy(const struct xt_match *match, void *matchinfo)
63{ 57{
64 nf_ct_l3proto_module_put(match->family); 58 nf_ct_l3proto_module_put(match->family);
65} 59}
66 60
67static struct xt_match xt_state_match[] __read_mostly = { 61static struct xt_match state_mt_reg[] __read_mostly = {
68 { 62 {
69 .name = "state", 63 .name = "state",
70 .family = AF_INET, 64 .family = AF_INET,
71 .checkentry = check, 65 .checkentry = state_mt_check,
72 .match = match, 66 .match = state_mt,
73 .destroy = destroy, 67 .destroy = state_mt_destroy,
74 .matchsize = sizeof(struct xt_state_info), 68 .matchsize = sizeof(struct xt_state_info),
75 .me = THIS_MODULE, 69 .me = THIS_MODULE,
76 }, 70 },
77 { 71 {
78 .name = "state", 72 .name = "state",
79 .family = AF_INET6, 73 .family = AF_INET6,
80 .checkentry = check, 74 .checkentry = state_mt_check,
81 .match = match, 75 .match = state_mt,
82 .destroy = destroy, 76 .destroy = state_mt_destroy,
83 .matchsize = sizeof(struct xt_state_info), 77 .matchsize = sizeof(struct xt_state_info),
84 .me = THIS_MODULE, 78 .me = THIS_MODULE,
85 }, 79 },
86}; 80};
87 81
88static int __init xt_state_init(void) 82static int __init state_mt_init(void)
89{ 83{
90 return xt_register_matches(xt_state_match, ARRAY_SIZE(xt_state_match)); 84 return xt_register_matches(state_mt_reg, ARRAY_SIZE(state_mt_reg));
91} 85}
92 86
93static void __exit xt_state_fini(void) 87static void __exit state_mt_exit(void)
94{ 88{
95 xt_unregister_matches(xt_state_match, ARRAY_SIZE(xt_state_match)); 89 xt_unregister_matches(state_mt_reg, ARRAY_SIZE(state_mt_reg));
96} 90}
97 91
98module_init(xt_state_init); 92module_init(state_mt_init);
99module_exit(xt_state_fini); 93module_exit(state_mt_exit);
diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c
index 4089dae4e28..fb166483acd 100644
--- a/net/netfilter/xt_statistic.c
+++ b/net/netfilter/xt_statistic.c
@@ -25,10 +25,10 @@ MODULE_ALIAS("ip6t_statistic");
25static DEFINE_SPINLOCK(nth_lock); 25static DEFINE_SPINLOCK(nth_lock);
26 26
27static bool 27static bool
28match(const struct sk_buff *skb, 28statistic_mt(const struct sk_buff *skb, const struct net_device *in,
29 const struct net_device *in, const struct net_device *out, 29 const struct net_device *out, const struct xt_match *match,
30 const struct xt_match *match, const void *matchinfo, 30 const void *matchinfo, int offset, unsigned int protoff,
31 int offset, unsigned int protoff, bool *hotdrop) 31 bool *hotdrop)
32{ 32{
33 struct xt_statistic_info *info = (struct xt_statistic_info *)matchinfo; 33 struct xt_statistic_info *info = (struct xt_statistic_info *)matchinfo;
34 bool ret = info->flags & XT_STATISTIC_INVERT; 34 bool ret = info->flags & XT_STATISTIC_INVERT;
@@ -53,9 +53,9 @@ match(const struct sk_buff *skb,
53} 53}
54 54
55static bool 55static bool
56checkentry(const char *tablename, const void *entry, 56statistic_mt_check(const char *tablename, const void *entry,
57 const struct xt_match *match, void *matchinfo, 57 const struct xt_match *match, void *matchinfo,
58 unsigned int hook_mask) 58 unsigned int hook_mask)
59{ 59{
60 struct xt_statistic_info *info = matchinfo; 60 struct xt_statistic_info *info = matchinfo;
61 61
@@ -66,36 +66,36 @@ checkentry(const char *tablename, const void *entry,
66 return true; 66 return true;
67} 67}
68 68
69static struct xt_match xt_statistic_match[] __read_mostly = { 69static struct xt_match statistic_mt_reg[] __read_mostly = {
70 { 70 {
71 .name = "statistic", 71 .name = "statistic",
72 .family = AF_INET, 72 .family = AF_INET,
73 .checkentry = checkentry, 73 .checkentry = statistic_mt_check,
74 .match = match, 74 .match = statistic_mt,
75 .matchsize = sizeof(struct xt_statistic_info), 75 .matchsize = sizeof(struct xt_statistic_info),
76 .me = THIS_MODULE, 76 .me = THIS_MODULE,
77 }, 77 },
78 { 78 {
79 .name = "statistic", 79 .name = "statistic",
80 .family = AF_INET6, 80 .family = AF_INET6,
81 .checkentry = checkentry, 81 .checkentry = statistic_mt_check,
82 .match = match, 82 .match = statistic_mt,
83 .matchsize = sizeof(struct xt_statistic_info), 83 .matchsize = sizeof(struct xt_statistic_info),
84 .me = THIS_MODULE, 84 .me = THIS_MODULE,
85 }, 85 },
86}; 86};
87 87
88static int __init xt_statistic_init(void) 88static int __init statistic_mt_init(void)
89{ 89{
90 return xt_register_matches(xt_statistic_match, 90 return xt_register_matches(statistic_mt_reg,
91 ARRAY_SIZE(xt_statistic_match)); 91 ARRAY_SIZE(statistic_mt_reg));
92} 92}
93 93
94static void __exit xt_statistic_fini(void) 94static void __exit statistic_mt_exit(void)
95{ 95{
96 xt_unregister_matches(xt_statistic_match, 96 xt_unregister_matches(statistic_mt_reg,
97 ARRAY_SIZE(xt_statistic_match)); 97 ARRAY_SIZE(statistic_mt_reg));
98} 98}
99 99
100module_init(xt_statistic_init); 100module_init(statistic_mt_init);
101module_exit(xt_statistic_fini); 101module_exit(statistic_mt_exit);
diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c
index 864133442cd..90287844489 100644
--- a/net/netfilter/xt_string.c
+++ b/net/netfilter/xt_string.c
@@ -21,14 +21,11 @@ MODULE_LICENSE("GPL");
21MODULE_ALIAS("ipt_string"); 21MODULE_ALIAS("ipt_string");
22MODULE_ALIAS("ip6t_string"); 22MODULE_ALIAS("ip6t_string");
23 23
24static bool match(const struct sk_buff *skb, 24static bool
25 const struct net_device *in, 25string_mt(const struct sk_buff *skb, const struct net_device *in,
26 const struct net_device *out, 26 const struct net_device *out, const struct xt_match *match,
27 const struct xt_match *match, 27 const void *matchinfo, int offset, unsigned int protoff,
28 const void *matchinfo, 28 bool *hotdrop)
29 int offset,
30 unsigned int protoff,
31 bool *hotdrop)
32{ 29{
33 const struct xt_string_info *conf = matchinfo; 30 const struct xt_string_info *conf = matchinfo;
34 struct ts_state state; 31 struct ts_state state;
@@ -42,11 +39,10 @@ static bool match(const struct sk_buff *skb,
42 39
43#define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m) 40#define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m)
44 41
45static bool checkentry(const char *tablename, 42static bool
46 const void *ip, 43string_mt_check(const char *tablename, const void *ip,
47 const struct xt_match *match, 44 const struct xt_match *match, void *matchinfo,
48 void *matchinfo, 45 unsigned int hook_mask)
49 unsigned int hook_mask)
50{ 46{
51 struct xt_string_info *conf = matchinfo; 47 struct xt_string_info *conf = matchinfo;
52 struct ts_config *ts_conf; 48 struct ts_config *ts_conf;
@@ -68,41 +64,41 @@ static bool checkentry(const char *tablename,
68 return true; 64 return true;
69} 65}
70 66
71static void destroy(const struct xt_match *match, void *matchinfo) 67static void string_mt_destroy(const struct xt_match *match, void *matchinfo)
72{ 68{
73 textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config); 69 textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config);
74} 70}
75 71
76static struct xt_match xt_string_match[] __read_mostly = { 72static struct xt_match string_mt_reg[] __read_mostly = {
77 { 73 {
78 .name = "string", 74 .name = "string",
79 .family = AF_INET, 75 .family = AF_INET,
80 .checkentry = checkentry, 76 .checkentry = string_mt_check,
81 .match = match, 77 .match = string_mt,
82 .destroy = destroy, 78 .destroy = string_mt_destroy,
83 .matchsize = sizeof(struct xt_string_info), 79 .matchsize = sizeof(struct xt_string_info),
84 .me = THIS_MODULE 80 .me = THIS_MODULE
85 }, 81 },
86 { 82 {
87 .name = "string", 83 .name = "string",
88 .family = AF_INET6, 84 .family = AF_INET6,
89 .checkentry = checkentry, 85 .checkentry = string_mt_check,
90 .match = match, 86 .match = string_mt,
91 .destroy = destroy, 87 .destroy = string_mt_destroy,
92 .matchsize = sizeof(struct xt_string_info), 88 .matchsize = sizeof(struct xt_string_info),
93 .me = THIS_MODULE 89 .me = THIS_MODULE
94 }, 90 },
95}; 91};
96 92
97static int __init xt_string_init(void) 93static int __init string_mt_init(void)
98{ 94{
99 return xt_register_matches(xt_string_match, ARRAY_SIZE(xt_string_match)); 95 return xt_register_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg));
100} 96}
101 97
102static void __exit xt_string_fini(void) 98static void __exit string_mt_exit(void)
103{ 99{
104 xt_unregister_matches(xt_string_match, ARRAY_SIZE(xt_string_match)); 100 xt_unregister_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg));
105} 101}
106 102
107module_init(xt_string_init); 103module_init(string_mt_init);
108module_exit(xt_string_fini); 104module_exit(string_mt_exit);
diff --git a/net/netfilter/xt_tcpmss.c b/net/netfilter/xt_tcpmss.c
index 84d401bfafa..2a3e4c30e50 100644
--- a/net/netfilter/xt_tcpmss.c
+++ b/net/netfilter/xt_tcpmss.c
@@ -25,14 +25,10 @@ MODULE_ALIAS("ipt_tcpmss");
25MODULE_ALIAS("ip6t_tcpmss"); 25MODULE_ALIAS("ip6t_tcpmss");
26 26
27static bool 27static bool
28match(const struct sk_buff *skb, 28tcpmss_mt(const struct sk_buff *skb, const struct net_device *in,
29 const struct net_device *in, 29 const struct net_device *out, const struct xt_match *match,
30 const struct net_device *out, 30 const void *matchinfo, int offset, unsigned int protoff,
31 const struct xt_match *match, 31 bool *hotdrop)
32 const void *matchinfo,
33 int offset,
34 unsigned int protoff,
35 bool *hotdrop)
36{ 32{
37 const struct xt_tcpmss_match_info *info = matchinfo; 33 const struct xt_tcpmss_match_info *info = matchinfo;
38 struct tcphdr _tcph, *th; 34 struct tcphdr _tcph, *th;
@@ -82,11 +78,11 @@ dropit:
82 return false; 78 return false;
83} 79}
84 80
85static struct xt_match xt_tcpmss_match[] __read_mostly = { 81static struct xt_match tcpmss_mt_reg[] __read_mostly = {
86 { 82 {
87 .name = "tcpmss", 83 .name = "tcpmss",
88 .family = AF_INET, 84 .family = AF_INET,
89 .match = match, 85 .match = tcpmss_mt,
90 .matchsize = sizeof(struct xt_tcpmss_match_info), 86 .matchsize = sizeof(struct xt_tcpmss_match_info),
91 .proto = IPPROTO_TCP, 87 .proto = IPPROTO_TCP,
92 .me = THIS_MODULE, 88 .me = THIS_MODULE,
@@ -94,23 +90,22 @@ static struct xt_match xt_tcpmss_match[] __read_mostly = {
94 { 90 {
95 .name = "tcpmss", 91 .name = "tcpmss",
96 .family = AF_INET6, 92 .family = AF_INET6,
97 .match = match, 93 .match = tcpmss_mt,
98 .matchsize = sizeof(struct xt_tcpmss_match_info), 94 .matchsize = sizeof(struct xt_tcpmss_match_info),
99 .proto = IPPROTO_TCP, 95 .proto = IPPROTO_TCP,
100 .me = THIS_MODULE, 96 .me = THIS_MODULE,
101 }, 97 },
102}; 98};
103 99
104static int __init xt_tcpmss_init(void) 100static int __init tcpmss_mt_init(void)
105{ 101{
106 return xt_register_matches(xt_tcpmss_match, 102 return xt_register_matches(tcpmss_mt_reg, ARRAY_SIZE(tcpmss_mt_reg));
107 ARRAY_SIZE(xt_tcpmss_match));
108} 103}
109 104
110static void __exit xt_tcpmss_fini(void) 105static void __exit tcpmss_mt_exit(void)
111{ 106{
112 xt_unregister_matches(xt_tcpmss_match, ARRAY_SIZE(xt_tcpmss_match)); 107 xt_unregister_matches(tcpmss_mt_reg, ARRAY_SIZE(tcpmss_mt_reg));
113} 108}
114 109
115module_init(xt_tcpmss_init); 110module_init(tcpmss_mt_init);
116module_exit(xt_tcpmss_fini); 111module_exit(tcpmss_mt_exit);
diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c
index 223f9bded67..6be5f2df5a5 100644
--- a/net/netfilter/xt_tcpudp.c
+++ b/net/netfilter/xt_tcpudp.c
@@ -68,14 +68,9 @@ tcp_find_option(u_int8_t option,
68} 68}
69 69
70static bool 70static bool
71tcp_match(const struct sk_buff *skb, 71tcp_mt(const struct sk_buff *skb, const struct net_device *in,
72 const struct net_device *in, 72 const struct net_device *out, const struct xt_match *match,
73 const struct net_device *out, 73 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
74 const struct xt_match *match,
75 const void *matchinfo,
76 int offset,
77 unsigned int protoff,
78 bool *hotdrop)
79{ 74{
80 struct tcphdr _tcph, *th; 75 struct tcphdr _tcph, *th;
81 const struct xt_tcp *tcpinfo = matchinfo; 76 const struct xt_tcp *tcpinfo = matchinfo;
@@ -134,11 +129,9 @@ tcp_match(const struct sk_buff *skb,
134 129
135/* Called when user tries to insert an entry of this type. */ 130/* Called when user tries to insert an entry of this type. */
136static bool 131static bool
137tcp_checkentry(const char *tablename, 132tcp_mt_check(const char *tablename, const void *info,
138 const void *info, 133 const struct xt_match *match, void *matchinfo,
139 const struct xt_match *match, 134 unsigned int hook_mask)
140 void *matchinfo,
141 unsigned int hook_mask)
142{ 135{
143 const struct xt_tcp *tcpinfo = matchinfo; 136 const struct xt_tcp *tcpinfo = matchinfo;
144 137
@@ -147,14 +140,9 @@ tcp_checkentry(const char *tablename,
147} 140}
148 141
149static bool 142static bool
150udp_match(const struct sk_buff *skb, 143udp_mt(const struct sk_buff *skb, const struct net_device *in,
151 const struct net_device *in, 144 const struct net_device *out, const struct xt_match *match,
152 const struct net_device *out, 145 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
153 const struct xt_match *match,
154 const void *matchinfo,
155 int offset,
156 unsigned int protoff,
157 bool *hotdrop)
158{ 146{
159 struct udphdr _udph, *uh; 147 struct udphdr _udph, *uh;
160 const struct xt_udp *udpinfo = matchinfo; 148 const struct xt_udp *udpinfo = matchinfo;
@@ -182,11 +170,9 @@ udp_match(const struct sk_buff *skb,
182 170
183/* Called when user tries to insert an entry of this type. */ 171/* Called when user tries to insert an entry of this type. */
184static bool 172static bool
185udp_checkentry(const char *tablename, 173udp_mt_check(const char *tablename, const void *info,
186 const void *info, 174 const struct xt_match *match, void *matchinfo,
187 const struct xt_match *match, 175 unsigned int hook_mask)
188 void *matchinfo,
189 unsigned int hook_mask)
190{ 176{
191 const struct xt_udp *udpinfo = matchinfo; 177 const struct xt_udp *udpinfo = matchinfo;
192 178
@@ -194,12 +180,12 @@ udp_checkentry(const char *tablename,
194 return !(udpinfo->invflags & ~XT_UDP_INV_MASK); 180 return !(udpinfo->invflags & ~XT_UDP_INV_MASK);
195} 181}
196 182
197static struct xt_match xt_tcpudp_match[] __read_mostly = { 183static struct xt_match tcpudp_mt_reg[] __read_mostly = {
198 { 184 {
199 .name = "tcp", 185 .name = "tcp",
200 .family = AF_INET, 186 .family = AF_INET,
201 .checkentry = tcp_checkentry, 187 .checkentry = tcp_mt_check,
202 .match = tcp_match, 188 .match = tcp_mt,
203 .matchsize = sizeof(struct xt_tcp), 189 .matchsize = sizeof(struct xt_tcp),
204 .proto = IPPROTO_TCP, 190 .proto = IPPROTO_TCP,
205 .me = THIS_MODULE, 191 .me = THIS_MODULE,
@@ -207,8 +193,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
207 { 193 {
208 .name = "tcp", 194 .name = "tcp",
209 .family = AF_INET6, 195 .family = AF_INET6,
210 .checkentry = tcp_checkentry, 196 .checkentry = tcp_mt_check,
211 .match = tcp_match, 197 .match = tcp_mt,
212 .matchsize = sizeof(struct xt_tcp), 198 .matchsize = sizeof(struct xt_tcp),
213 .proto = IPPROTO_TCP, 199 .proto = IPPROTO_TCP,
214 .me = THIS_MODULE, 200 .me = THIS_MODULE,
@@ -216,8 +202,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
216 { 202 {
217 .name = "udp", 203 .name = "udp",
218 .family = AF_INET, 204 .family = AF_INET,
219 .checkentry = udp_checkentry, 205 .checkentry = udp_mt_check,
220 .match = udp_match, 206 .match = udp_mt,
221 .matchsize = sizeof(struct xt_udp), 207 .matchsize = sizeof(struct xt_udp),
222 .proto = IPPROTO_UDP, 208 .proto = IPPROTO_UDP,
223 .me = THIS_MODULE, 209 .me = THIS_MODULE,
@@ -225,8 +211,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
225 { 211 {
226 .name = "udp", 212 .name = "udp",
227 .family = AF_INET6, 213 .family = AF_INET6,
228 .checkentry = udp_checkentry, 214 .checkentry = udp_mt_check,
229 .match = udp_match, 215 .match = udp_mt,
230 .matchsize = sizeof(struct xt_udp), 216 .matchsize = sizeof(struct xt_udp),
231 .proto = IPPROTO_UDP, 217 .proto = IPPROTO_UDP,
232 .me = THIS_MODULE, 218 .me = THIS_MODULE,
@@ -234,8 +220,8 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
234 { 220 {
235 .name = "udplite", 221 .name = "udplite",
236 .family = AF_INET, 222 .family = AF_INET,
237 .checkentry = udp_checkentry, 223 .checkentry = udp_mt_check,
238 .match = udp_match, 224 .match = udp_mt,
239 .matchsize = sizeof(struct xt_udp), 225 .matchsize = sizeof(struct xt_udp),
240 .proto = IPPROTO_UDPLITE, 226 .proto = IPPROTO_UDPLITE,
241 .me = THIS_MODULE, 227 .me = THIS_MODULE,
@@ -243,24 +229,23 @@ static struct xt_match xt_tcpudp_match[] __read_mostly = {
243 { 229 {
244 .name = "udplite", 230 .name = "udplite",
245 .family = AF_INET6, 231 .family = AF_INET6,
246 .checkentry = udp_checkentry, 232 .checkentry = udp_mt_check,
247 .match = udp_match, 233 .match = udp_mt,
248 .matchsize = sizeof(struct xt_udp), 234 .matchsize = sizeof(struct xt_udp),
249 .proto = IPPROTO_UDPLITE, 235 .proto = IPPROTO_UDPLITE,
250 .me = THIS_MODULE, 236 .me = THIS_MODULE,
251 }, 237 },
252}; 238};
253 239
254static int __init xt_tcpudp_init(void) 240static int __init tcpudp_mt_init(void)
255{ 241{
256 return xt_register_matches(xt_tcpudp_match, 242 return xt_register_matches(tcpudp_mt_reg, ARRAY_SIZE(tcpudp_mt_reg));
257 ARRAY_SIZE(xt_tcpudp_match));
258} 243}
259 244
260static void __exit xt_tcpudp_fini(void) 245static void __exit tcpudp_mt_exit(void)
261{ 246{
262 xt_unregister_matches(xt_tcpudp_match, ARRAY_SIZE(xt_tcpudp_match)); 247 xt_unregister_matches(tcpudp_mt_reg, ARRAY_SIZE(tcpudp_mt_reg));
263} 248}
264 249
265module_init(xt_tcpudp_init); 250module_init(tcpudp_mt_init);
266module_exit(xt_tcpudp_fini); 251module_exit(tcpudp_mt_exit);
diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c
index f9c55dcd894..96da93c9ece 100644
--- a/net/netfilter/xt_time.c
+++ b/net/netfilter/xt_time.c
@@ -147,11 +147,10 @@ static void localtime_3(struct xtm *r, time_t time)
147 return; 147 return;
148} 148}
149 149
150static bool xt_time_match(const struct sk_buff *skb, 150static bool
151 const struct net_device *in, 151time_mt(const struct sk_buff *skb, const struct net_device *in,
152 const struct net_device *out, 152 const struct net_device *out, const struct xt_match *match,
153 const struct xt_match *match, const void *matchinfo, 153 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
154 int offset, unsigned int protoff, bool *hotdrop)
155{ 154{
156 const struct xt_time_info *info = matchinfo; 155 const struct xt_time_info *info = matchinfo;
157 unsigned int packet_time; 156 unsigned int packet_time;
@@ -216,9 +215,10 @@ static bool xt_time_match(const struct sk_buff *skb,
216 return true; 215 return true;
217} 216}
218 217
219static bool xt_time_check(const char *tablename, const void *ip, 218static bool
220 const struct xt_match *match, void *matchinfo, 219time_mt_check(const char *tablename, const void *ip,
221 unsigned int hook_mask) 220 const struct xt_match *match, void *matchinfo,
221 unsigned int hook_mask)
222{ 222{
223 struct xt_time_info *info = matchinfo; 223 struct xt_time_info *info = matchinfo;
224 224
@@ -232,37 +232,37 @@ static bool xt_time_check(const char *tablename, const void *ip,
232 return true; 232 return true;
233} 233}
234 234
235static struct xt_match xt_time_reg[] __read_mostly = { 235static struct xt_match time_mt_reg[] __read_mostly = {
236 { 236 {
237 .name = "time", 237 .name = "time",
238 .family = AF_INET, 238 .family = AF_INET,
239 .match = xt_time_match, 239 .match = time_mt,
240 .matchsize = sizeof(struct xt_time_info), 240 .matchsize = sizeof(struct xt_time_info),
241 .checkentry = xt_time_check, 241 .checkentry = time_mt_check,
242 .me = THIS_MODULE, 242 .me = THIS_MODULE,
243 }, 243 },
244 { 244 {
245 .name = "time", 245 .name = "time",
246 .family = AF_INET6, 246 .family = AF_INET6,
247 .match = xt_time_match, 247 .match = time_mt,
248 .matchsize = sizeof(struct xt_time_info), 248 .matchsize = sizeof(struct xt_time_info),
249 .checkentry = xt_time_check, 249 .checkentry = time_mt_check,
250 .me = THIS_MODULE, 250 .me = THIS_MODULE,
251 }, 251 },
252}; 252};
253 253
254static int __init xt_time_init(void) 254static int __init time_mt_init(void)
255{ 255{
256 return xt_register_matches(xt_time_reg, ARRAY_SIZE(xt_time_reg)); 256 return xt_register_matches(time_mt_reg, ARRAY_SIZE(time_mt_reg));
257} 257}
258 258
259static void __exit xt_time_exit(void) 259static void __exit time_mt_exit(void)
260{ 260{
261 xt_unregister_matches(xt_time_reg, ARRAY_SIZE(xt_time_reg)); 261 xt_unregister_matches(time_mt_reg, ARRAY_SIZE(time_mt_reg));
262} 262}
263 263
264module_init(xt_time_init); 264module_init(time_mt_init);
265module_exit(xt_time_exit); 265module_exit(time_mt_exit);
266MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>"); 266MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
267MODULE_DESCRIPTION("netfilter time match"); 267MODULE_DESCRIPTION("netfilter time match");
268MODULE_LICENSE("GPL"); 268MODULE_LICENSE("GPL");
diff --git a/net/netfilter/xt_u32.c b/net/netfilter/xt_u32.c
index af75b8c3f20..3d8f5b3986a 100644
--- a/net/netfilter/xt_u32.c
+++ b/net/netfilter/xt_u32.c
@@ -88,11 +88,10 @@ static bool u32_match_it(const struct xt_u32 *data,
88 return true; 88 return true;
89} 89}
90 90
91static bool u32_match(const struct sk_buff *skb, 91static bool
92 const struct net_device *in, 92u32_mt(const struct sk_buff *skb, const struct net_device *in,
93 const struct net_device *out, 93 const struct net_device *out, const struct xt_match *match,
94 const struct xt_match *match, const void *matchinfo, 94 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
95 int offset, unsigned int protoff, bool *hotdrop)
96{ 95{
97 const struct xt_u32 *data = matchinfo; 96 const struct xt_u32 *data = matchinfo;
98 bool ret; 97 bool ret;
@@ -101,35 +100,35 @@ static bool u32_match(const struct sk_buff *skb,
101 return ret ^ data->invert; 100 return ret ^ data->invert;
102} 101}
103 102
104static struct xt_match u32_reg[] __read_mostly = { 103static struct xt_match u32_mt_reg[] __read_mostly = {
105 { 104 {
106 .name = "u32", 105 .name = "u32",
107 .family = AF_INET, 106 .family = AF_INET,
108 .match = u32_match, 107 .match = u32_mt,
109 .matchsize = sizeof(struct xt_u32), 108 .matchsize = sizeof(struct xt_u32),
110 .me = THIS_MODULE, 109 .me = THIS_MODULE,
111 }, 110 },
112 { 111 {
113 .name = "u32", 112 .name = "u32",
114 .family = AF_INET6, 113 .family = AF_INET6,
115 .match = u32_match, 114 .match = u32_mt,
116 .matchsize = sizeof(struct xt_u32), 115 .matchsize = sizeof(struct xt_u32),
117 .me = THIS_MODULE, 116 .me = THIS_MODULE,
118 }, 117 },
119}; 118};
120 119
121static int __init xt_u32_init(void) 120static int __init u32_mt_init(void)
122{ 121{
123 return xt_register_matches(u32_reg, ARRAY_SIZE(u32_reg)); 122 return xt_register_matches(u32_mt_reg, ARRAY_SIZE(u32_mt_reg));
124} 123}
125 124
126static void __exit xt_u32_exit(void) 125static void __exit u32_mt_exit(void)
127{ 126{
128 xt_unregister_matches(u32_reg, ARRAY_SIZE(u32_reg)); 127 xt_unregister_matches(u32_mt_reg, ARRAY_SIZE(u32_mt_reg));
129} 128}
130 129
131module_init(xt_u32_init); 130module_init(u32_mt_init);
132module_exit(xt_u32_exit); 131module_exit(u32_mt_exit);
133MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>"); 132MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>");
134MODULE_DESCRIPTION("netfilter u32 match module"); 133MODULE_DESCRIPTION("netfilter u32 match module");
135MODULE_LICENSE("GPL"); 134MODULE_LICENSE("GPL");
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-19 08:27:21 -0400