diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2009-07-09 13:14:18 -0400 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2010-05-02 08:13:03 -0400 |
commit | ef53d702c3614fb919e8a8291033e3dbccfd1aea (patch) | |
tree | d237976bdef0ab6a863e3a3b82d13d6c302b6178 | |
parent | c29c949288d343be0d5c4f3091bc87ac047e1a09 (diff) |
netfilter: xtables: dissolve do_match function
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 22 | ||||
-rw-r--r-- | net/ipv6/netfilter/ip6_tables.c | 22 |
2 files changed, 10 insertions, 34 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index f92818f76671..265cedf88660 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
@@ -173,21 +173,6 @@ ipt_error(struct sk_buff *skb, const struct xt_target_param *par) | |||
173 | return NF_DROP; | 173 | return NF_DROP; |
174 | } | 174 | } |
175 | 175 | ||
176 | /* Performance critical - called for every packet */ | ||
177 | static inline bool | ||
178 | do_match(const struct ipt_entry_match *m, const struct sk_buff *skb, | ||
179 | struct xt_match_param *par) | ||
180 | { | ||
181 | par->match = m->u.kernel.match; | ||
182 | par->matchinfo = m->data; | ||
183 | |||
184 | /* Stop iteration if it doesn't match */ | ||
185 | if (!m->u.kernel.match->match(skb, par)) | ||
186 | return true; | ||
187 | else | ||
188 | return false; | ||
189 | } | ||
190 | |||
191 | /* Performance critical */ | 176 | /* Performance critical */ |
192 | static inline struct ipt_entry * | 177 | static inline struct ipt_entry * |
193 | get_entry(const void *base, unsigned int offset) | 178 | get_entry(const void *base, unsigned int offset) |
@@ -379,9 +364,12 @@ ipt_do_table(struct sk_buff *skb, | |||
379 | continue; | 364 | continue; |
380 | } | 365 | } |
381 | 366 | ||
382 | xt_ematch_foreach(ematch, e) | 367 | xt_ematch_foreach(ematch, e) { |
383 | if (do_match(ematch, skb, &mtpar) != 0) | 368 | mtpar.match = ematch->u.kernel.match; |
369 | mtpar.matchinfo = ematch->data; | ||
370 | if (!mtpar.match->match(skb, &mtpar)) | ||
384 | goto no_match; | 371 | goto no_match; |
372 | } | ||
385 | 373 | ||
386 | ADD_COUNTER(e->counters, ntohs(ip->tot_len), 1); | 374 | ADD_COUNTER(e->counters, ntohs(ip->tot_len), 1); |
387 | 375 | ||
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 7afa11773164..f8ac4a0b5899 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
@@ -205,21 +205,6 @@ ip6t_error(struct sk_buff *skb, const struct xt_target_param *par) | |||
205 | return NF_DROP; | 205 | return NF_DROP; |
206 | } | 206 | } |
207 | 207 | ||
208 | /* Performance critical - called for every packet */ | ||
209 | static inline bool | ||
210 | do_match(const struct ip6t_entry_match *m, const struct sk_buff *skb, | ||
211 | struct xt_match_param *par) | ||
212 | { | ||
213 | par->match = m->u.kernel.match; | ||
214 | par->matchinfo = m->data; | ||
215 | |||
216 | /* Stop iteration if it doesn't match */ | ||
217 | if (!m->u.kernel.match->match(skb, par)) | ||
218 | return true; | ||
219 | else | ||
220 | return false; | ||
221 | } | ||
222 | |||
223 | static inline struct ip6t_entry * | 208 | static inline struct ip6t_entry * |
224 | get_entry(const void *base, unsigned int offset) | 209 | get_entry(const void *base, unsigned int offset) |
225 | { | 210 | { |
@@ -402,9 +387,12 @@ ip6t_do_table(struct sk_buff *skb, | |||
402 | continue; | 387 | continue; |
403 | } | 388 | } |
404 | 389 | ||
405 | xt_ematch_foreach(ematch, e) | 390 | xt_ematch_foreach(ematch, e) { |
406 | if (do_match(ematch, skb, &mtpar) != 0) | 391 | mtpar.match = ematch->u.kernel.match; |
392 | mtpar.matchinfo = ematch->data; | ||
393 | if (!mtpar.match->match(skb, &mtpar)) | ||
407 | goto no_match; | 394 | goto no_match; |
395 | } | ||
408 | 396 | ||
409 | ADD_COUNTER(e->counters, | 397 | ADD_COUNTER(e->counters, |
410 | ntohs(ipv6_hdr(skb)->payload_len) + | 398 | ntohs(ipv6_hdr(skb)->payload_len) + |