diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2008-10-08 05:35:20 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 05:35:20 -0400 |
| commit | ab4f21e6fb1c09b13c4c3cb8357babe8223471bd (patch) | |
| tree | c392a37d8bcf178c8f54fc0b14fb124ff6d7004c /net | |
| parent | 92f3b2b1bc968caaabee8cd78bee75ab7c4af74e (diff) | |
netfilter: xtables: use NFPROTO_UNSPEC in more extensions
Lots of extensions are completely family-independent, so squash some code.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/xt_MARK.c | 34 | ||||
| -rw-r--r-- | net/netfilter/xt_NOTRACK.c | 26 | ||||
| -rw-r--r-- | net/netfilter/xt_comment.c | 26 | ||||
| -rw-r--r-- | net/netfilter/xt_mac.c | 34 | ||||
| -rw-r--r-- | net/netfilter/xt_owner.c | 12 | ||||
| -rw-r--r-- | net/netfilter/xt_physdev.c | 29 | ||||
| -rw-r--r-- | net/netfilter/xt_realm.c | 2 |
7 files changed, 43 insertions, 120 deletions
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index 123ee0ba78c6..67574bcfb8ac 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c | |||
| @@ -149,7 +149,7 @@ static int mark_tg_compat_to_user_v1(void __user *dst, void *src) | |||
| 149 | static struct xt_target mark_tg_reg[] __read_mostly = { | 149 | static struct xt_target mark_tg_reg[] __read_mostly = { |
| 150 | { | 150 | { |
| 151 | .name = "MARK", | 151 | .name = "MARK", |
| 152 | .family = NFPROTO_IPV4, | 152 | .family = NFPROTO_UNSPEC, |
| 153 | .revision = 0, | 153 | .revision = 0, |
| 154 | .checkentry = mark_tg_check_v0, | 154 | .checkentry = mark_tg_check_v0, |
| 155 | .target = mark_tg_v0, | 155 | .target = mark_tg_v0, |
| @@ -164,37 +164,7 @@ static struct xt_target mark_tg_reg[] __read_mostly = { | |||
| 164 | }, | 164 | }, |
| 165 | { | 165 | { |
| 166 | .name = "MARK", | 166 | .name = "MARK", |
| 167 | .family = NFPROTO_IPV4, | 167 | .family = NFPROTO_UNSPEC, |
| 168 | .revision = 1, | ||
| 169 | .checkentry = mark_tg_check_v1, | ||
| 170 | .target = mark_tg_v1, | ||
| 171 | .targetsize = sizeof(struct xt_mark_target_info_v1), | ||
| 172 | #ifdef CONFIG_COMPAT | ||
| 173 | .compatsize = sizeof(struct compat_xt_mark_target_info_v1), | ||
| 174 | .compat_from_user = mark_tg_compat_from_user_v1, | ||
| 175 | .compat_to_user = mark_tg_compat_to_user_v1, | ||
| 176 | #endif | ||
| 177 | .table = "mangle", | ||
| 178 | .me = THIS_MODULE, | ||
| 179 | }, | ||
| 180 | { | ||
| 181 | .name = "MARK", | ||
| 182 | .family = NFPROTO_IPV6, | ||
| 183 | .revision = 0, | ||
| 184 | .checkentry = mark_tg_check_v0, | ||
| 185 | .target = mark_tg_v0, | ||
| 186 | .targetsize = sizeof(struct xt_mark_target_info), | ||
| 187 | #ifdef CONFIG_COMPAT | ||
| 188 | .compatsize = sizeof(struct compat_xt_mark_target_info), | ||
| 189 | .compat_from_user = mark_tg_compat_from_user_v0, | ||
| 190 | .compat_to_user = mark_tg_compat_to_user_v0, | ||
| 191 | #endif | ||
| 192 | .table = "mangle", | ||
| 193 | .me = THIS_MODULE, | ||
| 194 | }, | ||
| 195 | { | ||
| 196 | .name = "MARK", | ||
| 197 | .family = NFPROTO_IPV6, | ||
| 198 | .revision = 1, | 168 | .revision = 1, |
| 199 | .checkentry = mark_tg_check_v1, | 169 | .checkentry = mark_tg_check_v1, |
| 200 | .target = mark_tg_v1, | 170 | .target = mark_tg_v1, |
diff --git a/net/netfilter/xt_NOTRACK.c b/net/netfilter/xt_NOTRACK.c index cc50295cd11e..e7a0a54fd4ea 100644 --- a/net/netfilter/xt_NOTRACK.c +++ b/net/netfilter/xt_NOTRACK.c | |||
| @@ -30,31 +30,23 @@ notrack_tg(struct sk_buff *skb, const struct xt_target_param *par) | |||
| 30 | return XT_CONTINUE; | 30 | return XT_CONTINUE; |
| 31 | } | 31 | } |
| 32 | 32 | ||
| 33 | static struct xt_target notrack_tg_reg[] __read_mostly = { | 33 | static struct xt_target notrack_tg_reg __read_mostly = { |
| 34 | { | 34 | .name = "NOTRACK", |
| 35 | .name = "NOTRACK", | 35 | .revision = 0, |
| 36 | .family = NFPROTO_IPV4, | 36 | .family = NFPROTO_UNSPEC, |
| 37 | .target = notrack_tg, | 37 | .target = notrack_tg, |
| 38 | .table = "raw", | 38 | .table = "raw", |
| 39 | .me = THIS_MODULE, | 39 | .me = THIS_MODULE, |
| 40 | }, | ||
| 41 | { | ||
| 42 | .name = "NOTRACK", | ||
| 43 | .family = NFPROTO_IPV6, | ||
| 44 | .target = notrack_tg, | ||
| 45 | .table = "raw", | ||
| 46 | .me = THIS_MODULE, | ||
| 47 | }, | ||
| 48 | }; | 40 | }; |
| 49 | 41 | ||
| 50 | static int __init notrack_tg_init(void) | 42 | static int __init notrack_tg_init(void) |
| 51 | { | 43 | { |
| 52 | return xt_register_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg)); | 44 | return xt_register_target(¬rack_tg_reg); |
| 53 | } | 45 | } |
| 54 | 46 | ||
| 55 | static void __exit notrack_tg_exit(void) | 47 | static void __exit notrack_tg_exit(void) |
| 56 | { | 48 | { |
| 57 | xt_unregister_targets(notrack_tg_reg, ARRAY_SIZE(notrack_tg_reg)); | 49 | xt_unregister_target(¬rack_tg_reg); |
| 58 | } | 50 | } |
| 59 | 51 | ||
| 60 | module_init(notrack_tg_init); | 52 | module_init(notrack_tg_init); |
diff --git a/net/netfilter/xt_comment.c b/net/netfilter/xt_comment.c index bd7aa57af428..e82179832acd 100644 --- a/net/netfilter/xt_comment.c +++ b/net/netfilter/xt_comment.c | |||
| @@ -22,31 +22,23 @@ comment_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 22 | return true; | 22 | return true; |
| 23 | } | 23 | } |
| 24 | 24 | ||
| 25 | static struct xt_match comment_mt_reg[] __read_mostly = { | 25 | static struct xt_match comment_mt_reg __read_mostly = { |
| 26 | { | 26 | .name = "comment", |
| 27 | .name = "comment", | 27 | .revision = 0, |
| 28 | .family = NFPROTO_IPV4, | 28 | .family = NFPROTO_UNSPEC, |
| 29 | .match = comment_mt, | 29 | .match = comment_mt, |
| 30 | .matchsize = sizeof(struct xt_comment_info), | 30 | .matchsize = sizeof(struct xt_comment_info), |
| 31 | .me = THIS_MODULE | 31 | .me = THIS_MODULE, |
| 32 | }, | ||
| 33 | { | ||
| 34 | .name = "comment", | ||
| 35 | .family = NFPROTO_IPV6, | ||
| 36 | .match = comment_mt, | ||
| 37 | .matchsize = sizeof(struct xt_comment_info), | ||
| 38 | .me = THIS_MODULE | ||
| 39 | }, | ||
| 40 | }; | 32 | }; |
| 41 | 33 | ||
| 42 | static int __init comment_mt_init(void) | 34 | static int __init comment_mt_init(void) |
| 43 | { | 35 | { |
| 44 | return xt_register_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg)); | 36 | return xt_register_match(&comment_mt_reg); |
| 45 | } | 37 | } |
| 46 | 38 | ||
| 47 | static void __exit comment_mt_exit(void) | 39 | static void __exit comment_mt_exit(void) |
| 48 | { | 40 | { |
| 49 | xt_unregister_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg)); | 41 | xt_unregister_match(&comment_mt_reg); |
| 50 | } | 42 | } |
| 51 | 43 | ||
| 52 | module_init(comment_mt_init); | 44 | module_init(comment_mt_init); |
diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c index 269f9d8aef5f..c2007116ce5b 100644 --- a/net/netfilter/xt_mac.c +++ b/net/netfilter/xt_mac.c | |||
| @@ -36,37 +36,25 @@ static bool mac_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 36 | ^ info->invert); | 36 | ^ info->invert); |
| 37 | } | 37 | } |
| 38 | 38 | ||
| 39 | static struct xt_match mac_mt_reg[] __read_mostly = { | 39 | static struct xt_match mac_mt_reg __read_mostly = { |
| 40 | { | 40 | .name = "mac", |
| 41 | .name = "mac", | 41 | .revision = 0, |
| 42 | .family = NFPROTO_IPV4, | 42 | .family = NFPROTO_UNSPEC, |
| 43 | .match = mac_mt, | 43 | .match = mac_mt, |
| 44 | .matchsize = sizeof(struct xt_mac_info), | 44 | .matchsize = sizeof(struct xt_mac_info), |
| 45 | .hooks = (1 << NF_INET_PRE_ROUTING) | | 45 | .hooks = (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) | |
| 46 | (1 << NF_INET_LOCAL_IN) | | 46 | (1 << NF_INET_FORWARD), |
| 47 | (1 << NF_INET_FORWARD), | 47 | .me = THIS_MODULE, |
| 48 | .me = THIS_MODULE, | ||
| 49 | }, | ||
| 50 | { | ||
| 51 | .name = "mac", | ||
| 52 | .family = NFPROTO_IPV6, | ||
| 53 | .match = mac_mt, | ||
| 54 | .matchsize = sizeof(struct xt_mac_info), | ||
| 55 | .hooks = (1 << NF_INET_PRE_ROUTING) | | ||
| 56 | (1 << NF_INET_LOCAL_IN) | | ||
| 57 | (1 << NF_INET_FORWARD), | ||
| 58 | .me = THIS_MODULE, | ||
| 59 | }, | ||
| 60 | }; | 48 | }; |
| 61 | 49 | ||
| 62 | static int __init mac_mt_init(void) | 50 | static int __init mac_mt_init(void) |
| 63 | { | 51 | { |
| 64 | return xt_register_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg)); | 52 | return xt_register_match(&mac_mt_reg); |
| 65 | } | 53 | } |
| 66 | 54 | ||
| 67 | static void __exit mac_mt_exit(void) | 55 | static void __exit mac_mt_exit(void) |
| 68 | { | 56 | { |
| 69 | xt_unregister_matches(mac_mt_reg, ARRAY_SIZE(mac_mt_reg)); | 57 | xt_unregister_match(&mac_mt_reg); |
| 70 | } | 58 | } |
| 71 | 59 | ||
| 72 | module_init(mac_mt_init); | 60 | module_init(mac_mt_init); |
diff --git a/net/netfilter/xt_owner.c b/net/netfilter/xt_owner.c index 32f84e84d9e6..f19ebd9b78f5 100644 --- a/net/netfilter/xt_owner.c +++ b/net/netfilter/xt_owner.c | |||
| @@ -160,17 +160,7 @@ static struct xt_match owner_mt_reg[] __read_mostly = { | |||
| 160 | { | 160 | { |
| 161 | .name = "owner", | 161 | .name = "owner", |
| 162 | .revision = 1, | 162 | .revision = 1, |
| 163 | .family = NFPROTO_IPV4, | 163 | .family = NFPROTO_UNSPEC, |
| 164 | .match = owner_mt, | ||
| 165 | .matchsize = sizeof(struct xt_owner_match_info), | ||
| 166 | .hooks = (1 << NF_INET_LOCAL_OUT) | | ||
| 167 | (1 << NF_INET_POST_ROUTING), | ||
| 168 | .me = THIS_MODULE, | ||
| 169 | }, | ||
| 170 | { | ||
| 171 | .name = "owner", | ||
| 172 | .revision = 1, | ||
| 173 | .family = NFPROTO_IPV6, | ||
| 174 | .match = owner_mt, | 164 | .match = owner_mt, |
| 175 | .matchsize = sizeof(struct xt_owner_match_info), | 165 | .matchsize = sizeof(struct xt_owner_match_info), |
| 176 | .hooks = (1 << NF_INET_LOCAL_OUT) | | 166 | .hooks = (1 << NF_INET_LOCAL_OUT) | |
diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c index b01786d2dd91..1bcdfc12cf59 100644 --- a/net/netfilter/xt_physdev.c +++ b/net/netfilter/xt_physdev.c | |||
| @@ -112,33 +112,24 @@ static bool physdev_mt_check(const struct xt_mtchk_param *par) | |||
| 112 | return true; | 112 | return true; |
| 113 | } | 113 | } |
| 114 | 114 | ||
| 115 | static struct xt_match physdev_mt_reg[] __read_mostly = { | 115 | static struct xt_match physdev_mt_reg __read_mostly = { |
| 116 | { | 116 | .name = "physdev", |
| 117 | .name = "physdev", | 117 | .revision = 0, |
| 118 | .family = NFPROTO_IPV4, | 118 | .family = NFPROTO_UNSPEC, |
| 119 | .checkentry = physdev_mt_check, | 119 | .checkentry = physdev_mt_check, |
| 120 | .match = physdev_mt, | 120 | .match = physdev_mt, |
| 121 | .matchsize = sizeof(struct xt_physdev_info), | 121 | .matchsize = sizeof(struct xt_physdev_info), |
| 122 | .me = THIS_MODULE, | 122 | .me = THIS_MODULE, |
| 123 | }, | ||
| 124 | { | ||
| 125 | .name = "physdev", | ||
| 126 | .family = NFPROTO_IPV6, | ||
| 127 | .checkentry = physdev_mt_check, | ||
| 128 | .match = physdev_mt, | ||
| 129 | .matchsize = sizeof(struct xt_physdev_info), | ||
| 130 | .me = THIS_MODULE, | ||
| 131 | }, | ||
| 132 | }; | 123 | }; |
| 133 | 124 | ||
| 134 | static int __init physdev_mt_init(void) | 125 | static int __init physdev_mt_init(void) |
| 135 | { | 126 | { |
| 136 | return xt_register_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg)); | 127 | return xt_register_match(&physdev_mt_reg); |
| 137 | } | 128 | } |
| 138 | 129 | ||
| 139 | static void __exit physdev_mt_exit(void) | 130 | static void __exit physdev_mt_exit(void) |
| 140 | { | 131 | { |
| 141 | xt_unregister_matches(physdev_mt_reg, ARRAY_SIZE(physdev_mt_reg)); | 132 | xt_unregister_match(&physdev_mt_reg); |
| 142 | } | 133 | } |
| 143 | 134 | ||
| 144 | module_init(physdev_mt_init); | 135 | module_init(physdev_mt_init); |
diff --git a/net/netfilter/xt_realm.c b/net/netfilter/xt_realm.c index b25942110ed7..67419287bc7e 100644 --- a/net/netfilter/xt_realm.c +++ b/net/netfilter/xt_realm.c | |||
| @@ -36,7 +36,7 @@ static struct xt_match realm_mt_reg __read_mostly = { | |||
| 36 | .matchsize = sizeof(struct xt_realm_info), | 36 | .matchsize = sizeof(struct xt_realm_info), |
| 37 | .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) | | 37 | .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) | |
| 38 | (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN), | 38 | (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN), |
| 39 | .family = NFPROTO_IPV4, | 39 | .family = NFPROTO_UNSPEC, |
| 40 | .me = THIS_MODULE | 40 | .me = THIS_MODULE |
| 41 | }; | 41 | }; |
| 42 | 42 | ||