diff options
36 files changed, 202 insertions, 171 deletions
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 98d566c5e32a..c59bc6ff2280 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h | |||
@@ -272,16 +272,6 @@ ipt_get_target(struct ipt_entry *e) | |||
272 | #include <linux/init.h> | 272 | #include <linux/init.h> |
273 | extern void ipt_init(void) __init; | 273 | extern void ipt_init(void) __init; |
274 | 274 | ||
275 | #define ipt_register_target(tgt) \ | ||
276 | ({ (tgt)->family = AF_INET; \ | ||
277 | xt_register_target(tgt); }) | ||
278 | #define ipt_unregister_target(tgt) xt_unregister_target(tgt) | ||
279 | |||
280 | #define ipt_register_match(mtch) \ | ||
281 | ({ (mtch)->family = AF_INET; \ | ||
282 | xt_register_match(mtch); }) | ||
283 | #define ipt_unregister_match(mtch) xt_unregister_match(mtch) | ||
284 | |||
285 | //#define ipt_register_table(tbl, repl) xt_register_table(AF_INET, tbl, repl) | 275 | //#define ipt_register_table(tbl, repl) xt_register_table(AF_INET, tbl, repl) |
286 | //#define ipt_unregister_table(tbl) xt_unregister_table(AF_INET, tbl) | 276 | //#define ipt_unregister_table(tbl) xt_unregister_table(AF_INET, tbl) |
287 | 277 | ||
@@ -290,7 +280,7 @@ extern int ipt_register_table(struct ipt_table *table, | |||
290 | extern void ipt_unregister_table(struct ipt_table *table); | 280 | extern void ipt_unregister_table(struct ipt_table *table); |
291 | 281 | ||
292 | /* net/sched/ipt.c: Gimme access to your targets! Gets target->me. */ | 282 | /* net/sched/ipt.c: Gimme access to your targets! Gets target->me. */ |
293 | extern struct ipt_target *ipt_find_target(const char *name, u8 revision); | 283 | extern struct xt_target *ipt_find_target(const char *name, u8 revision); |
294 | 284 | ||
295 | /* Standard entry. */ | 285 | /* Standard entry. */ |
296 | struct ipt_standard | 286 | struct ipt_standard |
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h index 4aed340401db..2fbabab30d21 100644 --- a/include/linux/netfilter_ipv6/ip6_tables.h +++ b/include/linux/netfilter_ipv6/ip6_tables.h | |||
@@ -286,16 +286,6 @@ ip6t_get_target(struct ip6t_entry *e) | |||
286 | #include <linux/init.h> | 286 | #include <linux/init.h> |
287 | extern void ip6t_init(void) __init; | 287 | extern void ip6t_init(void) __init; |
288 | 288 | ||
289 | #define ip6t_register_target(tgt) \ | ||
290 | ({ (tgt)->family = AF_INET6; \ | ||
291 | xt_register_target(tgt); }) | ||
292 | #define ip6t_unregister_target(tgt) xt_unregister_target(tgt) | ||
293 | |||
294 | #define ip6t_register_match(match) \ | ||
295 | ({ (match)->family = AF_INET6; \ | ||
296 | xt_register_match(match); }) | ||
297 | #define ip6t_unregister_match(match) xt_unregister_match(match) | ||
298 | |||
299 | extern int ip6t_register_table(struct ip6t_table *table, | 289 | extern int ip6t_register_table(struct ip6t_table *table, |
300 | const struct ip6t_replace *repl); | 290 | const struct ip6t_replace *repl); |
301 | extern void ip6t_unregister_table(struct ip6t_table *table); | 291 | extern void ip6t_unregister_table(struct ip6t_table *table); |
diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c index 6ebaad36c06d..7a8e7bb577e2 100644 --- a/net/ipv4/netfilter/ip_nat_rule.c +++ b/net/ipv4/netfilter/ip_nat_rule.c | |||
@@ -99,7 +99,7 @@ static unsigned int ipt_snat_target(struct sk_buff **pskb, | |||
99 | const struct net_device *in, | 99 | const struct net_device *in, |
100 | const struct net_device *out, | 100 | const struct net_device *out, |
101 | unsigned int hooknum, | 101 | unsigned int hooknum, |
102 | const struct ipt_target *target, | 102 | const struct xt_target *target, |
103 | const void *targinfo) | 103 | const void *targinfo) |
104 | { | 104 | { |
105 | struct ip_conntrack *ct; | 105 | struct ip_conntrack *ct; |
@@ -141,7 +141,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb, | |||
141 | const struct net_device *in, | 141 | const struct net_device *in, |
142 | const struct net_device *out, | 142 | const struct net_device *out, |
143 | unsigned int hooknum, | 143 | unsigned int hooknum, |
144 | const struct ipt_target *target, | 144 | const struct xt_target *target, |
145 | const void *targinfo) | 145 | const void *targinfo) |
146 | { | 146 | { |
147 | struct ip_conntrack *ct; | 147 | struct ip_conntrack *ct; |
@@ -166,7 +166,7 @@ static unsigned int ipt_dnat_target(struct sk_buff **pskb, | |||
166 | 166 | ||
167 | static int ipt_snat_checkentry(const char *tablename, | 167 | static int ipt_snat_checkentry(const char *tablename, |
168 | const void *entry, | 168 | const void *entry, |
169 | const struct ipt_target *target, | 169 | const struct xt_target *target, |
170 | void *targinfo, | 170 | void *targinfo, |
171 | unsigned int hook_mask) | 171 | unsigned int hook_mask) |
172 | { | 172 | { |
@@ -182,7 +182,7 @@ static int ipt_snat_checkentry(const char *tablename, | |||
182 | 182 | ||
183 | static int ipt_dnat_checkentry(const char *tablename, | 183 | static int ipt_dnat_checkentry(const char *tablename, |
184 | const void *entry, | 184 | const void *entry, |
185 | const struct ipt_target *target, | 185 | const struct xt_target *target, |
186 | void *targinfo, | 186 | void *targinfo, |
187 | unsigned int hook_mask) | 187 | unsigned int hook_mask) |
188 | { | 188 | { |
@@ -261,8 +261,9 @@ int ip_nat_rule_find(struct sk_buff **pskb, | |||
261 | return ret; | 261 | return ret; |
262 | } | 262 | } |
263 | 263 | ||
264 | static struct ipt_target ipt_snat_reg = { | 264 | static struct xt_target ipt_snat_reg = { |
265 | .name = "SNAT", | 265 | .name = "SNAT", |
266 | .family = AF_INET, | ||
266 | .target = ipt_snat_target, | 267 | .target = ipt_snat_target, |
267 | .targetsize = sizeof(struct ip_nat_multi_range_compat), | 268 | .targetsize = sizeof(struct ip_nat_multi_range_compat), |
268 | .table = "nat", | 269 | .table = "nat", |
@@ -270,8 +271,9 @@ static struct ipt_target ipt_snat_reg = { | |||
270 | .checkentry = ipt_snat_checkentry, | 271 | .checkentry = ipt_snat_checkentry, |
271 | }; | 272 | }; |
272 | 273 | ||
273 | static struct ipt_target ipt_dnat_reg = { | 274 | static struct xt_target ipt_dnat_reg = { |
274 | .name = "DNAT", | 275 | .name = "DNAT", |
276 | .family = AF_INET, | ||
275 | .target = ipt_dnat_target, | 277 | .target = ipt_dnat_target, |
276 | .targetsize = sizeof(struct ip_nat_multi_range_compat), | 278 | .targetsize = sizeof(struct ip_nat_multi_range_compat), |
277 | .table = "nat", | 279 | .table = "nat", |
@@ -286,27 +288,27 @@ int __init ip_nat_rule_init(void) | |||
286 | ret = ipt_register_table(&nat_table, &nat_initial_table.repl); | 288 | ret = ipt_register_table(&nat_table, &nat_initial_table.repl); |
287 | if (ret != 0) | 289 | if (ret != 0) |
288 | return ret; | 290 | return ret; |
289 | ret = ipt_register_target(&ipt_snat_reg); | 291 | ret = xt_register_target(&ipt_snat_reg); |
290 | if (ret != 0) | 292 | if (ret != 0) |
291 | goto unregister_table; | 293 | goto unregister_table; |
292 | 294 | ||
293 | ret = ipt_register_target(&ipt_dnat_reg); | 295 | ret = xt_register_target(&ipt_dnat_reg); |
294 | if (ret != 0) | 296 | if (ret != 0) |
295 | goto unregister_snat; | 297 | goto unregister_snat; |
296 | 298 | ||
297 | return ret; | 299 | return ret; |
298 | 300 | ||
299 | unregister_snat: | 301 | unregister_snat: |
300 | ipt_unregister_target(&ipt_snat_reg); | 302 | xt_unregister_target(&ipt_snat_reg); |
301 | unregister_table: | 303 | unregister_table: |
302 | ipt_unregister_table(&nat_table); | 304 | xt_unregister_table(&nat_table); |
303 | 305 | ||
304 | return ret; | 306 | return ret; |
305 | } | 307 | } |
306 | 308 | ||
307 | void ip_nat_rule_cleanup(void) | 309 | void ip_nat_rule_cleanup(void) |
308 | { | 310 | { |
309 | ipt_unregister_target(&ipt_dnat_reg); | 311 | xt_unregister_target(&ipt_dnat_reg); |
310 | ipt_unregister_target(&ipt_snat_reg); | 312 | xt_unregister_target(&ipt_snat_reg); |
311 | ipt_unregister_table(&nat_table); | 313 | ipt_unregister_table(&nat_table); |
312 | } | 314 | } |
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index fc1f153c86ba..0043e908b130 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
@@ -507,7 +507,7 @@ check_entry(struct ipt_entry *e, const char *name) | |||
507 | static inline int check_match(struct ipt_entry_match *m, const char *name, | 507 | static inline int check_match(struct ipt_entry_match *m, const char *name, |
508 | const struct ipt_ip *ip, unsigned int hookmask) | 508 | const struct ipt_ip *ip, unsigned int hookmask) |
509 | { | 509 | { |
510 | struct ipt_match *match; | 510 | struct xt_match *match; |
511 | int ret; | 511 | int ret; |
512 | 512 | ||
513 | match = m->u.kernel.match; | 513 | match = m->u.kernel.match; |
@@ -531,7 +531,7 @@ find_check_match(struct ipt_entry_match *m, | |||
531 | unsigned int hookmask, | 531 | unsigned int hookmask, |
532 | unsigned int *i) | 532 | unsigned int *i) |
533 | { | 533 | { |
534 | struct ipt_match *match; | 534 | struct xt_match *match; |
535 | int ret; | 535 | int ret; |
536 | 536 | ||
537 | match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name, | 537 | match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name, |
@@ -557,7 +557,7 @@ err: | |||
557 | static inline int check_target(struct ipt_entry *e, const char *name) | 557 | static inline int check_target(struct ipt_entry *e, const char *name) |
558 | { | 558 | { |
559 | struct ipt_entry_target *t; | 559 | struct ipt_entry_target *t; |
560 | struct ipt_target *target; | 560 | struct xt_target *target; |
561 | int ret; | 561 | int ret; |
562 | 562 | ||
563 | t = ipt_get_target(e); | 563 | t = ipt_get_target(e); |
@@ -580,7 +580,7 @@ find_check_entry(struct ipt_entry *e, const char *name, unsigned int size, | |||
580 | unsigned int *i) | 580 | unsigned int *i) |
581 | { | 581 | { |
582 | struct ipt_entry_target *t; | 582 | struct ipt_entry_target *t; |
583 | struct ipt_target *target; | 583 | struct xt_target *target; |
584 | int ret; | 584 | int ret; |
585 | unsigned int j; | 585 | unsigned int j; |
586 | 586 | ||
@@ -1437,7 +1437,7 @@ compat_check_calc_match(struct ipt_entry_match *m, | |||
1437 | unsigned int hookmask, | 1437 | unsigned int hookmask, |
1438 | int *size, int *i) | 1438 | int *size, int *i) |
1439 | { | 1439 | { |
1440 | struct ipt_match *match; | 1440 | struct xt_match *match; |
1441 | 1441 | ||
1442 | match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name, | 1442 | match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name, |
1443 | m->u.user.revision), | 1443 | m->u.user.revision), |
@@ -1466,7 +1466,7 @@ check_compat_entry_size_and_hooks(struct ipt_entry *e, | |||
1466 | const char *name) | 1466 | const char *name) |
1467 | { | 1467 | { |
1468 | struct ipt_entry_target *t; | 1468 | struct ipt_entry_target *t; |
1469 | struct ipt_target *target; | 1469 | struct xt_target *target; |
1470 | unsigned int entry_offset; | 1470 | unsigned int entry_offset; |
1471 | int ret, off, h, j; | 1471 | int ret, off, h, j; |
1472 | 1472 | ||
@@ -1550,7 +1550,7 @@ static int compat_copy_entry_from_user(struct ipt_entry *e, void **dstptr, | |||
1550 | struct xt_table_info *newinfo, unsigned char *base) | 1550 | struct xt_table_info *newinfo, unsigned char *base) |
1551 | { | 1551 | { |
1552 | struct ipt_entry_target *t; | 1552 | struct ipt_entry_target *t; |
1553 | struct ipt_target *target; | 1553 | struct xt_target *target; |
1554 | struct ipt_entry *de; | 1554 | struct ipt_entry *de; |
1555 | unsigned int origsize; | 1555 | unsigned int origsize; |
1556 | int ret, h; | 1556 | int ret, h; |
@@ -2124,7 +2124,7 @@ icmp_checkentry(const char *tablename, | |||
2124 | } | 2124 | } |
2125 | 2125 | ||
2126 | /* The built-in targets: standard (NULL) and error. */ | 2126 | /* The built-in targets: standard (NULL) and error. */ |
2127 | static struct ipt_target ipt_standard_target = { | 2127 | static struct xt_target ipt_standard_target = { |
2128 | .name = IPT_STANDARD_TARGET, | 2128 | .name = IPT_STANDARD_TARGET, |
2129 | .targetsize = sizeof(int), | 2129 | .targetsize = sizeof(int), |
2130 | .family = AF_INET, | 2130 | .family = AF_INET, |
@@ -2135,7 +2135,7 @@ static struct ipt_target ipt_standard_target = { | |||
2135 | #endif | 2135 | #endif |
2136 | }; | 2136 | }; |
2137 | 2137 | ||
2138 | static struct ipt_target ipt_error_target = { | 2138 | static struct xt_target ipt_error_target = { |
2139 | .name = IPT_ERROR_TARGET, | 2139 | .name = IPT_ERROR_TARGET, |
2140 | .target = ipt_error, | 2140 | .target = ipt_error, |
2141 | .targetsize = IPT_FUNCTION_MAXNAMELEN, | 2141 | .targetsize = IPT_FUNCTION_MAXNAMELEN, |
@@ -2158,7 +2158,7 @@ static struct nf_sockopt_ops ipt_sockopts = { | |||
2158 | #endif | 2158 | #endif |
2159 | }; | 2159 | }; |
2160 | 2160 | ||
2161 | static struct ipt_match icmp_matchstruct = { | 2161 | static struct xt_match icmp_matchstruct = { |
2162 | .name = "icmp", | 2162 | .name = "icmp", |
2163 | .match = icmp_match, | 2163 | .match = icmp_match, |
2164 | .matchsize = sizeof(struct ipt_icmp), | 2164 | .matchsize = sizeof(struct ipt_icmp), |
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index 018fea3fcb5f..343c2abdc1a0 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
@@ -26,6 +26,7 @@ | |||
26 | 26 | ||
27 | #include <linux/netfilter_arp.h> | 27 | #include <linux/netfilter_arp.h> |
28 | 28 | ||
29 | #include <linux/netfilter/x_tables.h> | ||
29 | #include <linux/netfilter_ipv4/ip_tables.h> | 30 | #include <linux/netfilter_ipv4/ip_tables.h> |
30 | #include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> | 31 | #include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> |
31 | #include <net/netfilter/nf_conntrack_compat.h> | 32 | #include <net/netfilter/nf_conntrack_compat.h> |
@@ -330,7 +331,7 @@ target(struct sk_buff **pskb, | |||
330 | if ((*pskb)->nh.iph->protocol == IPPROTO_ICMP | 331 | if ((*pskb)->nh.iph->protocol == IPPROTO_ICMP |
331 | && (ctinfo == IP_CT_RELATED | 332 | && (ctinfo == IP_CT_RELATED |
332 | || ctinfo == IP_CT_RELATED+IP_CT_IS_REPLY)) | 333 | || ctinfo == IP_CT_RELATED+IP_CT_IS_REPLY)) |
333 | return IPT_CONTINUE; | 334 | return XT_CONTINUE; |
334 | 335 | ||
335 | /* ip_conntrack_icmp guarantees us that we only have ICMP_ECHO, | 336 | /* ip_conntrack_icmp guarantees us that we only have ICMP_ECHO, |
336 | * TIMESTAMP, INFO_REQUEST or ADDRESS type icmp packets from here | 337 | * TIMESTAMP, INFO_REQUEST or ADDRESS type icmp packets from here |
@@ -368,7 +369,7 @@ target(struct sk_buff **pskb, | |||
368 | * actually a unicast IP packet. TCP doesn't like PACKET_MULTICAST */ | 369 | * actually a unicast IP packet. TCP doesn't like PACKET_MULTICAST */ |
369 | (*pskb)->pkt_type = PACKET_HOST; | 370 | (*pskb)->pkt_type = PACKET_HOST; |
370 | 371 | ||
371 | return IPT_CONTINUE; | 372 | return XT_CONTINUE; |
372 | } | 373 | } |
373 | 374 | ||
374 | static int | 375 | static int |
@@ -471,8 +472,9 @@ static void destroy(const struct xt_target *target, void *targinfo) | |||
471 | nf_ct_l3proto_module_put(target->family); | 472 | nf_ct_l3proto_module_put(target->family); |
472 | } | 473 | } |
473 | 474 | ||
474 | static struct ipt_target clusterip_tgt = { | 475 | static struct xt_target clusterip_tgt = { |
475 | .name = "CLUSTERIP", | 476 | .name = "CLUSTERIP", |
477 | .family = AF_INET, | ||
476 | .target = target, | 478 | .target = target, |
477 | .targetsize = sizeof(struct ipt_clusterip_tgt_info), | 479 | .targetsize = sizeof(struct ipt_clusterip_tgt_info), |
478 | .checkentry = checkentry, | 480 | .checkentry = checkentry, |
@@ -728,7 +730,7 @@ static int __init ipt_clusterip_init(void) | |||
728 | { | 730 | { |
729 | int ret; | 731 | int ret; |
730 | 732 | ||
731 | ret = ipt_register_target(&clusterip_tgt); | 733 | ret = xt_register_target(&clusterip_tgt); |
732 | if (ret < 0) | 734 | if (ret < 0) |
733 | return ret; | 735 | return ret; |
734 | 736 | ||
@@ -754,7 +756,7 @@ cleanup_hook: | |||
754 | nf_unregister_hook(&cip_arp_ops); | 756 | nf_unregister_hook(&cip_arp_ops); |
755 | #endif /* CONFIG_PROC_FS */ | 757 | #endif /* CONFIG_PROC_FS */ |
756 | cleanup_target: | 758 | cleanup_target: |
757 | ipt_unregister_target(&clusterip_tgt); | 759 | xt_unregister_target(&clusterip_tgt); |
758 | return ret; | 760 | return ret; |
759 | } | 761 | } |
760 | 762 | ||
@@ -766,7 +768,7 @@ static void __exit ipt_clusterip_fini(void) | |||
766 | remove_proc_entry(clusterip_procdir->name, clusterip_procdir->parent); | 768 | remove_proc_entry(clusterip_procdir->name, clusterip_procdir->parent); |
767 | #endif | 769 | #endif |
768 | nf_unregister_hook(&cip_arp_ops); | 770 | nf_unregister_hook(&cip_arp_ops); |
769 | ipt_unregister_target(&clusterip_tgt); | 771 | xt_unregister_target(&clusterip_tgt); |
770 | } | 772 | } |
771 | 773 | ||
772 | module_init(ipt_clusterip_init); | 774 | module_init(ipt_clusterip_init); |
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c index b55d670a24df..b5ca5938d1fe 100644 --- a/net/ipv4/netfilter/ipt_ECN.c +++ b/net/ipv4/netfilter/ipt_ECN.c | |||
@@ -9,12 +9,14 @@ | |||
9 | * ipt_ECN.c,v 1.5 2002/08/18 19:36:51 laforge Exp | 9 | * ipt_ECN.c,v 1.5 2002/08/18 19:36:51 laforge Exp |
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include <linux/in.h> | ||
12 | #include <linux/module.h> | 13 | #include <linux/module.h> |
13 | #include <linux/skbuff.h> | 14 | #include <linux/skbuff.h> |
14 | #include <linux/ip.h> | 15 | #include <linux/ip.h> |
15 | #include <linux/tcp.h> | 16 | #include <linux/tcp.h> |
16 | #include <net/checksum.h> | 17 | #include <net/checksum.h> |
17 | 18 | ||
19 | #include <linux/netfilter/x_tables.h> | ||
18 | #include <linux/netfilter_ipv4/ip_tables.h> | 20 | #include <linux/netfilter_ipv4/ip_tables.h> |
19 | #include <linux/netfilter_ipv4/ipt_ECN.h> | 21 | #include <linux/netfilter_ipv4/ipt_ECN.h> |
20 | 22 | ||
@@ -95,7 +97,7 @@ target(struct sk_buff **pskb, | |||
95 | if (!set_ect_tcp(pskb, einfo)) | 97 | if (!set_ect_tcp(pskb, einfo)) |
96 | return NF_DROP; | 98 | return NF_DROP; |
97 | 99 | ||
98 | return IPT_CONTINUE; | 100 | return XT_CONTINUE; |
99 | } | 101 | } |
100 | 102 | ||
101 | static int | 103 | static int |
@@ -119,7 +121,7 @@ checkentry(const char *tablename, | |||
119 | return 0; | 121 | return 0; |
120 | } | 122 | } |
121 | if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) | 123 | if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) |
122 | && (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & IPT_INV_PROTO))) { | 124 | && (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) { |
123 | printk(KERN_WARNING "ECN: cannot use TCP operations on a " | 125 | printk(KERN_WARNING "ECN: cannot use TCP operations on a " |
124 | "non-tcp rule\n"); | 126 | "non-tcp rule\n"); |
125 | return 0; | 127 | return 0; |
@@ -127,8 +129,9 @@ checkentry(const char *tablename, | |||
127 | return 1; | 129 | return 1; |
128 | } | 130 | } |
129 | 131 | ||
130 | static struct ipt_target ipt_ecn_reg = { | 132 | static struct xt_target ipt_ecn_reg = { |
131 | .name = "ECN", | 133 | .name = "ECN", |
134 | .family = AF_INET, | ||
132 | .target = target, | 135 | .target = target, |
133 | .targetsize = sizeof(struct ipt_ECN_info), | 136 | .targetsize = sizeof(struct ipt_ECN_info), |
134 | .table = "mangle", | 137 | .table = "mangle", |
@@ -138,12 +141,12 @@ static struct ipt_target ipt_ecn_reg = { | |||
138 | 141 | ||
139 | static int __init ipt_ecn_init(void) | 142 | static int __init ipt_ecn_init(void) |
140 | { | 143 | { |
141 | return ipt_register_target(&ipt_ecn_reg); | 144 | return xt_register_target(&ipt_ecn_reg); |
142 | } | 145 | } |
143 | 146 | ||
144 | static void __exit ipt_ecn_fini(void) | 147 | static void __exit ipt_ecn_fini(void) |
145 | { | 148 | { |
146 | ipt_unregister_target(&ipt_ecn_reg); | 149 | xt_unregister_target(&ipt_ecn_reg); |
147 | } | 150 | } |
148 | 151 | ||
149 | module_init(ipt_ecn_init); | 152 | module_init(ipt_ecn_init); |
diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c index 37778c72aeaa..f68370ffb43f 100644 --- a/net/ipv4/netfilter/ipt_LOG.c +++ b/net/ipv4/netfilter/ipt_LOG.c | |||
@@ -20,7 +20,7 @@ | |||
20 | #include <net/route.h> | 20 | #include <net/route.h> |
21 | 21 | ||
22 | #include <linux/netfilter.h> | 22 | #include <linux/netfilter.h> |
23 | #include <linux/netfilter_ipv4/ip_tables.h> | 23 | #include <linux/netfilter/x_tables.h> |
24 | #include <linux/netfilter_ipv4/ipt_LOG.h> | 24 | #include <linux/netfilter_ipv4/ipt_LOG.h> |
25 | 25 | ||
26 | MODULE_LICENSE("GPL"); | 26 | MODULE_LICENSE("GPL"); |
@@ -432,7 +432,7 @@ ipt_log_target(struct sk_buff **pskb, | |||
432 | 432 | ||
433 | ipt_log_packet(PF_INET, hooknum, *pskb, in, out, &li, | 433 | ipt_log_packet(PF_INET, hooknum, *pskb, in, out, &li, |
434 | loginfo->prefix); | 434 | loginfo->prefix); |
435 | return IPT_CONTINUE; | 435 | return XT_CONTINUE; |
436 | } | 436 | } |
437 | 437 | ||
438 | static int ipt_log_checkentry(const char *tablename, | 438 | static int ipt_log_checkentry(const char *tablename, |
@@ -455,8 +455,9 @@ static int ipt_log_checkentry(const char *tablename, | |||
455 | return 1; | 455 | return 1; |
456 | } | 456 | } |
457 | 457 | ||
458 | static struct ipt_target ipt_log_reg = { | 458 | static struct xt_target ipt_log_reg = { |
459 | .name = "LOG", | 459 | .name = "LOG", |
460 | .family = AF_INET, | ||
460 | .target = ipt_log_target, | 461 | .target = ipt_log_target, |
461 | .targetsize = sizeof(struct ipt_log_info), | 462 | .targetsize = sizeof(struct ipt_log_info), |
462 | .checkentry = ipt_log_checkentry, | 463 | .checkentry = ipt_log_checkentry, |
@@ -473,7 +474,7 @@ static int __init ipt_log_init(void) | |||
473 | { | 474 | { |
474 | int ret; | 475 | int ret; |
475 | 476 | ||
476 | ret = ipt_register_target(&ipt_log_reg); | 477 | ret = xt_register_target(&ipt_log_reg); |
477 | if (ret < 0) | 478 | if (ret < 0) |
478 | return ret; | 479 | return ret; |
479 | if (nf_log_register(PF_INET, &ipt_log_logger) < 0) { | 480 | if (nf_log_register(PF_INET, &ipt_log_logger) < 0) { |
@@ -489,7 +490,7 @@ static int __init ipt_log_init(void) | |||
489 | static void __exit ipt_log_fini(void) | 490 | static void __exit ipt_log_fini(void) |
490 | { | 491 | { |
491 | nf_log_unregister_logger(&ipt_log_logger); | 492 | nf_log_unregister_logger(&ipt_log_logger); |
492 | ipt_unregister_target(&ipt_log_reg); | 493 | xt_unregister_target(&ipt_log_reg); |
493 | } | 494 | } |
494 | 495 | ||
495 | module_init(ipt_log_init); | 496 | module_init(ipt_log_init); |
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c index d669685afd04..91c42efcd533 100644 --- a/net/ipv4/netfilter/ipt_MASQUERADE.c +++ b/net/ipv4/netfilter/ipt_MASQUERADE.c | |||
@@ -25,7 +25,7 @@ | |||
25 | #else | 25 | #else |
26 | #include <linux/netfilter_ipv4/ip_nat_rule.h> | 26 | #include <linux/netfilter_ipv4/ip_nat_rule.h> |
27 | #endif | 27 | #endif |
28 | #include <linux/netfilter_ipv4/ip_tables.h> | 28 | #include <linux/netfilter/x_tables.h> |
29 | 29 | ||
30 | MODULE_LICENSE("GPL"); | 30 | MODULE_LICENSE("GPL"); |
31 | MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>"); | 31 | MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>"); |
@@ -190,8 +190,9 @@ static struct notifier_block masq_inet_notifier = { | |||
190 | .notifier_call = masq_inet_event, | 190 | .notifier_call = masq_inet_event, |
191 | }; | 191 | }; |
192 | 192 | ||
193 | static struct ipt_target masquerade = { | 193 | static struct xt_target masquerade = { |
194 | .name = "MASQUERADE", | 194 | .name = "MASQUERADE", |
195 | .family = AF_INET, | ||
195 | .target = masquerade_target, | 196 | .target = masquerade_target, |
196 | .targetsize = sizeof(struct ip_nat_multi_range_compat), | 197 | .targetsize = sizeof(struct ip_nat_multi_range_compat), |
197 | .table = "nat", | 198 | .table = "nat", |
@@ -204,7 +205,7 @@ static int __init ipt_masquerade_init(void) | |||
204 | { | 205 | { |
205 | int ret; | 206 | int ret; |
206 | 207 | ||
207 | ret = ipt_register_target(&masquerade); | 208 | ret = xt_register_target(&masquerade); |
208 | 209 | ||
209 | if (ret == 0) { | 210 | if (ret == 0) { |
210 | /* Register for device down reports */ | 211 | /* Register for device down reports */ |
@@ -218,7 +219,7 @@ static int __init ipt_masquerade_init(void) | |||
218 | 219 | ||
219 | static void __exit ipt_masquerade_fini(void) | 220 | static void __exit ipt_masquerade_fini(void) |
220 | { | 221 | { |
221 | ipt_unregister_target(&masquerade); | 222 | xt_unregister_target(&masquerade); |
222 | unregister_netdevice_notifier(&masq_dev_notifier); | 223 | unregister_netdevice_notifier(&masq_dev_notifier); |
223 | unregister_inetaddr_notifier(&masq_inet_notifier); | 224 | unregister_inetaddr_notifier(&masq_inet_notifier); |
224 | } | 225 | } |
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c index 9390e90f2b25..b4acc241d898 100644 --- a/net/ipv4/netfilter/ipt_NETMAP.c +++ b/net/ipv4/netfilter/ipt_NETMAP.c | |||
@@ -15,6 +15,7 @@ | |||
15 | #include <linux/netdevice.h> | 15 | #include <linux/netdevice.h> |
16 | #include <linux/netfilter.h> | 16 | #include <linux/netfilter.h> |
17 | #include <linux/netfilter_ipv4.h> | 17 | #include <linux/netfilter_ipv4.h> |
18 | #include <linux/netfilter/x_tables.h> | ||
18 | #ifdef CONFIG_NF_NAT_NEEDED | 19 | #ifdef CONFIG_NF_NAT_NEEDED |
19 | #include <net/netfilter/nf_nat_rule.h> | 20 | #include <net/netfilter/nf_nat_rule.h> |
20 | #else | 21 | #else |
@@ -88,8 +89,9 @@ target(struct sk_buff **pskb, | |||
88 | return ip_nat_setup_info(ct, &newrange, hooknum); | 89 | return ip_nat_setup_info(ct, &newrange, hooknum); |
89 | } | 90 | } |
90 | 91 | ||
91 | static struct ipt_target target_module = { | 92 | static struct xt_target target_module = { |
92 | .name = MODULENAME, | 93 | .name = MODULENAME, |
94 | .family = AF_INET, | ||
93 | .target = target, | 95 | .target = target, |
94 | .targetsize = sizeof(struct ip_nat_multi_range_compat), | 96 | .targetsize = sizeof(struct ip_nat_multi_range_compat), |
95 | .table = "nat", | 97 | .table = "nat", |
@@ -101,12 +103,12 @@ static struct ipt_target target_module = { | |||
101 | 103 | ||
102 | static int __init ipt_netmap_init(void) | 104 | static int __init ipt_netmap_init(void) |
103 | { | 105 | { |
104 | return ipt_register_target(&target_module); | 106 | return xt_register_target(&target_module); |
105 | } | 107 | } |
106 | 108 | ||
107 | static void __exit ipt_netmap_fini(void) | 109 | static void __exit ipt_netmap_fini(void) |
108 | { | 110 | { |
109 | ipt_unregister_target(&target_module); | 111 | xt_unregister_target(&target_module); |
110 | } | 112 | } |
111 | 113 | ||
112 | module_init(ipt_netmap_init); | 114 | module_init(ipt_netmap_init); |
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c index 462eceb3a1b1..54cd021aa5a8 100644 --- a/net/ipv4/netfilter/ipt_REDIRECT.c +++ b/net/ipv4/netfilter/ipt_REDIRECT.c | |||
@@ -18,6 +18,7 @@ | |||
18 | #include <net/protocol.h> | 18 | #include <net/protocol.h> |
19 | #include <net/checksum.h> | 19 | #include <net/checksum.h> |
20 | #include <linux/netfilter_ipv4.h> | 20 | #include <linux/netfilter_ipv4.h> |
21 | #include <linux/netfilter/x_tables.h> | ||
21 | #ifdef CONFIG_NF_NAT_NEEDED | 22 | #ifdef CONFIG_NF_NAT_NEEDED |
22 | #include <net/netfilter/nf_nat_rule.h> | 23 | #include <net/netfilter/nf_nat_rule.h> |
23 | #else | 24 | #else |
@@ -104,8 +105,9 @@ redirect_target(struct sk_buff **pskb, | |||
104 | return ip_nat_setup_info(ct, &newrange, hooknum); | 105 | return ip_nat_setup_info(ct, &newrange, hooknum); |
105 | } | 106 | } |
106 | 107 | ||
107 | static struct ipt_target redirect_reg = { | 108 | static struct xt_target redirect_reg = { |
108 | .name = "REDIRECT", | 109 | .name = "REDIRECT", |
110 | .family = AF_INET, | ||
109 | .target = redirect_target, | 111 | .target = redirect_target, |
110 | .targetsize = sizeof(struct ip_nat_multi_range_compat), | 112 | .targetsize = sizeof(struct ip_nat_multi_range_compat), |
111 | .table = "nat", | 113 | .table = "nat", |
@@ -116,12 +118,12 @@ static struct ipt_target redirect_reg = { | |||
116 | 118 | ||
117 | static int __init ipt_redirect_init(void) | 119 | static int __init ipt_redirect_init(void) |
118 | { | 120 | { |
119 | return ipt_register_target(&redirect_reg); | 121 | return xt_register_target(&redirect_reg); |
120 | } | 122 | } |
121 | 123 | ||
122 | static void __exit ipt_redirect_fini(void) | 124 | static void __exit ipt_redirect_fini(void) |
123 | { | 125 | { |
124 | ipt_unregister_target(&redirect_reg); | 126 | xt_unregister_target(&redirect_reg); |
125 | } | 127 | } |
126 | 128 | ||
127 | module_init(ipt_redirect_init); | 129 | module_init(ipt_redirect_init); |
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index c9cad23844d7..e4a1ddb386a7 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c | |||
@@ -22,6 +22,7 @@ | |||
22 | #include <net/tcp.h> | 22 | #include <net/tcp.h> |
23 | #include <net/route.h> | 23 | #include <net/route.h> |
24 | #include <net/dst.h> | 24 | #include <net/dst.h> |
25 | #include <linux/netfilter/x_tables.h> | ||
25 | #include <linux/netfilter_ipv4/ip_tables.h> | 26 | #include <linux/netfilter_ipv4/ip_tables.h> |
26 | #include <linux/netfilter_ipv4/ipt_REJECT.h> | 27 | #include <linux/netfilter_ipv4/ipt_REJECT.h> |
27 | #ifdef CONFIG_BRIDGE_NETFILTER | 28 | #ifdef CONFIG_BRIDGE_NETFILTER |
@@ -230,7 +231,7 @@ static int check(const char *tablename, | |||
230 | } else if (rejinfo->with == IPT_TCP_RESET) { | 231 | } else if (rejinfo->with == IPT_TCP_RESET) { |
231 | /* Must specify that it's a TCP packet */ | 232 | /* Must specify that it's a TCP packet */ |
232 | if (e->ip.proto != IPPROTO_TCP | 233 | if (e->ip.proto != IPPROTO_TCP |
233 | || (e->ip.invflags & IPT_INV_PROTO)) { | 234 | || (e->ip.invflags & XT_INV_PROTO)) { |
234 | DEBUGP("REJECT: TCP_RESET invalid for non-tcp\n"); | 235 | DEBUGP("REJECT: TCP_RESET invalid for non-tcp\n"); |
235 | return 0; | 236 | return 0; |
236 | } | 237 | } |
@@ -238,8 +239,9 @@ static int check(const char *tablename, | |||
238 | return 1; | 239 | return 1; |
239 | } | 240 | } |
240 | 241 | ||
241 | static struct ipt_target ipt_reject_reg = { | 242 | static struct xt_target ipt_reject_reg = { |
242 | .name = "REJECT", | 243 | .name = "REJECT", |
244 | .family = AF_INET, | ||
243 | .target = reject, | 245 | .target = reject, |
244 | .targetsize = sizeof(struct ipt_reject_info), | 246 | .targetsize = sizeof(struct ipt_reject_info), |
245 | .table = "filter", | 247 | .table = "filter", |
@@ -251,12 +253,12 @@ static struct ipt_target ipt_reject_reg = { | |||
251 | 253 | ||
252 | static int __init ipt_reject_init(void) | 254 | static int __init ipt_reject_init(void) |
253 | { | 255 | { |
254 | return ipt_register_target(&ipt_reject_reg); | 256 | return xt_register_target(&ipt_reject_reg); |
255 | } | 257 | } |
256 | 258 | ||
257 | static void __exit ipt_reject_fini(void) | 259 | static void __exit ipt_reject_fini(void) |
258 | { | 260 | { |
259 | ipt_unregister_target(&ipt_reject_reg); | 261 | xt_unregister_target(&ipt_reject_reg); |
260 | } | 262 | } |
261 | 263 | ||
262 | module_init(ipt_reject_init); | 264 | module_init(ipt_reject_init); |
diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c index 3dcf29411337..a1cdd1262de2 100644 --- a/net/ipv4/netfilter/ipt_SAME.c +++ b/net/ipv4/netfilter/ipt_SAME.c | |||
@@ -34,6 +34,7 @@ | |||
34 | #include <net/protocol.h> | 34 | #include <net/protocol.h> |
35 | #include <net/checksum.h> | 35 | #include <net/checksum.h> |
36 | #include <linux/netfilter_ipv4.h> | 36 | #include <linux/netfilter_ipv4.h> |
37 | #include <linux/netfilter/x_tables.h> | ||
37 | #ifdef CONFIG_NF_NAT_NEEDED | 38 | #ifdef CONFIG_NF_NAT_NEEDED |
38 | #include <net/netfilter/nf_nat_rule.h> | 39 | #include <net/netfilter/nf_nat_rule.h> |
39 | #else | 40 | #else |
@@ -186,8 +187,9 @@ same_target(struct sk_buff **pskb, | |||
186 | return ip_nat_setup_info(ct, &newrange, hooknum); | 187 | return ip_nat_setup_info(ct, &newrange, hooknum); |
187 | } | 188 | } |
188 | 189 | ||
189 | static struct ipt_target same_reg = { | 190 | static struct xt_target same_reg = { |
190 | .name = "SAME", | 191 | .name = "SAME", |
192 | .family = AF_INET, | ||
191 | .target = same_target, | 193 | .target = same_target, |
192 | .targetsize = sizeof(struct ipt_same_info), | 194 | .targetsize = sizeof(struct ipt_same_info), |
193 | .table = "nat", | 195 | .table = "nat", |
@@ -199,12 +201,12 @@ static struct ipt_target same_reg = { | |||
199 | 201 | ||
200 | static int __init ipt_same_init(void) | 202 | static int __init ipt_same_init(void) |
201 | { | 203 | { |
202 | return ipt_register_target(&same_reg); | 204 | return xt_register_target(&same_reg); |
203 | } | 205 | } |
204 | 206 | ||
205 | static void __exit ipt_same_fini(void) | 207 | static void __exit ipt_same_fini(void) |
206 | { | 208 | { |
207 | ipt_unregister_target(&same_reg); | 209 | xt_unregister_target(&same_reg); |
208 | } | 210 | } |
209 | 211 | ||
210 | module_init(ipt_same_init); | 212 | module_init(ipt_same_init); |
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c index 18e74ac4d425..29b05a6bd108 100644 --- a/net/ipv4/netfilter/ipt_TOS.c +++ b/net/ipv4/netfilter/ipt_TOS.c | |||
@@ -13,7 +13,7 @@ | |||
13 | #include <linux/ip.h> | 13 | #include <linux/ip.h> |
14 | #include <net/checksum.h> | 14 | #include <net/checksum.h> |
15 | 15 | ||
16 | #include <linux/netfilter_ipv4/ip_tables.h> | 16 | #include <linux/netfilter/x_tables.h> |
17 | #include <linux/netfilter_ipv4/ipt_TOS.h> | 17 | #include <linux/netfilter_ipv4/ipt_TOS.h> |
18 | 18 | ||
19 | MODULE_LICENSE("GPL"); | 19 | MODULE_LICENSE("GPL"); |
@@ -40,7 +40,7 @@ target(struct sk_buff **pskb, | |||
40 | iph->tos = (iph->tos & IPTOS_PREC_MASK) | tosinfo->tos; | 40 | iph->tos = (iph->tos & IPTOS_PREC_MASK) | tosinfo->tos; |
41 | nf_csum_replace2(&iph->check, htons(oldtos), htons(iph->tos)); | 41 | nf_csum_replace2(&iph->check, htons(oldtos), htons(iph->tos)); |
42 | } | 42 | } |
43 | return IPT_CONTINUE; | 43 | return XT_CONTINUE; |
44 | } | 44 | } |
45 | 45 | ||
46 | static int | 46 | static int |
@@ -63,8 +63,9 @@ checkentry(const char *tablename, | |||
63 | return 1; | 63 | return 1; |
64 | } | 64 | } |
65 | 65 | ||
66 | static struct ipt_target ipt_tos_reg = { | 66 | static struct xt_target ipt_tos_reg = { |
67 | .name = "TOS", | 67 | .name = "TOS", |
68 | .family = AF_INET, | ||
68 | .target = target, | 69 | .target = target, |
69 | .targetsize = sizeof(struct ipt_tos_target_info), | 70 | .targetsize = sizeof(struct ipt_tos_target_info), |
70 | .table = "mangle", | 71 | .table = "mangle", |
@@ -74,12 +75,12 @@ static struct ipt_target ipt_tos_reg = { | |||
74 | 75 | ||
75 | static int __init ipt_tos_init(void) | 76 | static int __init ipt_tos_init(void) |
76 | { | 77 | { |
77 | return ipt_register_target(&ipt_tos_reg); | 78 | return xt_register_target(&ipt_tos_reg); |
78 | } | 79 | } |
79 | 80 | ||
80 | static void __exit ipt_tos_fini(void) | 81 | static void __exit ipt_tos_fini(void) |
81 | { | 82 | { |
82 | ipt_unregister_target(&ipt_tos_reg); | 83 | xt_unregister_target(&ipt_tos_reg); |
83 | } | 84 | } |
84 | 85 | ||
85 | module_init(ipt_tos_init); | 86 | module_init(ipt_tos_init); |
diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c index fffe5ca82e91..d2b6fa3f9dcd 100644 --- a/net/ipv4/netfilter/ipt_TTL.c +++ b/net/ipv4/netfilter/ipt_TTL.c | |||
@@ -12,7 +12,7 @@ | |||
12 | #include <linux/ip.h> | 12 | #include <linux/ip.h> |
13 | #include <net/checksum.h> | 13 | #include <net/checksum.h> |
14 | 14 | ||
15 | #include <linux/netfilter_ipv4/ip_tables.h> | 15 | #include <linux/netfilter/x_tables.h> |
16 | #include <linux/netfilter_ipv4/ipt_TTL.h> | 16 | #include <linux/netfilter_ipv4/ipt_TTL.h> |
17 | 17 | ||
18 | MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | 18 | MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); |
@@ -59,7 +59,7 @@ ipt_ttl_target(struct sk_buff **pskb, | |||
59 | iph->ttl = new_ttl; | 59 | iph->ttl = new_ttl; |
60 | } | 60 | } |
61 | 61 | ||
62 | return IPT_CONTINUE; | 62 | return XT_CONTINUE; |
63 | } | 63 | } |
64 | 64 | ||
65 | static int ipt_ttl_checkentry(const char *tablename, | 65 | static int ipt_ttl_checkentry(const char *tablename, |
@@ -80,8 +80,9 @@ static int ipt_ttl_checkentry(const char *tablename, | |||
80 | return 1; | 80 | return 1; |
81 | } | 81 | } |
82 | 82 | ||
83 | static struct ipt_target ipt_TTL = { | 83 | static struct xt_target ipt_TTL = { |
84 | .name = "TTL", | 84 | .name = "TTL", |
85 | .family = AF_INET, | ||
85 | .target = ipt_ttl_target, | 86 | .target = ipt_ttl_target, |
86 | .targetsize = sizeof(struct ipt_TTL_info), | 87 | .targetsize = sizeof(struct ipt_TTL_info), |
87 | .table = "mangle", | 88 | .table = "mangle", |
@@ -91,12 +92,12 @@ static struct ipt_target ipt_TTL = { | |||
91 | 92 | ||
92 | static int __init ipt_ttl_init(void) | 93 | static int __init ipt_ttl_init(void) |
93 | { | 94 | { |
94 | return ipt_register_target(&ipt_TTL); | 95 | return xt_register_target(&ipt_TTL); |
95 | } | 96 | } |
96 | 97 | ||
97 | static void __exit ipt_ttl_fini(void) | 98 | static void __exit ipt_ttl_fini(void) |
98 | { | 99 | { |
99 | ipt_unregister_target(&ipt_TTL); | 100 | xt_unregister_target(&ipt_TTL); |
100 | } | 101 | } |
101 | 102 | ||
102 | module_init(ipt_ttl_init); | 103 | module_init(ipt_ttl_init); |
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index a47e279eaac2..7af57a3a1f36 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c | |||
@@ -57,7 +57,7 @@ | |||
57 | #include <linux/mm.h> | 57 | #include <linux/mm.h> |
58 | #include <linux/moduleparam.h> | 58 | #include <linux/moduleparam.h> |
59 | #include <linux/netfilter.h> | 59 | #include <linux/netfilter.h> |
60 | #include <linux/netfilter_ipv4/ip_tables.h> | 60 | #include <linux/netfilter/x_tables.h> |
61 | #include <linux/netfilter_ipv4/ipt_ULOG.h> | 61 | #include <linux/netfilter_ipv4/ipt_ULOG.h> |
62 | #include <net/sock.h> | 62 | #include <net/sock.h> |
63 | #include <linux/bitops.h> | 63 | #include <linux/bitops.h> |
@@ -132,7 +132,6 @@ static void ulog_send(unsigned int nlgroupnum) | |||
132 | ub->qlen = 0; | 132 | ub->qlen = 0; |
133 | ub->skb = NULL; | 133 | ub->skb = NULL; |
134 | ub->lastnlh = NULL; | 134 | ub->lastnlh = NULL; |
135 | |||
136 | } | 135 | } |
137 | 136 | ||
138 | 137 | ||
@@ -314,7 +313,7 @@ static unsigned int ipt_ulog_target(struct sk_buff **pskb, | |||
314 | 313 | ||
315 | ipt_ulog_packet(hooknum, *pskb, in, out, loginfo, NULL); | 314 | ipt_ulog_packet(hooknum, *pskb, in, out, loginfo, NULL); |
316 | 315 | ||
317 | return IPT_CONTINUE; | 316 | return XT_CONTINUE; |
318 | } | 317 | } |
319 | 318 | ||
320 | static void ipt_logfn(unsigned int pf, | 319 | static void ipt_logfn(unsigned int pf, |
@@ -363,8 +362,9 @@ static int ipt_ulog_checkentry(const char *tablename, | |||
363 | return 1; | 362 | return 1; |
364 | } | 363 | } |
365 | 364 | ||
366 | static struct ipt_target ipt_ulog_reg = { | 365 | static struct xt_target ipt_ulog_reg = { |
367 | .name = "ULOG", | 366 | .name = "ULOG", |
367 | .family = AF_INET, | ||
368 | .target = ipt_ulog_target, | 368 | .target = ipt_ulog_target, |
369 | .targetsize = sizeof(struct ipt_ulog_info), | 369 | .targetsize = sizeof(struct ipt_ulog_info), |
370 | .checkentry = ipt_ulog_checkentry, | 370 | .checkentry = ipt_ulog_checkentry, |
@@ -400,7 +400,7 @@ static int __init ipt_ulog_init(void) | |||
400 | if (!nflognl) | 400 | if (!nflognl) |
401 | return -ENOMEM; | 401 | return -ENOMEM; |
402 | 402 | ||
403 | ret = ipt_register_target(&ipt_ulog_reg); | 403 | ret = xt_register_target(&ipt_ulog_reg); |
404 | if (ret < 0) { | 404 | if (ret < 0) { |
405 | sock_release(nflognl->sk_socket); | 405 | sock_release(nflognl->sk_socket); |
406 | return ret; | 406 | return ret; |
@@ -420,7 +420,7 @@ static void __exit ipt_ulog_fini(void) | |||
420 | 420 | ||
421 | if (nflog) | 421 | if (nflog) |
422 | nf_log_unregister_logger(&ipt_ulog_logger); | 422 | nf_log_unregister_logger(&ipt_ulog_logger); |
423 | ipt_unregister_target(&ipt_ulog_reg); | 423 | xt_unregister_target(&ipt_ulog_reg); |
424 | sock_release(nflognl->sk_socket); | 424 | sock_release(nflognl->sk_socket); |
425 | 425 | ||
426 | /* remove pending timers and free allocated skb's */ | 426 | /* remove pending timers and free allocated skb's */ |
@@ -436,7 +436,6 @@ static void __exit ipt_ulog_fini(void) | |||
436 | ub->skb = NULL; | 436 | ub->skb = NULL; |
437 | } | 437 | } |
438 | } | 438 | } |
439 | |||
440 | } | 439 | } |
441 | 440 | ||
442 | module_init(ipt_ulog_init); | 441 | module_init(ipt_ulog_init); |
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c index 7b60eb74788b..648f555c4d16 100644 --- a/net/ipv4/netfilter/ipt_addrtype.c +++ b/net/ipv4/netfilter/ipt_addrtype.c | |||
@@ -16,7 +16,7 @@ | |||
16 | #include <net/route.h> | 16 | #include <net/route.h> |
17 | 17 | ||
18 | #include <linux/netfilter_ipv4/ipt_addrtype.h> | 18 | #include <linux/netfilter_ipv4/ipt_addrtype.h> |
19 | #include <linux/netfilter_ipv4/ip_tables.h> | 19 | #include <linux/netfilter/x_tables.h> |
20 | 20 | ||
21 | MODULE_LICENSE("GPL"); | 21 | MODULE_LICENSE("GPL"); |
22 | MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); | 22 | MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); |
@@ -44,8 +44,9 @@ static int match(const struct sk_buff *skb, | |||
44 | return ret; | 44 | return ret; |
45 | } | 45 | } |
46 | 46 | ||
47 | static struct ipt_match addrtype_match = { | 47 | static struct xt_match addrtype_match = { |
48 | .name = "addrtype", | 48 | .name = "addrtype", |
49 | .family = AF_INET, | ||
49 | .match = match, | 50 | .match = match, |
50 | .matchsize = sizeof(struct ipt_addrtype_info), | 51 | .matchsize = sizeof(struct ipt_addrtype_info), |
51 | .me = THIS_MODULE | 52 | .me = THIS_MODULE |
@@ -53,12 +54,12 @@ static struct ipt_match addrtype_match = { | |||
53 | 54 | ||
54 | static int __init ipt_addrtype_init(void) | 55 | static int __init ipt_addrtype_init(void) |
55 | { | 56 | { |
56 | return ipt_register_match(&addrtype_match); | 57 | return xt_register_match(&addrtype_match); |
57 | } | 58 | } |
58 | 59 | ||
59 | static void __exit ipt_addrtype_fini(void) | 60 | static void __exit ipt_addrtype_fini(void) |
60 | { | 61 | { |
61 | ipt_unregister_match(&addrtype_match); | 62 | xt_unregister_match(&addrtype_match); |
62 | } | 63 | } |
63 | 64 | ||
64 | module_init(ipt_addrtype_init); | 65 | module_init(ipt_addrtype_init); |
diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c index 1798f86bc534..42f41224a43a 100644 --- a/net/ipv4/netfilter/ipt_ah.c +++ b/net/ipv4/netfilter/ipt_ah.c | |||
@@ -6,12 +6,13 @@ | |||
6 | * published by the Free Software Foundation. | 6 | * published by the Free Software Foundation. |
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include <linux/in.h> | ||
9 | #include <linux/module.h> | 10 | #include <linux/module.h> |
10 | #include <linux/skbuff.h> | 11 | #include <linux/skbuff.h> |
11 | #include <linux/ip.h> | 12 | #include <linux/ip.h> |
12 | 13 | ||
13 | #include <linux/netfilter_ipv4/ipt_ah.h> | 14 | #include <linux/netfilter_ipv4/ipt_ah.h> |
14 | #include <linux/netfilter_ipv4/ip_tables.h> | 15 | #include <linux/netfilter/x_tables.h> |
15 | 16 | ||
16 | MODULE_LICENSE("GPL"); | 17 | MODULE_LICENSE("GPL"); |
17 | MODULE_AUTHOR("Yon Uriarte <yon@astaro.de>"); | 18 | MODULE_AUTHOR("Yon Uriarte <yon@astaro.de>"); |
@@ -86,8 +87,9 @@ checkentry(const char *tablename, | |||
86 | return 1; | 87 | return 1; |
87 | } | 88 | } |
88 | 89 | ||
89 | static struct ipt_match ah_match = { | 90 | static struct xt_match ah_match = { |
90 | .name = "ah", | 91 | .name = "ah", |
92 | .family = AF_INET, | ||
91 | .match = match, | 93 | .match = match, |
92 | .matchsize = sizeof(struct ipt_ah), | 94 | .matchsize = sizeof(struct ipt_ah), |
93 | .proto = IPPROTO_AH, | 95 | .proto = IPPROTO_AH, |
@@ -97,12 +99,12 @@ static struct ipt_match ah_match = { | |||
97 | 99 | ||
98 | static int __init ipt_ah_init(void) | 100 | static int __init ipt_ah_init(void) |
99 | { | 101 | { |
100 | return ipt_register_match(&ah_match); | 102 | return xt_register_match(&ah_match); |
101 | } | 103 | } |
102 | 104 | ||
103 | static void __exit ipt_ah_fini(void) | 105 | static void __exit ipt_ah_fini(void) |
104 | { | 106 | { |
105 | ipt_unregister_match(&ah_match); | 107 | xt_unregister_match(&ah_match); |
106 | } | 108 | } |
107 | 109 | ||
108 | module_init(ipt_ah_init); | 110 | module_init(ipt_ah_init); |
diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c index dafbdec0efc0..37508b2cfea6 100644 --- a/net/ipv4/netfilter/ipt_ecn.c +++ b/net/ipv4/netfilter/ipt_ecn.c | |||
@@ -9,10 +9,13 @@ | |||
9 | * published by the Free Software Foundation. | 9 | * published by the Free Software Foundation. |
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include <linux/in.h> | ||
13 | #include <linux/ip.h> | ||
12 | #include <linux/module.h> | 14 | #include <linux/module.h> |
13 | #include <linux/skbuff.h> | 15 | #include <linux/skbuff.h> |
14 | #include <linux/tcp.h> | 16 | #include <linux/tcp.h> |
15 | 17 | ||
18 | #include <linux/netfilter/x_tables.h> | ||
16 | #include <linux/netfilter_ipv4/ip_tables.h> | 19 | #include <linux/netfilter_ipv4/ip_tables.h> |
17 | #include <linux/netfilter_ipv4/ipt_ecn.h> | 20 | #include <linux/netfilter_ipv4/ipt_ecn.h> |
18 | 21 | ||
@@ -109,8 +112,9 @@ static int checkentry(const char *tablename, const void *ip_void, | |||
109 | return 1; | 112 | return 1; |
110 | } | 113 | } |
111 | 114 | ||
112 | static struct ipt_match ecn_match = { | 115 | static struct xt_match ecn_match = { |
113 | .name = "ecn", | 116 | .name = "ecn", |
117 | .family = AF_INET, | ||
114 | .match = match, | 118 | .match = match, |
115 | .matchsize = sizeof(struct ipt_ecn_info), | 119 | .matchsize = sizeof(struct ipt_ecn_info), |
116 | .checkentry = checkentry, | 120 | .checkentry = checkentry, |
@@ -119,12 +123,12 @@ static struct ipt_match ecn_match = { | |||
119 | 123 | ||
120 | static int __init ipt_ecn_init(void) | 124 | static int __init ipt_ecn_init(void) |
121 | { | 125 | { |
122 | return ipt_register_match(&ecn_match); | 126 | return xt_register_match(&ecn_match); |
123 | } | 127 | } |
124 | 128 | ||
125 | static void __exit ipt_ecn_fini(void) | 129 | static void __exit ipt_ecn_fini(void) |
126 | { | 130 | { |
127 | ipt_unregister_match(&ecn_match); | 131 | xt_unregister_match(&ecn_match); |
128 | } | 132 | } |
129 | 133 | ||
130 | module_init(ipt_ecn_init); | 134 | module_init(ipt_ecn_init); |
diff --git a/net/ipv4/netfilter/ipt_iprange.c b/net/ipv4/netfilter/ipt_iprange.c index 5202edd8d333..05de593be94c 100644 --- a/net/ipv4/netfilter/ipt_iprange.c +++ b/net/ipv4/netfilter/ipt_iprange.c | |||
@@ -10,7 +10,7 @@ | |||
10 | #include <linux/module.h> | 10 | #include <linux/module.h> |
11 | #include <linux/skbuff.h> | 11 | #include <linux/skbuff.h> |
12 | #include <linux/ip.h> | 12 | #include <linux/ip.h> |
13 | #include <linux/netfilter_ipv4/ip_tables.h> | 13 | #include <linux/netfilter/x_tables.h> |
14 | #include <linux/netfilter_ipv4/ipt_iprange.h> | 14 | #include <linux/netfilter_ipv4/ipt_iprange.h> |
15 | 15 | ||
16 | MODULE_LICENSE("GPL"); | 16 | MODULE_LICENSE("GPL"); |
@@ -63,22 +63,22 @@ match(const struct sk_buff *skb, | |||
63 | return 1; | 63 | return 1; |
64 | } | 64 | } |
65 | 65 | ||
66 | static struct ipt_match iprange_match = { | 66 | static struct xt_match iprange_match = { |
67 | .name = "iprange", | 67 | .name = "iprange", |
68 | .family = AF_INET, | ||
68 | .match = match, | 69 | .match = match, |
69 | .matchsize = sizeof(struct ipt_iprange_info), | 70 | .matchsize = sizeof(struct ipt_iprange_info), |
70 | .destroy = NULL, | ||
71 | .me = THIS_MODULE | 71 | .me = THIS_MODULE |
72 | }; | 72 | }; |
73 | 73 | ||
74 | static int __init ipt_iprange_init(void) | 74 | static int __init ipt_iprange_init(void) |
75 | { | 75 | { |
76 | return ipt_register_match(&iprange_match); | 76 | return xt_register_match(&iprange_match); |
77 | } | 77 | } |
78 | 78 | ||
79 | static void __exit ipt_iprange_fini(void) | 79 | static void __exit ipt_iprange_fini(void) |
80 | { | 80 | { |
81 | ipt_unregister_match(&iprange_match); | 81 | xt_unregister_match(&iprange_match); |
82 | } | 82 | } |
83 | 83 | ||
84 | module_init(ipt_iprange_init); | 84 | module_init(ipt_iprange_init); |
diff --git a/net/ipv4/netfilter/ipt_owner.c b/net/ipv4/netfilter/ipt_owner.c index 78c336f12a9e..9f496ac834b5 100644 --- a/net/ipv4/netfilter/ipt_owner.c +++ b/net/ipv4/netfilter/ipt_owner.c | |||
@@ -15,7 +15,7 @@ | |||
15 | #include <net/sock.h> | 15 | #include <net/sock.h> |
16 | 16 | ||
17 | #include <linux/netfilter_ipv4/ipt_owner.h> | 17 | #include <linux/netfilter_ipv4/ipt_owner.h> |
18 | #include <linux/netfilter_ipv4/ip_tables.h> | 18 | #include <linux/netfilter/x_tables.h> |
19 | 19 | ||
20 | MODULE_LICENSE("GPL"); | 20 | MODULE_LICENSE("GPL"); |
21 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); | 21 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); |
@@ -68,8 +68,9 @@ checkentry(const char *tablename, | |||
68 | return 1; | 68 | return 1; |
69 | } | 69 | } |
70 | 70 | ||
71 | static struct ipt_match owner_match = { | 71 | static struct xt_match owner_match = { |
72 | .name = "owner", | 72 | .name = "owner", |
73 | .family = AF_INET, | ||
73 | .match = match, | 74 | .match = match, |
74 | .matchsize = sizeof(struct ipt_owner_info), | 75 | .matchsize = sizeof(struct ipt_owner_info), |
75 | .hooks = (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_POST_ROUTING), | 76 | .hooks = (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_POST_ROUTING), |
@@ -79,12 +80,12 @@ static struct ipt_match owner_match = { | |||
79 | 80 | ||
80 | static int __init ipt_owner_init(void) | 81 | static int __init ipt_owner_init(void) |
81 | { | 82 | { |
82 | return ipt_register_match(&owner_match); | 83 | return xt_register_match(&owner_match); |
83 | } | 84 | } |
84 | 85 | ||
85 | static void __exit ipt_owner_fini(void) | 86 | static void __exit ipt_owner_fini(void) |
86 | { | 87 | { |
87 | ipt_unregister_match(&owner_match); | 88 | xt_unregister_match(&owner_match); |
88 | } | 89 | } |
89 | 90 | ||
90 | module_init(ipt_owner_init); | 91 | module_init(ipt_owner_init); |
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 4db0e73c56f1..6b97b6796173 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c | |||
@@ -12,6 +12,7 @@ | |||
12 | * Copyright 2002-2003, Stephen Frost, 2.5.x port by laforge@netfilter.org | 12 | * Copyright 2002-2003, Stephen Frost, 2.5.x port by laforge@netfilter.org |
13 | */ | 13 | */ |
14 | #include <linux/init.h> | 14 | #include <linux/init.h> |
15 | #include <linux/ip.h> | ||
15 | #include <linux/moduleparam.h> | 16 | #include <linux/moduleparam.h> |
16 | #include <linux/proc_fs.h> | 17 | #include <linux/proc_fs.h> |
17 | #include <linux/seq_file.h> | 18 | #include <linux/seq_file.h> |
@@ -24,7 +25,7 @@ | |||
24 | #include <linux/skbuff.h> | 25 | #include <linux/skbuff.h> |
25 | #include <linux/inet.h> | 26 | #include <linux/inet.h> |
26 | 27 | ||
27 | #include <linux/netfilter_ipv4/ip_tables.h> | 28 | #include <linux/netfilter/x_tables.h> |
28 | #include <linux/netfilter_ipv4/ipt_recent.h> | 29 | #include <linux/netfilter_ipv4/ipt_recent.h> |
29 | 30 | ||
30 | MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); | 31 | MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); |
@@ -462,8 +463,9 @@ static struct file_operations recent_fops = { | |||
462 | }; | 463 | }; |
463 | #endif /* CONFIG_PROC_FS */ | 464 | #endif /* CONFIG_PROC_FS */ |
464 | 465 | ||
465 | static struct ipt_match recent_match = { | 466 | static struct xt_match recent_match = { |
466 | .name = "recent", | 467 | .name = "recent", |
468 | .family = AF_INET, | ||
467 | .match = ipt_recent_match, | 469 | .match = ipt_recent_match, |
468 | .matchsize = sizeof(struct ipt_recent_info), | 470 | .matchsize = sizeof(struct ipt_recent_info), |
469 | .checkentry = ipt_recent_checkentry, | 471 | .checkentry = ipt_recent_checkentry, |
@@ -479,13 +481,13 @@ static int __init ipt_recent_init(void) | |||
479 | return -EINVAL; | 481 | return -EINVAL; |
480 | ip_list_hash_size = 1 << fls(ip_list_tot); | 482 | ip_list_hash_size = 1 << fls(ip_list_tot); |
481 | 483 | ||
482 | err = ipt_register_match(&recent_match); | 484 | err = xt_register_match(&recent_match); |
483 | #ifdef CONFIG_PROC_FS | 485 | #ifdef CONFIG_PROC_FS |
484 | if (err) | 486 | if (err) |
485 | return err; | 487 | return err; |
486 | proc_dir = proc_mkdir("ipt_recent", proc_net); | 488 | proc_dir = proc_mkdir("ipt_recent", proc_net); |
487 | if (proc_dir == NULL) { | 489 | if (proc_dir == NULL) { |
488 | ipt_unregister_match(&recent_match); | 490 | xt_unregister_match(&recent_match); |
489 | err = -ENOMEM; | 491 | err = -ENOMEM; |
490 | } | 492 | } |
491 | #endif | 493 | #endif |
@@ -495,7 +497,7 @@ static int __init ipt_recent_init(void) | |||
495 | static void __exit ipt_recent_exit(void) | 497 | static void __exit ipt_recent_exit(void) |
496 | { | 498 | { |
497 | BUG_ON(!list_empty(&tables)); | 499 | BUG_ON(!list_empty(&tables)); |
498 | ipt_unregister_match(&recent_match); | 500 | xt_unregister_match(&recent_match); |
499 | #ifdef CONFIG_PROC_FS | 501 | #ifdef CONFIG_PROC_FS |
500 | remove_proc_entry("ipt_recent", proc_net); | 502 | remove_proc_entry("ipt_recent", proc_net); |
501 | #endif | 503 | #endif |
diff --git a/net/ipv4/netfilter/ipt_tos.c b/net/ipv4/netfilter/ipt_tos.c index 5549c39c7851..5d33b51d49d8 100644 --- a/net/ipv4/netfilter/ipt_tos.c +++ b/net/ipv4/netfilter/ipt_tos.c | |||
@@ -8,11 +8,12 @@ | |||
8 | * published by the Free Software Foundation. | 8 | * published by the Free Software Foundation. |
9 | */ | 9 | */ |
10 | 10 | ||
11 | #include <linux/ip.h> | ||
11 | #include <linux/module.h> | 12 | #include <linux/module.h> |
12 | #include <linux/skbuff.h> | 13 | #include <linux/skbuff.h> |
13 | 14 | ||
14 | #include <linux/netfilter_ipv4/ipt_tos.h> | 15 | #include <linux/netfilter_ipv4/ipt_tos.h> |
15 | #include <linux/netfilter_ipv4/ip_tables.h> | 16 | #include <linux/netfilter/x_tables.h> |
16 | 17 | ||
17 | MODULE_LICENSE("GPL"); | 18 | MODULE_LICENSE("GPL"); |
18 | MODULE_DESCRIPTION("iptables TOS match module"); | 19 | MODULE_DESCRIPTION("iptables TOS match module"); |
@@ -32,8 +33,9 @@ match(const struct sk_buff *skb, | |||
32 | return (skb->nh.iph->tos == info->tos) ^ info->invert; | 33 | return (skb->nh.iph->tos == info->tos) ^ info->invert; |
33 | } | 34 | } |
34 | 35 | ||
35 | static struct ipt_match tos_match = { | 36 | static struct xt_match tos_match = { |
36 | .name = "tos", | 37 | .name = "tos", |
38 | .family = AF_INET, | ||
37 | .match = match, | 39 | .match = match, |
38 | .matchsize = sizeof(struct ipt_tos_info), | 40 | .matchsize = sizeof(struct ipt_tos_info), |
39 | .me = THIS_MODULE, | 41 | .me = THIS_MODULE, |
@@ -41,12 +43,12 @@ static struct ipt_match tos_match = { | |||
41 | 43 | ||
42 | static int __init ipt_multiport_init(void) | 44 | static int __init ipt_multiport_init(void) |
43 | { | 45 | { |
44 | return ipt_register_match(&tos_match); | 46 | return xt_register_match(&tos_match); |
45 | } | 47 | } |
46 | 48 | ||
47 | static void __exit ipt_multiport_fini(void) | 49 | static void __exit ipt_multiport_fini(void) |
48 | { | 50 | { |
49 | ipt_unregister_match(&tos_match); | 51 | xt_unregister_match(&tos_match); |
50 | } | 52 | } |
51 | 53 | ||
52 | module_init(ipt_multiport_init); | 54 | module_init(ipt_multiport_init); |
diff --git a/net/ipv4/netfilter/ipt_ttl.c b/net/ipv4/netfilter/ipt_ttl.c index a5243bdb87d7..d5cd984e5ed2 100644 --- a/net/ipv4/netfilter/ipt_ttl.c +++ b/net/ipv4/netfilter/ipt_ttl.c | |||
@@ -9,11 +9,12 @@ | |||
9 | * published by the Free Software Foundation. | 9 | * published by the Free Software Foundation. |
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include <linux/ip.h> | ||
12 | #include <linux/module.h> | 13 | #include <linux/module.h> |
13 | #include <linux/skbuff.h> | 14 | #include <linux/skbuff.h> |
14 | 15 | ||
15 | #include <linux/netfilter_ipv4/ipt_ttl.h> | 16 | #include <linux/netfilter_ipv4/ipt_ttl.h> |
16 | #include <linux/netfilter_ipv4/ip_tables.h> | 17 | #include <linux/netfilter/x_tables.h> |
17 | 18 | ||
18 | MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | 19 | MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); |
19 | MODULE_DESCRIPTION("IP tables TTL matching module"); | 20 | MODULE_DESCRIPTION("IP tables TTL matching module"); |
@@ -48,8 +49,9 @@ static int match(const struct sk_buff *skb, | |||
48 | return 0; | 49 | return 0; |
49 | } | 50 | } |
50 | 51 | ||
51 | static struct ipt_match ttl_match = { | 52 | static struct xt_match ttl_match = { |
52 | .name = "ttl", | 53 | .name = "ttl", |
54 | .family = AF_INET, | ||
53 | .match = match, | 55 | .match = match, |
54 | .matchsize = sizeof(struct ipt_ttl_info), | 56 | .matchsize = sizeof(struct ipt_ttl_info), |
55 | .me = THIS_MODULE, | 57 | .me = THIS_MODULE, |
@@ -57,13 +59,12 @@ static struct ipt_match ttl_match = { | |||
57 | 59 | ||
58 | static int __init ipt_ttl_init(void) | 60 | static int __init ipt_ttl_init(void) |
59 | { | 61 | { |
60 | return ipt_register_match(&ttl_match); | 62 | return xt_register_match(&ttl_match); |
61 | } | 63 | } |
62 | 64 | ||
63 | static void __exit ipt_ttl_fini(void) | 65 | static void __exit ipt_ttl_fini(void) |
64 | { | 66 | { |
65 | ipt_unregister_match(&ttl_match); | 67 | xt_unregister_match(&ttl_match); |
66 | |||
67 | } | 68 | } |
68 | 69 | ||
69 | module_init(ipt_ttl_init); | 70 | module_init(ipt_ttl_init); |
diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c index 3745efe70302..de25d63f543c 100644 --- a/net/ipv4/netfilter/nf_nat_rule.c +++ b/net/ipv4/netfilter/nf_nat_rule.c | |||
@@ -294,7 +294,7 @@ int nf_nat_rule_find(struct sk_buff **pskb, | |||
294 | return ret; | 294 | return ret; |
295 | } | 295 | } |
296 | 296 | ||
297 | static struct ipt_target ipt_snat_reg = { | 297 | static struct xt_target ipt_snat_reg = { |
298 | .name = "SNAT", | 298 | .name = "SNAT", |
299 | .target = ipt_snat_target, | 299 | .target = ipt_snat_target, |
300 | .targetsize = sizeof(struct nf_nat_multi_range_compat), | 300 | .targetsize = sizeof(struct nf_nat_multi_range_compat), |
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 99502c5da4c4..7083e1cfb2f5 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
@@ -530,7 +530,7 @@ check_match(struct ip6t_entry_match *m, | |||
530 | unsigned int hookmask, | 530 | unsigned int hookmask, |
531 | unsigned int *i) | 531 | unsigned int *i) |
532 | { | 532 | { |
533 | struct ip6t_match *match; | 533 | struct xt_match *match; |
534 | int ret; | 534 | int ret; |
535 | 535 | ||
536 | match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name, | 536 | match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name, |
@@ -564,14 +564,14 @@ err: | |||
564 | return ret; | 564 | return ret; |
565 | } | 565 | } |
566 | 566 | ||
567 | static struct ip6t_target ip6t_standard_target; | 567 | static struct xt_target ip6t_standard_target; |
568 | 568 | ||
569 | static inline int | 569 | static inline int |
570 | check_entry(struct ip6t_entry *e, const char *name, unsigned int size, | 570 | check_entry(struct ip6t_entry *e, const char *name, unsigned int size, |
571 | unsigned int *i) | 571 | unsigned int *i) |
572 | { | 572 | { |
573 | struct ip6t_entry_target *t; | 573 | struct ip6t_entry_target *t; |
574 | struct ip6t_target *target; | 574 | struct xt_target *target; |
575 | int ret; | 575 | int ret; |
576 | unsigned int j; | 576 | unsigned int j; |
577 | 577 | ||
@@ -1348,13 +1348,13 @@ icmp6_checkentry(const char *tablename, | |||
1348 | } | 1348 | } |
1349 | 1349 | ||
1350 | /* The built-in targets: standard (NULL) and error. */ | 1350 | /* The built-in targets: standard (NULL) and error. */ |
1351 | static struct ip6t_target ip6t_standard_target = { | 1351 | static struct xt_target ip6t_standard_target = { |
1352 | .name = IP6T_STANDARD_TARGET, | 1352 | .name = IP6T_STANDARD_TARGET, |
1353 | .targetsize = sizeof(int), | 1353 | .targetsize = sizeof(int), |
1354 | .family = AF_INET6, | 1354 | .family = AF_INET6, |
1355 | }; | 1355 | }; |
1356 | 1356 | ||
1357 | static struct ip6t_target ip6t_error_target = { | 1357 | static struct xt_target ip6t_error_target = { |
1358 | .name = IP6T_ERROR_TARGET, | 1358 | .name = IP6T_ERROR_TARGET, |
1359 | .target = ip6t_error, | 1359 | .target = ip6t_error, |
1360 | .targetsize = IP6T_FUNCTION_MAXNAMELEN, | 1360 | .targetsize = IP6T_FUNCTION_MAXNAMELEN, |
@@ -1371,7 +1371,7 @@ static struct nf_sockopt_ops ip6t_sockopts = { | |||
1371 | .get = do_ip6t_get_ctl, | 1371 | .get = do_ip6t_get_ctl, |
1372 | }; | 1372 | }; |
1373 | 1373 | ||
1374 | static struct ip6t_match icmp6_matchstruct = { | 1374 | static struct xt_match icmp6_matchstruct = { |
1375 | .name = "icmp6", | 1375 | .name = "icmp6", |
1376 | .match = &icmp6_match, | 1376 | .match = &icmp6_match, |
1377 | .matchsize = sizeof(struct ip6t_icmp), | 1377 | .matchsize = sizeof(struct ip6t_icmp), |
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c index 7e5d51386f56..04e500172fb4 100644 --- a/net/ipv6/netfilter/ip6t_HL.c +++ b/net/ipv6/netfilter/ip6t_HL.c | |||
@@ -9,12 +9,13 @@ | |||
9 | #include <linux/module.h> | 9 | #include <linux/module.h> |
10 | #include <linux/skbuff.h> | 10 | #include <linux/skbuff.h> |
11 | #include <linux/ip.h> | 11 | #include <linux/ip.h> |
12 | #include <linux/ipv6.h> | ||
12 | 13 | ||
13 | #include <linux/netfilter_ipv6/ip6_tables.h> | 14 | #include <linux/netfilter/x_tables.h> |
14 | #include <linux/netfilter_ipv6/ip6t_HL.h> | 15 | #include <linux/netfilter_ipv6/ip6t_HL.h> |
15 | 16 | ||
16 | MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); | 17 | MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); |
17 | MODULE_DESCRIPTION("IP tables Hop Limit modification module"); | 18 | MODULE_DESCRIPTION("IP6 tables Hop Limit modification module"); |
18 | MODULE_LICENSE("GPL"); | 19 | MODULE_LICENSE("GPL"); |
19 | 20 | ||
20 | static unsigned int ip6t_hl_target(struct sk_buff **pskb, | 21 | static unsigned int ip6t_hl_target(struct sk_buff **pskb, |
@@ -54,7 +55,7 @@ static unsigned int ip6t_hl_target(struct sk_buff **pskb, | |||
54 | 55 | ||
55 | ip6h->hop_limit = new_hl; | 56 | ip6h->hop_limit = new_hl; |
56 | 57 | ||
57 | return IP6T_CONTINUE; | 58 | return XT_CONTINUE; |
58 | } | 59 | } |
59 | 60 | ||
60 | static int ip6t_hl_checkentry(const char *tablename, | 61 | static int ip6t_hl_checkentry(const char *tablename, |
@@ -78,8 +79,9 @@ static int ip6t_hl_checkentry(const char *tablename, | |||
78 | return 1; | 79 | return 1; |
79 | } | 80 | } |
80 | 81 | ||
81 | static struct ip6t_target ip6t_HL = { | 82 | static struct xt_target ip6t_HL = { |
82 | .name = "HL", | 83 | .name = "HL", |
84 | .family = AF_INET6, | ||
83 | .target = ip6t_hl_target, | 85 | .target = ip6t_hl_target, |
84 | .targetsize = sizeof(struct ip6t_HL_info), | 86 | .targetsize = sizeof(struct ip6t_HL_info), |
85 | .table = "mangle", | 87 | .table = "mangle", |
@@ -89,12 +91,12 @@ static struct ip6t_target ip6t_HL = { | |||
89 | 91 | ||
90 | static int __init ip6t_hl_init(void) | 92 | static int __init ip6t_hl_init(void) |
91 | { | 93 | { |
92 | return ip6t_register_target(&ip6t_HL); | 94 | return xt_register_target(&ip6t_HL); |
93 | } | 95 | } |
94 | 96 | ||
95 | static void __exit ip6t_hl_fini(void) | 97 | static void __exit ip6t_hl_fini(void) |
96 | { | 98 | { |
97 | ip6t_unregister_target(&ip6t_HL); | 99 | xt_unregister_target(&ip6t_HL); |
98 | } | 100 | } |
99 | 101 | ||
100 | module_init(ip6t_hl_init); | 102 | module_init(ip6t_hl_init); |
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c index 9fe0816bb21d..5587a77b884c 100644 --- a/net/ipv6/netfilter/ip6t_LOG.c +++ b/net/ipv6/netfilter/ip6t_LOG.c | |||
@@ -21,6 +21,7 @@ | |||
21 | #include <net/tcp.h> | 21 | #include <net/tcp.h> |
22 | #include <net/ipv6.h> | 22 | #include <net/ipv6.h> |
23 | #include <linux/netfilter.h> | 23 | #include <linux/netfilter.h> |
24 | #include <linux/netfilter/x_tables.h> | ||
24 | #include <linux/netfilter_ipv6/ip6_tables.h> | 25 | #include <linux/netfilter_ipv6/ip6_tables.h> |
25 | 26 | ||
26 | MODULE_AUTHOR("Jan Rekorajski <baggins@pld.org.pl>"); | 27 | MODULE_AUTHOR("Jan Rekorajski <baggins@pld.org.pl>"); |
@@ -442,7 +443,7 @@ ip6t_log_target(struct sk_buff **pskb, | |||
442 | 443 | ||
443 | ip6t_log_packet(PF_INET6, hooknum, *pskb, in, out, &li, | 444 | ip6t_log_packet(PF_INET6, hooknum, *pskb, in, out, &li, |
444 | loginfo->prefix); | 445 | loginfo->prefix); |
445 | return IP6T_CONTINUE; | 446 | return XT_CONTINUE; |
446 | } | 447 | } |
447 | 448 | ||
448 | 449 | ||
@@ -466,8 +467,9 @@ static int ip6t_log_checkentry(const char *tablename, | |||
466 | return 1; | 467 | return 1; |
467 | } | 468 | } |
468 | 469 | ||
469 | static struct ip6t_target ip6t_log_reg = { | 470 | static struct xt_target ip6t_log_reg = { |
470 | .name = "LOG", | 471 | .name = "LOG", |
472 | .family = AF_INET6, | ||
471 | .target = ip6t_log_target, | 473 | .target = ip6t_log_target, |
472 | .targetsize = sizeof(struct ip6t_log_info), | 474 | .targetsize = sizeof(struct ip6t_log_info), |
473 | .checkentry = ip6t_log_checkentry, | 475 | .checkentry = ip6t_log_checkentry, |
@@ -484,7 +486,7 @@ static int __init ip6t_log_init(void) | |||
484 | { | 486 | { |
485 | int ret; | 487 | int ret; |
486 | 488 | ||
487 | ret = ip6t_register_target(&ip6t_log_reg); | 489 | ret = xt_register_target(&ip6t_log_reg); |
488 | if (ret < 0) | 490 | if (ret < 0) |
489 | return ret; | 491 | return ret; |
490 | if (nf_log_register(PF_INET6, &ip6t_logger) < 0) { | 492 | if (nf_log_register(PF_INET6, &ip6t_logger) < 0) { |
@@ -500,7 +502,7 @@ static int __init ip6t_log_init(void) | |||
500 | static void __exit ip6t_log_fini(void) | 502 | static void __exit ip6t_log_fini(void) |
501 | { | 503 | { |
502 | nf_log_unregister_logger(&ip6t_logger); | 504 | nf_log_unregister_logger(&ip6t_logger); |
503 | ip6t_unregister_target(&ip6t_log_reg); | 505 | xt_unregister_target(&ip6t_log_reg); |
504 | } | 506 | } |
505 | 507 | ||
506 | module_init(ip6t_log_init); | 508 | module_init(ip6t_log_init); |
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 311eae82feb3..278349c18793 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c | |||
@@ -26,6 +26,7 @@ | |||
26 | #include <net/ip6_fib.h> | 26 | #include <net/ip6_fib.h> |
27 | #include <net/ip6_route.h> | 27 | #include <net/ip6_route.h> |
28 | #include <net/flow.h> | 28 | #include <net/flow.h> |
29 | #include <linux/netfilter/x_tables.h> | ||
29 | #include <linux/netfilter_ipv6/ip6_tables.h> | 30 | #include <linux/netfilter_ipv6/ip6_tables.h> |
30 | #include <linux/netfilter_ipv6/ip6t_REJECT.h> | 31 | #include <linux/netfilter_ipv6/ip6t_REJECT.h> |
31 | 32 | ||
@@ -234,7 +235,7 @@ static int check(const char *tablename, | |||
234 | } else if (rejinfo->with == IP6T_TCP_RESET) { | 235 | } else if (rejinfo->with == IP6T_TCP_RESET) { |
235 | /* Must specify that it's a TCP packet */ | 236 | /* Must specify that it's a TCP packet */ |
236 | if (e->ipv6.proto != IPPROTO_TCP | 237 | if (e->ipv6.proto != IPPROTO_TCP |
237 | || (e->ipv6.invflags & IP6T_INV_PROTO)) { | 238 | || (e->ipv6.invflags & XT_INV_PROTO)) { |
238 | DEBUGP("ip6t_REJECT: TCP_RESET illegal for non-tcp\n"); | 239 | DEBUGP("ip6t_REJECT: TCP_RESET illegal for non-tcp\n"); |
239 | return 0; | 240 | return 0; |
240 | } | 241 | } |
@@ -242,8 +243,9 @@ static int check(const char *tablename, | |||
242 | return 1; | 243 | return 1; |
243 | } | 244 | } |
244 | 245 | ||
245 | static struct ip6t_target ip6t_reject_reg = { | 246 | static struct xt_target ip6t_reject_reg = { |
246 | .name = "REJECT", | 247 | .name = "REJECT", |
248 | .family = AF_INET6, | ||
247 | .target = reject6_target, | 249 | .target = reject6_target, |
248 | .targetsize = sizeof(struct ip6t_reject_info), | 250 | .targetsize = sizeof(struct ip6t_reject_info), |
249 | .table = "filter", | 251 | .table = "filter", |
@@ -255,12 +257,12 @@ static struct ip6t_target ip6t_reject_reg = { | |||
255 | 257 | ||
256 | static int __init ip6t_reject_init(void) | 258 | static int __init ip6t_reject_init(void) |
257 | { | 259 | { |
258 | return ip6t_register_target(&ip6t_reject_reg); | 260 | return xt_register_target(&ip6t_reject_reg); |
259 | } | 261 | } |
260 | 262 | ||
261 | static void __exit ip6t_reject_fini(void) | 263 | static void __exit ip6t_reject_fini(void) |
262 | { | 264 | { |
263 | ip6t_unregister_target(&ip6t_reject_reg); | 265 | xt_unregister_target(&ip6t_reject_reg); |
264 | } | 266 | } |
265 | 267 | ||
266 | module_init(ip6t_reject_init); | 268 | module_init(ip6t_reject_init); |
diff --git a/net/ipv6/netfilter/ip6t_ah.c b/net/ipv6/netfilter/ip6t_ah.c index 46486645eb75..456c76adcbf6 100644 --- a/net/ipv6/netfilter/ip6t_ah.c +++ b/net/ipv6/netfilter/ip6t_ah.c | |||
@@ -15,6 +15,7 @@ | |||
15 | #include <net/checksum.h> | 15 | #include <net/checksum.h> |
16 | #include <net/ipv6.h> | 16 | #include <net/ipv6.h> |
17 | 17 | ||
18 | #include <linux/netfilter/x_tables.h> | ||
18 | #include <linux/netfilter_ipv6/ip6_tables.h> | 19 | #include <linux/netfilter_ipv6/ip6_tables.h> |
19 | #include <linux/netfilter_ipv6/ip6t_ah.h> | 20 | #include <linux/netfilter_ipv6/ip6t_ah.h> |
20 | 21 | ||
@@ -118,8 +119,9 @@ checkentry(const char *tablename, | |||
118 | return 1; | 119 | return 1; |
119 | } | 120 | } |
120 | 121 | ||
121 | static struct ip6t_match ah_match = { | 122 | static struct xt_match ah_match = { |
122 | .name = "ah", | 123 | .name = "ah", |
124 | .family = AF_INET6, | ||
123 | .match = match, | 125 | .match = match, |
124 | .matchsize = sizeof(struct ip6t_ah), | 126 | .matchsize = sizeof(struct ip6t_ah), |
125 | .checkentry = checkentry, | 127 | .checkentry = checkentry, |
@@ -128,12 +130,12 @@ static struct ip6t_match ah_match = { | |||
128 | 130 | ||
129 | static int __init ip6t_ah_init(void) | 131 | static int __init ip6t_ah_init(void) |
130 | { | 132 | { |
131 | return ip6t_register_match(&ah_match); | 133 | return xt_register_match(&ah_match); |
132 | } | 134 | } |
133 | 135 | ||
134 | static void __exit ip6t_ah_fini(void) | 136 | static void __exit ip6t_ah_fini(void) |
135 | { | 137 | { |
136 | ip6t_unregister_match(&ah_match); | 138 | xt_unregister_match(&ah_match); |
137 | } | 139 | } |
138 | 140 | ||
139 | module_init(ip6t_ah_init); | 141 | module_init(ip6t_ah_init); |
diff --git a/net/ipv6/netfilter/ip6t_eui64.c b/net/ipv6/netfilter/ip6t_eui64.c index 4f6b84c8f4ab..967bed71d4a8 100644 --- a/net/ipv6/netfilter/ip6t_eui64.c +++ b/net/ipv6/netfilter/ip6t_eui64.c | |||
@@ -12,6 +12,7 @@ | |||
12 | #include <linux/ipv6.h> | 12 | #include <linux/ipv6.h> |
13 | #include <linux/if_ether.h> | 13 | #include <linux/if_ether.h> |
14 | 14 | ||
15 | #include <linux/netfilter/x_tables.h> | ||
15 | #include <linux/netfilter_ipv6/ip6_tables.h> | 16 | #include <linux/netfilter_ipv6/ip6_tables.h> |
16 | 17 | ||
17 | MODULE_DESCRIPTION("IPv6 EUI64 address checking match"); | 18 | MODULE_DESCRIPTION("IPv6 EUI64 address checking match"); |
@@ -61,8 +62,9 @@ match(const struct sk_buff *skb, | |||
61 | return 0; | 62 | return 0; |
62 | } | 63 | } |
63 | 64 | ||
64 | static struct ip6t_match eui64_match = { | 65 | static struct xt_match eui64_match = { |
65 | .name = "eui64", | 66 | .name = "eui64", |
67 | .family = AF_INET6, | ||
66 | .match = match, | 68 | .match = match, |
67 | .matchsize = sizeof(int), | 69 | .matchsize = sizeof(int), |
68 | .hooks = (1 << NF_IP6_PRE_ROUTING) | (1 << NF_IP6_LOCAL_IN) | | 70 | .hooks = (1 << NF_IP6_PRE_ROUTING) | (1 << NF_IP6_LOCAL_IN) | |
@@ -72,12 +74,12 @@ static struct ip6t_match eui64_match = { | |||
72 | 74 | ||
73 | static int __init ip6t_eui64_init(void) | 75 | static int __init ip6t_eui64_init(void) |
74 | { | 76 | { |
75 | return ip6t_register_match(&eui64_match); | 77 | return xt_register_match(&eui64_match); |
76 | } | 78 | } |
77 | 79 | ||
78 | static void __exit ip6t_eui64_fini(void) | 80 | static void __exit ip6t_eui64_fini(void) |
79 | { | 81 | { |
80 | ip6t_unregister_match(&eui64_match); | 82 | xt_unregister_match(&eui64_match); |
81 | } | 83 | } |
82 | 84 | ||
83 | module_init(ip6t_eui64_init); | 85 | module_init(ip6t_eui64_init); |
diff --git a/net/ipv6/netfilter/ip6t_frag.c b/net/ipv6/netfilter/ip6t_frag.c index cd22eaaccdca..5a5da71321b6 100644 --- a/net/ipv6/netfilter/ip6t_frag.c +++ b/net/ipv6/netfilter/ip6t_frag.c | |||
@@ -14,6 +14,7 @@ | |||
14 | #include <net/checksum.h> | 14 | #include <net/checksum.h> |
15 | #include <net/ipv6.h> | 15 | #include <net/ipv6.h> |
16 | 16 | ||
17 | #include <linux/netfilter/x_tables.h> | ||
17 | #include <linux/netfilter_ipv6/ip6_tables.h> | 18 | #include <linux/netfilter_ipv6/ip6_tables.h> |
18 | #include <linux/netfilter_ipv6/ip6t_frag.h> | 19 | #include <linux/netfilter_ipv6/ip6t_frag.h> |
19 | 20 | ||
@@ -135,8 +136,9 @@ checkentry(const char *tablename, | |||
135 | return 1; | 136 | return 1; |
136 | } | 137 | } |
137 | 138 | ||
138 | static struct ip6t_match frag_match = { | 139 | static struct xt_match frag_match = { |
139 | .name = "frag", | 140 | .name = "frag", |
141 | .family = AF_INET6, | ||
140 | .match = match, | 142 | .match = match, |
141 | .matchsize = sizeof(struct ip6t_frag), | 143 | .matchsize = sizeof(struct ip6t_frag), |
142 | .checkentry = checkentry, | 144 | .checkentry = checkentry, |
@@ -145,12 +147,12 @@ static struct ip6t_match frag_match = { | |||
145 | 147 | ||
146 | static int __init ip6t_frag_init(void) | 148 | static int __init ip6t_frag_init(void) |
147 | { | 149 | { |
148 | return ip6t_register_match(&frag_match); | 150 | return xt_register_match(&frag_match); |
149 | } | 151 | } |
150 | 152 | ||
151 | static void __exit ip6t_frag_fini(void) | 153 | static void __exit ip6t_frag_fini(void) |
152 | { | 154 | { |
153 | ip6t_unregister_match(&frag_match); | 155 | xt_unregister_match(&frag_match); |
154 | } | 156 | } |
155 | 157 | ||
156 | module_init(ip6t_frag_init); | 158 | module_init(ip6t_frag_init); |
diff --git a/net/ipv6/netfilter/ip6t_hbh.c b/net/ipv6/netfilter/ip6t_hbh.c index 3f25babe0440..d2373c7cd354 100644 --- a/net/ipv6/netfilter/ip6t_hbh.c +++ b/net/ipv6/netfilter/ip6t_hbh.c | |||
@@ -16,6 +16,7 @@ | |||
16 | 16 | ||
17 | #include <asm/byteorder.h> | 17 | #include <asm/byteorder.h> |
18 | 18 | ||
19 | #include <linux/netfilter/x_tables.h> | ||
19 | #include <linux/netfilter_ipv6/ip6_tables.h> | 20 | #include <linux/netfilter_ipv6/ip6_tables.h> |
20 | #include <linux/netfilter_ipv6/ip6t_opts.h> | 21 | #include <linux/netfilter_ipv6/ip6t_opts.h> |
21 | 22 | ||
diff --git a/net/ipv6/netfilter/ip6t_hl.c b/net/ipv6/netfilter/ip6t_hl.c index 44a729e17c48..601cc1211c62 100644 --- a/net/ipv6/netfilter/ip6t_hl.c +++ b/net/ipv6/netfilter/ip6t_hl.c | |||
@@ -8,11 +8,12 @@ | |||
8 | * published by the Free Software Foundation. | 8 | * published by the Free Software Foundation. |
9 | */ | 9 | */ |
10 | 10 | ||
11 | #include <linux/ipv6.h> | ||
11 | #include <linux/module.h> | 12 | #include <linux/module.h> |
12 | #include <linux/skbuff.h> | 13 | #include <linux/skbuff.h> |
13 | 14 | ||
14 | #include <linux/netfilter_ipv6/ip6t_hl.h> | 15 | #include <linux/netfilter_ipv6/ip6t_hl.h> |
15 | #include <linux/netfilter_ipv6/ip6_tables.h> | 16 | #include <linux/netfilter/x_tables.h> |
16 | 17 | ||
17 | MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); | 18 | MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); |
18 | MODULE_DESCRIPTION("IP tables Hop Limit matching module"); | 19 | MODULE_DESCRIPTION("IP tables Hop Limit matching module"); |
@@ -48,8 +49,9 @@ static int match(const struct sk_buff *skb, | |||
48 | return 0; | 49 | return 0; |
49 | } | 50 | } |
50 | 51 | ||
51 | static struct ip6t_match hl_match = { | 52 | static struct xt_match hl_match = { |
52 | .name = "hl", | 53 | .name = "hl", |
54 | .family = AF_INET6, | ||
53 | .match = match, | 55 | .match = match, |
54 | .matchsize = sizeof(struct ip6t_hl_info), | 56 | .matchsize = sizeof(struct ip6t_hl_info), |
55 | .me = THIS_MODULE, | 57 | .me = THIS_MODULE, |
@@ -57,13 +59,12 @@ static struct ip6t_match hl_match = { | |||
57 | 59 | ||
58 | static int __init ip6t_hl_init(void) | 60 | static int __init ip6t_hl_init(void) |
59 | { | 61 | { |
60 | return ip6t_register_match(&hl_match); | 62 | return xt_register_match(&hl_match); |
61 | } | 63 | } |
62 | 64 | ||
63 | static void __exit ip6t_hl_fini(void) | 65 | static void __exit ip6t_hl_fini(void) |
64 | { | 66 | { |
65 | ip6t_unregister_match(&hl_match); | 67 | xt_unregister_match(&hl_match); |
66 | |||
67 | } | 68 | } |
68 | 69 | ||
69 | module_init(ip6t_hl_init); | 70 | module_init(ip6t_hl_init); |
diff --git a/net/ipv6/netfilter/ip6t_ipv6header.c b/net/ipv6/netfilter/ip6t_ipv6header.c index 3093c398002f..26ac084adefc 100644 --- a/net/ipv6/netfilter/ip6t_ipv6header.c +++ b/net/ipv6/netfilter/ip6t_ipv6header.c | |||
@@ -18,6 +18,7 @@ | |||
18 | #include <net/checksum.h> | 18 | #include <net/checksum.h> |
19 | #include <net/ipv6.h> | 19 | #include <net/ipv6.h> |
20 | 20 | ||
21 | #include <linux/netfilter/x_tables.h> | ||
21 | #include <linux/netfilter_ipv6/ip6_tables.h> | 22 | #include <linux/netfilter_ipv6/ip6_tables.h> |
22 | #include <linux/netfilter_ipv6/ip6t_ipv6header.h> | 23 | #include <linux/netfilter_ipv6/ip6t_ipv6header.h> |
23 | 24 | ||
@@ -140,8 +141,9 @@ ipv6header_checkentry(const char *tablename, | |||
140 | return 1; | 141 | return 1; |
141 | } | 142 | } |
142 | 143 | ||
143 | static struct ip6t_match ip6t_ipv6header_match = { | 144 | static struct xt_match ip6t_ipv6header_match = { |
144 | .name = "ipv6header", | 145 | .name = "ipv6header", |
146 | .family = AF_INET6, | ||
145 | .match = &ipv6header_match, | 147 | .match = &ipv6header_match, |
146 | .matchsize = sizeof(struct ip6t_ipv6header_info), | 148 | .matchsize = sizeof(struct ip6t_ipv6header_info), |
147 | .checkentry = &ipv6header_checkentry, | 149 | .checkentry = &ipv6header_checkentry, |
@@ -151,12 +153,12 @@ static struct ip6t_match ip6t_ipv6header_match = { | |||
151 | 153 | ||
152 | static int __init ipv6header_init(void) | 154 | static int __init ipv6header_init(void) |
153 | { | 155 | { |
154 | return ip6t_register_match(&ip6t_ipv6header_match); | 156 | return xt_register_match(&ip6t_ipv6header_match); |
155 | } | 157 | } |
156 | 158 | ||
157 | static void __exit ipv6header_exit(void) | 159 | static void __exit ipv6header_exit(void) |
158 | { | 160 | { |
159 | ip6t_unregister_match(&ip6t_ipv6header_match); | 161 | xt_unregister_match(&ip6t_ipv6header_match); |
160 | } | 162 | } |
161 | 163 | ||
162 | module_init(ipv6header_init); | 164 | module_init(ipv6header_init); |
diff --git a/net/ipv6/netfilter/ip6t_owner.c b/net/ipv6/netfilter/ip6t_owner.c index 4eb9bbc4ebc3..43738bba00b5 100644 --- a/net/ipv6/netfilter/ip6t_owner.c +++ b/net/ipv6/netfilter/ip6t_owner.c | |||
@@ -16,6 +16,7 @@ | |||
16 | 16 | ||
17 | #include <linux/netfilter_ipv6/ip6t_owner.h> | 17 | #include <linux/netfilter_ipv6/ip6t_owner.h> |
18 | #include <linux/netfilter_ipv6/ip6_tables.h> | 18 | #include <linux/netfilter_ipv6/ip6_tables.h> |
19 | #include <linux/netfilter/x_tables.h> | ||
19 | 20 | ||
20 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); | 21 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); |
21 | MODULE_DESCRIPTION("IP6 tables owner matching module"); | 22 | MODULE_DESCRIPTION("IP6 tables owner matching module"); |
@@ -69,8 +70,9 @@ checkentry(const char *tablename, | |||
69 | return 1; | 70 | return 1; |
70 | } | 71 | } |
71 | 72 | ||
72 | static struct ip6t_match owner_match = { | 73 | static struct xt_match owner_match = { |
73 | .name = "owner", | 74 | .name = "owner", |
75 | .family = AF_INET6, | ||
74 | .match = match, | 76 | .match = match, |
75 | .matchsize = sizeof(struct ip6t_owner_info), | 77 | .matchsize = sizeof(struct ip6t_owner_info), |
76 | .hooks = (1 << NF_IP6_LOCAL_OUT) | (1 << NF_IP6_POST_ROUTING), | 78 | .hooks = (1 << NF_IP6_LOCAL_OUT) | (1 << NF_IP6_POST_ROUTING), |
@@ -80,12 +82,12 @@ static struct ip6t_match owner_match = { | |||
80 | 82 | ||
81 | static int __init ip6t_owner_init(void) | 83 | static int __init ip6t_owner_init(void) |
82 | { | 84 | { |
83 | return ip6t_register_match(&owner_match); | 85 | return xt_register_match(&owner_match); |
84 | } | 86 | } |
85 | 87 | ||
86 | static void __exit ip6t_owner_fini(void) | 88 | static void __exit ip6t_owner_fini(void) |
87 | { | 89 | { |
88 | ip6t_unregister_match(&owner_match); | 90 | xt_unregister_match(&owner_match); |
89 | } | 91 | } |
90 | 92 | ||
91 | module_init(ip6t_owner_init); | 93 | module_init(ip6t_owner_init); |
diff --git a/net/ipv6/netfilter/ip6t_rt.c b/net/ipv6/netfilter/ip6t_rt.c index 54d7d14134fd..81ab00d8c182 100644 --- a/net/ipv6/netfilter/ip6t_rt.c +++ b/net/ipv6/netfilter/ip6t_rt.c | |||
@@ -16,6 +16,7 @@ | |||
16 | 16 | ||
17 | #include <asm/byteorder.h> | 17 | #include <asm/byteorder.h> |
18 | 18 | ||
19 | #include <linux/netfilter/x_tables.h> | ||
19 | #include <linux/netfilter_ipv6/ip6_tables.h> | 20 | #include <linux/netfilter_ipv6/ip6_tables.h> |
20 | #include <linux/netfilter_ipv6/ip6t_rt.h> | 21 | #include <linux/netfilter_ipv6/ip6t_rt.h> |
21 | 22 | ||
@@ -221,8 +222,9 @@ checkentry(const char *tablename, | |||
221 | return 1; | 222 | return 1; |
222 | } | 223 | } |
223 | 224 | ||
224 | static struct ip6t_match rt_match = { | 225 | static struct xt_match rt_match = { |
225 | .name = "rt", | 226 | .name = "rt", |
227 | .family = AF_INET6, | ||
226 | .match = match, | 228 | .match = match, |
227 | .matchsize = sizeof(struct ip6t_rt), | 229 | .matchsize = sizeof(struct ip6t_rt), |
228 | .checkentry = checkentry, | 230 | .checkentry = checkentry, |
@@ -231,12 +233,12 @@ static struct ip6t_match rt_match = { | |||
231 | 233 | ||
232 | static int __init ip6t_rt_init(void) | 234 | static int __init ip6t_rt_init(void) |
233 | { | 235 | { |
234 | return ip6t_register_match(&rt_match); | 236 | return xt_register_match(&rt_match); |
235 | } | 237 | } |
236 | 238 | ||
237 | static void __exit ip6t_rt_fini(void) | 239 | static void __exit ip6t_rt_fini(void) |
238 | { | 240 | { |
239 | ip6t_unregister_match(&rt_match); | 241 | xt_unregister_match(&rt_match); |
240 | } | 242 | } |
241 | 243 | ||
242 | module_init(ip6t_rt_init); | 244 | module_init(ip6t_rt_init); |