diff options
Diffstat (limited to 'net/ipv6/netfilter/ip6_tables.c')
-rw-r--r-- | net/ipv6/netfilter/ip6_tables.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 7083e1cfb2f..7c512e13f95 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
@@ -92,16 +92,16 @@ do { \ | |||
92 | #endif | 92 | #endif |
93 | 93 | ||
94 | /* Check for an extension */ | 94 | /* Check for an extension */ |
95 | int | 95 | int |
96 | ip6t_ext_hdr(u8 nexthdr) | 96 | ip6t_ext_hdr(u8 nexthdr) |
97 | { | 97 | { |
98 | return ( (nexthdr == IPPROTO_HOPOPTS) || | 98 | return ( (nexthdr == IPPROTO_HOPOPTS) || |
99 | (nexthdr == IPPROTO_ROUTING) || | 99 | (nexthdr == IPPROTO_ROUTING) || |
100 | (nexthdr == IPPROTO_FRAGMENT) || | 100 | (nexthdr == IPPROTO_FRAGMENT) || |
101 | (nexthdr == IPPROTO_ESP) || | 101 | (nexthdr == IPPROTO_ESP) || |
102 | (nexthdr == IPPROTO_AH) || | 102 | (nexthdr == IPPROTO_AH) || |
103 | (nexthdr == IPPROTO_NONE) || | 103 | (nexthdr == IPPROTO_NONE) || |
104 | (nexthdr == IPPROTO_DSTOPTS) ); | 104 | (nexthdr == IPPROTO_DSTOPTS) ); |
105 | } | 105 | } |
106 | 106 | ||
107 | /* Returns whether matches rule or not. */ | 107 | /* Returns whether matches rule or not. */ |
@@ -120,9 +120,9 @@ ip6_packet_match(const struct sk_buff *skb, | |||
120 | #define FWINV(bool,invflg) ((bool) ^ !!(ip6info->invflags & invflg)) | 120 | #define FWINV(bool,invflg) ((bool) ^ !!(ip6info->invflags & invflg)) |
121 | 121 | ||
122 | if (FWINV(ipv6_masked_addr_cmp(&ipv6->saddr, &ip6info->smsk, | 122 | if (FWINV(ipv6_masked_addr_cmp(&ipv6->saddr, &ip6info->smsk, |
123 | &ip6info->src), IP6T_INV_SRCIP) | 123 | &ip6info->src), IP6T_INV_SRCIP) |
124 | || FWINV(ipv6_masked_addr_cmp(&ipv6->daddr, &ip6info->dmsk, | 124 | || FWINV(ipv6_masked_addr_cmp(&ipv6->daddr, &ip6info->dmsk, |
125 | &ip6info->dst), IP6T_INV_DSTIP)) { | 125 | &ip6info->dst), IP6T_INV_DSTIP)) { |
126 | dprintf("Source or dest mismatch.\n"); | 126 | dprintf("Source or dest mismatch.\n"); |
127 | /* | 127 | /* |
128 | dprintf("SRC: %u. Mask: %u. Target: %u.%s\n", ip->saddr, | 128 | dprintf("SRC: %u. Mask: %u. Target: %u.%s\n", ip->saddr, |
@@ -177,7 +177,7 @@ ip6_packet_match(const struct sk_buff *skb, | |||
177 | *fragoff = _frag_off; | 177 | *fragoff = _frag_off; |
178 | 178 | ||
179 | dprintf("Packet protocol %hi ?= %s%hi.\n", | 179 | dprintf("Packet protocol %hi ?= %s%hi.\n", |
180 | protohdr, | 180 | protohdr, |
181 | ip6info->invflags & IP6T_INV_PROTO ? "!":"", | 181 | ip6info->invflags & IP6T_INV_PROTO ? "!":"", |
182 | ip6info->proto); | 182 | ip6info->proto); |
183 | 183 | ||
@@ -197,7 +197,7 @@ ip6_packet_match(const struct sk_buff *skb, | |||
197 | } | 197 | } |
198 | 198 | ||
199 | /* should be ip6 safe */ | 199 | /* should be ip6 safe */ |
200 | static inline int | 200 | static inline int |
201 | ip6_checkentry(const struct ip6t_ip6 *ipv6) | 201 | ip6_checkentry(const struct ip6t_ip6 *ipv6) |
202 | { | 202 | { |
203 | if (ipv6->flags & ~IP6T_F_MASK) { | 203 | if (ipv6->flags & ~IP6T_F_MASK) { |
@@ -337,7 +337,7 @@ ip6t_do_table(struct sk_buff **pskb, | |||
337 | e = get_entry(table_base, v); | 337 | e = get_entry(table_base, v); |
338 | } else { | 338 | } else { |
339 | /* Targets which reenter must return | 339 | /* Targets which reenter must return |
340 | abs. verdicts */ | 340 | abs. verdicts */ |
341 | #ifdef CONFIG_NETFILTER_DEBUG | 341 | #ifdef CONFIG_NETFILTER_DEBUG |
342 | ((struct ip6t_entry *)table_base)->comefrom | 342 | ((struct ip6t_entry *)table_base)->comefrom |
343 | = 0xeeeeeeec; | 343 | = 0xeeeeeeec; |
@@ -534,10 +534,10 @@ check_match(struct ip6t_entry_match *m, | |||
534 | int ret; | 534 | int ret; |
535 | 535 | ||
536 | match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name, | 536 | match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name, |
537 | m->u.user.revision), | 537 | m->u.user.revision), |
538 | "ip6t_%s", m->u.user.name); | 538 | "ip6t_%s", m->u.user.name); |
539 | if (IS_ERR(match) || !match) { | 539 | if (IS_ERR(match) || !match) { |
540 | duprintf("check_match: `%s' not found\n", m->u.user.name); | 540 | duprintf("check_match: `%s' not found\n", m->u.user.name); |
541 | return match ? PTR_ERR(match) : -ENOENT; | 541 | return match ? PTR_ERR(match) : -ENOENT; |
542 | } | 542 | } |
543 | m->u.kernel.match = match; | 543 | m->u.kernel.match = match; |
@@ -661,7 +661,7 @@ check_entry_size_and_hooks(struct ip6t_entry *e, | |||
661 | } | 661 | } |
662 | 662 | ||
663 | /* FIXME: underflows must be unconditional, standard verdicts | 663 | /* FIXME: underflows must be unconditional, standard verdicts |
664 | < 0 (not IP6T_RETURN). --RR */ | 664 | < 0 (not IP6T_RETURN). --RR */ |
665 | 665 | ||
666 | /* Clear counters and comefrom */ | 666 | /* Clear counters and comefrom */ |
667 | e->counters = ((struct xt_counters) { 0, 0 }); | 667 | e->counters = ((struct xt_counters) { 0, 0 }); |
@@ -1003,8 +1003,8 @@ do_replace(void __user *user, unsigned int len) | |||
1003 | /* Update module usage count based on number of rules */ | 1003 | /* Update module usage count based on number of rules */ |
1004 | duprintf("do_replace: oldnum=%u, initnum=%u, newnum=%u\n", | 1004 | duprintf("do_replace: oldnum=%u, initnum=%u, newnum=%u\n", |
1005 | oldinfo->number, oldinfo->initial_entries, newinfo->number); | 1005 | oldinfo->number, oldinfo->initial_entries, newinfo->number); |
1006 | if ((oldinfo->number > oldinfo->initial_entries) || | 1006 | if ((oldinfo->number > oldinfo->initial_entries) || |
1007 | (newinfo->number <= oldinfo->initial_entries)) | 1007 | (newinfo->number <= oldinfo->initial_entries)) |
1008 | module_put(t->me); | 1008 | module_put(t->me); |
1009 | if ((oldinfo->number > oldinfo->initial_entries) && | 1009 | if ((oldinfo->number > oldinfo->initial_entries) && |
1010 | (newinfo->number <= oldinfo->initial_entries)) | 1010 | (newinfo->number <= oldinfo->initial_entries)) |
@@ -1492,9 +1492,9 @@ int ipv6_find_hdr(const struct sk_buff *skb, unsigned int *offset, | |||
1492 | } | 1492 | } |
1493 | hdrlen = 8; | 1493 | hdrlen = 8; |
1494 | } else if (nexthdr == NEXTHDR_AUTH) | 1494 | } else if (nexthdr == NEXTHDR_AUTH) |
1495 | hdrlen = (hp->hdrlen + 2) << 2; | 1495 | hdrlen = (hp->hdrlen + 2) << 2; |
1496 | else | 1496 | else |
1497 | hdrlen = ipv6_optlen(hp); | 1497 | hdrlen = ipv6_optlen(hp); |
1498 | 1498 | ||
1499 | nexthdr = hp->nexthdr; | 1499 | nexthdr = hp->nexthdr; |
1500 | len -= hdrlen; | 1500 | len -= hdrlen; |