diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2008-10-08 05:35:20 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 05:35:20 -0400 |
| commit | 916a917dfec18535ff9e2afdafba82e6279eb4f4 (patch) | |
| tree | ebd2e944684f3f1a9c184e3e69d06d1465ed2f69 /net/bridge | |
| parent | a2df1648ba615dd5908e9a1fa7b2f133fa302487 (diff) | |
netfilter: xtables: provide invoked family value to extensions
By passing in the family through which extensions were invoked, a bit
of data space can be reclaimed. The "family" member will be added to
the parameter structures and the check functions be adjusted.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/bridge')
| -rw-r--r-- | net/bridge/netfilter/ebtables.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 29d8061fa153..5bb88eb0aad4 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c | |||
| @@ -160,6 +160,7 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb, | |||
| 160 | struct xt_match_param mtpar; | 160 | struct xt_match_param mtpar; |
| 161 | struct xt_target_param tgpar; | 161 | struct xt_target_param tgpar; |
| 162 | 162 | ||
| 163 | mtpar.family = tgpar.family = NFPROTO_BRIDGE; | ||
| 163 | mtpar.in = tgpar.in = in; | 164 | mtpar.in = tgpar.in = in; |
| 164 | mtpar.out = tgpar.out = out; | 165 | mtpar.out = tgpar.out = out; |
| 165 | mtpar.hotdrop = &hotdrop; | 166 | mtpar.hotdrop = &hotdrop; |
| @@ -351,7 +352,7 @@ ebt_check_match(struct ebt_entry_match *m, struct xt_mtchk_param *par, | |||
| 351 | 352 | ||
| 352 | par->match = match; | 353 | par->match = match; |
| 353 | par->matchinfo = m->data; | 354 | par->matchinfo = m->data; |
| 354 | ret = xt_check_match(par, NFPROTO_BRIDGE, m->match_size, | 355 | ret = xt_check_match(par, m->match_size, |
| 355 | e->ethproto, e->invflags & EBT_IPROTO); | 356 | e->ethproto, e->invflags & EBT_IPROTO); |
| 356 | if (ret < 0) { | 357 | if (ret < 0) { |
| 357 | module_put(match->me); | 358 | module_put(match->me); |
| @@ -386,7 +387,7 @@ ebt_check_watcher(struct ebt_entry_watcher *w, struct xt_tgchk_param *par, | |||
| 386 | 387 | ||
| 387 | par->target = watcher; | 388 | par->target = watcher; |
| 388 | par->targinfo = w->data; | 389 | par->targinfo = w->data; |
| 389 | ret = xt_check_target(par, NFPROTO_BRIDGE, w->watcher_size, | 390 | ret = xt_check_target(par, w->watcher_size, |
| 390 | e->ethproto, e->invflags & EBT_IPROTO); | 391 | e->ethproto, e->invflags & EBT_IPROTO); |
| 391 | if (ret < 0) { | 392 | if (ret < 0) { |
| 392 | module_put(watcher->me); | 393 | module_put(watcher->me); |
| @@ -572,6 +573,7 @@ ebt_cleanup_match(struct ebt_entry_match *m, unsigned int *i) | |||
| 572 | 573 | ||
| 573 | par.match = m->u.match; | 574 | par.match = m->u.match; |
| 574 | par.matchinfo = m->data; | 575 | par.matchinfo = m->data; |
| 576 | par.family = NFPROTO_BRIDGE; | ||
| 575 | if (par.match->destroy != NULL) | 577 | if (par.match->destroy != NULL) |
| 576 | par.match->destroy(&par); | 578 | par.match->destroy(&par); |
| 577 | module_put(par.match->me); | 579 | module_put(par.match->me); |
| @@ -588,6 +590,7 @@ ebt_cleanup_watcher(struct ebt_entry_watcher *w, unsigned int *i) | |||
| 588 | 590 | ||
| 589 | par.target = w->u.watcher; | 591 | par.target = w->u.watcher; |
| 590 | par.targinfo = w->data; | 592 | par.targinfo = w->data; |
| 593 | par.family = NFPROTO_BRIDGE; | ||
| 591 | if (par.target->destroy != NULL) | 594 | if (par.target->destroy != NULL) |
| 592 | par.target->destroy(&par); | 595 | par.target->destroy(&par); |
| 593 | module_put(par.target->me); | 596 | module_put(par.target->me); |
| @@ -611,6 +614,7 @@ ebt_cleanup_entry(struct ebt_entry *e, unsigned int *cnt) | |||
| 611 | 614 | ||
| 612 | par.target = t->u.target; | 615 | par.target = t->u.target; |
| 613 | par.targinfo = t->data; | 616 | par.targinfo = t->data; |
| 617 | par.family = NFPROTO_BRIDGE; | ||
| 614 | if (par.target->destroy != NULL) | 618 | if (par.target->destroy != NULL) |
| 615 | par.target->destroy(&par); | 619 | par.target->destroy(&par); |
| 616 | module_put(par.target->me); | 620 | module_put(par.target->me); |
| @@ -673,6 +677,7 @@ ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo, | |||
| 673 | mtpar.table = tgpar.table = name; | 677 | mtpar.table = tgpar.table = name; |
| 674 | mtpar.entryinfo = tgpar.entryinfo = e; | 678 | mtpar.entryinfo = tgpar.entryinfo = e; |
| 675 | mtpar.hook_mask = tgpar.hook_mask = hookmask; | 679 | mtpar.hook_mask = tgpar.hook_mask = hookmask; |
| 680 | mtpar.family = tgpar.family = NFPROTO_BRIDGE; | ||
| 676 | ret = EBT_MATCH_ITERATE(e, ebt_check_match, &mtpar, &i); | 681 | ret = EBT_MATCH_ITERATE(e, ebt_check_match, &mtpar, &i); |
| 677 | if (ret != 0) | 682 | if (ret != 0) |
| 678 | goto cleanup_matches; | 683 | goto cleanup_matches; |
| @@ -715,7 +720,7 @@ ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo, | |||
| 715 | 720 | ||
| 716 | tgpar.target = target; | 721 | tgpar.target = target; |
| 717 | tgpar.targinfo = t->data; | 722 | tgpar.targinfo = t->data; |
| 718 | ret = xt_check_target(&tgpar, NFPROTO_BRIDGE, t->target_size, | 723 | ret = xt_check_target(&tgpar, t->target_size, |
| 719 | e->ethproto, e->invflags & EBT_IPROTO); | 724 | e->ethproto, e->invflags & EBT_IPROTO); |
| 720 | if (ret < 0) { | 725 | if (ret < 0) { |
| 721 | module_put(target->me); | 726 | module_put(target->me); |