[netfilter-cvslog] r6632 -
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter
kadlec at netfilter.org
kadlec at netfilter.org
Mon Jun 26 15:10:40 CEST 2006
Author: kadlec at netfilter.org
Date: 2006-06-26 15:10:39 +0200 (Mon, 26 Jun 2006)
New Revision: 6632
Modified:
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c
Log:
Internal netfilter/iptables API changes followed.
Modified: trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c 2006-06-23 10:01:08 UTC (rev 6631)
+++ trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c 2006-06-26 13:10:39 UTC (rev 6632)
@@ -797,7 +797,7 @@
size_t size)
{
struct ip_set *set;
- ip_set_id_t index, id;
+ ip_set_id_t index = 0, id;
int res = 0;
DP("setname: %s, typename: %s, id: %u", name, typename, restore);
Modified: trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c 2006-06-23 10:01:08 UTC (rev 6631)
+++ trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c 2006-06-26 13:10:39 UTC (rev 6632)
@@ -18,6 +18,7 @@
#include <linux/netdevice.h>
#include <linux/if.h>
#include <linux/inetdevice.h>
+#include <linux/version.h>
#include <net/protocol.h>
#include <net/checksum.h>
#include <linux/netfilter_ipv4.h>
@@ -29,6 +30,9 @@
const struct net_device *in,
const struct net_device *out,
unsigned int hooknum,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_target *target,
+#endif
const void *targinfo,
void *userinfo)
{
@@ -48,7 +52,14 @@
static int
checkentry(const char *tablename,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+ const void *e,
+#else
const struct ipt_entry *e,
+#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_target *target,
+#endif
void *targinfo,
unsigned int targinfosize, unsigned int hook_mask)
{
@@ -56,10 +67,12 @@
(struct ipt_set_info_target *) targinfo;
ip_set_id_t index;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (targinfosize != IPT_ALIGN(sizeof(*info))) {
DP("bad target info size %u", targinfosize);
return 0;
}
+#endif
if (info->add_set.index != IP_SET_INVALID_ID) {
index = ip_set_get_byindex(info->add_set.index);
@@ -87,7 +100,11 @@
return 1;
}
-static void destroy(void *targetinfo, unsigned int targetsize)
+static void destroy(
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_target *target,
+#endif
+ void *targetinfo, unsigned int targetsize)
{
struct ipt_set_info_target *info = targetinfo;
@@ -105,6 +122,9 @@
static struct ipt_target SET_target = {
.name = "SET",
.target = target,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ .targetsize = sizeof(struct ipt_set_info_target),
+#endif
.checkentry = checkentry,
.destroy = destroy,
.me = THIS_MODULE
@@ -114,15 +134,15 @@
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec at blackhole.kfki.hu>");
MODULE_DESCRIPTION("iptables IP set target module");
-static int __init init(void)
+static int __init ipt_SET_init(void)
{
return ipt_register_target(&SET_target);
}
-static void __exit fini(void)
+static void __exit ipt_SET_fini(void)
{
ipt_unregister_target(&SET_target);
}
-module_init(init);
-module_exit(fini);
+module_init(ipt_SET_init);
+module_exit(ipt_SET_fini);
Modified: trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c 2006-06-23 10:01:08 UTC (rev 6631)
+++ trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c 2006-06-26 13:10:39 UTC (rev 6632)
@@ -13,6 +13,7 @@
#include <linux/module.h>
#include <linux/ip.h>
#include <linux/skbuff.h>
+#include <linux/version.h>
#include <linux/netfilter_ipv4/ip_tables.h>
#include <linux/netfilter_ipv4/ip_set.h>
@@ -32,9 +33,15 @@
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_match *match,
+#endif
const void *matchinfo,
- int offset,
- int *hotdrop)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+ int offset, unsigned int protoff, int *hotdrop)
+#else
+ int offset, int *hotdrop)
+#endif
{
const struct ipt_set_info_match *info = matchinfo;
@@ -45,7 +52,14 @@
static int
checkentry(const char *tablename,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+ const void *inf,
+#else
const struct ipt_ip *ip,
+#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_match *match,
+#endif
void *matchinfo,
unsigned int matchsize,
unsigned int hook_mask)
@@ -54,10 +68,12 @@
(struct ipt_set_info_match *) matchinfo;
ip_set_id_t index;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
ip_set_printk("invalid matchsize %d", matchsize);
return 0;
}
+#endif
index = ip_set_get_byindex(info->match_set.index);
@@ -74,7 +90,11 @@
return 1;
}
-static void destroy(void *matchinfo, unsigned int matchsize)
+static void destroy(
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_match *match,
+#endif
+ void *matchinfo, unsigned int matchsize)
{
struct ipt_set_info_match *info = matchinfo;
@@ -89,6 +109,9 @@
static struct ipt_match set_match = {
.name = "set",
.match = &match,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ .matchsize = sizeof(struct ipt_set_info_match),
+#endif
.checkentry = &checkentry,
.destroy = &destroy,
.me = THIS_MODULE
@@ -98,15 +121,15 @@
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec at blackhole.kfki.hu>");
MODULE_DESCRIPTION("iptables IP set match module");
-static int __init init(void)
+static int __init ipt_ipset_init(void)
{
return ipt_register_match(&set_match);
}
-static void __exit fini(void)
+static void __exit ipt_ipset_fini(void)
{
ipt_unregister_match(&set_match);
}
-module_init(init);
-module_exit(fini);
+module_init(ipt_ipset_init);
+module_exit(ipt_ipset_fini);
More information about the netfilter-cvslog
mailing list