diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2009-04-15 15:06:05 -0400 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2009-05-08 04:30:48 -0400 |
| commit | 98e86403162d08a30b03426c54c2a8fca1f695d1 (patch) | |
| tree | 0b610ebf8ce2978a9de090435607617f545252ae /net/ipv6 | |
| parent | 4f2f6f236af484ada595ff37d0ee1902aa56221f (diff) | |
netfilter: xtables: consolidate open-coded logic
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/netfilter/ip6_tables.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 4853a3d542b7..9176e98ace7a 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
| @@ -329,6 +329,12 @@ static void trace_packet(struct sk_buff *skb, | |||
| 329 | } | 329 | } |
| 330 | #endif | 330 | #endif |
| 331 | 331 | ||
| 332 | static inline __pure struct ip6t_entry * | ||
| 333 | ip6t_next_entry(const struct ip6t_entry *entry) | ||
| 334 | { | ||
| 335 | return (void *)entry + entry->next_offset; | ||
| 336 | } | ||
| 337 | |||
| 332 | /* Returns one of the generic firewall policies, like NF_ACCEPT. */ | 338 | /* Returns one of the generic firewall policies, like NF_ACCEPT. */ |
| 333 | unsigned int | 339 | unsigned int |
| 334 | ip6t_do_table(struct sk_buff *skb, | 340 | ip6t_do_table(struct sk_buff *skb, |
| @@ -414,11 +420,11 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 414 | back->comefrom); | 420 | back->comefrom); |
| 415 | continue; | 421 | continue; |
| 416 | } | 422 | } |
| 417 | if (table_base + v != (void *)e + e->next_offset | 423 | if (table_base + v != ip6t_next_entry(e) |
| 418 | && !(e->ipv6.flags & IP6T_F_GOTO)) { | 424 | && !(e->ipv6.flags & IP6T_F_GOTO)) { |
| 419 | /* Save old back ptr in next entry */ | 425 | /* Save old back ptr in next entry */ |
| 420 | struct ip6t_entry *next | 426 | struct ip6t_entry *next |
| 421 | = (void *)e + e->next_offset; | 427 | = ip6t_next_entry(e); |
| 422 | next->comefrom | 428 | next->comefrom |
| 423 | = (void *)back - table_base; | 429 | = (void *)back - table_base; |
| 424 | /* set back pointer to next entry */ | 430 | /* set back pointer to next entry */ |
| @@ -451,7 +457,7 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 451 | = 0x57acc001; | 457 | = 0x57acc001; |
| 452 | #endif | 458 | #endif |
| 453 | if (verdict == IP6T_CONTINUE) | 459 | if (verdict == IP6T_CONTINUE) |
| 454 | e = (void *)e + e->next_offset; | 460 | e = ip6t_next_entry(e); |
| 455 | else | 461 | else |
| 456 | /* Verdict */ | 462 | /* Verdict */ |
| 457 | break; | 463 | break; |
| @@ -459,7 +465,7 @@ ip6t_do_table(struct sk_buff *skb, | |||
| 459 | } else { | 465 | } else { |
| 460 | 466 | ||
| 461 | no_match: | 467 | no_match: |
| 462 | e = (void *)e + e->next_offset; | 468 | e = ip6t_next_entry(e); |
| 463 | } | 469 | } |
| 464 | } while (!hotdrop); | 470 | } while (!hotdrop); |
| 465 | 471 | ||