aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-12-18 00:52:00 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:58:39 -0500
commit9c54795950d198e77144a18c94e7ed52ea0f3c77 (patch)
tree106595d0f391857ddcbaf6061481f83ea82237fc /net/ipv6
parent1fe5723773656a8ee7a981caf7fee9adb0ac6259 (diff)
[NETFILTER]: {ip,ip6}_tables: reformat to eliminate differences
Reformat ip_tables.c and ip6_tables.c in order to eliminate non-functional differences and minimize diff output. This allows to get a view of the real differences using: sed -e 's/IP6T/IPT/g' \ -e 's/IP6/IP/g' \ -e 's/INET6/INET/g' \ -e 's/ip6t/ipt/g' \ -e 's/ip6/ip/g' \ -e 's/ipv6/ip/g' \ -e 's/icmp6/icmp/g' \ net/ipv6/netfilter/ip6_tables.c | \ diff -wup /dev/stdin net/ipv4/netfilter/ip_tables.c Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/netfilter/ip6_tables.c46
1 files changed, 23 insertions, 23 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index db0dc96be55c..0a2ec4b346fb 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -371,8 +371,8 @@ ip6t_do_table(struct sk_buff *skb,
371 * match it. */ 371 * match it. */
372 372
373 read_lock_bh(&table->lock); 373 read_lock_bh(&table->lock);
374 private = table->private;
375 IP_NF_ASSERT(table->valid_hooks & (1 << hook)); 374 IP_NF_ASSERT(table->valid_hooks & (1 << hook));
375 private = table->private;
376 table_base = (void *)private->entries[smp_processor_id()]; 376 table_base = (void *)private->entries[smp_processor_id()];
377 e = get_entry(table_base, private->hook_entry[hook]); 377 e = get_entry(table_base, private->hook_entry[hook]);
378 378
@@ -496,9 +496,7 @@ mark_source_chains(struct xt_table_info *newinfo,
496 to 0 as we leave), and comefrom to save source hook bitmask */ 496 to 0 as we leave), and comefrom to save source hook bitmask */
497 for (hook = 0; hook < NF_INET_NUMHOOKS; hook++) { 497 for (hook = 0; hook < NF_INET_NUMHOOKS; hook++) {
498 unsigned int pos = newinfo->hook_entry[hook]; 498 unsigned int pos = newinfo->hook_entry[hook];
499 struct ip6t_entry *e 499 struct ip6t_entry *e = (struct ip6t_entry *)(entry0 + pos);
500 = (struct ip6t_entry *)(entry0 + pos);
501 int visited = e->comefrom & (1 << hook);
502 500
503 if (!(valid_hooks & (1 << hook))) 501 if (!(valid_hooks & (1 << hook)))
504 continue; 502 continue;
@@ -509,14 +507,14 @@ mark_source_chains(struct xt_table_info *newinfo,
509 for (;;) { 507 for (;;) {
510 struct ip6t_standard_target *t 508 struct ip6t_standard_target *t
511 = (void *)ip6t_get_target(e); 509 = (void *)ip6t_get_target(e);
510 int visited = e->comefrom & (1 << hook);
512 511
513 if (e->comefrom & (1 << NF_INET_NUMHOOKS)) { 512 if (e->comefrom & (1 << NF_INET_NUMHOOKS)) {
514 printk("iptables: loop hook %u pos %u %08X.\n", 513 printk("iptables: loop hook %u pos %u %08X.\n",
515 hook, pos, e->comefrom); 514 hook, pos, e->comefrom);
516 return 0; 515 return 0;
517 } 516 }
518 e->comefrom 517 e->comefrom |= ((1 << hook) | (1 << NF_INET_NUMHOOKS));
519 |= ((1 << hook) | (1 << NF_INET_NUMHOOKS));
520 518
521 /* Unconditional return/END. */ 519 /* Unconditional return/END. */
522 if ((e->target_offset == sizeof(struct ip6t_entry) 520 if ((e->target_offset == sizeof(struct ip6t_entry)
@@ -663,7 +661,7 @@ find_check_match(struct ip6t_entry_match *m,
663 int ret; 661 int ret;
664 662
665 match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name, 663 match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name,
666 m->u.user.revision), 664 m->u.user.revision),
667 "ip6t_%s", m->u.user.name); 665 "ip6t_%s", m->u.user.name);
668 if (IS_ERR(match) || !match) { 666 if (IS_ERR(match) || !match) {
669 duprintf("find_check_match: `%s' not found\n", m->u.user.name); 667 duprintf("find_check_match: `%s' not found\n", m->u.user.name);
@@ -885,7 +883,7 @@ translate_table(const char *name,
885 memcpy(newinfo->entries[i], entry0, newinfo->size); 883 memcpy(newinfo->entries[i], entry0, newinfo->size);
886 } 884 }
887 885
888 return 0; 886 return ret;
889} 887}
890 888
891/* Gets counters. */ 889/* Gets counters. */
@@ -984,7 +982,10 @@ copy_entries_to_user(unsigned int total_size,
984 if (IS_ERR(counters)) 982 if (IS_ERR(counters))
985 return PTR_ERR(counters); 983 return PTR_ERR(counters);
986 984
987 /* choose the copy that is on ourc node/cpu */ 985 /* choose the copy that is on our node/cpu, ...
986 * This choice is lazy (because current thread is
987 * allowed to migrate to another cpu)
988 */
988 loc_cpu_entry = private->entries[raw_smp_processor_id()]; 989 loc_cpu_entry = private->entries[raw_smp_processor_id()];
989 if (copy_to_user(userptr, loc_cpu_entry, total_size) != 0) { 990 if (copy_to_user(userptr, loc_cpu_entry, total_size) != 0) {
990 ret = -EFAULT; 991 ret = -EFAULT;
@@ -1199,7 +1200,7 @@ get_entries(struct ip6t_get_entries __user *uptr, int *len)
1199 t, uptr->entrytable); 1200 t, uptr->entrytable);
1200 else { 1201 else {
1201 duprintf("get_entries: I've got %u not %u!\n", 1202 duprintf("get_entries: I've got %u not %u!\n",
1202 private->size, entries->size); 1203 private->size, get.size);
1203 ret = -EINVAL; 1204 ret = -EINVAL;
1204 } 1205 }
1205 module_put(t->me); 1206 module_put(t->me);
@@ -1361,8 +1362,8 @@ do_add_counters(void __user *user, unsigned int len, int compat)
1361 char *name; 1362 char *name;
1362 int size; 1363 int size;
1363 void *ptmp; 1364 void *ptmp;
1364 struct xt_table_info *private;
1365 struct xt_table *t; 1365 struct xt_table *t;
1366 struct xt_table_info *private;
1366 int ret = 0; 1367 int ret = 0;
1367 void *loc_cpu_entry; 1368 void *loc_cpu_entry;
1368#ifdef CONFIG_COMPAT 1369#ifdef CONFIG_COMPAT
@@ -1829,7 +1830,7 @@ compat_do_replace(void __user *user, unsigned int len)
1829 if (!newinfo) 1830 if (!newinfo)
1830 return -ENOMEM; 1831 return -ENOMEM;
1831 1832
1832 /* choose the copy that is our node/cpu */ 1833 /* choose the copy that is on our node/cpu */
1833 loc_cpu_entry = newinfo->entries[raw_smp_processor_id()]; 1834 loc_cpu_entry = newinfo->entries[raw_smp_processor_id()];
1834 if (copy_from_user(loc_cpu_entry, user + sizeof(tmp), 1835 if (copy_from_user(loc_cpu_entry, user + sizeof(tmp),
1835 tmp.size) != 0) { 1836 tmp.size) != 0) {
@@ -1950,16 +1951,14 @@ compat_get_entries(struct compat_ip6t_get_entries __user *uptr, int *len)
1950 if (t && !IS_ERR(t)) { 1951 if (t && !IS_ERR(t)) {
1951 struct xt_table_info *private = t->private; 1952 struct xt_table_info *private = t->private;
1952 struct xt_table_info info; 1953 struct xt_table_info info;
1953 duprintf("t->private->number = %u\n", 1954 duprintf("t->private->number = %u\n", private->number);
1954 private->number);
1955 ret = compat_table_info(private, &info); 1955 ret = compat_table_info(private, &info);
1956 if (!ret && get.size == info.size) { 1956 if (!ret && get.size == info.size) {
1957 ret = compat_copy_entries_to_user(private->size, 1957 ret = compat_copy_entries_to_user(private->size,
1958 t, uptr->entrytable); 1958 t, uptr->entrytable);
1959 } else if (!ret) { 1959 } else if (!ret) {
1960 duprintf("compat_get_entries: I've got %u not %u!\n", 1960 duprintf("compat_get_entries: I've got %u not %u!\n",
1961 private->size, 1961 private->size, get.size);
1962 get.size);
1963 ret = -EINVAL; 1962 ret = -EINVAL;
1964 } 1963 }
1965 xt_compat_flush_offsets(AF_INET6); 1964 xt_compat_flush_offsets(AF_INET6);
@@ -2072,8 +2071,7 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
2072 return ret; 2071 return ret;
2073} 2072}
2074 2073
2075int ip6t_register_table(struct xt_table *table, 2074int ip6t_register_table(struct xt_table *table, const struct ip6t_replace *repl)
2076 const struct ip6t_replace *repl)
2077{ 2075{
2078 int ret; 2076 int ret;
2079 struct xt_table_info *newinfo; 2077 struct xt_table_info *newinfo;
@@ -2085,7 +2083,7 @@ int ip6t_register_table(struct xt_table *table,
2085 if (!newinfo) 2083 if (!newinfo)
2086 return -ENOMEM; 2084 return -ENOMEM;
2087 2085
2088 /* choose the copy on our node/cpu */ 2086 /* choose the copy on our node/cpu, but dont care about preemption */
2089 loc_cpu_entry = newinfo->entries[raw_smp_processor_id()]; 2087 loc_cpu_entry = newinfo->entries[raw_smp_processor_id()];
2090 memcpy(loc_cpu_entry, repl->entries, repl->size); 2088 memcpy(loc_cpu_entry, repl->entries, repl->size);
2091 2089
@@ -2141,17 +2139,18 @@ icmp6_match(const struct sk_buff *skb,
2141 unsigned int protoff, 2139 unsigned int protoff,
2142 bool *hotdrop) 2140 bool *hotdrop)
2143{ 2141{
2144 struct icmp6hdr _icmp, *ic; 2142 struct icmp6hdr _icmph, *ic;
2145 const struct ip6t_icmp *icmpinfo = matchinfo; 2143 const struct ip6t_icmp *icmpinfo = matchinfo;
2146 2144
2147 /* Must not be a fragment. */ 2145 /* Must not be a fragment. */
2148 if (offset) 2146 if (offset)
2149 return false; 2147 return false;
2150 2148
2151 ic = skb_header_pointer(skb, protoff, sizeof(_icmp), &_icmp); 2149 ic = skb_header_pointer(skb, protoff, sizeof(_icmph), &_icmph);
2152 if (ic == NULL) { 2150 if (ic == NULL) {
2153 /* We've been asked to examine this packet, and we 2151 /* We've been asked to examine this packet, and we
2154 can't. Hence, no choice but to drop. */ 2152 * can't. Hence, no choice but to drop.
2153 */
2155 duprintf("Dropping evil ICMP tinygram.\n"); 2154 duprintf("Dropping evil ICMP tinygram.\n");
2156 *hotdrop = true; 2155 *hotdrop = true;
2157 return false; 2156 return false;
@@ -2216,7 +2215,7 @@ static struct nf_sockopt_ops ip6t_sockopts = {
2216 2215
2217static struct xt_match icmp6_matchstruct __read_mostly = { 2216static struct xt_match icmp6_matchstruct __read_mostly = {
2218 .name = "icmp6", 2217 .name = "icmp6",
2219 .match = &icmp6_match, 2218 .match = icmp6_match,
2220 .matchsize = sizeof(struct ip6t_icmp), 2219 .matchsize = sizeof(struct ip6t_icmp),
2221 .checkentry = icmp6_checkentry, 2220 .checkentry = icmp6_checkentry,
2222 .proto = IPPROTO_ICMPV6, 2221 .proto = IPPROTO_ICMPV6,
@@ -2265,6 +2264,7 @@ err1:
2265static void __exit ip6_tables_fini(void) 2264static void __exit ip6_tables_fini(void)
2266{ 2265{
2267 nf_unregister_sockopt(&ip6t_sockopts); 2266 nf_unregister_sockopt(&ip6t_sockopts);
2267
2268 xt_unregister_match(&icmp6_matchstruct); 2268 xt_unregister_match(&icmp6_matchstruct);
2269 xt_unregister_target(&ip6t_error_target); 2269 xt_unregister_target(&ip6t_error_target);
2270 xt_unregister_target(&ip6t_standard_target); 2270 xt_unregister_target(&ip6t_standard_target);