aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/netfilter.h21
1 files changed, 16 insertions, 5 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 4cf6088625c1..468896939843 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -184,8 +184,11 @@ static inline int nf_hook_thresh(int pf, unsigned int hook,
184 struct sk_buff **pskb, 184 struct sk_buff **pskb,
185 struct net_device *indev, 185 struct net_device *indev,
186 struct net_device *outdev, 186 struct net_device *outdev,
187 int (*okfn)(struct sk_buff *), int thresh) 187 int (*okfn)(struct sk_buff *), int thresh,
188 int cond)
188{ 189{
190 if (!cond)
191 return 1;
189#ifndef CONFIG_NETFILTER_DEBUG 192#ifndef CONFIG_NETFILTER_DEBUG
190 if (list_empty(&nf_hooks[pf][hook])) 193 if (list_empty(&nf_hooks[pf][hook]))
191 return 1; 194 return 1;
@@ -197,7 +200,7 @@ static inline int nf_hook(int pf, unsigned int hook, struct sk_buff **pskb,
197 struct net_device *indev, struct net_device *outdev, 200 struct net_device *indev, struct net_device *outdev,
198 int (*okfn)(struct sk_buff *)) 201 int (*okfn)(struct sk_buff *))
199{ 202{
200 return nf_hook_thresh(pf, hook, pskb, indev, outdev, okfn, INT_MIN); 203 return nf_hook_thresh(pf, hook, pskb, indev, outdev, okfn, INT_MIN, 1);
201} 204}
202 205
203/* Activate hook; either okfn or kfree_skb called, unless a hook 206/* Activate hook; either okfn or kfree_skb called, unless a hook
@@ -224,7 +227,13 @@ static inline int nf_hook(int pf, unsigned int hook, struct sk_buff **pskb,
224 227
225#define NF_HOOK_THRESH(pf, hook, skb, indev, outdev, okfn, thresh) \ 228#define NF_HOOK_THRESH(pf, hook, skb, indev, outdev, okfn, thresh) \
226({int __ret; \ 229({int __ret; \
227if ((__ret=nf_hook_thresh(pf, hook, &(skb), indev, outdev, okfn, thresh)) == 1)\ 230if ((__ret=nf_hook_thresh(pf, hook, &(skb), indev, outdev, okfn, thresh, 1)) == 1)\
231 __ret = (okfn)(skb); \
232__ret;})
233
234#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond) \
235({int __ret; \
236if ((__ret=nf_hook_thresh(pf, hook, &(skb), indev, outdev, okfn, INT_MIN, cond)) == 1)\
228 __ret = (okfn)(skb); \ 237 __ret = (okfn)(skb); \
229__ret;}) 238__ret;})
230 239
@@ -295,11 +304,13 @@ extern struct proc_dir_entry *proc_net_netfilter;
295 304
296#else /* !CONFIG_NETFILTER */ 305#else /* !CONFIG_NETFILTER */
297#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb) 306#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb)
307#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond) (okfn)(skb)
298static inline int nf_hook_thresh(int pf, unsigned int hook, 308static inline int nf_hook_thresh(int pf, unsigned int hook,
299 struct sk_buff **pskb, 309 struct sk_buff **pskb,
300 struct net_device *indev, 310 struct net_device *indev,
301 struct net_device *outdev, 311 struct net_device *outdev,
302 int (*okfn)(struct sk_buff *), int thresh) 312 int (*okfn)(struct sk_buff *), int thresh,
313 int cond)
303{ 314{
304 return okfn(*pskb); 315 return okfn(*pskb);
305} 316}
@@ -307,7 +318,7 @@ static inline int nf_hook(int pf, unsigned int hook, struct sk_buff **pskb,
307 struct net_device *indev, struct net_device *outdev, 318 struct net_device *indev, struct net_device *outdev,
308 int (*okfn)(struct sk_buff *)) 319 int (*okfn)(struct sk_buff *))
309{ 320{
310 return okfn(*pskb); 321 return 1;
311} 322}
312static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} 323static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
313struct flowi; 324struct flowi;