[NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions

Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2006-03-20 21:02:56 -0500
committer: David S. Miller <davem@davemloft.net> 2006-03-20 21:02:56 -0500
commit: c49867347404c46f137a261643ed4fce4376f324 (patch)
tree: 0b561e2eae19b0073435a4a73df671eae878c30a /net/ipv4
parent: 1c524830d0b39472f0278989bf1119750a5e234d (diff)
30 files changed, 81 insertions, 22 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 87b3b7920101..9423bd0f070a 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -208,6 +208,7 @@ static unsigned int arpt_error(struct sk_buff **pskb,
                               const struct net_device *in,
                               const struct net_device *out,
                               unsigned int hooknum,
+                               const struct xt_target *target,
                               const void *targinfo,
                               void *userinfo)
 {
diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c
index 4715cf5b06c9..0f2a95350e26 100644
--- a/net/ipv4/netfilter/arpt_mangle.c
+++ b/net/ipv4/netfilter/arpt_mangle.c
@@ -8,9 +8,10 @@ MODULE_AUTHOR("Bart De Schuymer <bdschuym@pandora.be>");
 MODULE_DESCRIPTION("arptables arp payload mangle target");
 static unsigned int
-target(struct sk_buff **pskb, const struct net_device *in,
+target(struct sk_buff **pskb,
-   const struct net_device *out, unsigned int hooknum, const void *targinfo,
+       const struct net_device *in, const struct net_device *out,
-   void *userinfo)
+       unsigned int hooknum, const struct xt_target *target,
+       const void *targinfo, void *userinfo)
 {
        const struct arpt_mangle *mangle = targinfo;
        struct arphdr *arp;
@@ -65,8 +66,8 @@ target(struct sk_buff **pskb, const struct net_device *in,
 }
 static int
-checkentry(const char *tablename, const void *e, void *targinfo,
+checkentry(const char *tablename, const void *e, const struct xt_target *target,
-   unsigned int targinfosize, unsigned int hook_mask)
+           void *targinfo, unsigned int targinfosize, unsigned int hook_mask)
 {
        const struct arpt_mangle *mangle = targinfo;
diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c
index ef4be3d50553..efba8c4e42e0 100644
--- a/net/ipv4/netfilter/ip_nat_rule.c
+++ b/net/ipv4/netfilter/ip_nat_rule.c
@@ -103,6 +103,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb,
                                    const struct net_device *in,
                                    const struct net_device *out,
                                    unsigned int hooknum,
+                                    const struct ipt_target *target,
                                    const void *targinfo,
                                    void *userinfo)
 {
@@ -145,6 +146,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb,
                                    const struct net_device *in,
                                    const struct net_device *out,
                                    unsigned int hooknum,
+                                    const struct ipt_target *target,
                                    const void *targinfo,
                                    void *userinfo)
 {
@@ -170,6 +172,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb,
 static int ipt_snat_checkentry(const char *tablename,
                               const void *entry,
+                               const struct ipt_target *target,
                               void *targinfo,
                               unsigned int targinfosize,
                               unsigned int hook_mask)
@@ -186,6 +189,7 @@ static int ipt_snat_checkentry(const char *tablename,
 static int ipt_dnat_checkentry(const char *tablename,
                               const void *entry,
+                               const struct ipt_target *target,
                               void *targinfo,
                               unsigned int targinfosize,
                               unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 2381a4aa71d0..cf5b9db05371 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -179,6 +179,7 @@ ipt_error(struct sk_buff **pskb,
          const struct net_device *in,
          const struct net_device *out,
          unsigned int hooknum,
+          const struct xt_target *target,
          const void *targinfo,
          void *userinfo)
 {
@@ -1285,6 +1286,7 @@ static int
 icmp_match(const struct sk_buff *skb,
           const struct net_device *in,
           const struct net_device *out,
+           const struct xt_match *match,
           const void *matchinfo,
           int offset,
           unsigned int protoff,
@@ -1318,6 +1320,7 @@ icmp_match(const struct sk_buff *skb,
 static int
 icmp_checkentry(const char *tablename,
           const void *info,
+           const struct xt_match *match,
           void *matchinfo,
           unsigned int matchsize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index 24f88dd5d8f9..61e11edcd6af 100644
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -311,6 +311,7 @@ target(struct sk_buff **pskb,
       const struct net_device *in,
       const struct net_device *out,
       unsigned int hooknum,
+       const struct xt_target *target,
       const void *targinfo,
       void *userinfo)
 {
@@ -380,6 +381,7 @@ target(struct sk_buff **pskb,
 static int
 checkentry(const char *tablename,
           const void *e_void,
+           const struct xt_target *target,
           void *targinfo,
           unsigned int targinfosize,
           unsigned int hook_mask)
@@ -458,9 +460,10 @@ checkentry(const char *tablename,
 }
 /* drop reference count of cluster config when rule is deleted */
-static void destroy(void *matchinfo, unsigned int matchinfosize)
+static void destroy(const struct xt_target *target, void *targinfo,
+                    unsigned int targinfosize)
 {
-        struct ipt_clusterip_tgt_info *cipinfo = matchinfo;
+        struct ipt_clusterip_tgt_info *cipinfo = targinfo;
        /* if no more entries are referencing the config, remove it
         * from the list and destroy the proc entry */
diff --git a/net/ipv4/netfilter/ipt_DSCP.c b/net/ipv4/netfilter/ipt_DSCP.c
index a202467e4a88..cfb0b90e598a 100644
--- a/net/ipv4/netfilter/ipt_DSCP.c
+++ b/net/ipv4/netfilter/ipt_DSCP.c
@@ -29,6 +29,7 @@ target(struct sk_buff **pskb,
       const struct net_device *in,
       const struct net_device *out,
       unsigned int hooknum,
+       const struct xt_target *target,
       const void *targinfo,
       void *userinfo)
 {
@@ -58,6 +59,7 @@ target(struct sk_buff **pskb,
 static int
 checkentry(const char *tablename,
           const void *e_void,
+           const struct xt_target *target,
           void *targinfo,
           unsigned int targinfosize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c
index 1bf1a4063b6f..b9b80f90c84e 100644
--- a/net/ipv4/netfilter/ipt_ECN.c
+++ b/net/ipv4/netfilter/ipt_ECN.c
@@ -94,6 +94,7 @@ target(struct sk_buff **pskb,
       const struct net_device *in,
       const struct net_device *out,
       unsigned int hooknum,
+       const struct xt_target *target,
       const void *targinfo,
       void *userinfo)
 {
@@ -114,6 +115,7 @@ target(struct sk_buff **pskb,
 static int
 checkentry(const char *tablename,
           const void *e_void,
+           const struct xt_target *target,
           void *targinfo,
           unsigned int targinfosize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c
index f2c7a9343656..750d3221b280 100644
--- a/net/ipv4/netfilter/ipt_LOG.c
+++ b/net/ipv4/netfilter/ipt_LOG.c
@@ -415,6 +415,7 @@ ipt_log_target(struct sk_buff **pskb,
               const struct net_device *in,
               const struct net_device *out,
               unsigned int hooknum,
+               const struct xt_target *target,
               const void *targinfo,
               void *userinfo)
 {
@@ -437,6 +438,7 @@ ipt_log_target(struct sk_buff **pskb,
 static int ipt_log_checkentry(const char *tablename,
                              const void *e,
+                              const struct xt_target *target,
                              void *targinfo,
                              unsigned int targinfosize,
                              unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
index df5ea08f1a15..e0c321c3bae5 100644
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -41,6 +41,7 @@ static DEFINE_RWLOCK(masq_lock);
 static int
 masquerade_check(const char *tablename,
                 const void *e,
+                 const struct xt_target *target,
                 void *targinfo,
                 unsigned int targinfosize,
                 unsigned int hook_mask)
@@ -63,6 +64,7 @@ masquerade_target(struct sk_buff **pskb,
                  const struct net_device *in,
                  const struct net_device *out,
                  unsigned int hooknum,
+                  const struct xt_target *target,
                  const void *targinfo,
                  void *userinfo)
 {
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c
index 836d67e66391..fba181c2a426 100644
--- a/net/ipv4/netfilter/ipt_NETMAP.c
+++ b/net/ipv4/netfilter/ipt_NETMAP.c
@@ -32,6 +32,7 @@ MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");
 static int
 check(const char *tablename,
      const void *e,
+      const struct xt_target *target,
      void *targinfo,
      unsigned int targinfosize,
      unsigned int hook_mask)
@@ -54,6 +55,7 @@ target(struct sk_buff **pskb,
       const struct net_device *in,
       const struct net_device *out,
       unsigned int hooknum,
+       const struct xt_target *target,
       const void *targinfo,
       void *userinfo)
 {
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c
index cc165e09d0b8..be3da7c4b871 100644
--- a/net/ipv4/netfilter/ipt_REDIRECT.c
+++ b/net/ipv4/netfilter/ipt_REDIRECT.c
@@ -34,6 +34,7 @@ MODULE_DESCRIPTION("iptables REDIRECT target module");
 static int
 redirect_check(const char *tablename,
               const void *e,
+               const struct xt_target *target,
               void *targinfo,
               unsigned int targinfosize,
               unsigned int hook_mask)
@@ -56,6 +57,7 @@ redirect_target(struct sk_buff **pskb,
                const struct net_device *in,
                const struct net_device *out,
                unsigned int hooknum,
+                const struct xt_target *target,
                const void *targinfo,
                void *userinfo)
 {
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c
index ddd6bd1b9776..26ea6c19f5bd 100644
--- a/net/ipv4/netfilter/ipt_REJECT.c
+++ b/net/ipv4/netfilter/ipt_REJECT.c
@@ -236,6 +236,7 @@ static unsigned int reject(struct sk_buff **pskb,
                           const struct net_device *in,
                           const struct net_device *out,
                           unsigned int hooknum,
+                           const struct xt_target *target,
                           const void *targinfo,
                           void *userinfo)
 {
@@ -283,6 +284,7 @@ static unsigned int reject(struct sk_buff **pskb,
 static int check(const char *tablename,
                 const void *e_void,
+                 const struct xt_target *target,
                 void *targinfo,
                 unsigned int targinfosize,
                 unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c
index 8743c3a70157..7e2ebc9d945e 100644
--- a/net/ipv4/netfilter/ipt_SAME.c
+++ b/net/ipv4/netfilter/ipt_SAME.c
@@ -50,6 +50,7 @@ MODULE_DESCRIPTION("iptables special SNAT module for consistent sourceip");
 static int
 same_check(const char *tablename,
              const void *e,
+              const struct xt_target *target,
              void *targinfo,
              unsigned int targinfosize,
              unsigned int hook_mask)
@@ -115,7 +116,7 @@ same_check(const char *tablename,
 }
 static void 
-same_destroy(void *targinfo,
+same_destroy(const struct xt_target *target, void *targinfo,
                unsigned int targinfosize)
 {
        struct ipt_same_info *mr = targinfo;
@@ -131,6 +132,7 @@ same_target(struct sk_buff **pskb,
                const struct net_device *in,
                const struct net_device *out,
                unsigned int hooknum,
+                const struct xt_target *target,
                const void *targinfo,
                void *userinfo)
 {
diff --git a/net/ipv4/netfilter/ipt_TCPMSS.c b/net/ipv4/netfilter/ipt_TCPMSS.c
index 4be6e2bf26d2..c4fc50ec2ddb 100644
--- a/net/ipv4/netfilter/ipt_TCPMSS.c
+++ b/net/ipv4/netfilter/ipt_TCPMSS.c
@@ -48,6 +48,7 @@ ipt_tcpmss_target(struct sk_buff **pskb,
                  const struct net_device *in,
                  const struct net_device *out,
                  unsigned int hooknum,
+                  const struct xt_target *target,
                  const void *targinfo,
                  void *userinfo)
 {
@@ -211,6 +212,7 @@ static inline int find_syn_match(const struct ipt_entry_match *m)
 static int
 ipt_tcpmss_checkentry(const char *tablename,
                      const void *e_void,
+                      const struct xt_target *target,
                      void *targinfo,
                      unsigned int targinfosize,
                      unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c
index 6568e3e30e47..9aa7817657f0 100644
--- a/net/ipv4/netfilter/ipt_TOS.c
+++ b/net/ipv4/netfilter/ipt_TOS.c
@@ -25,6 +25,7 @@ target(struct sk_buff **pskb,
       const struct net_device *in,
       const struct net_device *out,
       unsigned int hooknum,
+       const struct xt_target *target,
       const void *targinfo,
       void *userinfo)
 {
@@ -53,6 +54,7 @@ target(struct sk_buff **pskb,
 static int
 checkentry(const char *tablename,
           const void *e_void,
+           const struct xt_target *target,
           void *targinfo,
           unsigned int targinfosize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c
index 61d94e096939..5009a003d578 100644
--- a/net/ipv4/netfilter/ipt_TTL.c
+++ b/net/ipv4/netfilter/ipt_TTL.c
@@ -20,9 +20,10 @@ MODULE_DESCRIPTION("IP tables TTL modification module");
 MODULE_LICENSE("GPL");
 static unsigned int 
-ipt_ttl_target(struct sk_buff **pskb, const struct net_device *in, 
+ipt_ttl_target(struct sk_buff **pskb,
-                const struct net_device *out, unsigned int hooknum, 
+               const struct net_device *in, const struct net_device *out,
-                const void *targinfo, void *userinfo)
+               unsigned int hooknum, const struct xt_target *target,
+               const void *targinfo, void *userinfo)
 {
        struct iphdr *iph;
        const struct ipt_TTL_info *info = targinfo;
@@ -67,6 +68,7 @@ ipt_ttl_target(struct sk_buff **pskb, const struct net_device *in,
 static int ipt_ttl_checkentry(const char *tablename,
                const void *e,
+                const struct xt_target *target,
                void *targinfo,
                unsigned int targinfosize,
                unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c
index c95e7e9f74ff..a82a32ed0e2f 100644
--- a/net/ipv4/netfilter/ipt_ULOG.c
+++ b/net/ipv4/netfilter/ipt_ULOG.c
@@ -303,6 +303,7 @@ static unsigned int ipt_ulog_target(struct sk_buff **pskb,
                                    const struct net_device *in,
                                    const struct net_device *out,
                                    unsigned int hooknum,
+                                    const struct xt_target *target,
                                    const void *targinfo, void *userinfo)
 {
        struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
@@ -339,6 +340,7 @@ static void ipt_logfn(unsigned int pf,
 static int ipt_ulog_checkentry(const char *tablename,
                               const void *e,
+                               const struct xt_target *target,
                               void *targinfo,
                               unsigned int targinfosize,
                               unsigned int hookmask)
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c
index ad5dc4658022..5fdf85d0efcf 100644
--- a/net/ipv4/netfilter/ipt_addrtype.c
+++ b/net/ipv4/netfilter/ipt_addrtype.c
@@ -27,8 +27,9 @@ static inline int match_type(u_int32_t addr, u_int16_t mask)
        return !!(mask & (1 << inet_addr_type(addr)));
 }
-static int match(const struct sk_buff *skb, const struct net_device *in,
+static int match(const struct sk_buff *skb,
-                 const struct net_device *out, const void *matchinfo,
+                 const struct net_device *in, const struct net_device *out,
+                 const struct xt_match *match, const void *matchinfo,
                 int offset, unsigned int protoff, int *hotdrop)
 {
        const struct ipt_addrtype_info *info = matchinfo;
diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c
index a33eeea38e1d..35a21fb1f8e0 100644
--- a/net/ipv4/netfilter/ipt_ah.c
+++ b/net/ipv4/netfilter/ipt_ah.c
@@ -39,6 +39,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
@@ -71,6 +72,7 @@ match(const struct sk_buff *skb,
 static int
 checkentry(const char *tablename,
           const void *ip_void,
+           const struct xt_match *match,
           void *matchinfo,
           unsigned int matchinfosize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_dscp.c b/net/ipv4/netfilter/ipt_dscp.c
index e7889ba22f4c..11963c385dea 100644
--- a/net/ipv4/netfilter/ipt_dscp.c
+++ b/net/ipv4/netfilter/ipt_dscp.c
@@ -19,8 +19,9 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
 MODULE_DESCRIPTION("iptables DSCP matching module");
 MODULE_LICENSE("GPL");
-static int match(const struct sk_buff *skb, const struct net_device *in,
+static int match(const struct sk_buff *skb,
-                 const struct net_device *out, const void *matchinfo,
+                 const struct net_device *in, const struct net_device *out,
+                 const struct xt_match *match, const void *matchinfo,
                 int offset, unsigned int protoff, int *hotdrop)
 {
        const struct ipt_dscp_info *info = matchinfo;
diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c
index 723957f77310..d7e29f6a38d8 100644
--- a/net/ipv4/netfilter/ipt_ecn.c
+++ b/net/ipv4/netfilter/ipt_ecn.c
@@ -65,8 +65,9 @@ static inline int match_tcp(const struct sk_buff *skb,
        return 1;
 }
-static int match(const struct sk_buff *skb, const struct net_device *in,
+static int match(const struct sk_buff *skb,
-                 const struct net_device *out, const void *matchinfo,
+                 const struct net_device *in, const struct net_device *out,
+                 const struct xt_match *match, const void *matchinfo,
                 int offset, unsigned int protoff, int *hotdrop)
 {
        const struct ipt_ecn_info *info = matchinfo;
@@ -86,6 +87,7 @@ static int match(const struct sk_buff *skb, const struct net_device *in,
 }
 static int checkentry(const char *tablename, const void *ip_void,
+                      const struct xt_match *match,
                      void *matchinfo, unsigned int matchsize,
                      unsigned int hook_mask)
 {
diff --git a/net/ipv4/netfilter/ipt_esp.c b/net/ipv4/netfilter/ipt_esp.c
index 984fa4862ce9..af0d5ec79cb5 100644
--- a/net/ipv4/netfilter/ipt_esp.c
+++ b/net/ipv4/netfilter/ipt_esp.c
@@ -40,6 +40,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
@@ -72,6 +73,7 @@ match(const struct sk_buff *skb,
 static int
 checkentry(const char *tablename,
           const void *ip_void,
+           const struct xt_match *match,
           void *matchinfo,
           unsigned int matchinfosize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_hashlimit.c b/net/ipv4/netfilter/ipt_hashlimit.c
index 156d9c255b2b..dc1521c5aa81 100644
--- a/net/ipv4/netfilter/ipt_hashlimit.c
+++ b/net/ipv4/netfilter/ipt_hashlimit.c
@@ -427,6 +427,7 @@ static int
 hashlimit_match(const struct sk_buff *skb,
                const struct net_device *in,
                const struct net_device *out,
+                const struct xt_match *match,
                const void *matchinfo,
                int offset,
                unsigned int protoff,
@@ -506,6 +507,7 @@ hashlimit_match(const struct sk_buff *skb,
 static int
 hashlimit_checkentry(const char *tablename,
                     const void *inf,
+                     const struct xt_match *match,
                     void *matchinfo,
                     unsigned int matchsize,
                     unsigned int hook_mask)
@@ -555,7 +557,8 @@ hashlimit_checkentry(const char *tablename,
 }
 static void
-hashlimit_destroy(void *matchinfo, unsigned int matchsize)
+hashlimit_destroy(const struct xt_match *match, void *matchinfo,
+                  unsigned int matchsize)
 {
        struct ipt_hashlimit_info *r = (struct ipt_hashlimit_info *) matchinfo;
diff --git a/net/ipv4/netfilter/ipt_iprange.c b/net/ipv4/netfilter/ipt_iprange.c
index 0885ff5d0db7..ae70112f5e06 100644
--- a/net/ipv4/netfilter/ipt_iprange.c
+++ b/net/ipv4/netfilter/ipt_iprange.c
@@ -27,6 +27,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset, unsigned int protoff, int *hotdrop)
 {
diff --git a/net/ipv4/netfilter/ipt_multiport.c b/net/ipv4/netfilter/ipt_multiport.c
index 8f1684c3e5c6..bd07f7c53872 100644
--- a/net/ipv4/netfilter/ipt_multiport.c
+++ b/net/ipv4/netfilter/ipt_multiport.c
@@ -95,6 +95,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
@@ -127,6 +128,7 @@ static int
 match_v1(const struct sk_buff *skb,
         const struct net_device *in,
         const struct net_device *out,
+         const struct xt_match *match,
         const void *matchinfo,
         int offset,
         unsigned int protoff,
diff --git a/net/ipv4/netfilter/ipt_owner.c b/net/ipv4/netfilter/ipt_owner.c
index 18adc1d214d4..3900428771f3 100644
--- a/net/ipv4/netfilter/ipt_owner.c
+++ b/net/ipv4/netfilter/ipt_owner.c
@@ -25,6 +25,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
@@ -53,6 +54,7 @@ match(const struct sk_buff *skb,
 static int
 checkentry(const char *tablename,
           const void *ip,
+           const struct xt_match *match,
           void *matchinfo,
           unsigned int matchsize,
           unsigned int hook_mask)
diff --git a/net/ipv4/netfilter/ipt_policy.c b/net/ipv4/netfilter/ipt_policy.c
index 3fa6607c0c6c..b73f590b226b 100644
--- a/net/ipv4/netfilter/ipt_policy.c
+++ b/net/ipv4/netfilter/ipt_policy.c
@@ -98,6 +98,7 @@ match_policy_out(const struct sk_buff *skb, const struct ipt_policy_info *info)
 static int match(const struct sk_buff *skb,
                 const struct net_device *in,
                 const struct net_device *out,
+                 const struct xt_match *match,
                 const void *matchinfo,
                 int offset,
                 unsigned int protoff,
@@ -120,6 +121,7 @@ static int match(const struct sk_buff *skb,
 }
 static int checkentry(const char *tablename, const void *ip_void,
+                      const struct xt_match *match,
                      void *matchinfo, unsigned int matchsize,
                      unsigned int hook_mask)
 {
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c
index e2ccd4295344..06792ead1da4 100644
--- a/net/ipv4/netfilter/ipt_recent.c
+++ b/net/ipv4/netfilter/ipt_recent.c
@@ -102,6 +102,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
@@ -318,7 +319,7 @@ static int ip_recent_ctrl(struct file *file, const char __user *input, unsigned
        skb->nh.iph->daddr = 0;
        /* Clear ttl since we have no way of knowing it */
        skb->nh.iph->ttl = 0;
-        match(skb,NULL,NULL,info,0,0,NULL);
+        match(skb,NULL,NULL,NULL,info,0,0,NULL);
        kfree(skb->nh.iph);
 out_free_skb:
@@ -356,6 +357,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
@@ -657,6 +659,7 @@ match(const struct sk_buff *skb,
 static int
 checkentry(const char *tablename,
           const void *ip,
+           const struct xt_match *match,
           void *matchinfo,
           unsigned int matchsize,
           unsigned int hook_mask)
@@ -869,7 +872,7 @@ checkentry(const char *tablename,
 * up its memory.
 */
 static void
-destroy(void *matchinfo, unsigned int matchsize)
+destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
 {
        const struct ipt_recent_info *info = matchinfo;
        struct recent_ip_tables *curr_table, *last_table;
diff --git a/net/ipv4/netfilter/ipt_tos.c b/net/ipv4/netfilter/ipt_tos.c
index 4675c786189b..e404e92ddd01 100644
--- a/net/ipv4/netfilter/ipt_tos.c
+++ b/net/ipv4/netfilter/ipt_tos.c
@@ -21,6 +21,7 @@ static int
 match(const struct sk_buff *skb,
      const struct net_device *in,
      const struct net_device *out,
+      const struct xt_match *match,
      const void *matchinfo,
      int offset,
      unsigned int protoff,
diff --git a/net/ipv4/netfilter/ipt_ttl.c b/net/ipv4/netfilter/ipt_ttl.c
index bb694a0b361d..ae7ce4d8d90e 100644
--- a/net/ipv4/netfilter/ipt_ttl.c
+++ b/net/ipv4/netfilter/ipt_ttl.c
@@ -19,8 +19,9 @@ MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
 MODULE_DESCRIPTION("IP tables TTL matching module");
 MODULE_LICENSE("GPL");
-static int match(const struct sk_buff *skb, const struct net_device *in,
+static int match(const struct sk_buff *skb,
-                 const struct net_device *out, const void *matchinfo,
+                 const struct net_device *in, const struct net_device *out,
+                 const struct xt_match *match, const void *matchinfo,
                 int offset, unsigned int protoff, int *hotdrop)
 {
        const struct ipt_ttl_info *info = matchinfo;
author	Patrick McHardy <kaber@trash.net>	2006-03-20 21:02:56 -0500
committer	David S. Miller <davem@davemloft.net>	2006-03-20 21:02:56 -0500
commit	c49867347404c46f137a261643ed4fce4376f324 (patch)
tree	0b561e2eae19b0073435a4a73df671eae878c30a /net/ipv4
parent	1c524830d0b39472f0278989bf1119750a5e234d (diff)