diff options
| author | David S. Miller <davem@davemloft.net> | 2010-02-24 21:23:37 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2010-02-24 21:23:37 -0500 |
| commit | 54831a83bfe656c4c54e287c734c6b0ccaa3719b (patch) | |
| tree | abd5bef16d1a6011f629a36d4e245a2ed4f3df3c /include/linux | |
| parent | fb977e2ca607a7e74946a1de798f474d1b80b9d6 (diff) | |
| parent | 0f234214d15fa914436d304ecf5c3e43449e79f9 (diff) | |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/netfilter/x_tables.h | 17 | ||||
| -rw-r--r-- | include/linux/netfilter_arp/arp_tables.h | 10 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv4/ip_tables.h | 15 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv6/ip6_tables.h | 14 |
4 files changed, 23 insertions, 33 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index a18119fb88f0..84c7c928e9eb 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
| @@ -120,6 +120,7 @@ struct xt_counters_info { | |||
| 120 | 120 | ||
| 121 | #define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ | 121 | #define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ |
| 122 | 122 | ||
| 123 | #ifndef __KERNEL__ | ||
| 123 | /* fn returns 0 to continue iteration */ | 124 | /* fn returns 0 to continue iteration */ |
| 124 | #define XT_MATCH_ITERATE(type, e, fn, args...) \ | 125 | #define XT_MATCH_ITERATE(type, e, fn, args...) \ |
| 125 | ({ \ | 126 | ({ \ |
| @@ -163,6 +164,22 @@ struct xt_counters_info { | |||
| 163 | #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ | 164 | #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ |
| 164 | XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) | 165 | XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) |
| 165 | 166 | ||
| 167 | #endif /* !__KERNEL__ */ | ||
| 168 | |||
| 169 | /* pos is normally a struct ipt_entry/ip6t_entry/etc. */ | ||
| 170 | #define xt_entry_foreach(pos, ehead, esize) \ | ||
| 171 | for ((pos) = (typeof(pos))(ehead); \ | ||
| 172 | (pos) < (typeof(pos))((char *)(ehead) + (esize)); \ | ||
| 173 | (pos) = (typeof(pos))((char *)(pos) + (pos)->next_offset)) | ||
| 174 | |||
| 175 | /* can only be xt_entry_match, so no use of typeof here */ | ||
| 176 | #define xt_ematch_foreach(pos, entry) \ | ||
| 177 | for ((pos) = (struct xt_entry_match *)entry->elems; \ | ||
| 178 | (pos) < (struct xt_entry_match *)((char *)(entry) + \ | ||
| 179 | (entry)->target_offset); \ | ||
| 180 | (pos) = (struct xt_entry_match *)((char *)(pos) + \ | ||
| 181 | (pos)->u.match_size)) | ||
| 182 | |||
| 166 | #ifdef __KERNEL__ | 183 | #ifdef __KERNEL__ |
| 167 | 184 | ||
| 168 | #include <linux/netdevice.h> | 185 | #include <linux/netdevice.h> |
diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h index 0b33980611b2..e9948c0560f6 100644 --- a/include/linux/netfilter_arp/arp_tables.h +++ b/include/linux/netfilter_arp/arp_tables.h | |||
| @@ -211,9 +211,11 @@ static __inline__ struct arpt_entry_target *arpt_get_target(struct arpt_entry *e | |||
| 211 | return (void *)e + e->target_offset; | 211 | return (void *)e + e->target_offset; |
| 212 | } | 212 | } |
| 213 | 213 | ||
| 214 | #ifndef __KERNEL__ | ||
| 214 | /* fn returns 0 to continue iteration */ | 215 | /* fn returns 0 to continue iteration */ |
| 215 | #define ARPT_ENTRY_ITERATE(entries, size, fn, args...) \ | 216 | #define ARPT_ENTRY_ITERATE(entries, size, fn, args...) \ |
| 216 | XT_ENTRY_ITERATE(struct arpt_entry, entries, size, fn, ## args) | 217 | XT_ENTRY_ITERATE(struct arpt_entry, entries, size, fn, ## args) |
| 218 | #endif | ||
| 217 | 219 | ||
| 218 | /* | 220 | /* |
| 219 | * Main firewall chains definitions and global var's definitions. | 221 | * Main firewall chains definitions and global var's definitions. |
| @@ -291,14 +293,6 @@ compat_arpt_get_target(struct compat_arpt_entry *e) | |||
| 291 | 293 | ||
| 292 | #define COMPAT_ARPT_ALIGN(s) COMPAT_XT_ALIGN(s) | 294 | #define COMPAT_ARPT_ALIGN(s) COMPAT_XT_ALIGN(s) |
| 293 | 295 | ||
| 294 | /* fn returns 0 to continue iteration */ | ||
| 295 | #define COMPAT_ARPT_ENTRY_ITERATE(entries, size, fn, args...) \ | ||
| 296 | XT_ENTRY_ITERATE(struct compat_arpt_entry, entries, size, fn, ## args) | ||
| 297 | |||
| 298 | #define COMPAT_ARPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ | ||
| 299 | XT_ENTRY_ITERATE_CONTINUE(struct compat_arpt_entry, entries, size, n, \ | ||
| 300 | fn, ## args) | ||
| 301 | |||
| 302 | #endif /* CONFIG_COMPAT */ | 296 | #endif /* CONFIG_COMPAT */ |
| 303 | #endif /*__KERNEL__*/ | 297 | #endif /*__KERNEL__*/ |
| 304 | #endif /* _ARPTABLES_H */ | 298 | #endif /* _ARPTABLES_H */ |
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 364973b42133..704a7b6e8169 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h | |||
| @@ -223,6 +223,7 @@ ipt_get_target(struct ipt_entry *e) | |||
| 223 | return (void *)e + e->target_offset; | 223 | return (void *)e + e->target_offset; |
| 224 | } | 224 | } |
| 225 | 225 | ||
| 226 | #ifndef __KERNEL__ | ||
| 226 | /* fn returns 0 to continue iteration */ | 227 | /* fn returns 0 to continue iteration */ |
| 227 | #define IPT_MATCH_ITERATE(e, fn, args...) \ | 228 | #define IPT_MATCH_ITERATE(e, fn, args...) \ |
| 228 | XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args) | 229 | XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args) |
| @@ -230,6 +231,7 @@ ipt_get_target(struct ipt_entry *e) | |||
| 230 | /* fn returns 0 to continue iteration */ | 231 | /* fn returns 0 to continue iteration */ |
| 231 | #define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ | 232 | #define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ |
| 232 | XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args) | 233 | XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args) |
| 234 | #endif | ||
| 233 | 235 | ||
| 234 | /* | 236 | /* |
| 235 | * Main firewall chains definitions and global var's definitions. | 237 | * Main firewall chains definitions and global var's definitions. |
| @@ -313,19 +315,6 @@ compat_ipt_get_target(struct compat_ipt_entry *e) | |||
| 313 | 315 | ||
| 314 | #define COMPAT_IPT_ALIGN(s) COMPAT_XT_ALIGN(s) | 316 | #define COMPAT_IPT_ALIGN(s) COMPAT_XT_ALIGN(s) |
| 315 | 317 | ||
| 316 | /* fn returns 0 to continue iteration */ | ||
| 317 | #define COMPAT_IPT_MATCH_ITERATE(e, fn, args...) \ | ||
| 318 | XT_MATCH_ITERATE(struct compat_ipt_entry, e, fn, ## args) | ||
| 319 | |||
| 320 | /* fn returns 0 to continue iteration */ | ||
| 321 | #define COMPAT_IPT_ENTRY_ITERATE(entries, size, fn, args...) \ | ||
| 322 | XT_ENTRY_ITERATE(struct compat_ipt_entry, entries, size, fn, ## args) | ||
| 323 | |||
| 324 | /* fn returns 0 to continue iteration */ | ||
| 325 | #define COMPAT_IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ | ||
| 326 | XT_ENTRY_ITERATE_CONTINUE(struct compat_ipt_entry, entries, size, n, \ | ||
| 327 | fn, ## args) | ||
| 328 | |||
| 329 | #endif /* CONFIG_COMPAT */ | 318 | #endif /* CONFIG_COMPAT */ |
| 330 | #endif /*__KERNEL__*/ | 319 | #endif /*__KERNEL__*/ |
| 331 | #endif /* _IPTABLES_H */ | 320 | #endif /* _IPTABLES_H */ |
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h index 8031eb486a10..e5ba03d783c6 100644 --- a/include/linux/netfilter_ipv6/ip6_tables.h +++ b/include/linux/netfilter_ipv6/ip6_tables.h | |||
| @@ -280,6 +280,7 @@ ip6t_get_target(struct ip6t_entry *e) | |||
| 280 | return (void *)e + e->target_offset; | 280 | return (void *)e + e->target_offset; |
| 281 | } | 281 | } |
| 282 | 282 | ||
| 283 | #ifndef __KERNEL__ | ||
| 283 | /* fn returns 0 to continue iteration */ | 284 | /* fn returns 0 to continue iteration */ |
| 284 | #define IP6T_MATCH_ITERATE(e, fn, args...) \ | 285 | #define IP6T_MATCH_ITERATE(e, fn, args...) \ |
| 285 | XT_MATCH_ITERATE(struct ip6t_entry, e, fn, ## args) | 286 | XT_MATCH_ITERATE(struct ip6t_entry, e, fn, ## args) |
| @@ -287,6 +288,7 @@ ip6t_get_target(struct ip6t_entry *e) | |||
| 287 | /* fn returns 0 to continue iteration */ | 288 | /* fn returns 0 to continue iteration */ |
| 288 | #define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \ | 289 | #define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \ |
| 289 | XT_ENTRY_ITERATE(struct ip6t_entry, entries, size, fn, ## args) | 290 | XT_ENTRY_ITERATE(struct ip6t_entry, entries, size, fn, ## args) |
| 291 | #endif | ||
| 290 | 292 | ||
| 291 | /* | 293 | /* |
| 292 | * Main firewall chains definitions and global var's definitions. | 294 | * Main firewall chains definitions and global var's definitions. |
| @@ -341,18 +343,6 @@ compat_ip6t_get_target(struct compat_ip6t_entry *e) | |||
| 341 | 343 | ||
| 342 | #define COMPAT_IP6T_ALIGN(s) COMPAT_XT_ALIGN(s) | 344 | #define COMPAT_IP6T_ALIGN(s) COMPAT_XT_ALIGN(s) |
| 343 | 345 | ||
| 344 | /* fn returns 0 to continue iteration */ | ||
| 345 | #define COMPAT_IP6T_MATCH_ITERATE(e, fn, args...) \ | ||
| 346 | XT_MATCH_ITERATE(struct compat_ip6t_entry, e, fn, ## args) | ||
| 347 | |||
| 348 | /* fn returns 0 to continue iteration */ | ||
| 349 | #define COMPAT_IP6T_ENTRY_ITERATE(entries, size, fn, args...) \ | ||
| 350 | XT_ENTRY_ITERATE(struct compat_ip6t_entry, entries, size, fn, ## args) | ||
| 351 | |||
| 352 | #define COMPAT_IP6T_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ | ||
| 353 | XT_ENTRY_ITERATE_CONTINUE(struct compat_ip6t_entry, entries, size, n, \ | ||
| 354 | fn, ## args) | ||
| 355 | |||
| 356 | #endif /* CONFIG_COMPAT */ | 346 | #endif /* CONFIG_COMPAT */ |
| 357 | #endif /*__KERNEL__*/ | 347 | #endif /*__KERNEL__*/ |
| 358 | #endif /* _IP6_TABLES_H */ | 348 | #endif /* _IP6_TABLES_H */ |