aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-12-18 00:46:59 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:58:29 -0500
commit89c002d66aafab93814b38d8dae43fa50aec390a (patch)
treecb6bcd4e8d4bd95217ab3c1adf71c92d1f211ef1 /include
parent8956695131b8a7878891667469899d667eb5892b (diff)
[NETFILTER]: {ip,ip6,arp}_tables: consolidate iterator macros
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter/x_tables.h43
-rw-r--r--include/linux/netfilter_arp/arp_tables.h17
-rw-r--r--include/linux/netfilter_ipv4/ip_tables.h55
-rw-r--r--include/linux/netfilter_ipv6/ip6_tables.h36
4 files changed, 55 insertions, 96 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 616e6f4ede59..8ab754e14ec0 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -126,6 +126,49 @@ struct xt_counters_info
126 126
127#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 127#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */
128 128
129/* fn returns 0 to continue iteration */
130#define XT_MATCH_ITERATE(type, e, fn, args...) \
131({ \
132 unsigned int __i; \
133 int __ret = 0; \
134 struct xt_entry_match *__m; \
135 \
136 for (__i = sizeof(type); \
137 __i < (e)->target_offset; \
138 __i += __m->u.match_size) { \
139 __m = (void *)e + __i; \
140 \
141 __ret = fn(__m , ## args); \
142 if (__ret != 0) \
143 break; \
144 } \
145 __ret; \
146})
147
148/* fn returns 0 to continue iteration */
149#define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \
150({ \
151 unsigned int __i, __n; \
152 int __ret = 0; \
153 type *__entry; \
154 \
155 for (__i = 0, __n = 0; __i < (size); \
156 __i += __entry->next_offset, __n++) { \
157 __entry = (void *)(entries) + __i; \
158 if (__n < n) \
159 continue; \
160 \
161 __ret = fn(__entry , ## args); \
162 if (__ret != 0) \
163 break; \
164 } \
165 __ret; \
166})
167
168/* fn returns 0 to continue iteration */
169#define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \
170 XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args)
171
129#ifdef __KERNEL__ 172#ifdef __KERNEL__
130 173
131#include <linux/netdevice.h> 174#include <linux/netdevice.h>
diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h
index 2fc73fa8e37f..e44811b9be6c 100644
--- a/include/linux/netfilter_arp/arp_tables.h
+++ b/include/linux/netfilter_arp/arp_tables.h
@@ -217,21 +217,8 @@ static __inline__ struct arpt_entry_target *arpt_get_target(struct arpt_entry *e
217} 217}
218 218
219/* fn returns 0 to continue iteration */ 219/* fn returns 0 to continue iteration */
220#define ARPT_ENTRY_ITERATE(entries, size, fn, args...) \ 220#define ARPT_ENTRY_ITERATE(entries, size, fn, args...) \
221({ \ 221 XT_ENTRY_ITERATE(struct arpt_entry, entries, size, fn, ## args)
222 unsigned int __i; \
223 int __ret = 0; \
224 struct arpt_entry *__entry; \
225 \
226 for (__i = 0; __i < (size); __i += __entry->next_offset) { \
227 __entry = (void *)(entries) + __i; \
228 \
229 __ret = fn(__entry , ## args); \
230 if (__ret != 0) \
231 break; \
232 } \
233 __ret; \
234})
235 222
236/* 223/*
237 * Main firewall chains definitions and global var's definitions. 224 * Main firewall chains definitions and global var's definitions.
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h
index 54da61603eff..1e0cfca7f354 100644
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -229,60 +229,17 @@ ipt_get_target(struct ipt_entry *e)
229} 229}
230 230
231/* fn returns 0 to continue iteration */ 231/* fn returns 0 to continue iteration */
232#define IPT_MATCH_ITERATE(e, fn, args...) \ 232#define IPT_MATCH_ITERATE(e, fn, args...) \
233({ \ 233 XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args)
234 unsigned int __i; \
235 int __ret = 0; \
236 struct ipt_entry_match *__match; \
237 \
238 for (__i = sizeof(struct ipt_entry); \
239 __i < (e)->target_offset; \
240 __i += __match->u.match_size) { \
241 __match = (void *)(e) + __i; \
242 \
243 __ret = fn(__match , ## args); \
244 if (__ret != 0) \
245 break; \
246 } \
247 __ret; \
248})
249 234
250/* fn returns 0 to continue iteration */ 235/* fn returns 0 to continue iteration */
251#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ 236#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \
252({ \ 237 XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args)
253 unsigned int __i; \
254 int __ret = 0; \
255 struct ipt_entry *__entry; \
256 \
257 for (__i = 0; __i < (size); __i += __entry->next_offset) { \
258 __entry = (void *)(entries) + __i; \
259 \
260 __ret = fn(__entry , ## args); \
261 if (__ret != 0) \
262 break; \
263 } \
264 __ret; \
265})
266 238
267/* fn returns 0 to continue iteration */ 239/* fn returns 0 to continue iteration */
268#define IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ 240#define IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \
269({ \ 241 XT_ENTRY_ITERATE_CONTINUE(struct ipt_entry, entries, size, n, fn, \
270 unsigned int __i, __n; \ 242 ## args)
271 int __ret = 0; \
272 struct ipt_entry *__entry; \
273 \
274 for (__i = 0, __n = 0; __i < (size); \
275 __i += __entry->next_offset, __n++) { \
276 __entry = (void *)(entries) + __i; \
277 if (__n < n) \
278 continue; \
279 \
280 __ret = fn(__entry , ## args); \
281 if (__ret != 0) \
282 break; \
283 } \
284 __ret; \
285})
286 243
287/* 244/*
288 * Main firewall chains definitions and global var's definitions. 245 * Main firewall chains definitions and global var's definitions.
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h
index 2e98654188b3..8257b52015f3 100644
--- a/include/linux/netfilter_ipv6/ip6_tables.h
+++ b/include/linux/netfilter_ipv6/ip6_tables.h
@@ -289,40 +289,12 @@ ip6t_get_target(struct ip6t_entry *e)
289} 289}
290 290
291/* fn returns 0 to continue iteration */ 291/* fn returns 0 to continue iteration */
292#define IP6T_MATCH_ITERATE(e, fn, args...) \ 292#define IP6T_MATCH_ITERATE(e, fn, args...) \
293({ \ 293 XT_MATCH_ITERATE(struct ip6t_entry, e, fn, ## args)
294 unsigned int __i; \
295 int __ret = 0; \
296 struct ip6t_entry_match *__m; \
297 \
298 for (__i = sizeof(struct ip6t_entry); \
299 __i < (e)->target_offset; \
300 __i += __m->u.match_size) { \
301 __m = (void *)(e) + __i; \
302 \
303 __ret = fn(__m , ## args); \
304 if (__ret != 0) \
305 break; \
306 } \
307 __ret; \
308})
309 294
310/* fn returns 0 to continue iteration */ 295/* fn returns 0 to continue iteration */
311#define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \ 296#define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \
312({ \ 297 XT_ENTRY_ITERATE(struct ip6t_entry, entries, size, fn, ## args)
313 unsigned int __i; \
314 int __ret = 0; \
315 struct ip6t_entry *__e; \
316 \
317 for (__i = 0; __i < (size); __i += __e->next_offset) { \
318 __e = (void *)(entries) + __i; \
319 \
320 __ret = fn(__e , ## args); \
321 if (__ret != 0) \
322 break; \
323 } \
324 __ret; \
325})
326 298
327/* 299/*
328 * Main firewall chains definitions and global var's definitions. 300 * Main firewall chains definitions and global var's definitions.
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-25 14:01:25 -0500