netfilter: xtables: combine built-in extension structs

Prepare the arrays for use with the multiregister function. The future layer-3 xt matches can then be easily added to it without needing more (un)register code. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
author: Jan Engelhardt <jengelh@medozas.de> 2009-07-04 06:50:00 -0400
committer: Jan Engelhardt <jengelh@medozas.de> 2010-05-11 12:36:18 -0400
commit: 4538506be386f9736b83bf9892f829adbbb70fea (patch)
tree: 3e3be09f45b3af19edc1143f2eb44ad1751ecfa7 /net/ipv6
parent: b4ba26119b06052888696491f614201817491a0d (diff)
1 files changed, 30 insertions, 34 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 557fac9689c0..56782336474f 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -2190,22 +2190,23 @@ static int icmp6_checkentry(const struct xt_mtchk_param *par)
 }
 /* The built-in targets: standard (NULL) and error. */
-static struct xt_target ip6t_standard_target __read_mostly = {
+static struct xt_target ip6t_builtin_tg[] __read_mostly = {
-        .name           = IP6T_STANDARD_TARGET,
+        {
-        .targetsize     = sizeof(int),
+                .name             = IP6T_STANDARD_TARGET,
-        .family         = NFPROTO_IPV6,
+                .targetsize       = sizeof(int),
+                .family           = NFPROTO_IPV6,
 #ifdef CONFIG_COMPAT
-        .compatsize     = sizeof(compat_int_t),
+                .compatsize       = sizeof(compat_int_t),
-        .compat_from_user = compat_standard_from_user,
+                .compat_from_user = compat_standard_from_user,
-        .compat_to_user = compat_standard_to_user,
+                .compat_to_user   = compat_standard_to_user,
 #endif
-};
+        },
+        {
-static struct xt_target ip6t_error_target __read_mostly = {
+                .name             = IP6T_ERROR_TARGET,
-        .name           = IP6T_ERROR_TARGET,
+                .target           = ip6t_error,
-        .target         = ip6t_error,
+                .targetsize       = IP6T_FUNCTION_MAXNAMELEN,
-        .targetsize     = IP6T_FUNCTION_MAXNAMELEN,
+                .family           = NFPROTO_IPV6,
-        .family         = NFPROTO_IPV6,
+        },
 };
 static struct nf_sockopt_ops ip6t_sockopts = {
@@ -2225,13 +2226,15 @@ static struct nf_sockopt_ops ip6t_sockopts = {
        .owner          = THIS_MODULE,
 };
-static struct xt_match icmp6_matchstruct __read_mostly = {
+static struct xt_match ip6t_builtin_mt[] __read_mostly = {
-        .name           = "icmp6",
+        {
-        .match          = icmp6_match,
+                .name       = "icmp6",
-        .matchsize      = sizeof(struct ip6t_icmp),
+                .match      = icmp6_match,
-        .checkentry     = icmp6_checkentry,
+                .matchsize  = sizeof(struct ip6t_icmp),
-        .proto          = IPPROTO_ICMPV6,
+                .checkentry = icmp6_checkentry,
-        .family         = NFPROTO_IPV6,
+                .proto      = IPPROTO_ICMPV6,
+                .family     = NFPROTO_IPV6,
+        },
 };
 static int __net_init ip6_tables_net_init(struct net *net)
@@ -2258,13 +2261,10 @@ static int __init ip6_tables_init(void)
                goto err1;
        /* Noone else will be downing sem now, so we won't sleep */
-        ret = xt_register_target(&ip6t_standard_target);
+        ret = xt_register_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
        if (ret < 0)
                goto err2;
-        ret = xt_register_target(&ip6t_error_target);
+        ret = xt_register_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
-        if (ret < 0)
-                goto err3;
-        ret = xt_register_match(&icmp6_matchstruct);
        if (ret < 0)
                goto err4;
@@ -2277,11 +2277,9 @@ static int __init ip6_tables_init(void)
        return 0;
 err5:
-        xt_unregister_match(&icmp6_matchstruct);
+        xt_unregister_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
 err4:
-        xt_unregister_target(&ip6t_error_target);
+        xt_unregister_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
-err3:
-        xt_unregister_target(&ip6t_standard_target);
 err2:
        unregister_pernet_subsys(&ip6_tables_net_ops);
 err1:
@@ -2292,10 +2290,8 @@ static void __exit ip6_tables_fini(void)
 {
        nf_unregister_sockopt(&ip6t_sockopts);
-        xt_unregister_match(&icmp6_matchstruct);
+        xt_unregister_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
-        xt_unregister_target(&ip6t_error_target);
+        xt_unregister_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
-        xt_unregister_target(&ip6t_standard_target);
        unregister_pernet_subsys(&ip6_tables_net_ops);
 }
author	Jan Engelhardt <jengelh@medozas.de>	2009-07-04 06:50:00 -0400
committer	Jan Engelhardt <jengelh@medozas.de>	2010-05-11 12:36:18 -0400
commit	4538506be386f9736b83bf9892f829adbbb70fea (patch)
tree	3e3be09f45b3af19edc1143f2eb44ad1751ecfa7 /net/ipv6
parent	b4ba26119b06052888696491f614201817491a0d (diff)

diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 557fac9689c0..56782336474f 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c
@@ -2190,22 +2190,23 @@ static int icmp6_checkentry(const struct xt_mtchk_param *par)
2190	}	2190	}
2191		2191
2192	/* The built-in targets: standard (NULL) and error. */	2192	/* The built-in targets: standard (NULL) and error. */
2193	static struct xt_target ip6t_standard_target __read_mostly = {	2193	static struct xt_target ip6t_builtin_tg[] __read_mostly = {
2194	.name = IP6T_STANDARD_TARGET,	2194	{
2195	.targetsize = sizeof(int),	2195	.name = IP6T_STANDARD_TARGET,
2196	.family = NFPROTO_IPV6,	2196	.targetsize = sizeof(int),
		2197	.family = NFPROTO_IPV6,
2197	#ifdef CONFIG_COMPAT	2198	#ifdef CONFIG_COMPAT
2198	.compatsize = sizeof(compat_int_t),	2199	.compatsize = sizeof(compat_int_t),
2199	.compat_from_user = compat_standard_from_user,	2200	.compat_from_user = compat_standard_from_user,
2200	.compat_to_user = compat_standard_to_user,	2201	.compat_to_user = compat_standard_to_user,
2201	#endif	2202	#endif
2202	};	2203	},
2203		2204	{
2204	static struct xt_target ip6t_error_target __read_mostly = {	2205	.name = IP6T_ERROR_TARGET,
2205	.name = IP6T_ERROR_TARGET,	2206	.target = ip6t_error,
2206	.target = ip6t_error,	2207	.targetsize = IP6T_FUNCTION_MAXNAMELEN,
2207	.targetsize = IP6T_FUNCTION_MAXNAMELEN,	2208	.family = NFPROTO_IPV6,
2208	.family = NFPROTO_IPV6,	2209	},
2209	};	2210	};
2210		2211
2211	static struct nf_sockopt_ops ip6t_sockopts = {	2212	static struct nf_sockopt_ops ip6t_sockopts = {
@@ -2225,13 +2226,15 @@ static struct nf_sockopt_ops ip6t_sockopts = {
2225	.owner = THIS_MODULE,	2226	.owner = THIS_MODULE,
2226	};	2227	};
2227		2228
2228	static struct xt_match icmp6_matchstruct __read_mostly = {	2229	static struct xt_match ip6t_builtin_mt[] __read_mostly = {
2229	.name = "icmp6",	2230	{
2230	.match = icmp6_match,	2231	.name = "icmp6",
2231	.matchsize = sizeof(struct ip6t_icmp),	2232	.match = icmp6_match,
2232	.checkentry = icmp6_checkentry,	2233	.matchsize = sizeof(struct ip6t_icmp),
2233	.proto = IPPROTO_ICMPV6,	2234	.checkentry = icmp6_checkentry,
2234	.family = NFPROTO_IPV6,	2235	.proto = IPPROTO_ICMPV6,
		2236	.family = NFPROTO_IPV6,
		2237	},
2235	};	2238	};
2236		2239
2237	static int __net_init ip6_tables_net_init(struct net *net)	2240	static int __net_init ip6_tables_net_init(struct net *net)
@@ -2258,13 +2261,10 @@ static int __init ip6_tables_init(void)
2258	goto err1;	2261	goto err1;
2259		2262
2260	/* Noone else will be downing sem now, so we won't sleep */	2263	/* Noone else will be downing sem now, so we won't sleep */
2261	ret = xt_register_target(&ip6t_standard_target);	2264	ret = xt_register_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
2262	if (ret < 0)	2265	if (ret < 0)
2263	goto err2;	2266	goto err2;
2264	ret = xt_register_target(&ip6t_error_target);	2267	ret = xt_register_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
2265	if (ret < 0)
2266	goto err3;
2267	ret = xt_register_match(&icmp6_matchstruct);
2268	if (ret < 0)	2268	if (ret < 0)
2269	goto err4;	2269	goto err4;
2270		2270
@@ -2277,11 +2277,9 @@ static int __init ip6_tables_init(void)
2277	return 0;	2277	return 0;
2278		2278
2279	err5:	2279	err5:
2280	xt_unregister_match(&icmp6_matchstruct);	2280	xt_unregister_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
2281	err4:	2281	err4:
2282	xt_unregister_target(&ip6t_error_target);	2282	xt_unregister_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
2283	err3:
2284	xt_unregister_target(&ip6t_standard_target);
2285	err2:	2283	err2:
2286	unregister_pernet_subsys(&ip6_tables_net_ops);	2284	unregister_pernet_subsys(&ip6_tables_net_ops);
2287	err1:	2285	err1:
@@ -2292,10 +2290,8 @@ static void __exit ip6_tables_fini(void)
2292	{	2290	{
2293	nf_unregister_sockopt(&ip6t_sockopts);	2291	nf_unregister_sockopt(&ip6t_sockopts);
2294		2292
2295	xt_unregister_match(&icmp6_matchstruct);	2293	xt_unregister_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
2296	xt_unregister_target(&ip6t_error_target);	2294	xt_unregister_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
2297	xt_unregister_target(&ip6t_standard_target);
2298
2299	unregister_pernet_subsys(&ip6_tables_net_ops);	2295	unregister_pernet_subsys(&ip6_tables_net_ops);
2300	}	2296	}
2301		2297