diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2008-10-08 05:35:18 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 05:35:18 -0400 |
| commit | f7108a20dee44e5bb037f9e48f6a207b42e6ae1c (patch) | |
| tree | bfc741548cdf416a59a89d89a20ba2cbdc8e988e /include | |
| parent | c2df73de246ae75705af8ceed4f385b261dea108 (diff) | |
netfilter: xtables: move extension arguments into compound structure (1/6)
The function signatures for Xtables extensions have grown over time.
It involves a lot of typing/replication, and also a bit of stack space
even if they are not used. Realize an NFWS2008 idea and pack them into
structs. The skb remains outside of the struct so gcc can continue to
apply its optimizations.
This patch does this for match extensions' match functions.
A few ambiguities have also been addressed. The "offset" parameter for
example has been renamed to "fragoff" (there are so many different
offsets already) and "protoff" to "thoff" (there is more than just one
protocol here, so clarify).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/netfilter/x_tables.h | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 85aa42785a5e..bcd40ec83257 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
| @@ -173,6 +173,26 @@ struct xt_counters_info | |||
| 173 | 173 | ||
| 174 | #include <linux/netdevice.h> | 174 | #include <linux/netdevice.h> |
| 175 | 175 | ||
| 176 | /** | ||
| 177 | * struct xt_match_param - parameters for match extensions' match functions | ||
| 178 | * | ||
| 179 | * @in: input netdevice | ||
| 180 | * @out: output netdevice | ||
| 181 | * @match: struct xt_match through which this function was invoked | ||
| 182 | * @matchinfo: per-match data | ||
| 183 | * @fragoff: packet is a fragment, this is the data offset | ||
| 184 | * @thoff: position of transport header relative to skb->data | ||
| 185 | * @hotdrop: drop packet if we had inspection problems | ||
| 186 | */ | ||
| 187 | struct xt_match_param { | ||
| 188 | const struct net_device *in, *out; | ||
| 189 | const struct xt_match *match; | ||
| 190 | const void *matchinfo; | ||
| 191 | int fragoff; | ||
| 192 | unsigned int thoff; | ||
| 193 | bool *hotdrop; | ||
| 194 | }; | ||
| 195 | |||
| 176 | struct xt_match | 196 | struct xt_match |
| 177 | { | 197 | { |
| 178 | struct list_head list; | 198 | struct list_head list; |
| @@ -185,13 +205,7 @@ struct xt_match | |||
| 185 | non-linear skb, using skb_header_pointer and | 205 | non-linear skb, using skb_header_pointer and |
| 186 | skb_ip_make_writable. */ | 206 | skb_ip_make_writable. */ |
| 187 | bool (*match)(const struct sk_buff *skb, | 207 | bool (*match)(const struct sk_buff *skb, |
| 188 | const struct net_device *in, | 208 | const struct xt_match_param *); |
| 189 | const struct net_device *out, | ||
| 190 | const struct xt_match *match, | ||
| 191 | const void *matchinfo, | ||
| 192 | int offset, | ||
| 193 | unsigned int protoff, | ||
| 194 | bool *hotdrop); | ||
| 195 | 209 | ||
| 196 | /* Called when user tries to insert an entry of this type. */ | 210 | /* Called when user tries to insert an entry of this type. */ |
| 197 | /* Should return true or false. */ | 211 | /* Should return true or false. */ |