git://git.onelab.eu
/
linux-2.6.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
linux 2.6.16.38 w/ vs2.0.3-rc1
[linux-2.6.git]
/
net
/
ipv4
/
netfilter
/
ipt_recent.c
diff --git
a/net/ipv4/netfilter/ipt_recent.c
b/net/ipv4/netfilter/ipt_recent.c
index
b847ee4
..
44611d6
100644
(file)
--- a/
net/ipv4/netfilter/ipt_recent.c
+++ b/
net/ipv4/netfilter/ipt_recent.c
@@
-102,7
+102,6
@@
static int
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
- const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
const void *matchinfo,
int offset,
unsigned int protoff,
@@
-319,7
+318,7
@@
static int ip_recent_ctrl(struct file *file, const char __user *input, unsigned
skb->nh.iph->daddr = 0;
/* Clear ttl since we have no way of knowing it */
skb->nh.iph->ttl = 0;
skb->nh.iph->daddr = 0;
/* Clear ttl since we have no way of knowing it */
skb->nh.iph->ttl = 0;
- match(skb,NULL,NULL,
NULL,
info,0,0,NULL);
+ match(skb,NULL,NULL,info,0,0,NULL);
kfree(skb->nh.iph);
out_free_skb:
kfree(skb->nh.iph);
out_free_skb:
@@
-357,7
+356,6
@@
static int
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
- const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
const void *matchinfo,
int offset,
unsigned int protoff,
@@
-659,7
+657,6
@@
match(const struct sk_buff *skb,
static int
checkentry(const char *tablename,
const void *ip,
static int
checkentry(const char *tablename,
const void *ip,
- const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
unsigned int hook_mask)
void *matchinfo,
unsigned int matchsize,
unsigned int hook_mask)
@@
-673,6
+670,8
@@
checkentry(const char *tablename,
if(debug) printk(KERN_INFO RECENT_NAME ": checkentry() entered.\n");
#endif
if(debug) printk(KERN_INFO RECENT_NAME ": checkentry() entered.\n");
#endif
+ if (matchsize != IPT_ALIGN(sizeof(struct ipt_recent_info))) return 0;
+
/* seconds and hit_count only valid for CHECK/UPDATE */
if(info->check_set & IPT_RECENT_SET) { flag++; if(info->seconds || info->hit_count) return 0; }
if(info->check_set & IPT_RECENT_REMOVE) { flag++; if(info->seconds || info->hit_count) return 0; }
/* seconds and hit_count only valid for CHECK/UPDATE */
if(info->check_set & IPT_RECENT_SET) { flag++; if(info->seconds || info->hit_count) return 0; }
if(info->check_set & IPT_RECENT_REMOVE) { flag++; if(info->seconds || info->hit_count) return 0; }
@@
-821,7
+820,6
@@
checkentry(const char *tablename,
/* Create our proc 'status' entry. */
curr_table->status_proc = create_proc_entry(curr_table->name, ip_list_perms, proc_net_ipt_recent);
if (!curr_table->status_proc) {
/* Create our proc 'status' entry. */
curr_table->status_proc = create_proc_entry(curr_table->name, ip_list_perms, proc_net_ipt_recent);
if (!curr_table->status_proc) {
- vfree(hold);
printk(KERN_INFO RECENT_NAME ": checkentry: unable to allocate for /proc entry.\n");
/* Destroy the created table */
spin_lock_bh(&recent_lock);
printk(KERN_INFO RECENT_NAME ": checkentry: unable to allocate for /proc entry.\n");
/* Destroy the created table */
spin_lock_bh(&recent_lock);
@@
-846,6
+844,7
@@
checkentry(const char *tablename,
spin_unlock_bh(&recent_lock);
vfree(curr_table->time_info);
vfree(curr_table->hash_table);
spin_unlock_bh(&recent_lock);
vfree(curr_table->time_info);
vfree(curr_table->hash_table);
+ vfree(hold);
vfree(curr_table->table);
vfree(curr_table);
return 0;
vfree(curr_table->table);
vfree(curr_table);
return 0;
@@
-872,7
+871,7
@@
checkentry(const char *tablename,
* up its memory.
*/
static void
* up its memory.
*/
static void
-destroy(
const struct xt_match *match,
void *matchinfo, unsigned int matchsize)
+destroy(void *matchinfo, unsigned int matchsize)
{
const struct ipt_recent_info *info = matchinfo;
struct recent_ip_tables *curr_table, *last_table;
{
const struct ipt_recent_info *info = matchinfo;
struct recent_ip_tables *curr_table, *last_table;
@@
-952,17
+951,16
@@
destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
/* This is the structure we pass to ipt_register to register our
* module with iptables.
*/
/* This is the structure we pass to ipt_register to register our
* module with iptables.
*/
-static struct ipt_match recent_match = {
- .name = "recent",
- .match = match,
- .matchsize = sizeof(struct ipt_recent_info),
- .checkentry = checkentry,
- .destroy = destroy,
- .me = THIS_MODULE
+static struct ipt_match recent_match = {
+ .name = "recent",
+ .match = &match,
+ .checkentry = &checkentry,
+ .destroy = &destroy,
+ .me = THIS_MODULE
};
/* Kernel module initialization. */
};
/* Kernel module initialization. */
-static int __init i
pt_recent_i
nit(void)
+static int __init init(void)
{
int err, count;
{
int err, count;
@@
-995,7
+993,7
@@
static int __init ipt_recent_init(void)
}
/* Kernel module destruction. */
}
/* Kernel module destruction. */
-static void __exit
ipt_recent_
fini(void)
+static void __exit fini(void)
{
ipt_unregister_match(&recent_match);
{
ipt_unregister_match(&recent_match);
@@
-1003,5
+1001,5
@@
static void __exit ipt_recent_fini(void)
}
/* Register our module with the kernel. */
}
/* Register our module with the kernel. */
-module_init(i
pt_recent_i
nit);
-module_exit(
ipt_recent_
fini);
+module_init(init);
+module_exit(fini);