diff options
| author | Jan Engelhardt <jengelh@gmx.de> | 2007-07-08 01:16:26 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2007-07-11 01:16:59 -0400 |
| commit | e1931b784a8de324abf310fa3b5e3f25d3988233 (patch) | |
| tree | 3f553c7fed76a21efc96cc0eb4fa7bd69722f94d | |
| parent | ccb79bdce71f2c04cfa9bfcbaf4d37e2f963d684 (diff) | |
[NETFILTER]: x_tables: switch xt_target->checkentry to bool
Switch the return type of target checkentry functions to boolean.
Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
24 files changed, 174 insertions, 174 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 5130dd60a2fc..64f425a855bb 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
| @@ -202,11 +202,11 @@ struct xt_target | |||
| 202 | hook_mask is a bitmask of hooks from which it can be | 202 | hook_mask is a bitmask of hooks from which it can be |
| 203 | called. */ | 203 | called. */ |
| 204 | /* Should return true or false. */ | 204 | /* Should return true or false. */ |
| 205 | int (*checkentry)(const char *tablename, | 205 | bool (*checkentry)(const char *tablename, |
| 206 | const void *entry, | 206 | const void *entry, |
| 207 | const struct xt_target *target, | 207 | const struct xt_target *target, |
| 208 | void *targinfo, | 208 | void *targinfo, |
| 209 | unsigned int hook_mask); | 209 | unsigned int hook_mask); |
| 210 | 210 | ||
| 211 | /* Called when entry of this type deleted. */ | 211 | /* Called when entry of this type deleted. */ |
| 212 | void (*destroy)(const struct xt_target *target, void *targinfo); | 212 | void (*destroy)(const struct xt_target *target, void *targinfo); |
diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c index 6298d404e7c7..497a16e0b064 100644 --- a/net/ipv4/netfilter/arpt_mangle.c +++ b/net/ipv4/netfilter/arpt_mangle.c | |||
| @@ -65,7 +65,7 @@ target(struct sk_buff **pskb, | |||
| 65 | return mangle->target; | 65 | return mangle->target; |
| 66 | } | 66 | } |
| 67 | 67 | ||
| 68 | static int | 68 | static bool |
| 69 | checkentry(const char *tablename, const void *e, const struct xt_target *target, | 69 | checkentry(const char *tablename, const void *e, const struct xt_target *target, |
| 70 | void *targinfo, unsigned int hook_mask) | 70 | void *targinfo, unsigned int hook_mask) |
| 71 | { | 71 | { |
| @@ -73,12 +73,12 @@ checkentry(const char *tablename, const void *e, const struct xt_target *target, | |||
| 73 | 73 | ||
| 74 | if (mangle->flags & ~ARPT_MANGLE_MASK || | 74 | if (mangle->flags & ~ARPT_MANGLE_MASK || |
| 75 | !(mangle->flags & ARPT_MANGLE_MASK)) | 75 | !(mangle->flags & ARPT_MANGLE_MASK)) |
| 76 | return 0; | 76 | return false; |
| 77 | 77 | ||
| 78 | if (mangle->target != NF_DROP && mangle->target != NF_ACCEPT && | 78 | if (mangle->target != NF_DROP && mangle->target != NF_ACCEPT && |
| 79 | mangle->target != ARPT_CONTINUE) | 79 | mangle->target != ARPT_CONTINUE) |
| 80 | return 0; | 80 | return false; |
| 81 | return 1; | 81 | return true; |
| 82 | } | 82 | } |
| 83 | 83 | ||
| 84 | static struct arpt_target arpt_mangle_reg = { | 84 | static struct arpt_target arpt_mangle_reg = { |
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index 40e273421398..e82339a78c01 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
| @@ -220,17 +220,17 @@ clusterip_add_node(struct clusterip_config *c, u_int16_t nodenum) | |||
| 220 | return 0; | 220 | return 0; |
| 221 | } | 221 | } |
| 222 | 222 | ||
| 223 | static int | 223 | static bool |
| 224 | clusterip_del_node(struct clusterip_config *c, u_int16_t nodenum) | 224 | clusterip_del_node(struct clusterip_config *c, u_int16_t nodenum) |
| 225 | { | 225 | { |
| 226 | if (nodenum == 0 || | 226 | if (nodenum == 0 || |
| 227 | nodenum > c->num_total_nodes) | 227 | nodenum > c->num_total_nodes) |
| 228 | return 1; | 228 | return true; |
| 229 | 229 | ||
| 230 | if (test_and_clear_bit(nodenum - 1, &c->local_nodes)) | 230 | if (test_and_clear_bit(nodenum - 1, &c->local_nodes)) |
| 231 | return 0; | 231 | return false; |
| 232 | 232 | ||
| 233 | return 1; | 233 | return true; |
| 234 | } | 234 | } |
| 235 | #endif | 235 | #endif |
| 236 | 236 | ||
| @@ -370,7 +370,7 @@ target(struct sk_buff **pskb, | |||
| 370 | return XT_CONTINUE; | 370 | return XT_CONTINUE; |
| 371 | } | 371 | } |
| 372 | 372 | ||
| 373 | static int | 373 | static bool |
| 374 | checkentry(const char *tablename, | 374 | checkentry(const char *tablename, |
| 375 | const void *e_void, | 375 | const void *e_void, |
| 376 | const struct xt_target *target, | 376 | const struct xt_target *target, |
| @@ -387,13 +387,13 @@ checkentry(const char *tablename, | |||
| 387 | cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP_SPT_DPT) { | 387 | cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP_SPT_DPT) { |
| 388 | printk(KERN_WARNING "CLUSTERIP: unknown mode `%u'\n", | 388 | printk(KERN_WARNING "CLUSTERIP: unknown mode `%u'\n", |
| 389 | cipinfo->hash_mode); | 389 | cipinfo->hash_mode); |
| 390 | return 0; | 390 | return false; |
| 391 | 391 | ||
| 392 | } | 392 | } |
| 393 | if (e->ip.dmsk.s_addr != htonl(0xffffffff) | 393 | if (e->ip.dmsk.s_addr != htonl(0xffffffff) |
| 394 | || e->ip.dst.s_addr == 0) { | 394 | || e->ip.dst.s_addr == 0) { |
| 395 | printk(KERN_ERR "CLUSTERIP: Please specify destination IP\n"); | 395 | printk(KERN_ERR "CLUSTERIP: Please specify destination IP\n"); |
| 396 | return 0; | 396 | return false; |
| 397 | } | 397 | } |
| 398 | 398 | ||
| 399 | /* FIXME: further sanity checks */ | 399 | /* FIXME: further sanity checks */ |
| @@ -407,7 +407,7 @@ checkentry(const char *tablename, | |||
| 407 | if (cipinfo->config != config) { | 407 | if (cipinfo->config != config) { |
| 408 | printk(KERN_ERR "CLUSTERIP: Reloaded entry " | 408 | printk(KERN_ERR "CLUSTERIP: Reloaded entry " |
| 409 | "has invalid config pointer!\n"); | 409 | "has invalid config pointer!\n"); |
| 410 | return 0; | 410 | return false; |
| 411 | } | 411 | } |
| 412 | } else { | 412 | } else { |
| 413 | /* Case B: This is a new rule referring to an existing | 413 | /* Case B: This is a new rule referring to an existing |
| @@ -418,19 +418,19 @@ checkentry(const char *tablename, | |||
| 418 | /* Case C: This is a completely new clusterip config */ | 418 | /* Case C: This is a completely new clusterip config */ |
| 419 | if (!(cipinfo->flags & CLUSTERIP_FLAG_NEW)) { | 419 | if (!(cipinfo->flags & CLUSTERIP_FLAG_NEW)) { |
| 420 | printk(KERN_WARNING "CLUSTERIP: no config found for %u.%u.%u.%u, need 'new'\n", NIPQUAD(e->ip.dst.s_addr)); | 420 | printk(KERN_WARNING "CLUSTERIP: no config found for %u.%u.%u.%u, need 'new'\n", NIPQUAD(e->ip.dst.s_addr)); |
| 421 | return 0; | 421 | return false; |
| 422 | } else { | 422 | } else { |
| 423 | struct net_device *dev; | 423 | struct net_device *dev; |
| 424 | 424 | ||
| 425 | if (e->ip.iniface[0] == '\0') { | 425 | if (e->ip.iniface[0] == '\0') { |
| 426 | printk(KERN_WARNING "CLUSTERIP: Please specify an interface name\n"); | 426 | printk(KERN_WARNING "CLUSTERIP: Please specify an interface name\n"); |
| 427 | return 0; | 427 | return false; |
| 428 | } | 428 | } |
| 429 | 429 | ||
| 430 | dev = dev_get_by_name(e->ip.iniface); | 430 | dev = dev_get_by_name(e->ip.iniface); |
| 431 | if (!dev) { | 431 | if (!dev) { |
| 432 | printk(KERN_WARNING "CLUSTERIP: no such interface %s\n", e->ip.iniface); | 432 | printk(KERN_WARNING "CLUSTERIP: no such interface %s\n", e->ip.iniface); |
| 433 | return 0; | 433 | return false; |
| 434 | } | 434 | } |
| 435 | 435 | ||
| 436 | config = clusterip_config_init(cipinfo, | 436 | config = clusterip_config_init(cipinfo, |
| @@ -438,7 +438,7 @@ checkentry(const char *tablename, | |||
| 438 | if (!config) { | 438 | if (!config) { |
| 439 | printk(KERN_WARNING "CLUSTERIP: cannot allocate config\n"); | 439 | printk(KERN_WARNING "CLUSTERIP: cannot allocate config\n"); |
| 440 | dev_put(dev); | 440 | dev_put(dev); |
| 441 | return 0; | 441 | return false; |
| 442 | } | 442 | } |
| 443 | dev_mc_add(config->dev,config->clustermac, ETH_ALEN, 0); | 443 | dev_mc_add(config->dev,config->clustermac, ETH_ALEN, 0); |
| 444 | } | 444 | } |
| @@ -448,10 +448,10 @@ checkentry(const char *tablename, | |||
| 448 | if (nf_ct_l3proto_try_module_get(target->family) < 0) { | 448 | if (nf_ct_l3proto_try_module_get(target->family) < 0) { |
| 449 | printk(KERN_WARNING "can't load conntrack support for " | 449 | printk(KERN_WARNING "can't load conntrack support for " |
| 450 | "proto=%d\n", target->family); | 450 | "proto=%d\n", target->family); |
| 451 | return 0; | 451 | return false; |
| 452 | } | 452 | } |
| 453 | 453 | ||
| 454 | return 1; | 454 | return true; |
| 455 | } | 455 | } |
| 456 | 456 | ||
| 457 | /* drop reference count of cluster config when rule is deleted */ | 457 | /* drop reference count of cluster config when rule is deleted */ |
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c index 918ca92e534a..02367012fc74 100644 --- a/net/ipv4/netfilter/ipt_ECN.c +++ b/net/ipv4/netfilter/ipt_ECN.c | |||
| @@ -24,8 +24,8 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | |||
| 24 | MODULE_DESCRIPTION("iptables ECN modification module"); | 24 | MODULE_DESCRIPTION("iptables ECN modification module"); |
| 25 | 25 | ||
| 26 | /* set ECT codepoint from IP header. | 26 | /* set ECT codepoint from IP header. |
| 27 | * return 0 if there was an error. */ | 27 | * return false if there was an error. */ |
| 28 | static inline int | 28 | static inline bool |
| 29 | set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) | 29 | set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) |
| 30 | { | 30 | { |
| 31 | struct iphdr *iph = ip_hdr(*pskb); | 31 | struct iphdr *iph = ip_hdr(*pskb); |
| @@ -33,18 +33,18 @@ set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) | |||
| 33 | if ((iph->tos & IPT_ECN_IP_MASK) != (einfo->ip_ect & IPT_ECN_IP_MASK)) { | 33 | if ((iph->tos & IPT_ECN_IP_MASK) != (einfo->ip_ect & IPT_ECN_IP_MASK)) { |
| 34 | __u8 oldtos; | 34 | __u8 oldtos; |
| 35 | if (!skb_make_writable(pskb, sizeof(struct iphdr))) | 35 | if (!skb_make_writable(pskb, sizeof(struct iphdr))) |
| 36 | return 0; | 36 | return false; |
| 37 | iph = ip_hdr(*pskb); | 37 | iph = ip_hdr(*pskb); |
| 38 | oldtos = iph->tos; | 38 | oldtos = iph->tos; |
| 39 | iph->tos &= ~IPT_ECN_IP_MASK; | 39 | iph->tos &= ~IPT_ECN_IP_MASK; |
| 40 | iph->tos |= (einfo->ip_ect & IPT_ECN_IP_MASK); | 40 | iph->tos |= (einfo->ip_ect & IPT_ECN_IP_MASK); |
| 41 | nf_csum_replace2(&iph->check, htons(oldtos), htons(iph->tos)); | 41 | nf_csum_replace2(&iph->check, htons(oldtos), htons(iph->tos)); |
| 42 | } | 42 | } |
| 43 | return 1; | 43 | return true; |
| 44 | } | 44 | } |
| 45 | 45 | ||
| 46 | /* Return 0 if there was an error. */ | 46 | /* Return false if there was an error. */ |
| 47 | static inline int | 47 | static inline bool |
| 48 | set_ect_tcp(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) | 48 | set_ect_tcp(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) |
| 49 | { | 49 | { |
| 50 | struct tcphdr _tcph, *tcph; | 50 | struct tcphdr _tcph, *tcph; |
| @@ -54,16 +54,16 @@ set_ect_tcp(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) | |||
| 54 | tcph = skb_header_pointer(*pskb, ip_hdrlen(*pskb), | 54 | tcph = skb_header_pointer(*pskb, ip_hdrlen(*pskb), |
| 55 | sizeof(_tcph), &_tcph); | 55 | sizeof(_tcph), &_tcph); |
| 56 | if (!tcph) | 56 | if (!tcph) |
| 57 | return 0; | 57 | return false; |
| 58 | 58 | ||
| 59 | if ((!(einfo->operation & IPT_ECN_OP_SET_ECE) || | 59 | if ((!(einfo->operation & IPT_ECN_OP_SET_ECE) || |
| 60 | tcph->ece == einfo->proto.tcp.ece) && | 60 | tcph->ece == einfo->proto.tcp.ece) && |
| 61 | ((!(einfo->operation & IPT_ECN_OP_SET_CWR) || | 61 | ((!(einfo->operation & IPT_ECN_OP_SET_CWR) || |
| 62 | tcph->cwr == einfo->proto.tcp.cwr))) | 62 | tcph->cwr == einfo->proto.tcp.cwr))) |
| 63 | return 1; | 63 | return true; |
| 64 | 64 | ||
| 65 | if (!skb_make_writable(pskb, ip_hdrlen(*pskb) + sizeof(*tcph))) | 65 | if (!skb_make_writable(pskb, ip_hdrlen(*pskb) + sizeof(*tcph))) |
| 66 | return 0; | 66 | return false; |
| 67 | tcph = (void *)ip_hdr(*pskb) + ip_hdrlen(*pskb); | 67 | tcph = (void *)ip_hdr(*pskb) + ip_hdrlen(*pskb); |
| 68 | 68 | ||
| 69 | oldval = ((__be16 *)tcph)[6]; | 69 | oldval = ((__be16 *)tcph)[6]; |
| @@ -74,7 +74,7 @@ set_ect_tcp(struct sk_buff **pskb, const struct ipt_ECN_info *einfo) | |||
| 74 | 74 | ||
| 75 | nf_proto_csum_replace2(&tcph->check, *pskb, | 75 | nf_proto_csum_replace2(&tcph->check, *pskb, |
| 76 | oldval, ((__be16 *)tcph)[6], 0); | 76 | oldval, ((__be16 *)tcph)[6], 0); |
| 77 | return 1; | 77 | return true; |
| 78 | } | 78 | } |
| 79 | 79 | ||
| 80 | static unsigned int | 80 | static unsigned int |
| @@ -99,7 +99,7 @@ target(struct sk_buff **pskb, | |||
| 99 | return XT_CONTINUE; | 99 | return XT_CONTINUE; |
| 100 | } | 100 | } |
| 101 | 101 | ||
| 102 | static int | 102 | static bool |
| 103 | checkentry(const char *tablename, | 103 | checkentry(const char *tablename, |
| 104 | const void *e_void, | 104 | const void *e_void, |
| 105 | const struct xt_target *target, | 105 | const struct xt_target *target, |
| @@ -112,20 +112,20 @@ checkentry(const char *tablename, | |||
| 112 | if (einfo->operation & IPT_ECN_OP_MASK) { | 112 | if (einfo->operation & IPT_ECN_OP_MASK) { |
| 113 | printk(KERN_WARNING "ECN: unsupported ECN operation %x\n", | 113 | printk(KERN_WARNING "ECN: unsupported ECN operation %x\n", |
| 114 | einfo->operation); | 114 | einfo->operation); |
| 115 | return 0; | 115 | return false; |
| 116 | } | 116 | } |
| 117 | if (einfo->ip_ect & ~IPT_ECN_IP_MASK) { | 117 | if (einfo->ip_ect & ~IPT_ECN_IP_MASK) { |
| 118 | printk(KERN_WARNING "ECN: new ECT codepoint %x out of mask\n", | 118 | printk(KERN_WARNING "ECN: new ECT codepoint %x out of mask\n", |
| 119 | einfo->ip_ect); | 119 | einfo->ip_ect); |
| 120 | return 0; | 120 | return false; |
| 121 | } | 121 | } |
| 122 | if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) | 122 | if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) |
| 123 | && (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) { | 123 | && (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) { |
| 124 | printk(KERN_WARNING "ECN: cannot use TCP operations on a " | 124 | printk(KERN_WARNING "ECN: cannot use TCP operations on a " |
| 125 | "non-tcp rule\n"); | 125 | "non-tcp rule\n"); |
| 126 | return 0; | 126 | return false; |
| 127 | } | 127 | } |
| 128 | return 1; | 128 | return true; |
| 129 | } | 129 | } |
| 130 | 130 | ||
| 131 | static struct xt_target ipt_ecn_reg = { | 131 | static struct xt_target ipt_ecn_reg = { |
diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c index a42c5cd968b1..bbff6c352ef8 100644 --- a/net/ipv4/netfilter/ipt_LOG.c +++ b/net/ipv4/netfilter/ipt_LOG.c | |||
| @@ -435,24 +435,24 @@ ipt_log_target(struct sk_buff **pskb, | |||
| 435 | return XT_CONTINUE; | 435 | return XT_CONTINUE; |
| 436 | } | 436 | } |
| 437 | 437 | ||
| 438 | static int ipt_log_checkentry(const char *tablename, | 438 | static bool ipt_log_checkentry(const char *tablename, |
| 439 | const void *e, | 439 | const void *e, |
| 440 | const struct xt_target *target, | 440 | const struct xt_target *target, |
| 441 | void *targinfo, | 441 | void *targinfo, |
| 442 | unsigned int hook_mask) | 442 | unsigned int hook_mask) |
| 443 | { | 443 | { |
| 444 | const struct ipt_log_info *loginfo = targinfo; | 444 | const struct ipt_log_info *loginfo = targinfo; |
| 445 | 445 | ||
| 446 | if (loginfo->level >= 8) { | 446 | if (loginfo->level >= 8) { |
| 447 | DEBUGP("LOG: level %u >= 8\n", loginfo->level); | 447 | DEBUGP("LOG: level %u >= 8\n", loginfo->level); |
| 448 | return 0; | 448 | return false; |
| 449 | } | 449 | } |
| 450 | if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { | 450 | if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { |
| 451 | DEBUGP("LOG: prefix term %i\n", | 451 | DEBUGP("LOG: prefix term %i\n", |
| 452 | loginfo->prefix[sizeof(loginfo->prefix)-1]); | 452 | loginfo->prefix[sizeof(loginfo->prefix)-1]); |
| 453 | return 0; | 453 | return false; |
| 454 | } | 454 | } |
| 455 | return 1; | 455 | return true; |
| 456 | } | 456 | } |
| 457 | 457 | ||
| 458 | static struct xt_target ipt_log_reg = { | 458 | static struct xt_target ipt_log_reg = { |
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c index d4f2d7775330..b5b216408ee7 100644 --- a/net/ipv4/netfilter/ipt_MASQUERADE.c +++ b/net/ipv4/netfilter/ipt_MASQUERADE.c | |||
| @@ -37,7 +37,7 @@ MODULE_DESCRIPTION("iptables MASQUERADE target module"); | |||
| 37 | static DEFINE_RWLOCK(masq_lock); | 37 | static DEFINE_RWLOCK(masq_lock); |
| 38 | 38 | ||
| 39 | /* FIXME: Multiple targets. --RR */ | 39 | /* FIXME: Multiple targets. --RR */ |
| 40 | static int | 40 | static bool |
| 41 | masquerade_check(const char *tablename, | 41 | masquerade_check(const char *tablename, |
| 42 | const void *e, | 42 | const void *e, |
| 43 | const struct xt_target *target, | 43 | const struct xt_target *target, |
| @@ -48,13 +48,13 @@ masquerade_check(const char *tablename, | |||
| 48 | 48 | ||
| 49 | if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) { | 49 | if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) { |
| 50 | DEBUGP("masquerade_check: bad MAP_IPS.\n"); | 50 | DEBUGP("masquerade_check: bad MAP_IPS.\n"); |
| 51 | return 0; | 51 | return false; |
| 52 | } | 52 | } |
| 53 | if (mr->rangesize != 1) { | 53 | if (mr->rangesize != 1) { |
| 54 | DEBUGP("masquerade_check: bad rangesize %u.\n", mr->rangesize); | 54 | DEBUGP("masquerade_check: bad rangesize %u.\n", mr->rangesize); |
| 55 | return 0; | 55 | return false; |
| 56 | } | 56 | } |
| 57 | return 1; | 57 | return true; |
| 58 | } | 58 | } |
| 59 | 59 | ||
| 60 | static unsigned int | 60 | static unsigned int |
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c index 068c69bce30e..a902c71218bf 100644 --- a/net/ipv4/netfilter/ipt_NETMAP.c +++ b/net/ipv4/netfilter/ipt_NETMAP.c | |||
| @@ -29,7 +29,7 @@ MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target"); | |||
| 29 | #define DEBUGP(format, args...) | 29 | #define DEBUGP(format, args...) |
| 30 | #endif | 30 | #endif |
| 31 | 31 | ||
| 32 | static int | 32 | static bool |
| 33 | check(const char *tablename, | 33 | check(const char *tablename, |
| 34 | const void *e, | 34 | const void *e, |
| 35 | const struct xt_target *target, | 35 | const struct xt_target *target, |
| @@ -40,13 +40,13 @@ check(const char *tablename, | |||
| 40 | 40 | ||
| 41 | if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) { | 41 | if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) { |
| 42 | DEBUGP(MODULENAME":check: bad MAP_IPS.\n"); | 42 | DEBUGP(MODULENAME":check: bad MAP_IPS.\n"); |
| 43 | return 0; | 43 | return false; |
| 44 | } | 44 | } |
| 45 | if (mr->rangesize != 1) { | 45 | if (mr->rangesize != 1) { |
| 46 | DEBUGP(MODULENAME":check: bad rangesize %u.\n", mr->rangesize); | 46 | DEBUGP(MODULENAME":check: bad rangesize %u.\n", mr->rangesize); |
| 47 | return 0; | 47 | return false; |
| 48 | } | 48 | } |
| 49 | return 1; | 49 | return true; |
| 50 | } | 50 | } |
| 51 | 51 | ||
| 52 | static unsigned int | 52 | static unsigned int |
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c index 68cc76a198eb..2a04103b50d1 100644 --- a/net/ipv4/netfilter/ipt_REDIRECT.c +++ b/net/ipv4/netfilter/ipt_REDIRECT.c | |||
| @@ -32,7 +32,7 @@ MODULE_DESCRIPTION("iptables REDIRECT target module"); | |||
| 32 | #endif | 32 | #endif |
| 33 | 33 | ||
| 34 | /* FIXME: Take multiple ranges --RR */ | 34 | /* FIXME: Take multiple ranges --RR */ |
| 35 | static int | 35 | static bool |
| 36 | redirect_check(const char *tablename, | 36 | redirect_check(const char *tablename, |
| 37 | const void *e, | 37 | const void *e, |
| 38 | const struct xt_target *target, | 38 | const struct xt_target *target, |
| @@ -43,13 +43,13 @@ redirect_check(const char *tablename, | |||
| 43 | 43 | ||
| 44 | if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) { | 44 | if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) { |
| 45 | DEBUGP("redirect_check: bad MAP_IPS.\n"); | 45 | DEBUGP("redirect_check: bad MAP_IPS.\n"); |
| 46 | return 0; | 46 | return false; |
| 47 | } | 47 | } |
| 48 | if (mr->rangesize != 1) { | 48 | if (mr->rangesize != 1) { |
| 49 | DEBUGP("redirect_check: bad rangesize %u.\n", mr->rangesize); | 49 | DEBUGP("redirect_check: bad rangesize %u.\n", mr->rangesize); |
| 50 | return 0; | 50 | return false; |
| 51 | } | 51 | } |
| 52 | return 1; | 52 | return true; |
| 53 | } | 53 | } |
| 54 | 54 | ||
| 55 | static unsigned int | 55 | static unsigned int |
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index 9041e0741f6f..5c3270d325f3 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c | |||
| @@ -217,27 +217,27 @@ static unsigned int reject(struct sk_buff **pskb, | |||
| 217 | return NF_DROP; | 217 | return NF_DROP; |
| 218 | } | 218 | } |
| 219 | 219 | ||
| 220 | static int check(const char *tablename, | 220 | static bool check(const char *tablename, |
| 221 | const void *e_void, | 221 | const void *e_void, |
| 222 | const struct xt_target *target, | 222 | const struct xt_target *target, |
| 223 | void *targinfo, | 223 | void *targinfo, |
| 224 | unsigned int hook_mask) | 224 | unsigned int hook_mask) |
| 225 | { | 225 | { |
| 226 | const struct ipt_reject_info *rejinfo = targinfo; | 226 | const struct ipt_reject_info *rejinfo = targinfo; |
| 227 | const struct ipt_entry *e = e_void; | 227 | const struct ipt_entry *e = e_void; |
| 228 | 228 | ||
| 229 | if (rejinfo->with == IPT_ICMP_ECHOREPLY) { | 229 | if (rejinfo->with == IPT_ICMP_ECHOREPLY) { |
| 230 | printk("REJECT: ECHOREPLY no longer supported.\n"); | 230 | printk("REJECT: ECHOREPLY no longer supported.\n"); |
| 231 | return 0; | 231 | return false; |
| 232 | } else if (rejinfo->with == IPT_TCP_RESET) { | 232 | } else if (rejinfo->with == IPT_TCP_RESET) { |
| 233 | /* Must specify that it's a TCP packet */ | 233 | /* Must specify that it's a TCP packet */ |
| 234 | if (e->ip.proto != IPPROTO_TCP | 234 | if (e->ip.proto != IPPROTO_TCP |
| 235 | || (e->ip.invflags & XT_INV_PROTO)) { | 235 | || (e->ip.invflags & XT_INV_PROTO)) { |
| 236 | DEBUGP("REJECT: TCP_RESET invalid for non-tcp\n"); | 236 | DEBUGP("REJECT: TCP_RESET invalid for non-tcp\n"); |
| 237 | return 0; | 237 | return false; |
| 238 | } | 238 | } |
| 239 | } | 239 | } |
| 240 | return 1; | 240 | return true; |
| 241 | } | 241 | } |
| 242 | 242 | ||
| 243 | static struct xt_target ipt_reject_reg = { | 243 | static struct xt_target ipt_reject_reg = { |
diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c index 511e5ff84938..3649fabc04ea 100644 --- a/net/ipv4/netfilter/ipt_SAME.c +++ b/net/ipv4/netfilter/ipt_SAME.c | |||
| @@ -33,7 +33,7 @@ MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip"); | |||
| 33 | #define DEBUGP(format, args...) | 33 | #define DEBUGP(format, args...) |
| 34 | #endif | 34 | #endif |
| 35 | 35 | ||
| 36 | static int | 36 | static bool |
| 37 | same_check(const char *tablename, | 37 | same_check(const char *tablename, |
| 38 | const void *e, | 38 | const void *e, |
| 39 | const struct xt_target *target, | 39 | const struct xt_target *target, |
| @@ -47,13 +47,13 @@ same_check(const char *tablename, | |||
| 47 | 47 | ||
| 48 | if (mr->rangesize < 1) { | 48 | if (mr->rangesize < 1) { |
| 49 | DEBUGP("same_check: need at least one dest range.\n"); | 49 | DEBUGP("same_check: need at least one dest range.\n"); |
| 50 | return 0; | 50 | return false; |
| 51 | } | 51 | } |
| 52 | if (mr->rangesize > IPT_SAME_MAX_RANGE) { | 52 | if (mr->rangesize > IPT_SAME_MAX_RANGE) { |
| 53 | DEBUGP("same_check: too many ranges specified, maximum " | 53 | DEBUGP("same_check: too many ranges specified, maximum " |
| 54 | "is %u ranges\n", | 54 | "is %u ranges\n", |
| 55 | IPT_SAME_MAX_RANGE); | 55 | IPT_SAME_MAX_RANGE); |
| 56 | return 0; | 56 | return false; |
| 57 | } | 57 | } |
| 58 | for (count = 0; count < mr->rangesize; count++) { | 58 | for (count = 0; count < mr->rangesize; count++) { |
| 59 | if (ntohl(mr->range[count].min_ip) > | 59 | if (ntohl(mr->range[count].min_ip) > |
| @@ -62,11 +62,11 @@ same_check(const char *tablename, | |||
| 62 | "range `%u.%u.%u.%u-%u.%u.%u.%u'.\n", | 62 | "range `%u.%u.%u.%u-%u.%u.%u.%u'.\n", |
| 63 | NIPQUAD(mr->range[count].min_ip), | 63 | NIPQUAD(mr->range[count].min_ip), |
| 64 | NIPQUAD(mr->range[count].max_ip)); | 64 | NIPQUAD(mr->range[count].max_ip)); |
| 65 | return 0; | 65 | return false; |
| 66 | } | 66 | } |
| 67 | if (!(mr->range[count].flags & IP_NAT_RANGE_MAP_IPS)) { | 67 | if (!(mr->range[count].flags & IP_NAT_RANGE_MAP_IPS)) { |
| 68 | DEBUGP("same_check: bad MAP_IPS.\n"); | 68 | DEBUGP("same_check: bad MAP_IPS.\n"); |
| 69 | return 0; | 69 | return false; |
| 70 | } | 70 | } |
| 71 | rangeip = (ntohl(mr->range[count].max_ip) - | 71 | rangeip = (ntohl(mr->range[count].max_ip) - |
| 72 | ntohl(mr->range[count].min_ip) + 1); | 72 | ntohl(mr->range[count].min_ip) + 1); |
| @@ -81,7 +81,7 @@ same_check(const char *tablename, | |||
| 81 | DEBUGP("same_check: Couldn't allocate %u bytes " | 81 | DEBUGP("same_check: Couldn't allocate %u bytes " |
| 82 | "for %u ipaddresses!\n", | 82 | "for %u ipaddresses!\n", |
| 83 | (sizeof(u_int32_t) * mr->ipnum), mr->ipnum); | 83 | (sizeof(u_int32_t) * mr->ipnum), mr->ipnum); |
| 84 | return 0; | 84 | return false; |
| 85 | } | 85 | } |
| 86 | DEBUGP("same_check: Allocated %u bytes for %u ipaddresses.\n", | 86 | DEBUGP("same_check: Allocated %u bytes for %u ipaddresses.\n", |
| 87 | (sizeof(u_int32_t) * mr->ipnum), mr->ipnum); | 87 | (sizeof(u_int32_t) * mr->ipnum), mr->ipnum); |
| @@ -97,7 +97,7 @@ same_check(const char *tablename, | |||
| 97 | index++; | 97 | index++; |
| 98 | } | 98 | } |
| 99 | } | 99 | } |
| 100 | return 1; | 100 | return true; |
| 101 | } | 101 | } |
| 102 | 102 | ||
| 103 | static void | 103 | static void |
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c index 0ad02f249837..ac43e86afbcf 100644 --- a/net/ipv4/netfilter/ipt_TOS.c +++ b/net/ipv4/netfilter/ipt_TOS.c | |||
| @@ -43,7 +43,7 @@ target(struct sk_buff **pskb, | |||
| 43 | return XT_CONTINUE; | 43 | return XT_CONTINUE; |
| 44 | } | 44 | } |
| 45 | 45 | ||
| 46 | static int | 46 | static bool |
| 47 | checkentry(const char *tablename, | 47 | checkentry(const char *tablename, |
| 48 | const void *e_void, | 48 | const void *e_void, |
| 49 | const struct xt_target *target, | 49 | const struct xt_target *target, |
| @@ -58,9 +58,9 @@ checkentry(const char *tablename, | |||
| 58 | && tos != IPTOS_MINCOST | 58 | && tos != IPTOS_MINCOST |
| 59 | && tos != IPTOS_NORMALSVC) { | 59 | && tos != IPTOS_NORMALSVC) { |
| 60 | printk(KERN_WARNING "TOS: bad tos value %#x\n", tos); | 60 | printk(KERN_WARNING "TOS: bad tos value %#x\n", tos); |
| 61 | return 0; | 61 | return false; |
| 62 | } | 62 | } |
| 63 | return 1; | 63 | return true; |
| 64 | } | 64 | } |
| 65 | 65 | ||
| 66 | static struct xt_target ipt_tos_reg = { | 66 | static struct xt_target ipt_tos_reg = { |
diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c index a991ec7bd4e7..96b6e3514c22 100644 --- a/net/ipv4/netfilter/ipt_TTL.c +++ b/net/ipv4/netfilter/ipt_TTL.c | |||
| @@ -62,7 +62,7 @@ ipt_ttl_target(struct sk_buff **pskb, | |||
| 62 | return XT_CONTINUE; | 62 | return XT_CONTINUE; |
| 63 | } | 63 | } |
| 64 | 64 | ||
| 65 | static int ipt_ttl_checkentry(const char *tablename, | 65 | static bool ipt_ttl_checkentry(const char *tablename, |
| 66 | const void *e, | 66 | const void *e, |
| 67 | const struct xt_target *target, | 67 | const struct xt_target *target, |
| 68 | void *targinfo, | 68 | void *targinfo, |
| @@ -73,11 +73,11 @@ static int ipt_ttl_checkentry(const char *tablename, | |||
| 73 | if (info->mode > IPT_TTL_MAXMODE) { | 73 | if (info->mode > IPT_TTL_MAXMODE) { |
| 74 | printk(KERN_WARNING "ipt_TTL: invalid or unknown Mode %u\n", | 74 | printk(KERN_WARNING "ipt_TTL: invalid or unknown Mode %u\n", |
| 75 | info->mode); | 75 | info->mode); |
| 76 | return 0; | 76 | return false; |
| 77 | } | 77 | } |
| 78 | if ((info->mode != IPT_TTL_SET) && (info->ttl == 0)) | 78 | if ((info->mode != IPT_TTL_SET) && (info->ttl == 0)) |
| 79 | return 0; | 79 | return false; |
| 80 | return 1; | 80 | return true; |
| 81 | } | 81 | } |
| 82 | 82 | ||
| 83 | static struct xt_target ipt_TTL = { | 83 | static struct xt_target ipt_TTL = { |
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index 23b607b33b32..dfa7afd84763 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c | |||
| @@ -328,25 +328,25 @@ static void ipt_logfn(unsigned int pf, | |||
| 328 | ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix); | 328 | ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix); |
| 329 | } | 329 | } |
| 330 | 330 | ||
| 331 | static int ipt_ulog_checkentry(const char *tablename, | 331 | static bool ipt_ulog_checkentry(const char *tablename, |
| 332 | const void *e, | 332 | const void *e, |
| 333 | const struct xt_target *target, | 333 | const struct xt_target *target, |
| 334 | void *targinfo, | 334 | void *targinfo, |
| 335 | unsigned int hookmask) | 335 | unsigned int hookmask) |
| 336 | { | 336 | { |
| 337 | struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; | 337 | struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; |
| 338 | 338 | ||
| 339 | if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') { | 339 | if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') { |
| 340 | DEBUGP("ipt_ULOG: prefix term %i\n", | 340 | DEBUGP("ipt_ULOG: prefix term %i\n", |
| 341 | loginfo->prefix[sizeof(loginfo->prefix) - 1]); | 341 | loginfo->prefix[sizeof(loginfo->prefix) - 1]); |
| 342 | return 0; | 342 | return false; |
| 343 | } | 343 | } |
| 344 | if (loginfo->qthreshold > ULOG_MAX_QLEN) { | 344 | if (loginfo->qthreshold > ULOG_MAX_QLEN) { |
| 345 | DEBUGP("ipt_ULOG: queue threshold %i > MAX_QLEN\n", | 345 | DEBUGP("ipt_ULOG: queue threshold %i > MAX_QLEN\n", |
| 346 | loginfo->qthreshold); | 346 | loginfo->qthreshold); |
| 347 | return 0; | 347 | return false; |
| 348 | } | 348 | } |
| 349 | return 1; | 349 | return true; |
| 350 | } | 350 | } |
| 351 | 351 | ||
| 352 | #ifdef CONFIG_COMPAT | 352 | #ifdef CONFIG_COMPAT |
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c index 6740736c5e79..fc3d9437beba 100644 --- a/net/ipv4/netfilter/nf_nat_rule.c +++ b/net/ipv4/netfilter/nf_nat_rule.c | |||
| @@ -140,36 +140,36 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb, | |||
| 140 | return nf_nat_setup_info(ct, &mr->range[0], hooknum); | 140 | return nf_nat_setup_info(ct, &mr->range[0], hooknum); |
| 141 | } | 141 | } |
| 142 | 142 | ||
| 143 | static int ipt_snat_checkentry(const char *tablename, | 143 | static bool ipt_snat_checkentry(const char *tablename, |
| 144 | const void *entry, | 144 | const void *entry, |
| 145 | const struct xt_target *target, | 145 | const struct xt_target *target, |
| 146 | void *targinfo, | 146 | void *targinfo, |
| 147 | unsigned int hook_mask) | 147 | unsigned int hook_mask) |
| 148 | { | 148 | { |
| 149 | struct nf_nat_multi_range_compat *mr = targinfo; | 149 | struct nf_nat_multi_range_compat *mr = targinfo; |
| 150 | 150 | ||
| 151 | /* Must be a valid range */ | 151 | /* Must be a valid range */ |
| 152 | if (mr->rangesize != 1) { | 152 | if (mr->rangesize != 1) { |
| 153 | printk("SNAT: multiple ranges no longer supported\n"); | 153 | printk("SNAT: multiple ranges no longer supported\n"); |
| 154 | return 0; | 154 | return false; |
| 155 | } | 155 | } |
| 156 | return 1; | 156 | return true; |
| 157 | } | 157 | } |
| 158 | 158 | ||
| 159 | static int ipt_dnat_checkentry(const char *tablename, | 159 | static bool ipt_dnat_checkentry(const char *tablename, |
| 160 | const void *entry, | 160 | const void *entry, |
| 161 | const struct xt_target *target, | 161 | const struct xt_target *target, |
| 162 | void *targinfo, | 162 | void *targinfo, |
| 163 | unsigned int hook_mask) | 163 | unsigned int hook_mask) |
| 164 | { | 164 | { |
| 165 | struct nf_nat_multi_range_compat *mr = targinfo; | 165 | struct nf_nat_multi_range_compat *mr = targinfo; |
| 166 | 166 | ||
| 167 | /* Must be a valid range */ | 167 | /* Must be a valid range */ |
| 168 | if (mr->rangesize != 1) { | 168 | if (mr->rangesize != 1) { |
| 169 | printk("DNAT: multiple ranges no longer supported\n"); | 169 | printk("DNAT: multiple ranges no longer supported\n"); |
| 170 | return 0; | 170 | return false; |
| 171 | } | 171 | } |
| 172 | return 1; | 172 | return true; |
| 173 | } | 173 | } |
| 174 | 174 | ||
| 175 | inline unsigned int | 175 | inline unsigned int |
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c index 4115a576ba25..82966c09fd64 100644 --- a/net/ipv6/netfilter/ip6t_HL.c +++ b/net/ipv6/netfilter/ip6t_HL.c | |||
| @@ -58,7 +58,7 @@ static unsigned int ip6t_hl_target(struct sk_buff **pskb, | |||
| 58 | return XT_CONTINUE; | 58 | return XT_CONTINUE; |
| 59 | } | 59 | } |
| 60 | 60 | ||
| 61 | static int ip6t_hl_checkentry(const char *tablename, | 61 | static bool ip6t_hl_checkentry(const char *tablename, |
| 62 | const void *entry, | 62 | const void *entry, |
| 63 | const struct xt_target *target, | 63 | const struct xt_target *target, |
| 64 | void *targinfo, | 64 | void *targinfo, |
| @@ -69,14 +69,14 @@ static int ip6t_hl_checkentry(const char *tablename, | |||
| 69 | if (info->mode > IP6T_HL_MAXMODE) { | 69 | if (info->mode > IP6T_HL_MAXMODE) { |
| 70 | printk(KERN_WARNING "ip6t_HL: invalid or unknown Mode %u\n", | 70 | printk(KERN_WARNING "ip6t_HL: invalid or unknown Mode %u\n", |
| 71 | info->mode); | 71 | info->mode); |
| 72 | return 0; | 72 | return false; |
| 73 | } | 73 | } |
| 74 | if ((info->mode != IP6T_HL_SET) && (info->hop_limit == 0)) { | 74 | if ((info->mode != IP6T_HL_SET) && (info->hop_limit == 0)) { |
| 75 | printk(KERN_WARNING "ip6t_HL: increment/decrement doesn't " | 75 | printk(KERN_WARNING "ip6t_HL: increment/decrement doesn't " |
| 76 | "make sense with value 0\n"); | 76 | "make sense with value 0\n"); |
| 77 | return 0; | 77 | return false; |
| 78 | } | 78 | } |
| 79 | return 1; | 79 | return true; |
| 80 | } | 80 | } |
| 81 | 81 | ||
| 82 | static struct xt_target ip6t_HL = { | 82 | static struct xt_target ip6t_HL = { |
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c index 5bb9cd349350..aa4b9a14a11c 100644 --- a/net/ipv6/netfilter/ip6t_LOG.c +++ b/net/ipv6/netfilter/ip6t_LOG.c | |||
| @@ -448,24 +448,24 @@ ip6t_log_target(struct sk_buff **pskb, | |||
| 448 | } | 448 | } |
| 449 | 449 | ||
| 450 | 450 | ||
| 451 | static int ip6t_log_checkentry(const char *tablename, | 451 | static bool ip6t_log_checkentry(const char *tablename, |
| 452 | const void *entry, | 452 | const void *entry, |
| 453 | const struct xt_target *target, | 453 | const struct xt_target *target, |
| 454 | void *targinfo, | 454 | void *targinfo, |
| 455 | unsigned int hook_mask) | 455 | unsigned int hook_mask) |
| 456 | { | 456 | { |
| 457 | const struct ip6t_log_info *loginfo = targinfo; | 457 | const struct ip6t_log_info *loginfo = targinfo; |
| 458 | 458 | ||
| 459 | if (loginfo->level >= 8) { | 459 | if (loginfo->level >= 8) { |
| 460 | DEBUGP("LOG: level %u >= 8\n", loginfo->level); | 460 | DEBUGP("LOG: level %u >= 8\n", loginfo->level); |
| 461 | return 0; | 461 | return false; |
| 462 | } | 462 | } |
| 463 | if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { | 463 | if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { |
| 464 | DEBUGP("LOG: prefix term %i\n", | 464 | DEBUGP("LOG: prefix term %i\n", |
| 465 | loginfo->prefix[sizeof(loginfo->prefix)-1]); | 465 | loginfo->prefix[sizeof(loginfo->prefix)-1]); |
| 466 | return 0; | 466 | return false; |
| 467 | } | 467 | } |
| 468 | return 1; | 468 | return true; |
| 469 | } | 469 | } |
| 470 | 470 | ||
| 471 | static struct xt_target ip6t_log_reg = { | 471 | static struct xt_target ip6t_log_reg = { |
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index cb3d2415a064..8639a0599bf5 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c | |||
| @@ -221,27 +221,27 @@ static unsigned int reject6_target(struct sk_buff **pskb, | |||
| 221 | return NF_DROP; | 221 | return NF_DROP; |
| 222 | } | 222 | } |
| 223 | 223 | ||
| 224 | static int check(const char *tablename, | 224 | static bool check(const char *tablename, |
| 225 | const void *entry, | 225 | const void *entry, |
| 226 | const struct xt_target *target, | 226 | const struct xt_target *target, |
| 227 | void *targinfo, | 227 | void *targinfo, |
| 228 | unsigned int hook_mask) | 228 | unsigned int hook_mask) |
| 229 | { | 229 | { |
| 230 | const struct ip6t_reject_info *rejinfo = targinfo; | 230 | const struct ip6t_reject_info *rejinfo = targinfo; |
| 231 | const struct ip6t_entry *e = entry; | 231 | const struct ip6t_entry *e = entry; |
| 232 | 232 | ||
| 233 | if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) { | 233 | if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) { |
| 234 | printk("ip6t_REJECT: ECHOREPLY is not supported.\n"); | 234 | printk("ip6t_REJECT: ECHOREPLY is not supported.\n"); |
| 235 | return 0; | 235 | return false; |
| 236 | } else if (rejinfo->with == IP6T_TCP_RESET) { | 236 | } else if (rejinfo->with == IP6T_TCP_RESET) { |
| 237 | /* Must specify that it's a TCP packet */ | 237 | /* Must specify that it's a TCP packet */ |
| 238 | if (e->ipv6.proto != IPPROTO_TCP | 238 | if (e->ipv6.proto != IPPROTO_TCP |
| 239 | || (e->ipv6.invflags & XT_INV_PROTO)) { | 239 | || (e->ipv6.invflags & XT_INV_PROTO)) { |
| 240 | DEBUGP("ip6t_REJECT: TCP_RESET illegal for non-tcp\n"); | 240 | DEBUGP("ip6t_REJECT: TCP_RESET illegal for non-tcp\n"); |
| 241 | return 0; | 241 | return false; |
| 242 | } | 242 | } |
| 243 | } | 243 | } |
| 244 | return 1; | 244 | return true; |
| 245 | } | 245 | } |
| 246 | 246 | ||
| 247 | static struct xt_target ip6t_reject_reg = { | 247 | static struct xt_target ip6t_reject_reg = { |
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c index b03ce009d0bf..4e8aa1b0cba2 100644 --- a/net/netfilter/xt_CONNMARK.c +++ b/net/netfilter/xt_CONNMARK.c | |||
| @@ -76,7 +76,7 @@ target(struct sk_buff **pskb, | |||
| 76 | return XT_CONTINUE; | 76 | return XT_CONTINUE; |
| 77 | } | 77 | } |
| 78 | 78 | ||
| 79 | static int | 79 | static bool |
| 80 | checkentry(const char *tablename, | 80 | checkentry(const char *tablename, |
| 81 | const void *entry, | 81 | const void *entry, |
| 82 | const struct xt_target *target, | 82 | const struct xt_target *target, |
| @@ -88,21 +88,21 @@ checkentry(const char *tablename, | |||
| 88 | if (nf_ct_l3proto_try_module_get(target->family) < 0) { | 88 | if (nf_ct_l3proto_try_module_get(target->family) < 0) { |
| 89 | printk(KERN_WARNING "can't load conntrack support for " | 89 | printk(KERN_WARNING "can't load conntrack support for " |
| 90 | "proto=%d\n", target->family); | 90 | "proto=%d\n", target->family); |
| 91 | return 0; | 91 | return false; |
| 92 | } | 92 | } |
| 93 | if (matchinfo->mode == XT_CONNMARK_RESTORE) { | 93 | if (matchinfo->mode == XT_CONNMARK_RESTORE) { |
| 94 | if (strcmp(tablename, "mangle") != 0) { | 94 | if (strcmp(tablename, "mangle") != 0) { |
| 95 | printk(KERN_WARNING "CONNMARK: restore can only be " | 95 | printk(KERN_WARNING "CONNMARK: restore can only be " |
| 96 | "called from \"mangle\" table, not \"%s\"\n", | 96 | "called from \"mangle\" table, not \"%s\"\n", |
| 97 | tablename); | 97 | tablename); |
| 98 | return 0; | 98 | return false; |
| 99 | } | 99 | } |
| 100 | } | 100 | } |
| 101 | if (matchinfo->mark > 0xffffffff || matchinfo->mask > 0xffffffff) { | 101 | if (matchinfo->mark > 0xffffffff || matchinfo->mask > 0xffffffff) { |
| 102 | printk(KERN_WARNING "CONNMARK: Only supports 32bit mark\n"); | 102 | printk(KERN_WARNING "CONNMARK: Only supports 32bit mark\n"); |
| 103 | return 0; | 103 | return false; |
| 104 | } | 104 | } |
| 105 | return 1; | 105 | return true; |
| 106 | } | 106 | } |
| 107 | 107 | ||
| 108 | static void | 108 | static void |
diff --git a/net/netfilter/xt_CONNSECMARK.c b/net/netfilter/xt_CONNSECMARK.c index 81c0c58bab47..ab2f0d016953 100644 --- a/net/netfilter/xt_CONNSECMARK.c +++ b/net/netfilter/xt_CONNSECMARK.c | |||
| @@ -85,16 +85,16 @@ static unsigned int target(struct sk_buff **pskb, const struct net_device *in, | |||
| 85 | return XT_CONTINUE; | 85 | return XT_CONTINUE; |
| 86 | } | 86 | } |
| 87 | 87 | ||
| 88 | static int checkentry(const char *tablename, const void *entry, | 88 | static bool checkentry(const char *tablename, const void *entry, |
| 89 | const struct xt_target *target, void *targinfo, | 89 | const struct xt_target *target, void *targinfo, |
| 90 | unsigned int hook_mask) | 90 | unsigned int hook_mask) |
| 91 | { | 91 | { |
| 92 | struct xt_connsecmark_target_info *info = targinfo; | 92 | struct xt_connsecmark_target_info *info = targinfo; |
| 93 | 93 | ||
| 94 | if (nf_ct_l3proto_try_module_get(target->family) < 0) { | 94 | if (nf_ct_l3proto_try_module_get(target->family) < 0) { |
| 95 | printk(KERN_WARNING "can't load conntrack support for " | 95 | printk(KERN_WARNING "can't load conntrack support for " |
| 96 | "proto=%d\n", target->family); | 96 | "proto=%d\n", target->family); |
| 97 | return 0; | 97 | return false; |
| 98 | } | 98 | } |
| 99 | switch (info->mode) { | 99 | switch (info->mode) { |
| 100 | case CONNSECMARK_SAVE: | 100 | case CONNSECMARK_SAVE: |
| @@ -103,10 +103,10 @@ static int checkentry(const char *tablename, const void *entry, | |||
| 103 | 103 | ||
| 104 | default: | 104 | default: |
| 105 | printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode); | 105 | printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode); |
| 106 | return 0; | 106 | return false; |
| 107 | } | 107 | } |
| 108 | 108 | ||
| 109 | return 1; | 109 | return true; |
| 110 | } | 110 | } |
| 111 | 111 | ||
| 112 | static void | 112 | static void |
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c index 9f2f2201f6ae..2d779f6902dc 100644 --- a/net/netfilter/xt_DSCP.c +++ b/net/netfilter/xt_DSCP.c | |||
| @@ -66,19 +66,19 @@ static unsigned int target6(struct sk_buff **pskb, | |||
| 66 | return XT_CONTINUE; | 66 | return XT_CONTINUE; |
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | static int checkentry(const char *tablename, | 69 | static bool checkentry(const char *tablename, |
| 70 | const void *e_void, | 70 | const void *e_void, |
| 71 | const struct xt_target *target, | 71 | const struct xt_target *target, |
| 72 | void *targinfo, | 72 | void *targinfo, |
| 73 | unsigned int hook_mask) | 73 | unsigned int hook_mask) |
| 74 | { | 74 | { |
| 75 | const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp; | 75 | const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp; |
| 76 | 76 | ||
| 77 | if ((dscp > XT_DSCP_MAX)) { | 77 | if ((dscp > XT_DSCP_MAX)) { |
| 78 | printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp); | 78 | printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp); |
| 79 | return 0; | 79 | return false; |
| 80 | } | 80 | } |
| 81 | return 1; | 81 | return true; |
| 82 | } | 82 | } |
| 83 | 83 | ||
| 84 | static struct xt_target xt_dscp_target[] = { | 84 | static struct xt_target xt_dscp_target[] = { |
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index 43817808d865..bd9cdf29cc3b 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c | |||
| @@ -65,7 +65,7 @@ target_v1(struct sk_buff **pskb, | |||
| 65 | } | 65 | } |
| 66 | 66 | ||
| 67 | 67 | ||
| 68 | static int | 68 | static bool |
| 69 | checkentry_v0(const char *tablename, | 69 | checkentry_v0(const char *tablename, |
| 70 | const void *entry, | 70 | const void *entry, |
| 71 | const struct xt_target *target, | 71 | const struct xt_target *target, |
| @@ -76,12 +76,12 @@ checkentry_v0(const char *tablename, | |||
| 76 | 76 | ||
| 77 | if (markinfo->mark > 0xffffffff) { | 77 | if (markinfo->mark > 0xffffffff) { |
| 78 | printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); | 78 | printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); |
| 79 | return 0; | 79 | return false; |
| 80 | } | 80 | } |
| 81 | return 1; | 81 | return true; |
| 82 | } | 82 | } |
| 83 | 83 | ||
| 84 | static int | 84 | static bool |
| 85 | checkentry_v1(const char *tablename, | 85 | checkentry_v1(const char *tablename, |
| 86 | const void *entry, | 86 | const void *entry, |
| 87 | const struct xt_target *target, | 87 | const struct xt_target *target, |
| @@ -95,13 +95,13 @@ checkentry_v1(const char *tablename, | |||
| 95 | && markinfo->mode != XT_MARK_OR) { | 95 | && markinfo->mode != XT_MARK_OR) { |
| 96 | printk(KERN_WARNING "MARK: unknown mode %u\n", | 96 | printk(KERN_WARNING "MARK: unknown mode %u\n", |
| 97 | markinfo->mode); | 97 | markinfo->mode); |
| 98 | return 0; | 98 | return false; |
| 99 | } | 99 | } |
| 100 | if (markinfo->mark > 0xffffffff) { | 100 | if (markinfo->mark > 0xffffffff) { |
| 101 | printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); | 101 | printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); |
| 102 | return 0; | 102 | return false; |
| 103 | } | 103 | } |
| 104 | return 1; | 104 | return true; |
| 105 | } | 105 | } |
| 106 | 106 | ||
| 107 | #ifdef CONFIG_COMPAT | 107 | #ifdef CONFIG_COMPAT |
diff --git a/net/netfilter/xt_NFLOG.c b/net/netfilter/xt_NFLOG.c index 901ed7abaa1b..0c6f2838cc98 100644 --- a/net/netfilter/xt_NFLOG.c +++ b/net/netfilter/xt_NFLOG.c | |||
| @@ -38,7 +38,7 @@ nflog_target(struct sk_buff **pskb, | |||
| 38 | return XT_CONTINUE; | 38 | return XT_CONTINUE; |
| 39 | } | 39 | } |
| 40 | 40 | ||
| 41 | static int | 41 | static bool |
| 42 | nflog_checkentry(const char *tablename, const void *entry, | 42 | nflog_checkentry(const char *tablename, const void *entry, |
| 43 | const struct xt_target *target, void *targetinfo, | 43 | const struct xt_target *target, void *targetinfo, |
| 44 | unsigned int hookmask) | 44 | unsigned int hookmask) |
| @@ -46,10 +46,10 @@ nflog_checkentry(const char *tablename, const void *entry, | |||
| 46 | struct xt_nflog_info *info = targetinfo; | 46 | struct xt_nflog_info *info = targetinfo; |
| 47 | 47 | ||
| 48 | if (info->flags & ~XT_NFLOG_MASK) | 48 | if (info->flags & ~XT_NFLOG_MASK) |
| 49 | return 0; | 49 | return false; |
| 50 | if (info->prefix[sizeof(info->prefix) - 1] != '\0') | 50 | if (info->prefix[sizeof(info->prefix) - 1] != '\0') |
| 51 | return 0; | 51 | return false; |
| 52 | return 1; | 52 | return true; |
| 53 | } | 53 | } |
| 54 | 54 | ||
| 55 | static struct xt_target xt_nflog_target[] = { | 55 | static struct xt_target xt_nflog_target[] = { |
diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index 705f0e830a79..f3e78c592f3a 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c | |||
| @@ -51,7 +51,7 @@ static unsigned int target(struct sk_buff **pskb, const struct net_device *in, | |||
| 51 | return XT_CONTINUE; | 51 | return XT_CONTINUE; |
| 52 | } | 52 | } |
| 53 | 53 | ||
| 54 | static int checkentry_selinux(struct xt_secmark_target_info *info) | 54 | static bool checkentry_selinux(struct xt_secmark_target_info *info) |
| 55 | { | 55 | { |
| 56 | int err; | 56 | int err; |
| 57 | struct xt_secmark_target_selinux_info *sel = &info->u.sel; | 57 | struct xt_secmark_target_selinux_info *sel = &info->u.sel; |
| @@ -63,50 +63,50 @@ static int checkentry_selinux(struct xt_secmark_target_info *info) | |||
| 63 | if (err == -EINVAL) | 63 | if (err == -EINVAL) |
| 64 | printk(KERN_INFO PFX "invalid SELinux context \'%s\'\n", | 64 | printk(KERN_INFO PFX "invalid SELinux context \'%s\'\n", |
| 65 | sel->selctx); | 65 | sel->selctx); |
| 66 | return 0; | 66 | return false; |
| 67 | } | 67 | } |
| 68 | 68 | ||
| 69 | if (!sel->selsid) { | 69 | if (!sel->selsid) { |
| 70 | printk(KERN_INFO PFX "unable to map SELinux context \'%s\'\n", | 70 | printk(KERN_INFO PFX "unable to map SELinux context \'%s\'\n", |
| 71 | sel->selctx); | 71 | sel->selctx); |
| 72 | return 0; | 72 | return false; |
| 73 | } | 73 | } |
| 74 | 74 | ||
| 75 | err = selinux_relabel_packet_permission(sel->selsid); | 75 | err = selinux_relabel_packet_permission(sel->selsid); |
| 76 | if (err) { | 76 | if (err) { |
| 77 | printk(KERN_INFO PFX "unable to obtain relabeling permission\n"); | 77 | printk(KERN_INFO PFX "unable to obtain relabeling permission\n"); |
| 78 | return 0; | 78 | return false; |
| 79 | } | 79 | } |
| 80 | 80 | ||
| 81 | return 1; | 81 | return true; |
| 82 | } | 82 | } |
| 83 | 83 | ||
| 84 | static int checkentry(const char *tablename, const void *entry, | 84 | static bool checkentry(const char *tablename, const void *entry, |
| 85 | const struct xt_target *target, void *targinfo, | 85 | const struct xt_target *target, void *targinfo, |
| 86 | unsigned int hook_mask) | 86 | unsigned int hook_mask) |
| 87 | { | 87 | { |
| 88 | struct xt_secmark_target_info *info = targinfo; | 88 | struct xt_secmark_target_info *info = targinfo; |
| 89 | 89 | ||
| 90 | if (mode && mode != info->mode) { | 90 | if (mode && mode != info->mode) { |
| 91 | printk(KERN_INFO PFX "mode already set to %hu cannot mix with " | 91 | printk(KERN_INFO PFX "mode already set to %hu cannot mix with " |
| 92 | "rules for mode %hu\n", mode, info->mode); | 92 | "rules for mode %hu\n", mode, info->mode); |
| 93 | return 0; | 93 | return false; |
| 94 | } | 94 | } |
| 95 | 95 | ||
| 96 | switch (info->mode) { | 96 | switch (info->mode) { |
| 97 | case SECMARK_MODE_SEL: | 97 | case SECMARK_MODE_SEL: |
| 98 | if (!checkentry_selinux(info)) | 98 | if (!checkentry_selinux(info)) |
| 99 | return 0; | 99 | return false; |
| 100 | break; | 100 | break; |
| 101 | 101 | ||
| 102 | default: | 102 | default: |
| 103 | printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode); | 103 | printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode); |
| 104 | return 0; | 104 | return false; |
| 105 | } | 105 | } |
| 106 | 106 | ||
| 107 | if (!mode) | 107 | if (!mode) |
| 108 | mode = info->mode; | 108 | mode = info->mode; |
| 109 | return 1; | 109 | return true; |
| 110 | } | 110 | } |
| 111 | 111 | ||
| 112 | static struct xt_target xt_secmark_target[] = { | 112 | static struct xt_target xt_secmark_target[] = { |
diff --git a/net/netfilter/xt_TCPMSS.c b/net/netfilter/xt_TCPMSS.c index 15fe8f649510..075051acb554 100644 --- a/net/netfilter/xt_TCPMSS.c +++ b/net/netfilter/xt_TCPMSS.c | |||
| @@ -197,19 +197,19 @@ xt_tcpmss_target6(struct sk_buff **pskb, | |||
| 197 | #define TH_SYN 0x02 | 197 | #define TH_SYN 0x02 |
| 198 | 198 | ||
| 199 | /* Must specify -p tcp --syn */ | 199 | /* Must specify -p tcp --syn */ |
| 200 | static inline int find_syn_match(const struct xt_entry_match *m) | 200 | static inline bool find_syn_match(const struct xt_entry_match *m) |
| 201 | { | 201 | { |
| 202 | const struct xt_tcp *tcpinfo = (const struct xt_tcp *)m->data; | 202 | const struct xt_tcp *tcpinfo = (const struct xt_tcp *)m->data; |
| 203 | 203 | ||
| 204 | if (strcmp(m->u.kernel.match->name, "tcp") == 0 && | 204 | if (strcmp(m->u.kernel.match->name, "tcp") == 0 && |
| 205 | tcpinfo->flg_cmp & TH_SYN && | 205 | tcpinfo->flg_cmp & TH_SYN && |
| 206 | !(tcpinfo->invflags & XT_TCP_INV_FLAGS)) | 206 | !(tcpinfo->invflags & XT_TCP_INV_FLAGS)) |
| 207 | return 1; | 207 | return true; |
| 208 | 208 | ||
| 209 | return 0; | 209 | return false; |
| 210 | } | 210 | } |
| 211 | 211 | ||
| 212 | static int | 212 | static bool |
| 213 | xt_tcpmss_checkentry4(const char *tablename, | 213 | xt_tcpmss_checkentry4(const char *tablename, |
| 214 | const void *entry, | 214 | const void *entry, |
| 215 | const struct xt_target *target, | 215 | const struct xt_target *target, |
| @@ -225,16 +225,16 @@ xt_tcpmss_checkentry4(const char *tablename, | |||
| 225 | (1 << NF_IP_POST_ROUTING))) != 0) { | 225 | (1 << NF_IP_POST_ROUTING))) != 0) { |
| 226 | printk("xt_TCPMSS: path-MTU clamping only supported in " | 226 | printk("xt_TCPMSS: path-MTU clamping only supported in " |
| 227 | "FORWARD, OUTPUT and POSTROUTING hooks\n"); | 227 | "FORWARD, OUTPUT and POSTROUTING hooks\n"); |
| 228 | return 0; | 228 | return false; |
| 229 | } | 229 | } |
| 230 | if (IPT_MATCH_ITERATE(e, find_syn_match)) | 230 | if (IPT_MATCH_ITERATE(e, find_syn_match)) |
| 231 | return 1; | 231 | return true; |
| 232 | printk("xt_TCPMSS: Only works on TCP SYN packets\n"); | 232 | printk("xt_TCPMSS: Only works on TCP SYN packets\n"); |
| 233 | return 0; | 233 | return false; |
| 234 | } | 234 | } |
| 235 | 235 | ||
| 236 | #if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE) | 236 | #if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE) |
| 237 | static int | 237 | static bool |
| 238 | xt_tcpmss_checkentry6(const char *tablename, | 238 | xt_tcpmss_checkentry6(const char *tablename, |
| 239 | const void *entry, | 239 | const void *entry, |
| 240 | const struct xt_target *target, | 240 | const struct xt_target *target, |
| @@ -250,12 +250,12 @@ xt_tcpmss_checkentry6(const char *tablename, | |||
| 250 | (1 << NF_IP6_POST_ROUTING))) != 0) { | 250 | (1 << NF_IP6_POST_ROUTING))) != 0) { |
| 251 | printk("xt_TCPMSS: path-MTU clamping only supported in " | 251 | printk("xt_TCPMSS: path-MTU clamping only supported in " |
| 252 | "FORWARD, OUTPUT and POSTROUTING hooks\n"); | 252 | "FORWARD, OUTPUT and POSTROUTING hooks\n"); |
| 253 | return 0; | 253 | return false; |
| 254 | } | 254 | } |
| 255 | if (IP6T_MATCH_ITERATE(e, find_syn_match)) | 255 | if (IP6T_MATCH_ITERATE(e, find_syn_match)) |
| 256 | return 1; | 256 | return true; |
| 257 | printk("xt_TCPMSS: Only works on TCP SYN packets\n"); | 257 | printk("xt_TCPMSS: Only works on TCP SYN packets\n"); |
| 258 | return 0; | 258 | return false; |
| 259 | } | 259 | } |
| 260 | #endif | 260 | #endif |
| 261 | 261 | ||