netfilter: xtables: move extension arguments into compound structure (4/6)

This patch does this for target extensions' target functions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Jan Engelhardt <jengelh@medozas.de> 2008-10-08 05:35:19 -0400
committer: Patrick McHardy <kaber@trash.net> 2008-10-08 05:35:19 -0400
commit: 7eb3558655aaa87a3e71a0c065dfaddda521fa6d (patch)
tree: 724466c66c96f14b0378fab87040d8393bc05c8b /net/ipv6
parent: 6be3d8598e883fb632edf059ba2f8d1b9f4da138 (diff)
4 files changed, 24 insertions, 32 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 891358e89a2b..ee0986cdbd66 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -200,15 +200,11 @@ ip6_checkentry(const struct ip6t_ip6 *ipv6)
 }
 static unsigned int
-ip6t_error(struct sk_buff *skb,
+ip6t_error(struct sk_buff *skb, const struct xt_target_param *par)
-          const struct net_device *in,
-          const struct net_device *out,
-          unsigned int hooknum,
-          const struct xt_target *target,
-          const void *targinfo)
 {
        if (net_ratelimit())
-                printk("ip6_tables: error: `%s'\n", (char *)targinfo);
+                printk("ip6_tables: error: `%s'\n",
+                       (const char *)par->targinfo);
        return NF_DROP;
 }
@@ -360,6 +356,7 @@ ip6t_do_table(struct sk_buff *skb,
        struct ip6t_entry *e, *back;
        struct xt_table_info *private;
        struct xt_match_param mtpar;
+        struct xt_target_param tgpar;
        /* Initialization */
        indev = in ? in->name : nulldevname;
@@ -371,8 +368,9 @@ ip6t_do_table(struct sk_buff *skb,
         * rule is also a fragment-specific rule, non-fragments won't
         * match it. */
        mtpar.hotdrop = &hotdrop;
-        mtpar.in      = in;
+        mtpar.in      = tgpar.in  = in;
-        mtpar.out     = out;
+        mtpar.out     = tgpar.out = out;
+        tgpar.hooknum = hook;
        read_lock_bh(&table->lock);
        IP_NF_ASSERT(table->valid_hooks & (1 << hook));
@@ -438,15 +436,15 @@ ip6t_do_table(struct sk_buff *skb,
                        } else {
                                /* Targets which reenter must return
                                   abs. verdicts */
+                                tgpar.target   = t->u.kernel.target;
+                                tgpar.targinfo = t->data;
 #ifdef CONFIG_NETFILTER_DEBUG
                                ((struct ip6t_entry *)table_base)->comefrom
                                        = 0xeeeeeeec;
 #endif
                                verdict = t->u.kernel.target->target(skb,
-                                                                     in, out,
+                                                                     &tgpar);
-                                                                     hook,
-                                                                     t->u.kernel.target,
-                                                                     t->data);
 #ifdef CONFIG_NETFILTER_DEBUG
                                if (((struct ip6t_entry *)table_base)->comefrom
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c
index 7eebd3509166..ac759a54f2c6 100644
--- a/net/ipv6/netfilter/ip6t_HL.c
+++ b/net/ipv6/netfilter/ip6t_HL.c
@@ -19,12 +19,10 @@ MODULE_DESCRIPTION("Xtables: IPv6 Hop Limit field modification target");
 MODULE_LICENSE("GPL");
 static unsigned int
-hl_tg6(struct sk_buff *skb, const struct net_device *in,
+hl_tg6(struct sk_buff *skb, const struct xt_target_param *par)
-       const struct net_device *out, unsigned int hooknum,
-       const struct xt_target *target, const void *targinfo)
 {
        struct ipv6hdr *ip6h;
-        const struct ip6t_HL_info *info = targinfo;
+        const struct ip6t_HL_info *info = par->targinfo;
        int new_hl;
        if (!skb_make_writable(skb, skb->len))
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c
index fd148f3d842f..a31d3ecd1fc9 100644
--- a/net/ipv6/netfilter/ip6t_LOG.c
+++ b/net/ipv6/netfilter/ip6t_LOG.c
@@ -438,18 +438,16 @@ ip6t_log_packet(u_int8_t pf,
 }
 static unsigned int
-log_tg6(struct sk_buff *skb, const struct net_device *in,
+log_tg6(struct sk_buff *skb, const struct xt_target_param *par)
-        const struct net_device *out, unsigned int hooknum,
-        const struct xt_target *target, const void *targinfo)
 {
-        const struct ip6t_log_info *loginfo = targinfo;
+        const struct ip6t_log_info *loginfo = par->targinfo;
        struct nf_loginfo li;
        li.type = NF_LOG_TYPE_LOG;
        li.u.log.level = loginfo->level;
        li.u.log.logflags = loginfo->logflags;
-        ip6t_log_packet(NFPROTO_IPV6, hooknum, skb, in, out,
+        ip6t_log_packet(NFPROTO_IPV6, par->hooknum, skb, par->in, par->out,
                        &li, loginfo->prefix);
        return XT_CONTINUE;
 }
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index f1a9fce1ec95..1d5f3a70ed09 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -173,12 +173,10 @@ send_unreach(struct net *net, struct sk_buff *skb_in, unsigned char code,
 }
 static unsigned int
-reject_tg6(struct sk_buff *skb, const struct net_device *in,
+reject_tg6(struct sk_buff *skb, const struct xt_target_param *par)
-           const struct net_device *out, unsigned int hooknum,
-           const struct xt_target *target, const void *targinfo)
 {
-        const struct ip6t_reject_info *reject = targinfo;
+        const struct ip6t_reject_info *reject = par->targinfo;
-        struct net *net = dev_net(in ? in : out);
+        struct net *net = dev_net((par->in != NULL) ? par->in : par->out);
        pr_debug("%s: medium point\n", __func__);
        /* WARNING: This code causes reentry within ip6tables.
@@ -186,19 +184,19 @@ reject_tg6(struct sk_buff *skb, const struct net_device *in,
           must return an absolute verdict. --RR */
        switch (reject->with) {
        case IP6T_ICMP6_NO_ROUTE:
-                send_unreach(net, skb, ICMPV6_NOROUTE, hooknum);
+                send_unreach(net, skb, ICMPV6_NOROUTE, par->hooknum);
                break;
        case IP6T_ICMP6_ADM_PROHIBITED:
-                send_unreach(net, skb, ICMPV6_ADM_PROHIBITED, hooknum);
+                send_unreach(net, skb, ICMPV6_ADM_PROHIBITED, par->hooknum);
                break;
        case IP6T_ICMP6_NOT_NEIGHBOUR:
-                send_unreach(net, skb, ICMPV6_NOT_NEIGHBOUR, hooknum);
+                send_unreach(net, skb, ICMPV6_NOT_NEIGHBOUR, par->hooknum);
                break;
        case IP6T_ICMP6_ADDR_UNREACH:
-                send_unreach(net, skb, ICMPV6_ADDR_UNREACH, hooknum);
+                send_unreach(net, skb, ICMPV6_ADDR_UNREACH, par->hooknum);
                break;
        case IP6T_ICMP6_PORT_UNREACH:
-                send_unreach(net, skb, ICMPV6_PORT_UNREACH, hooknum);
+                send_unreach(net, skb, ICMPV6_PORT_UNREACH, par->hooknum);
                break;
        case IP6T_ICMP6_ECHOREPLY:
                /* Do nothing */
author	Jan Engelhardt <jengelh@medozas.de>	2008-10-08 05:35:19 -0400
committer	Patrick McHardy <kaber@trash.net>	2008-10-08 05:35:19 -0400
commit	7eb3558655aaa87a3e71a0c065dfaddda521fa6d (patch)
tree	724466c66c96f14b0378fab87040d8393bc05c8b /net/ipv6
parent	6be3d8598e883fb632edf059ba2f8d1b9f4da138 (diff)