diff options
-rw-r--r-- | include/linux/netfilter_bridge/ebtables.h | 6 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_802_3.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_among.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_arp.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_arpreply.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_dnat.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_ip.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_ip6.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_limit.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_log.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_mark.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_mark_m.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_nflog.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_pkttype.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_redirect.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_snat.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_stp.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_ulog.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_vlan.c | 2 | ||||
-rw-r--r-- | net/bridge/netfilter/ebtables.c | 58 |
20 files changed, 91 insertions, 9 deletions
diff --git a/include/linux/netfilter_bridge/ebtables.h b/include/linux/netfilter_bridge/ebtables.h index 097432b94c55..82f854bf37e7 100644 --- a/include/linux/netfilter_bridge/ebtables.h +++ b/include/linux/netfilter_bridge/ebtables.h | |||
@@ -214,6 +214,8 @@ struct ebt_match | |||
214 | const struct ebt_entry *e, void *matchdata, unsigned int datalen); | 214 | const struct ebt_entry *e, void *matchdata, unsigned int datalen); |
215 | void (*destroy)(void *matchdata, unsigned int datalen); | 215 | void (*destroy)(void *matchdata, unsigned int datalen); |
216 | unsigned int matchsize; | 216 | unsigned int matchsize; |
217 | u_int8_t revision; | ||
218 | u_int8_t family; | ||
217 | struct module *me; | 219 | struct module *me; |
218 | }; | 220 | }; |
219 | 221 | ||
@@ -228,6 +230,8 @@ struct ebt_watcher | |||
228 | const struct ebt_entry *e, void *watcherdata, unsigned int datalen); | 230 | const struct ebt_entry *e, void *watcherdata, unsigned int datalen); |
229 | void (*destroy)(void *watcherdata, unsigned int datalen); | 231 | void (*destroy)(void *watcherdata, unsigned int datalen); |
230 | unsigned int targetsize; | 232 | unsigned int targetsize; |
233 | u_int8_t revision; | ||
234 | u_int8_t family; | ||
231 | struct module *me; | 235 | struct module *me; |
232 | }; | 236 | }; |
233 | 237 | ||
@@ -243,6 +247,8 @@ struct ebt_target | |||
243 | const struct ebt_entry *e, void *targetdata, unsigned int datalen); | 247 | const struct ebt_entry *e, void *targetdata, unsigned int datalen); |
244 | void (*destroy)(void *targetdata, unsigned int datalen); | 248 | void (*destroy)(void *targetdata, unsigned int datalen); |
245 | unsigned int targetsize; | 249 | unsigned int targetsize; |
250 | u_int8_t revision; | ||
251 | u_int8_t family; | ||
246 | struct module *me; | 252 | struct module *me; |
247 | }; | 253 | }; |
248 | 254 | ||
diff --git a/net/bridge/netfilter/ebt_802_3.c b/net/bridge/netfilter/ebt_802_3.c index 8ebe62b9bcc1..f9876f227574 100644 --- a/net/bridge/netfilter/ebt_802_3.c +++ b/net/bridge/netfilter/ebt_802_3.c | |||
@@ -51,6 +51,8 @@ static bool ebt_802_3_check(const char *tablename, unsigned int hookmask, | |||
51 | 51 | ||
52 | static struct ebt_match filter_802_3 __read_mostly = { | 52 | static struct ebt_match filter_802_3 __read_mostly = { |
53 | .name = EBT_802_3_MATCH, | 53 | .name = EBT_802_3_MATCH, |
54 | .revision = 0, | ||
55 | .family = NFPROTO_BRIDGE, | ||
54 | .match = ebt_filter_802_3, | 56 | .match = ebt_filter_802_3, |
55 | .check = ebt_802_3_check, | 57 | .check = ebt_802_3_check, |
56 | .matchsize = XT_ALIGN(sizeof(struct ebt_802_3_info)), | 58 | .matchsize = XT_ALIGN(sizeof(struct ebt_802_3_info)), |
diff --git a/net/bridge/netfilter/ebt_among.c b/net/bridge/netfilter/ebt_among.c index bfdc67bcbfaf..568c890887b5 100644 --- a/net/bridge/netfilter/ebt_among.c +++ b/net/bridge/netfilter/ebt_among.c | |||
@@ -211,6 +211,8 @@ ebt_among_check(const char *tablename, unsigned int hookmask, | |||
211 | 211 | ||
212 | static struct ebt_match filter_among __read_mostly = { | 212 | static struct ebt_match filter_among __read_mostly = { |
213 | .name = EBT_AMONG_MATCH, | 213 | .name = EBT_AMONG_MATCH, |
214 | .revision = 0, | ||
215 | .family = NFPROTO_BRIDGE, | ||
214 | .match = ebt_filter_among, | 216 | .match = ebt_filter_among, |
215 | .check = ebt_among_check, | 217 | .check = ebt_among_check, |
216 | .matchsize = -1, /* special case */ | 218 | .matchsize = -1, /* special case */ |
diff --git a/net/bridge/netfilter/ebt_arp.c b/net/bridge/netfilter/ebt_arp.c index f1f0bcf5524a..4a5226cbab89 100644 --- a/net/bridge/netfilter/ebt_arp.c +++ b/net/bridge/netfilter/ebt_arp.c | |||
@@ -117,6 +117,8 @@ static bool ebt_arp_check(const char *tablename, unsigned int hookmask, | |||
117 | 117 | ||
118 | static struct ebt_match filter_arp __read_mostly = { | 118 | static struct ebt_match filter_arp __read_mostly = { |
119 | .name = EBT_ARP_MATCH, | 119 | .name = EBT_ARP_MATCH, |
120 | .revision = 0, | ||
121 | .family = NFPROTO_BRIDGE, | ||
120 | .match = ebt_filter_arp, | 122 | .match = ebt_filter_arp, |
121 | .check = ebt_arp_check, | 123 | .check = ebt_arp_check, |
122 | .matchsize = XT_ALIGN(sizeof(struct ebt_arp_info)), | 124 | .matchsize = XT_ALIGN(sizeof(struct ebt_arp_info)), |
diff --git a/net/bridge/netfilter/ebt_arpreply.c b/net/bridge/netfilter/ebt_arpreply.c index b444cf835f1e..7ab16556800e 100644 --- a/net/bridge/netfilter/ebt_arpreply.c +++ b/net/bridge/netfilter/ebt_arpreply.c | |||
@@ -76,6 +76,8 @@ static bool ebt_target_reply_check(const char *tablename, unsigned int hookmask, | |||
76 | 76 | ||
77 | static struct ebt_target reply_target __read_mostly = { | 77 | static struct ebt_target reply_target __read_mostly = { |
78 | .name = EBT_ARPREPLY_TARGET, | 78 | .name = EBT_ARPREPLY_TARGET, |
79 | .revision = 0, | ||
80 | .family = NFPROTO_BRIDGE, | ||
79 | .target = ebt_target_reply, | 81 | .target = ebt_target_reply, |
80 | .check = ebt_target_reply_check, | 82 | .check = ebt_target_reply_check, |
81 | .targetsize = XT_ALIGN(sizeof(struct ebt_arpreply_info)), | 83 | .targetsize = XT_ALIGN(sizeof(struct ebt_arpreply_info)), |
diff --git a/net/bridge/netfilter/ebt_dnat.c b/net/bridge/netfilter/ebt_dnat.c index d58b9e32338e..64838e2835a0 100644 --- a/net/bridge/netfilter/ebt_dnat.c +++ b/net/bridge/netfilter/ebt_dnat.c | |||
@@ -46,6 +46,8 @@ static bool ebt_target_dnat_check(const char *tablename, unsigned int hookmask, | |||
46 | 46 | ||
47 | static struct ebt_target dnat __read_mostly = { | 47 | static struct ebt_target dnat __read_mostly = { |
48 | .name = EBT_DNAT_TARGET, | 48 | .name = EBT_DNAT_TARGET, |
49 | .revision = 0, | ||
50 | .family = NFPROTO_BRIDGE, | ||
49 | .target = ebt_target_dnat, | 51 | .target = ebt_target_dnat, |
50 | .check = ebt_target_dnat_check, | 52 | .check = ebt_target_dnat_check, |
51 | .targetsize = XT_ALIGN(sizeof(struct ebt_nat_info)), | 53 | .targetsize = XT_ALIGN(sizeof(struct ebt_nat_info)), |
diff --git a/net/bridge/netfilter/ebt_ip.c b/net/bridge/netfilter/ebt_ip.c index 018782f044c4..0bef6f7bc83f 100644 --- a/net/bridge/netfilter/ebt_ip.c +++ b/net/bridge/netfilter/ebt_ip.c | |||
@@ -108,6 +108,8 @@ static bool ebt_ip_check(const char *tablename, unsigned int hookmask, | |||
108 | 108 | ||
109 | static struct ebt_match filter_ip __read_mostly = { | 109 | static struct ebt_match filter_ip __read_mostly = { |
110 | .name = EBT_IP_MATCH, | 110 | .name = EBT_IP_MATCH, |
111 | .revision = 0, | ||
112 | .family = NFPROTO_BRIDGE, | ||
111 | .match = ebt_filter_ip, | 113 | .match = ebt_filter_ip, |
112 | .check = ebt_ip_check, | 114 | .check = ebt_ip_check, |
113 | .matchsize = XT_ALIGN(sizeof(struct ebt_ip_info)), | 115 | .matchsize = XT_ALIGN(sizeof(struct ebt_ip_info)), |
diff --git a/net/bridge/netfilter/ebt_ip6.c b/net/bridge/netfilter/ebt_ip6.c index 7fc3928e3fb5..afcabe205b8f 100644 --- a/net/bridge/netfilter/ebt_ip6.c +++ b/net/bridge/netfilter/ebt_ip6.c | |||
@@ -121,6 +121,8 @@ static bool ebt_ip6_check(const char *tablename, unsigned int hookmask, | |||
121 | static struct ebt_match filter_ip6 = | 121 | static struct ebt_match filter_ip6 = |
122 | { | 122 | { |
123 | .name = EBT_IP6_MATCH, | 123 | .name = EBT_IP6_MATCH, |
124 | .revision = 0, | ||
125 | .family = NFPROTO_BRIDGE, | ||
124 | .match = ebt_filter_ip6, | 126 | .match = ebt_filter_ip6, |
125 | .check = ebt_ip6_check, | 127 | .check = ebt_ip6_check, |
126 | .matchsize = XT_ALIGN(sizeof(struct ebt_ip6_info)), | 128 | .matchsize = XT_ALIGN(sizeof(struct ebt_ip6_info)), |
diff --git a/net/bridge/netfilter/ebt_limit.c b/net/bridge/netfilter/ebt_limit.c index 925065a22a65..9ca0a2564c8d 100644 --- a/net/bridge/netfilter/ebt_limit.c +++ b/net/bridge/netfilter/ebt_limit.c | |||
@@ -88,6 +88,8 @@ static bool ebt_limit_check(const char *tablename, unsigned int hookmask, | |||
88 | 88 | ||
89 | static struct ebt_match ebt_limit_reg __read_mostly = { | 89 | static struct ebt_match ebt_limit_reg __read_mostly = { |
90 | .name = EBT_LIMIT_MATCH, | 90 | .name = EBT_LIMIT_MATCH, |
91 | .revision = 0, | ||
92 | .family = NFPROTO_BRIDGE, | ||
91 | .match = ebt_limit_match, | 93 | .match = ebt_limit_match, |
92 | .check = ebt_limit_check, | 94 | .check = ebt_limit_check, |
93 | .matchsize = XT_ALIGN(sizeof(struct ebt_limit_info)), | 95 | .matchsize = XT_ALIGN(sizeof(struct ebt_limit_info)), |
diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c index 2705d7a2a9b5..c2e1c357025e 100644 --- a/net/bridge/netfilter/ebt_log.c +++ b/net/bridge/netfilter/ebt_log.c | |||
@@ -215,6 +215,8 @@ static unsigned int ebt_log(const struct sk_buff *skb, unsigned int hooknr, | |||
215 | static struct ebt_watcher log = | 215 | static struct ebt_watcher log = |
216 | { | 216 | { |
217 | .name = EBT_LOG_WATCHER, | 217 | .name = EBT_LOG_WATCHER, |
218 | .revision = 0, | ||
219 | .family = NFPROTO_BRIDGE, | ||
218 | .watcher = ebt_log, | 220 | .watcher = ebt_log, |
219 | .check = ebt_log_check, | 221 | .check = ebt_log_check, |
220 | .targetsize = XT_ALIGN(sizeof(struct ebt_log_info)), | 222 | .targetsize = XT_ALIGN(sizeof(struct ebt_log_info)), |
diff --git a/net/bridge/netfilter/ebt_mark.c b/net/bridge/netfilter/ebt_mark.c index e4b91d8e2c6c..910721a12673 100644 --- a/net/bridge/netfilter/ebt_mark.c +++ b/net/bridge/netfilter/ebt_mark.c | |||
@@ -58,6 +58,8 @@ static bool ebt_target_mark_check(const char *tablename, unsigned int hookmask, | |||
58 | 58 | ||
59 | static struct ebt_target mark_target __read_mostly = { | 59 | static struct ebt_target mark_target __read_mostly = { |
60 | .name = EBT_MARK_TARGET, | 60 | .name = EBT_MARK_TARGET, |
61 | .revision = 0, | ||
62 | .family = NFPROTO_BRIDGE, | ||
61 | .target = ebt_target_mark, | 63 | .target = ebt_target_mark, |
62 | .check = ebt_target_mark_check, | 64 | .check = ebt_target_mark_check, |
63 | .targetsize = XT_ALIGN(sizeof(struct ebt_mark_t_info)), | 65 | .targetsize = XT_ALIGN(sizeof(struct ebt_mark_t_info)), |
diff --git a/net/bridge/netfilter/ebt_mark_m.c b/net/bridge/netfilter/ebt_mark_m.c index ec16c0e2868a..6512ad9b4097 100644 --- a/net/bridge/netfilter/ebt_mark_m.c +++ b/net/bridge/netfilter/ebt_mark_m.c | |||
@@ -39,6 +39,8 @@ static bool ebt_mark_check(const char *tablename, unsigned int hookmask, | |||
39 | 39 | ||
40 | static struct ebt_match filter_mark __read_mostly = { | 40 | static struct ebt_match filter_mark __read_mostly = { |
41 | .name = EBT_MARK_MATCH, | 41 | .name = EBT_MARK_MATCH, |
42 | .revision = 0, | ||
43 | .family = NFPROTO_BRIDGE, | ||
42 | .match = ebt_filter_mark, | 44 | .match = ebt_filter_mark, |
43 | .check = ebt_mark_check, | 45 | .check = ebt_mark_check, |
44 | .matchsize = XT_ALIGN(sizeof(struct ebt_mark_m_info)), | 46 | .matchsize = XT_ALIGN(sizeof(struct ebt_mark_m_info)), |
diff --git a/net/bridge/netfilter/ebt_nflog.c b/net/bridge/netfilter/ebt_nflog.c index 2c75023b3260..aa0410c69a60 100644 --- a/net/bridge/netfilter/ebt_nflog.c +++ b/net/bridge/netfilter/ebt_nflog.c | |||
@@ -52,6 +52,8 @@ static bool ebt_nflog_check(const char *tablename, | |||
52 | 52 | ||
53 | static struct ebt_watcher nflog __read_mostly = { | 53 | static struct ebt_watcher nflog __read_mostly = { |
54 | .name = EBT_NFLOG_WATCHER, | 54 | .name = EBT_NFLOG_WATCHER, |
55 | .revision = 0, | ||
56 | .family = NFPROTO_BRIDGE, | ||
55 | .watcher = ebt_nflog, | 57 | .watcher = ebt_nflog, |
56 | .check = ebt_nflog_check, | 58 | .check = ebt_nflog_check, |
57 | .targetsize = XT_ALIGN(sizeof(struct ebt_nflog_info)), | 59 | .targetsize = XT_ALIGN(sizeof(struct ebt_nflog_info)), |
diff --git a/net/bridge/netfilter/ebt_pkttype.c b/net/bridge/netfilter/ebt_pkttype.c index 74b443284366..a9acecc88e9e 100644 --- a/net/bridge/netfilter/ebt_pkttype.c +++ b/net/bridge/netfilter/ebt_pkttype.c | |||
@@ -36,6 +36,8 @@ static bool ebt_pkttype_check(const char *tablename, unsigned int hookmask, | |||
36 | 36 | ||
37 | static struct ebt_match filter_pkttype __read_mostly = { | 37 | static struct ebt_match filter_pkttype __read_mostly = { |
38 | .name = EBT_PKTTYPE_MATCH, | 38 | .name = EBT_PKTTYPE_MATCH, |
39 | .revision = 0, | ||
40 | .family = NFPROTO_BRIDGE, | ||
39 | .match = ebt_filter_pkttype, | 41 | .match = ebt_filter_pkttype, |
40 | .check = ebt_pkttype_check, | 42 | .check = ebt_pkttype_check, |
41 | .matchsize = XT_ALIGN(sizeof(struct ebt_pkttype_info)), | 43 | .matchsize = XT_ALIGN(sizeof(struct ebt_pkttype_info)), |
diff --git a/net/bridge/netfilter/ebt_redirect.c b/net/bridge/netfilter/ebt_redirect.c index 7bf1390ad97b..4c628108bcda 100644 --- a/net/bridge/netfilter/ebt_redirect.c +++ b/net/bridge/netfilter/ebt_redirect.c | |||
@@ -52,6 +52,8 @@ static bool ebt_target_redirect_check(const char *tablename, unsigned int hookma | |||
52 | 52 | ||
53 | static struct ebt_target redirect_target __read_mostly = { | 53 | static struct ebt_target redirect_target __read_mostly = { |
54 | .name = EBT_REDIRECT_TARGET, | 54 | .name = EBT_REDIRECT_TARGET, |
55 | .revision = 0, | ||
56 | .family = NFPROTO_BRIDGE, | ||
55 | .target = ebt_target_redirect, | 57 | .target = ebt_target_redirect, |
56 | .check = ebt_target_redirect_check, | 58 | .check = ebt_target_redirect_check, |
57 | .targetsize = XT_ALIGN(sizeof(struct ebt_redirect_info)), | 59 | .targetsize = XT_ALIGN(sizeof(struct ebt_redirect_info)), |
diff --git a/net/bridge/netfilter/ebt_snat.c b/net/bridge/netfilter/ebt_snat.c index d13f05d2620e..0e83de781c0c 100644 --- a/net/bridge/netfilter/ebt_snat.c +++ b/net/bridge/netfilter/ebt_snat.c | |||
@@ -68,6 +68,8 @@ static bool ebt_target_snat_check(const char *tablename, unsigned int hookmask, | |||
68 | 68 | ||
69 | static struct ebt_target snat __read_mostly = { | 69 | static struct ebt_target snat __read_mostly = { |
70 | .name = EBT_SNAT_TARGET, | 70 | .name = EBT_SNAT_TARGET, |
71 | .revision = 0, | ||
72 | .family = NFPROTO_BRIDGE, | ||
71 | .target = ebt_target_snat, | 73 | .target = ebt_target_snat, |
72 | .check = ebt_target_snat_check, | 74 | .check = ebt_target_snat_check, |
73 | .targetsize = XT_ALIGN(sizeof(struct ebt_nat_info)), | 75 | .targetsize = XT_ALIGN(sizeof(struct ebt_nat_info)), |
diff --git a/net/bridge/netfilter/ebt_stp.c b/net/bridge/netfilter/ebt_stp.c index 7618206639ed..e6d8f0c140a4 100644 --- a/net/bridge/netfilter/ebt_stp.c +++ b/net/bridge/netfilter/ebt_stp.c | |||
@@ -174,6 +174,8 @@ static bool ebt_stp_check(const char *tablename, unsigned int hookmask, | |||
174 | 174 | ||
175 | static struct ebt_match filter_stp __read_mostly = { | 175 | static struct ebt_match filter_stp __read_mostly = { |
176 | .name = EBT_STP_MATCH, | 176 | .name = EBT_STP_MATCH, |
177 | .revision = 0, | ||
178 | .family = NFPROTO_BRIDGE, | ||
177 | .match = ebt_filter_stp, | 179 | .match = ebt_filter_stp, |
178 | .check = ebt_stp_check, | 180 | .check = ebt_stp_check, |
179 | .matchsize = XT_ALIGN(sizeof(struct ebt_stp_info)), | 181 | .matchsize = XT_ALIGN(sizeof(struct ebt_stp_info)), |
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c index 5f86f555f6d1..076b44590f16 100644 --- a/net/bridge/netfilter/ebt_ulog.c +++ b/net/bridge/netfilter/ebt_ulog.c | |||
@@ -274,6 +274,8 @@ static bool ebt_ulog_check(const char *tablename, unsigned int hookmask, | |||
274 | 274 | ||
275 | static struct ebt_watcher ulog __read_mostly = { | 275 | static struct ebt_watcher ulog __read_mostly = { |
276 | .name = EBT_ULOG_WATCHER, | 276 | .name = EBT_ULOG_WATCHER, |
277 | .revision = 0, | ||
278 | .family = NFPROTO_BRIDGE, | ||
277 | .watcher = ebt_ulog, | 279 | .watcher = ebt_ulog, |
278 | .check = ebt_ulog_check, | 280 | .check = ebt_ulog_check, |
279 | .targetsize = XT_ALIGN(sizeof(struct ebt_ulog_info)), | 281 | .targetsize = XT_ALIGN(sizeof(struct ebt_ulog_info)), |
diff --git a/net/bridge/netfilter/ebt_vlan.c b/net/bridge/netfilter/ebt_vlan.c index 8cc4257a1ade..9e3a39ae4660 100644 --- a/net/bridge/netfilter/ebt_vlan.c +++ b/net/bridge/netfilter/ebt_vlan.c | |||
@@ -164,6 +164,8 @@ ebt_check_vlan(const char *tablename, | |||
164 | 164 | ||
165 | static struct ebt_match filter_vlan __read_mostly = { | 165 | static struct ebt_match filter_vlan __read_mostly = { |
166 | .name = EBT_VLAN_MATCH, | 166 | .name = EBT_VLAN_MATCH, |
167 | .revision = 0, | ||
168 | .family = NFPROTO_BRIDGE, | ||
167 | .match = ebt_filter_vlan, | 169 | .match = ebt_filter_vlan, |
168 | .check = ebt_check_vlan, | 170 | .check = ebt_check_vlan, |
169 | .matchsize = XT_ALIGN(sizeof(struct ebt_vlan_info)), | 171 | .matchsize = XT_ALIGN(sizeof(struct ebt_vlan_info)), |
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index fe4995277296..bc4b3f4f37c4 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c | |||
@@ -61,7 +61,9 @@ static LIST_HEAD(ebt_matches); | |||
61 | static LIST_HEAD(ebt_watchers); | 61 | static LIST_HEAD(ebt_watchers); |
62 | 62 | ||
63 | static struct ebt_target ebt_standard_target = { | 63 | static struct ebt_target ebt_standard_target = { |
64 | .name = "standard", | 64 | .name = "standard", |
65 | .revision = 0, | ||
66 | .family = NFPROTO_BRIDGE, | ||
65 | }; | 67 | }; |
66 | 68 | ||
67 | static inline int ebt_do_watcher (struct ebt_entry_watcher *w, | 69 | static inline int ebt_do_watcher (struct ebt_entry_watcher *w, |
@@ -352,6 +354,17 @@ ebt_check_match(struct ebt_entry_match *m, struct ebt_entry *e, | |||
352 | return -ENOENT; | 354 | return -ENOENT; |
353 | } | 355 | } |
354 | mutex_unlock(&ebt_mutex); | 356 | mutex_unlock(&ebt_mutex); |
357 | if (match->family != NFPROTO_BRIDGE) { | ||
358 | printk(KERN_WARNING "ebtables: %s match: not for ebtables?\n", | ||
359 | match->name); | ||
360 | goto out; | ||
361 | } | ||
362 | if (match->revision != 0) { | ||
363 | printk(KERN_WARNING "ebtables: %s match: ebtables is not " | ||
364 | "supporting revisions at this time\n", | ||
365 | match->name); | ||
366 | goto out; | ||
367 | } | ||
355 | if (XT_ALIGN(match->matchsize) != m->match_size && | 368 | if (XT_ALIGN(match->matchsize) != m->match_size && |
356 | match->matchsize != -1) { | 369 | match->matchsize != -1) { |
357 | /* | 370 | /* |
@@ -361,17 +374,18 @@ ebt_check_match(struct ebt_entry_match *m, struct ebt_entry *e, | |||
361 | printk(KERN_WARNING "ebtables: %s match: " | 374 | printk(KERN_WARNING "ebtables: %s match: " |
362 | "invalid size %Zu != %u\n", | 375 | "invalid size %Zu != %u\n", |
363 | match->name, XT_ALIGN(match->matchsize), m->match_size); | 376 | match->name, XT_ALIGN(match->matchsize), m->match_size); |
364 | module_put(match->me); | 377 | goto out; |
365 | return -EINVAL; | ||
366 | } | 378 | } |
367 | if (match->check && | 379 | if (match->check && |
368 | !match->check(name, hookmask, e, m->data, m->match_size)) { | 380 | !match->check(name, hookmask, e, m->data, m->match_size)) { |
369 | BUGPRINT("match->check failed\n"); | 381 | BUGPRINT("match->check failed\n"); |
370 | module_put(match->me); | 382 | goto out; |
371 | return -EINVAL; | ||
372 | } | 383 | } |
373 | (*cnt)++; | 384 | (*cnt)++; |
374 | return 0; | 385 | return 0; |
386 | out: | ||
387 | module_put(match->me); | ||
388 | return -EINVAL; | ||
375 | } | 389 | } |
376 | 390 | ||
377 | static inline int | 391 | static inline int |
@@ -394,22 +408,34 @@ ebt_check_watcher(struct ebt_entry_watcher *w, struct ebt_entry *e, | |||
394 | return -ENOENT; | 408 | return -ENOENT; |
395 | } | 409 | } |
396 | mutex_unlock(&ebt_mutex); | 410 | mutex_unlock(&ebt_mutex); |
411 | if (watcher->family != NFPROTO_BRIDGE) { | ||
412 | printk(KERN_WARNING "ebtables: %s watcher: not for ebtables?\n", | ||
413 | watcher->name); | ||
414 | goto out; | ||
415 | } | ||
416 | if (watcher->revision != 0) { | ||
417 | printk(KERN_WARNING "ebtables: %s watcher: ebtables is not " | ||
418 | "supporting revisions at this time\n", | ||
419 | watcher->name); | ||
420 | goto out; | ||
421 | } | ||
397 | if (XT_ALIGN(watcher->targetsize) != w->watcher_size) { | 422 | if (XT_ALIGN(watcher->targetsize) != w->watcher_size) { |
398 | printk(KERN_WARNING "ebtables: %s watcher: " | 423 | printk(KERN_WARNING "ebtables: %s watcher: " |
399 | "invalid size %Zu != %u\n", | 424 | "invalid size %Zu != %u\n", |
400 | watcher->name, XT_ALIGN(watcher->targetsize), | 425 | watcher->name, XT_ALIGN(watcher->targetsize), |
401 | w->watcher_size); | 426 | w->watcher_size); |
402 | module_put(watcher->me); | 427 | goto out; |
403 | return -EINVAL; | ||
404 | } | 428 | } |
405 | if (watcher->check && | 429 | if (watcher->check && |
406 | !watcher->check(name, hookmask, e, w->data, w->watcher_size)) { | 430 | !watcher->check(name, hookmask, e, w->data, w->watcher_size)) { |
407 | BUGPRINT("watcher->check failed\n"); | 431 | BUGPRINT("watcher->check failed\n"); |
408 | module_put(watcher->me); | 432 | goto out; |
409 | return -EINVAL; | ||
410 | } | 433 | } |
411 | (*cnt)++; | 434 | (*cnt)++; |
412 | return 0; | 435 | return 0; |
436 | out: | ||
437 | module_put(watcher->me); | ||
438 | return -EINVAL; | ||
413 | } | 439 | } |
414 | 440 | ||
415 | static int ebt_verify_pointers(struct ebt_replace *repl, | 441 | static int ebt_verify_pointers(struct ebt_replace *repl, |
@@ -690,6 +716,20 @@ ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo, | |||
690 | } | 716 | } |
691 | mutex_unlock(&ebt_mutex); | 717 | mutex_unlock(&ebt_mutex); |
692 | 718 | ||
719 | if (target->family != NFPROTO_BRIDGE) { | ||
720 | printk(KERN_WARNING "ebtables: %s target: not for ebtables?\n", | ||
721 | target->name); | ||
722 | ret = -EINVAL; | ||
723 | goto cleanup_watchers; | ||
724 | } | ||
725 | if (target->revision != 0) { | ||
726 | printk(KERN_WARNING "ebtables: %s target: ebtables is not " | ||
727 | "supporting revisions at this time\n", | ||
728 | target->name); | ||
729 | ret = -EINVAL; | ||
730 | goto cleanup_watchers; | ||
731 | } | ||
732 | |||
693 | t->u.target = target; | 733 | t->u.target = target; |
694 | if (t->u.target == &ebt_standard_target) { | 734 | if (t->u.target == &ebt_standard_target) { |
695 | if (gap < sizeof(struct ebt_standard_target)) { | 735 | if (gap < sizeof(struct ebt_standard_target)) { |