diff options
41 files changed, 55 insertions, 90 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 9a9912430e3a..9cef0e91542b 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
@@ -211,8 +211,7 @@ struct xt_target | |||
211 | const struct net_device *out, | 211 | const struct net_device *out, |
212 | unsigned int hooknum, | 212 | unsigned int hooknum, |
213 | const struct xt_target *target, | 213 | const struct xt_target *target, |
214 | const void *targinfo, | 214 | const void *targinfo); |
215 | void *userdata); | ||
216 | 215 | ||
217 | /* Called when user tries to insert an entry of this type: | 216 | /* Called when user tries to insert an entry of this type: |
218 | hook_mask is a bitmask of hooks from which it can be | 217 | hook_mask is a bitmask of hooks from which it can be |
diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h index 62cc27daca4e..149e87c9ab13 100644 --- a/include/linux/netfilter_arp/arp_tables.h +++ b/include/linux/netfilter_arp/arp_tables.h | |||
@@ -248,8 +248,7 @@ extern unsigned int arpt_do_table(struct sk_buff **pskb, | |||
248 | unsigned int hook, | 248 | unsigned int hook, |
249 | const struct net_device *in, | 249 | const struct net_device *in, |
250 | const struct net_device *out, | 250 | const struct net_device *out, |
251 | struct arpt_table *table, | 251 | struct arpt_table *table); |
252 | void *userdata); | ||
253 | 252 | ||
254 | #define ARPT_ALIGN(s) (((s) + (__alignof__(struct arpt_entry)-1)) & ~(__alignof__(struct arpt_entry)-1)) | 253 | #define ARPT_ALIGN(s) (((s) + (__alignof__(struct arpt_entry)-1)) & ~(__alignof__(struct arpt_entry)-1)) |
255 | #endif /*__KERNEL__*/ | 254 | #endif /*__KERNEL__*/ |
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index c0dac16e1902..a536bbdef145 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h | |||
@@ -312,8 +312,7 @@ extern unsigned int ipt_do_table(struct sk_buff **pskb, | |||
312 | unsigned int hook, | 312 | unsigned int hook, |
313 | const struct net_device *in, | 313 | const struct net_device *in, |
314 | const struct net_device *out, | 314 | const struct net_device *out, |
315 | struct ipt_table *table, | 315 | struct ipt_table *table); |
316 | void *userdata); | ||
317 | 316 | ||
318 | #define IPT_ALIGN(s) XT_ALIGN(s) | 317 | #define IPT_ALIGN(s) XT_ALIGN(s) |
319 | 318 | ||
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h index d0d5d1ee4be3..d7a8e9c0dad0 100644 --- a/include/linux/netfilter_ipv6/ip6_tables.h +++ b/include/linux/netfilter_ipv6/ip6_tables.h | |||
@@ -300,8 +300,7 @@ extern unsigned int ip6t_do_table(struct sk_buff **pskb, | |||
300 | unsigned int hook, | 300 | unsigned int hook, |
301 | const struct net_device *in, | 301 | const struct net_device *in, |
302 | const struct net_device *out, | 302 | const struct net_device *out, |
303 | struct ip6t_table *table, | 303 | struct ip6t_table *table); |
304 | void *userdata); | ||
305 | 304 | ||
306 | /* Check for an extension */ | 305 | /* Check for an extension */ |
307 | extern int ip6t_ext_hdr(u8 nexthdr); | 306 | extern int ip6t_ext_hdr(u8 nexthdr); |
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 8d1d7a6e72a5..c6bd270bf46a 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c | |||
@@ -208,8 +208,7 @@ static unsigned int arpt_error(struct sk_buff **pskb, | |||
208 | const struct net_device *out, | 208 | const struct net_device *out, |
209 | unsigned int hooknum, | 209 | unsigned int hooknum, |
210 | const struct xt_target *target, | 210 | const struct xt_target *target, |
211 | const void *targinfo, | 211 | const void *targinfo) |
212 | void *userinfo) | ||
213 | { | 212 | { |
214 | if (net_ratelimit()) | 213 | if (net_ratelimit()) |
215 | printk("arp_tables: error: '%s'\n", (char *)targinfo); | 214 | printk("arp_tables: error: '%s'\n", (char *)targinfo); |
@@ -226,8 +225,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb, | |||
226 | unsigned int hook, | 225 | unsigned int hook, |
227 | const struct net_device *in, | 226 | const struct net_device *in, |
228 | const struct net_device *out, | 227 | const struct net_device *out, |
229 | struct arpt_table *table, | 228 | struct arpt_table *table) |
230 | void *userdata) | ||
231 | { | 229 | { |
232 | static const char nulldevname[IFNAMSIZ]; | 230 | static const char nulldevname[IFNAMSIZ]; |
233 | unsigned int verdict = NF_DROP; | 231 | unsigned int verdict = NF_DROP; |
@@ -302,8 +300,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb, | |||
302 | in, out, | 300 | in, out, |
303 | hook, | 301 | hook, |
304 | t->u.kernel.target, | 302 | t->u.kernel.target, |
305 | t->data, | 303 | t->data); |
306 | userdata); | ||
307 | 304 | ||
308 | /* Target might have changed stuff. */ | 305 | /* Target might have changed stuff. */ |
309 | arp = (*pskb)->nh.arph; | 306 | arp = (*pskb)->nh.arph; |
diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c index a58325c1ceb9..05fb2421bb26 100644 --- a/net/ipv4/netfilter/arpt_mangle.c +++ b/net/ipv4/netfilter/arpt_mangle.c | |||
@@ -11,7 +11,7 @@ static unsigned int | |||
11 | target(struct sk_buff **pskb, | 11 | target(struct sk_buff **pskb, |
12 | const struct net_device *in, const struct net_device *out, | 12 | const struct net_device *in, const struct net_device *out, |
13 | unsigned int hooknum, const struct xt_target *target, | 13 | unsigned int hooknum, const struct xt_target *target, |
14 | const void *targinfo, void *userinfo) | 14 | const void *targinfo) |
15 | { | 15 | { |
16 | const struct arpt_mangle *mangle = targinfo; | 16 | const struct arpt_mangle *mangle = targinfo; |
17 | struct arphdr *arp; | 17 | struct arphdr *arp; |
diff --git a/net/ipv4/netfilter/arptable_filter.c b/net/ipv4/netfilter/arptable_filter.c index d7c472faa53b..7edea2a1696c 100644 --- a/net/ipv4/netfilter/arptable_filter.c +++ b/net/ipv4/netfilter/arptable_filter.c | |||
@@ -155,7 +155,7 @@ static unsigned int arpt_hook(unsigned int hook, | |||
155 | const struct net_device *out, | 155 | const struct net_device *out, |
156 | int (*okfn)(struct sk_buff *)) | 156 | int (*okfn)(struct sk_buff *)) |
157 | { | 157 | { |
158 | return arpt_do_table(pskb, hook, in, out, &packet_filter, NULL); | 158 | return arpt_do_table(pskb, hook, in, out, &packet_filter); |
159 | } | 159 | } |
160 | 160 | ||
161 | static struct nf_hook_ops arpt_ops[] = { | 161 | static struct nf_hook_ops arpt_ops[] = { |
diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c index 1aba926c1cb0..1aa0e4f462a5 100644 --- a/net/ipv4/netfilter/ip_nat_rule.c +++ b/net/ipv4/netfilter/ip_nat_rule.c | |||
@@ -104,8 +104,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb, | |||
104 | const struct net_device *out, | 104 | const struct net_device *out, |
105 | unsigned int hooknum, | 105 | unsigned int hooknum, |
106 | const struct ipt_target *target, | 106 | const struct ipt_target *target, |
107 | const void *targinfo, | 107 | const void *targinfo) |
108 | void *userinfo) | ||
109 | { | 108 | { |
110 | struct ip_conntrack *ct; | 109 | struct ip_conntrack *ct; |
111 | enum ip_conntrack_info ctinfo; | 110 | enum ip_conntrack_info ctinfo; |
@@ -147,8 +146,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb, | |||
147 | const struct net_device *out, | 146 | const struct net_device *out, |
148 | unsigned int hooknum, | 147 | unsigned int hooknum, |
149 | const struct ipt_target *target, | 148 | const struct ipt_target *target, |
150 | const void *targinfo, | 149 | const void *targinfo) |
151 | void *userinfo) | ||
152 | { | 150 | { |
153 | struct ip_conntrack *ct; | 151 | struct ip_conntrack *ct; |
154 | enum ip_conntrack_info ctinfo; | 152 | enum ip_conntrack_info ctinfo; |
@@ -255,7 +253,7 @@ int ip_nat_rule_find(struct sk_buff **pskb, | |||
255 | { | 253 | { |
256 | int ret; | 254 | int ret; |
257 | 255 | ||
258 | ret = ipt_do_table(pskb, hooknum, in, out, &nat_table, NULL); | 256 | ret = ipt_do_table(pskb, hooknum, in, out, &nat_table); |
259 | 257 | ||
260 | if (ret == NF_ACCEPT) { | 258 | if (ret == NF_ACCEPT) { |
261 | if (!ip_nat_initialized(ct, HOOK2MANIP(hooknum))) | 259 | if (!ip_nat_initialized(ct, HOOK2MANIP(hooknum))) |
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 048514f15f2f..8ce5b6f76447 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
@@ -180,8 +180,7 @@ ipt_error(struct sk_buff **pskb, | |||
180 | const struct net_device *out, | 180 | const struct net_device *out, |
181 | unsigned int hooknum, | 181 | unsigned int hooknum, |
182 | const struct xt_target *target, | 182 | const struct xt_target *target, |
183 | const void *targinfo, | 183 | const void *targinfo) |
184 | void *userinfo) | ||
185 | { | 184 | { |
186 | if (net_ratelimit()) | 185 | if (net_ratelimit()) |
187 | printk("ip_tables: error: `%s'\n", (char *)targinfo); | 186 | printk("ip_tables: error: `%s'\n", (char *)targinfo); |
@@ -217,8 +216,7 @@ ipt_do_table(struct sk_buff **pskb, | |||
217 | unsigned int hook, | 216 | unsigned int hook, |
218 | const struct net_device *in, | 217 | const struct net_device *in, |
219 | const struct net_device *out, | 218 | const struct net_device *out, |
220 | struct ipt_table *table, | 219 | struct ipt_table *table) |
221 | void *userdata) | ||
222 | { | 220 | { |
223 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); | 221 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); |
224 | u_int16_t offset; | 222 | u_int16_t offset; |
@@ -308,8 +306,7 @@ ipt_do_table(struct sk_buff **pskb, | |||
308 | in, out, | 306 | in, out, |
309 | hook, | 307 | hook, |
310 | t->u.kernel.target, | 308 | t->u.kernel.target, |
311 | t->data, | 309 | t->data); |
312 | userdata); | ||
313 | 310 | ||
314 | #ifdef CONFIG_NETFILTER_DEBUG | 311 | #ifdef CONFIG_NETFILTER_DEBUG |
315 | if (((struct ipt_entry *)table_base)->comefrom | 312 | if (((struct ipt_entry *)table_base)->comefrom |
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index d994c5f5744c..a08383cf9e7a 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
@@ -302,8 +302,7 @@ target(struct sk_buff **pskb, | |||
302 | const struct net_device *out, | 302 | const struct net_device *out, |
303 | unsigned int hooknum, | 303 | unsigned int hooknum, |
304 | const struct xt_target *target, | 304 | const struct xt_target *target, |
305 | const void *targinfo, | 305 | const void *targinfo) |
306 | void *userinfo) | ||
307 | { | 306 | { |
308 | const struct ipt_clusterip_tgt_info *cipinfo = targinfo; | 307 | const struct ipt_clusterip_tgt_info *cipinfo = targinfo; |
309 | enum ip_conntrack_info ctinfo; | 308 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c index 7e30e6d2b5da..1c3da4a48e5f 100644 --- a/net/ipv4/netfilter/ipt_ECN.c +++ b/net/ipv4/netfilter/ipt_ECN.c | |||
@@ -85,8 +85,7 @@ target(struct sk_buff **pskb, | |||
85 | const struct net_device *out, | 85 | const struct net_device *out, |
86 | unsigned int hooknum, | 86 | unsigned int hooknum, |
87 | const struct xt_target *target, | 87 | const struct xt_target *target, |
88 | const void *targinfo, | 88 | const void *targinfo) |
89 | void *userinfo) | ||
90 | { | 89 | { |
91 | const struct ipt_ECN_info *einfo = targinfo; | 90 | const struct ipt_ECN_info *einfo = targinfo; |
92 | 91 | ||
diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c index b98f7b08b084..a8d356c6191f 100644 --- a/net/ipv4/netfilter/ipt_LOG.c +++ b/net/ipv4/netfilter/ipt_LOG.c | |||
@@ -416,8 +416,7 @@ ipt_log_target(struct sk_buff **pskb, | |||
416 | const struct net_device *out, | 416 | const struct net_device *out, |
417 | unsigned int hooknum, | 417 | unsigned int hooknum, |
418 | const struct xt_target *target, | 418 | const struct xt_target *target, |
419 | const void *targinfo, | 419 | const void *targinfo) |
420 | void *userinfo) | ||
421 | { | 420 | { |
422 | const struct ipt_log_info *loginfo = targinfo; | 421 | const struct ipt_log_info *loginfo = targinfo; |
423 | struct nf_loginfo li; | 422 | struct nf_loginfo li; |
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c index ebd94f2abf0d..9659793c66c0 100644 --- a/net/ipv4/netfilter/ipt_MASQUERADE.c +++ b/net/ipv4/netfilter/ipt_MASQUERADE.c | |||
@@ -64,8 +64,7 @@ masquerade_target(struct sk_buff **pskb, | |||
64 | const struct net_device *out, | 64 | const struct net_device *out, |
65 | unsigned int hooknum, | 65 | unsigned int hooknum, |
66 | const struct xt_target *target, | 66 | const struct xt_target *target, |
67 | const void *targinfo, | 67 | const void *targinfo) |
68 | void *userinfo) | ||
69 | { | 68 | { |
70 | struct ip_conntrack *ct; | 69 | struct ip_conntrack *ct; |
71 | enum ip_conntrack_info ctinfo; | 70 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c index 736c4b5a86a7..fd5e74a19fb5 100644 --- a/net/ipv4/netfilter/ipt_NETMAP.c +++ b/net/ipv4/netfilter/ipt_NETMAP.c | |||
@@ -55,8 +55,7 @@ target(struct sk_buff **pskb, | |||
55 | const struct net_device *out, | 55 | const struct net_device *out, |
56 | unsigned int hooknum, | 56 | unsigned int hooknum, |
57 | const struct xt_target *target, | 57 | const struct xt_target *target, |
58 | const void *targinfo, | 58 | const void *targinfo) |
59 | void *userinfo) | ||
60 | { | 59 | { |
61 | struct ip_conntrack *ct; | 60 | struct ip_conntrack *ct; |
62 | enum ip_conntrack_info ctinfo; | 61 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c index f290463232de..839fe99f71d4 100644 --- a/net/ipv4/netfilter/ipt_REDIRECT.c +++ b/net/ipv4/netfilter/ipt_REDIRECT.c | |||
@@ -58,8 +58,7 @@ redirect_target(struct sk_buff **pskb, | |||
58 | const struct net_device *out, | 58 | const struct net_device *out, |
59 | unsigned int hooknum, | 59 | unsigned int hooknum, |
60 | const struct xt_target *target, | 60 | const struct xt_target *target, |
61 | const void *targinfo, | 61 | const void *targinfo) |
62 | void *userinfo) | ||
63 | { | 62 | { |
64 | struct ip_conntrack *ct; | 63 | struct ip_conntrack *ct; |
65 | enum ip_conntrack_info ctinfo; | 64 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index 95c6662b663c..1dfd8e56be8b 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c | |||
@@ -228,8 +228,7 @@ static unsigned int reject(struct sk_buff **pskb, | |||
228 | const struct net_device *out, | 228 | const struct net_device *out, |
229 | unsigned int hooknum, | 229 | unsigned int hooknum, |
230 | const struct xt_target *target, | 230 | const struct xt_target *target, |
231 | const void *targinfo, | 231 | const void *targinfo) |
232 | void *userinfo) | ||
233 | { | 232 | { |
234 | const struct ipt_reject_info *reject = targinfo; | 233 | const struct ipt_reject_info *reject = targinfo; |
235 | 234 | ||
diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c index 7169b09b5a67..cf801749490f 100644 --- a/net/ipv4/netfilter/ipt_SAME.c +++ b/net/ipv4/netfilter/ipt_SAME.c | |||
@@ -133,8 +133,7 @@ same_target(struct sk_buff **pskb, | |||
133 | const struct net_device *out, | 133 | const struct net_device *out, |
134 | unsigned int hooknum, | 134 | unsigned int hooknum, |
135 | const struct xt_target *target, | 135 | const struct xt_target *target, |
136 | const void *targinfo, | 136 | const void *targinfo) |
137 | void *userinfo) | ||
138 | { | 137 | { |
139 | struct ip_conntrack *ct; | 138 | struct ip_conntrack *ct; |
140 | enum ip_conntrack_info ctinfo; | 139 | enum ip_conntrack_info ctinfo; |
diff --git a/net/ipv4/netfilter/ipt_TCPMSS.c b/net/ipv4/netfilter/ipt_TCPMSS.c index 0fce85e05507..6d668dcfc22a 100644 --- a/net/ipv4/netfilter/ipt_TCPMSS.c +++ b/net/ipv4/netfilter/ipt_TCPMSS.c | |||
@@ -41,8 +41,7 @@ ipt_tcpmss_target(struct sk_buff **pskb, | |||
41 | const struct net_device *out, | 41 | const struct net_device *out, |
42 | unsigned int hooknum, | 42 | unsigned int hooknum, |
43 | const struct xt_target *target, | 43 | const struct xt_target *target, |
44 | const void *targinfo, | 44 | const void *targinfo) |
45 | void *userinfo) | ||
46 | { | 45 | { |
47 | const struct ipt_tcpmss_info *tcpmssinfo = targinfo; | 46 | const struct ipt_tcpmss_info *tcpmssinfo = targinfo; |
48 | struct tcphdr *tcph; | 47 | struct tcphdr *tcph; |
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c index 52e9d705d48e..043df0137084 100644 --- a/net/ipv4/netfilter/ipt_TOS.c +++ b/net/ipv4/netfilter/ipt_TOS.c | |||
@@ -26,8 +26,7 @@ target(struct sk_buff **pskb, | |||
26 | const struct net_device *out, | 26 | const struct net_device *out, |
27 | unsigned int hooknum, | 27 | unsigned int hooknum, |
28 | const struct xt_target *target, | 28 | const struct xt_target *target, |
29 | const void *targinfo, | 29 | const void *targinfo) |
30 | void *userinfo) | ||
31 | { | 30 | { |
32 | const struct ipt_tos_target_info *tosinfo = targinfo; | 31 | const struct ipt_tos_target_info *tosinfo = targinfo; |
33 | struct iphdr *iph = (*pskb)->nh.iph; | 32 | struct iphdr *iph = (*pskb)->nh.iph; |
diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c index 2afb2a8aa8c5..164007107b5e 100644 --- a/net/ipv4/netfilter/ipt_TTL.c +++ b/net/ipv4/netfilter/ipt_TTL.c | |||
@@ -23,7 +23,7 @@ static unsigned int | |||
23 | ipt_ttl_target(struct sk_buff **pskb, | 23 | ipt_ttl_target(struct sk_buff **pskb, |
24 | const struct net_device *in, const struct net_device *out, | 24 | const struct net_device *in, const struct net_device *out, |
25 | unsigned int hooknum, const struct xt_target *target, | 25 | unsigned int hooknum, const struct xt_target *target, |
26 | const void *targinfo, void *userinfo) | 26 | const void *targinfo) |
27 | { | 27 | { |
28 | struct iphdr *iph; | 28 | struct iphdr *iph; |
29 | const struct ipt_TTL_info *info = targinfo; | 29 | const struct ipt_TTL_info *info = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index d46fd677fa11..4c5f0a117862 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c | |||
@@ -308,7 +308,7 @@ static unsigned int ipt_ulog_target(struct sk_buff **pskb, | |||
308 | const struct net_device *out, | 308 | const struct net_device *out, |
309 | unsigned int hooknum, | 309 | unsigned int hooknum, |
310 | const struct xt_target *target, | 310 | const struct xt_target *target, |
311 | const void *targinfo, void *userinfo) | 311 | const void *targinfo) |
312 | { | 312 | { |
313 | struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; | 313 | struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; |
314 | 314 | ||
diff --git a/net/ipv4/netfilter/iptable_filter.c b/net/ipv4/netfilter/iptable_filter.c index 7f417484bfbf..e2e7dd8d7903 100644 --- a/net/ipv4/netfilter/iptable_filter.c +++ b/net/ipv4/netfilter/iptable_filter.c | |||
@@ -90,7 +90,7 @@ ipt_hook(unsigned int hook, | |||
90 | const struct net_device *out, | 90 | const struct net_device *out, |
91 | int (*okfn)(struct sk_buff *)) | 91 | int (*okfn)(struct sk_buff *)) |
92 | { | 92 | { |
93 | return ipt_do_table(pskb, hook, in, out, &packet_filter, NULL); | 93 | return ipt_do_table(pskb, hook, in, out, &packet_filter); |
94 | } | 94 | } |
95 | 95 | ||
96 | static unsigned int | 96 | static unsigned int |
@@ -108,7 +108,7 @@ ipt_local_out_hook(unsigned int hook, | |||
108 | return NF_ACCEPT; | 108 | return NF_ACCEPT; |
109 | } | 109 | } |
110 | 110 | ||
111 | return ipt_do_table(pskb, hook, in, out, &packet_filter, NULL); | 111 | return ipt_do_table(pskb, hook, in, out, &packet_filter); |
112 | } | 112 | } |
113 | 113 | ||
114 | static struct nf_hook_ops ipt_ops[] = { | 114 | static struct nf_hook_ops ipt_ops[] = { |
diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c index 4e7998beda63..79336cb42527 100644 --- a/net/ipv4/netfilter/iptable_mangle.c +++ b/net/ipv4/netfilter/iptable_mangle.c | |||
@@ -119,7 +119,7 @@ ipt_route_hook(unsigned int hook, | |||
119 | const struct net_device *out, | 119 | const struct net_device *out, |
120 | int (*okfn)(struct sk_buff *)) | 120 | int (*okfn)(struct sk_buff *)) |
121 | { | 121 | { |
122 | return ipt_do_table(pskb, hook, in, out, &packet_mangler, NULL); | 122 | return ipt_do_table(pskb, hook, in, out, &packet_mangler); |
123 | } | 123 | } |
124 | 124 | ||
125 | static unsigned int | 125 | static unsigned int |
@@ -148,7 +148,7 @@ ipt_local_hook(unsigned int hook, | |||
148 | daddr = (*pskb)->nh.iph->daddr; | 148 | daddr = (*pskb)->nh.iph->daddr; |
149 | tos = (*pskb)->nh.iph->tos; | 149 | tos = (*pskb)->nh.iph->tos; |
150 | 150 | ||
151 | ret = ipt_do_table(pskb, hook, in, out, &packet_mangler, NULL); | 151 | ret = ipt_do_table(pskb, hook, in, out, &packet_mangler); |
152 | /* Reroute for ANY change. */ | 152 | /* Reroute for ANY change. */ |
153 | if (ret != NF_DROP && ret != NF_STOLEN && ret != NF_QUEUE | 153 | if (ret != NF_DROP && ret != NF_STOLEN && ret != NF_QUEUE |
154 | && ((*pskb)->nh.iph->saddr != saddr | 154 | && ((*pskb)->nh.iph->saddr != saddr |
diff --git a/net/ipv4/netfilter/iptable_raw.c b/net/ipv4/netfilter/iptable_raw.c index 7912cce1e1b8..bcbeb4aeacd9 100644 --- a/net/ipv4/netfilter/iptable_raw.c +++ b/net/ipv4/netfilter/iptable_raw.c | |||
@@ -95,7 +95,7 @@ ipt_hook(unsigned int hook, | |||
95 | const struct net_device *out, | 95 | const struct net_device *out, |
96 | int (*okfn)(struct sk_buff *)) | 96 | int (*okfn)(struct sk_buff *)) |
97 | { | 97 | { |
98 | return ipt_do_table(pskb, hook, in, out, &packet_raw, NULL); | 98 | return ipt_do_table(pskb, hook, in, out, &packet_raw); |
99 | } | 99 | } |
100 | 100 | ||
101 | /* 'raw' is the very first table. */ | 101 | /* 'raw' is the very first table. */ |
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index c9d6b23cd3f7..38cd7ffda9a0 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
@@ -220,8 +220,7 @@ ip6t_error(struct sk_buff **pskb, | |||
220 | const struct net_device *out, | 220 | const struct net_device *out, |
221 | unsigned int hooknum, | 221 | unsigned int hooknum, |
222 | const struct xt_target *target, | 222 | const struct xt_target *target, |
223 | const void *targinfo, | 223 | const void *targinfo) |
224 | void *userinfo) | ||
225 | { | 224 | { |
226 | if (net_ratelimit()) | 225 | if (net_ratelimit()) |
227 | printk("ip6_tables: error: `%s'\n", (char *)targinfo); | 226 | printk("ip6_tables: error: `%s'\n", (char *)targinfo); |
@@ -258,8 +257,7 @@ ip6t_do_table(struct sk_buff **pskb, | |||
258 | unsigned int hook, | 257 | unsigned int hook, |
259 | const struct net_device *in, | 258 | const struct net_device *in, |
260 | const struct net_device *out, | 259 | const struct net_device *out, |
261 | struct xt_table *table, | 260 | struct xt_table *table) |
262 | void *userdata) | ||
263 | { | 261 | { |
264 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); | 262 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); |
265 | int offset = 0; | 263 | int offset = 0; |
@@ -349,8 +347,7 @@ ip6t_do_table(struct sk_buff **pskb, | |||
349 | in, out, | 347 | in, out, |
350 | hook, | 348 | hook, |
351 | t->u.kernel.target, | 349 | t->u.kernel.target, |
352 | t->data, | 350 | t->data); |
353 | userdata); | ||
354 | 351 | ||
355 | #ifdef CONFIG_NETFILTER_DEBUG | 352 | #ifdef CONFIG_NETFILTER_DEBUG |
356 | if (((struct ip6t_entry *)table_base)->comefrom | 353 | if (((struct ip6t_entry *)table_base)->comefrom |
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c index b8eff8ee69b1..c85d124f9a3d 100644 --- a/net/ipv6/netfilter/ip6t_HL.c +++ b/net/ipv6/netfilter/ip6t_HL.c | |||
@@ -22,7 +22,7 @@ static unsigned int ip6t_hl_target(struct sk_buff **pskb, | |||
22 | const struct net_device *out, | 22 | const struct net_device *out, |
23 | unsigned int hooknum, | 23 | unsigned int hooknum, |
24 | const struct xt_target *target, | 24 | const struct xt_target *target, |
25 | const void *targinfo, void *userinfo) | 25 | const void *targinfo) |
26 | { | 26 | { |
27 | struct ipv6hdr *ip6h; | 27 | struct ipv6hdr *ip6h; |
28 | const struct ip6t_HL_info *info = targinfo; | 28 | const struct ip6t_HL_info *info = targinfo; |
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c index 73c6300109d6..acb91733e1fd 100644 --- a/net/ipv6/netfilter/ip6t_LOG.c +++ b/net/ipv6/netfilter/ip6t_LOG.c | |||
@@ -427,8 +427,7 @@ ip6t_log_target(struct sk_buff **pskb, | |||
427 | const struct net_device *out, | 427 | const struct net_device *out, |
428 | unsigned int hooknum, | 428 | unsigned int hooknum, |
429 | const struct xt_target *target, | 429 | const struct xt_target *target, |
430 | const void *targinfo, | 430 | const void *targinfo) |
431 | void *userinfo) | ||
432 | { | 431 | { |
433 | const struct ip6t_log_info *loginfo = targinfo; | 432 | const struct ip6t_log_info *loginfo = targinfo; |
434 | struct nf_loginfo li; | 433 | struct nf_loginfo li; |
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 7929ff402166..343acd3cbf5e 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c | |||
@@ -180,8 +180,7 @@ static unsigned int reject6_target(struct sk_buff **pskb, | |||
180 | const struct net_device *out, | 180 | const struct net_device *out, |
181 | unsigned int hooknum, | 181 | unsigned int hooknum, |
182 | const struct xt_target *target, | 182 | const struct xt_target *target, |
183 | const void *targinfo, | 183 | const void *targinfo) |
184 | void *userinfo) | ||
185 | { | 184 | { |
186 | const struct ip6t_reject_info *reject = targinfo; | 185 | const struct ip6t_reject_info *reject = targinfo; |
187 | 186 | ||
diff --git a/net/ipv6/netfilter/ip6table_filter.c b/net/ipv6/netfilter/ip6table_filter.c index 60976c0c58e8..2fc07c74decf 100644 --- a/net/ipv6/netfilter/ip6table_filter.c +++ b/net/ipv6/netfilter/ip6table_filter.c | |||
@@ -108,7 +108,7 @@ ip6t_hook(unsigned int hook, | |||
108 | const struct net_device *out, | 108 | const struct net_device *out, |
109 | int (*okfn)(struct sk_buff *)) | 109 | int (*okfn)(struct sk_buff *)) |
110 | { | 110 | { |
111 | return ip6t_do_table(pskb, hook, in, out, &packet_filter, NULL); | 111 | return ip6t_do_table(pskb, hook, in, out, &packet_filter); |
112 | } | 112 | } |
113 | 113 | ||
114 | static unsigned int | 114 | static unsigned int |
@@ -128,7 +128,7 @@ ip6t_local_out_hook(unsigned int hook, | |||
128 | } | 128 | } |
129 | #endif | 129 | #endif |
130 | 130 | ||
131 | return ip6t_do_table(pskb, hook, in, out, &packet_filter, NULL); | 131 | return ip6t_do_table(pskb, hook, in, out, &packet_filter); |
132 | } | 132 | } |
133 | 133 | ||
134 | static struct nf_hook_ops ip6t_ops[] = { | 134 | static struct nf_hook_ops ip6t_ops[] = { |
diff --git a/net/ipv6/netfilter/ip6table_mangle.c b/net/ipv6/netfilter/ip6table_mangle.c index 03a13eab1dae..32db04fd8310 100644 --- a/net/ipv6/netfilter/ip6table_mangle.c +++ b/net/ipv6/netfilter/ip6table_mangle.c | |||
@@ -138,7 +138,7 @@ ip6t_route_hook(unsigned int hook, | |||
138 | const struct net_device *out, | 138 | const struct net_device *out, |
139 | int (*okfn)(struct sk_buff *)) | 139 | int (*okfn)(struct sk_buff *)) |
140 | { | 140 | { |
141 | return ip6t_do_table(pskb, hook, in, out, &packet_mangler, NULL); | 141 | return ip6t_do_table(pskb, hook, in, out, &packet_mangler); |
142 | } | 142 | } |
143 | 143 | ||
144 | static unsigned int | 144 | static unsigned int |
@@ -174,7 +174,7 @@ ip6t_local_hook(unsigned int hook, | |||
174 | /* flowlabel and prio (includes version, which shouldn't change either */ | 174 | /* flowlabel and prio (includes version, which shouldn't change either */ |
175 | flowlabel = *((u_int32_t *) (*pskb)->nh.ipv6h); | 175 | flowlabel = *((u_int32_t *) (*pskb)->nh.ipv6h); |
176 | 176 | ||
177 | ret = ip6t_do_table(pskb, hook, in, out, &packet_mangler, NULL); | 177 | ret = ip6t_do_table(pskb, hook, in, out, &packet_mangler); |
178 | 178 | ||
179 | if (ret != NF_DROP && ret != NF_STOLEN | 179 | if (ret != NF_DROP && ret != NF_STOLEN |
180 | && (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr)) | 180 | && (memcmp(&(*pskb)->nh.ipv6h->saddr, &saddr, sizeof(saddr)) |
diff --git a/net/ipv6/netfilter/ip6table_raw.c b/net/ipv6/netfilter/ip6table_raw.c index 61a7c58e99f8..b4154da575c0 100644 --- a/net/ipv6/netfilter/ip6table_raw.c +++ b/net/ipv6/netfilter/ip6table_raw.c | |||
@@ -122,7 +122,7 @@ ip6t_hook(unsigned int hook, | |||
122 | const struct net_device *out, | 122 | const struct net_device *out, |
123 | int (*okfn)(struct sk_buff *)) | 123 | int (*okfn)(struct sk_buff *)) |
124 | { | 124 | { |
125 | return ip6t_do_table(pskb, hook, in, out, &packet_raw, NULL); | 125 | return ip6t_do_table(pskb, hook, in, out, &packet_raw); |
126 | } | 126 | } |
127 | 127 | ||
128 | static struct nf_hook_ops ip6t_ops[] = { | 128 | static struct nf_hook_ops ip6t_ops[] = { |
diff --git a/net/netfilter/xt_CLASSIFY.c b/net/netfilter/xt_CLASSIFY.c index 1f92edd05933..50de965bb104 100644 --- a/net/netfilter/xt_CLASSIFY.c +++ b/net/netfilter/xt_CLASSIFY.c | |||
@@ -29,8 +29,7 @@ target(struct sk_buff **pskb, | |||
29 | const struct net_device *out, | 29 | const struct net_device *out, |
30 | unsigned int hooknum, | 30 | unsigned int hooknum, |
31 | const struct xt_target *target, | 31 | const struct xt_target *target, |
32 | const void *targinfo, | 32 | const void *targinfo) |
33 | void *userinfo) | ||
34 | { | 33 | { |
35 | const struct xt_classify_target_info *clinfo = targinfo; | 34 | const struct xt_classify_target_info *clinfo = targinfo; |
36 | 35 | ||
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c index e577356b5c71..c2125f6ee128 100644 --- a/net/netfilter/xt_CONNMARK.c +++ b/net/netfilter/xt_CONNMARK.c | |||
@@ -38,8 +38,7 @@ target(struct sk_buff **pskb, | |||
38 | const struct net_device *out, | 38 | const struct net_device *out, |
39 | unsigned int hooknum, | 39 | unsigned int hooknum, |
40 | const struct xt_target *target, | 40 | const struct xt_target *target, |
41 | const void *targinfo, | 41 | const void *targinfo) |
42 | void *userinfo) | ||
43 | { | 42 | { |
44 | const struct xt_connmark_target_info *markinfo = targinfo; | 43 | const struct xt_connmark_target_info *markinfo = targinfo; |
45 | u_int32_t diff; | 44 | u_int32_t diff; |
diff --git a/net/netfilter/xt_CONNSECMARK.c b/net/netfilter/xt_CONNSECMARK.c index 48f7fc3c85cd..4b9cc65bb82b 100644 --- a/net/netfilter/xt_CONNSECMARK.c +++ b/net/netfilter/xt_CONNSECMARK.c | |||
@@ -66,7 +66,7 @@ static void secmark_restore(struct sk_buff *skb) | |||
66 | static unsigned int target(struct sk_buff **pskb, const struct net_device *in, | 66 | static unsigned int target(struct sk_buff **pskb, const struct net_device *in, |
67 | const struct net_device *out, unsigned int hooknum, | 67 | const struct net_device *out, unsigned int hooknum, |
68 | const struct xt_target *target, | 68 | const struct xt_target *target, |
69 | const void *targinfo, void *userinfo) | 69 | const void *targinfo) |
70 | { | 70 | { |
71 | struct sk_buff *skb = *pskb; | 71 | struct sk_buff *skb = *pskb; |
72 | const struct xt_connsecmark_target_info *info = targinfo; | 72 | const struct xt_connsecmark_target_info *info = targinfo; |
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c index a1cd9723644f..9d23c9580d80 100644 --- a/net/netfilter/xt_DSCP.c +++ b/net/netfilter/xt_DSCP.c | |||
@@ -32,8 +32,7 @@ static unsigned int target(struct sk_buff **pskb, | |||
32 | const struct net_device *out, | 32 | const struct net_device *out, |
33 | unsigned int hooknum, | 33 | unsigned int hooknum, |
34 | const struct xt_target *target, | 34 | const struct xt_target *target, |
35 | const void *targinfo, | 35 | const void *targinfo) |
36 | void *userinfo) | ||
37 | { | 36 | { |
38 | const struct xt_DSCP_info *dinfo = targinfo; | 37 | const struct xt_DSCP_info *dinfo = targinfo; |
39 | u_int8_t dscp = ipv4_get_dsfield((*pskb)->nh.iph) >> XT_DSCP_SHIFT; | 38 | u_int8_t dscp = ipv4_get_dsfield((*pskb)->nh.iph) >> XT_DSCP_SHIFT; |
@@ -54,8 +53,7 @@ static unsigned int target6(struct sk_buff **pskb, | |||
54 | const struct net_device *out, | 53 | const struct net_device *out, |
55 | unsigned int hooknum, | 54 | unsigned int hooknum, |
56 | const struct xt_target *target, | 55 | const struct xt_target *target, |
57 | const void *targinfo, | 56 | const void *targinfo) |
58 | void *userinfo) | ||
59 | { | 57 | { |
60 | const struct xt_DSCP_info *dinfo = targinfo; | 58 | const struct xt_DSCP_info *dinfo = targinfo; |
61 | u_int8_t dscp = ipv6_get_dsfield((*pskb)->nh.ipv6h) >> XT_DSCP_SHIFT; | 59 | u_int8_t dscp = ipv6_get_dsfield((*pskb)->nh.ipv6h) >> XT_DSCP_SHIFT; |
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index 0a6127219467..95a171c87994 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c | |||
@@ -27,8 +27,7 @@ target_v0(struct sk_buff **pskb, | |||
27 | const struct net_device *out, | 27 | const struct net_device *out, |
28 | unsigned int hooknum, | 28 | unsigned int hooknum, |
29 | const struct xt_target *target, | 29 | const struct xt_target *target, |
30 | const void *targinfo, | 30 | const void *targinfo) |
31 | void *userinfo) | ||
32 | { | 31 | { |
33 | const struct xt_mark_target_info *markinfo = targinfo; | 32 | const struct xt_mark_target_info *markinfo = targinfo; |
34 | 33 | ||
@@ -44,8 +43,7 @@ target_v1(struct sk_buff **pskb, | |||
44 | const struct net_device *out, | 43 | const struct net_device *out, |
45 | unsigned int hooknum, | 44 | unsigned int hooknum, |
46 | const struct xt_target *target, | 45 | const struct xt_target *target, |
47 | const void *targinfo, | 46 | const void *targinfo) |
48 | void *userinfo) | ||
49 | { | 47 | { |
50 | const struct xt_mark_target_info_v1 *markinfo = targinfo; | 48 | const struct xt_mark_target_info_v1 *markinfo = targinfo; |
51 | int mark = 0; | 49 | int mark = 0; |
diff --git a/net/netfilter/xt_NFQUEUE.c b/net/netfilter/xt_NFQUEUE.c index 7b982283abdb..db9b896e57c8 100644 --- a/net/netfilter/xt_NFQUEUE.c +++ b/net/netfilter/xt_NFQUEUE.c | |||
@@ -29,8 +29,7 @@ target(struct sk_buff **pskb, | |||
29 | const struct net_device *out, | 29 | const struct net_device *out, |
30 | unsigned int hooknum, | 30 | unsigned int hooknum, |
31 | const struct xt_target *target, | 31 | const struct xt_target *target, |
32 | const void *targinfo, | 32 | const void *targinfo) |
33 | void *userinfo) | ||
34 | { | 33 | { |
35 | const struct xt_NFQ_info *tinfo = targinfo; | 34 | const struct xt_NFQ_info *tinfo = targinfo; |
36 | 35 | ||
diff --git a/net/netfilter/xt_NOTRACK.c b/net/netfilter/xt_NOTRACK.c index cab881d4424c..6d00dcaed238 100644 --- a/net/netfilter/xt_NOTRACK.c +++ b/net/netfilter/xt_NOTRACK.c | |||
@@ -16,8 +16,7 @@ target(struct sk_buff **pskb, | |||
16 | const struct net_device *out, | 16 | const struct net_device *out, |
17 | unsigned int hooknum, | 17 | unsigned int hooknum, |
18 | const struct xt_target *target, | 18 | const struct xt_target *target, |
19 | const void *targinfo, | 19 | const void *targinfo) |
20 | void *userinfo) | ||
21 | { | 20 | { |
22 | /* Previously seen (loopback)? Ignore. */ | 21 | /* Previously seen (loopback)? Ignore. */ |
23 | if ((*pskb)->nfct != NULL) | 22 | if ((*pskb)->nfct != NULL) |
diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index 4300988786c9..8a04dcf2611e 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c | |||
@@ -31,7 +31,7 @@ static u8 mode; | |||
31 | static unsigned int target(struct sk_buff **pskb, const struct net_device *in, | 31 | static unsigned int target(struct sk_buff **pskb, const struct net_device *in, |
32 | const struct net_device *out, unsigned int hooknum, | 32 | const struct net_device *out, unsigned int hooknum, |
33 | const struct xt_target *target, | 33 | const struct xt_target *target, |
34 | const void *targinfo, void *userinfo) | 34 | const void *targinfo) |
35 | { | 35 | { |
36 | u32 secmark = 0; | 36 | u32 secmark = 0; |
37 | const struct xt_secmark_target_info *info = targinfo; | 37 | const struct xt_secmark_target_info *info = targinfo; |
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c index 2d49948d3c38..d725e8b84503 100644 --- a/net/netfilter/xt_connbytes.c +++ b/net/netfilter/xt_connbytes.c | |||
@@ -143,7 +143,7 @@ static int check(const char *tablename, | |||
143 | return 1; | 143 | return 1; |
144 | } | 144 | } |
145 | 145 | ||
146 | static struct xt_match xt_connbytes_match = { | 146 | static struct xt_match xt_connbytes_match[] = { |
147 | { | 147 | { |
148 | .name = "connbytes", | 148 | .name = "connbytes", |
149 | .family = AF_INET, | 149 | .family = AF_INET, |
diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 224c078a398e..45a3143b8629 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c | |||
@@ -222,7 +222,7 @@ static int tcf_ipt(struct sk_buff *skb, struct tc_action *a, | |||
222 | ret = ipt->tcfi_t->u.kernel.target->target(&skb, skb->dev, NULL, | 222 | ret = ipt->tcfi_t->u.kernel.target->target(&skb, skb->dev, NULL, |
223 | ipt->tcfi_hook, | 223 | ipt->tcfi_hook, |
224 | ipt->tcfi_t->u.kernel.target, | 224 | ipt->tcfi_t->u.kernel.target, |
225 | ipt->tcfi_t->data, NULL); | 225 | ipt->tcfi_t->data); |
226 | switch (ret) { | 226 | switch (ret) { |
227 | case NF_ACCEPT: | 227 | case NF_ACCEPT: |
228 | result = TC_ACT_OK; | 228 | result = TC_ACT_OK; |