#include <linux/wait.h>
#include <linux/list.h>
#endif
+#include <linux/compiler.h>
/* Responses from hook functions. */
#define NF_DROP 0
/* Non-inclusive ranges: use 0/0/NULL to never get called. */
int set_optmin;
int set_optmax;
- int (*set)(struct sock *sk, int optval, void *user, unsigned int len);
+ int (*set)(struct sock *sk, int optval, void __user *user, unsigned int len);
int get_optmin;
int get_optmax;
- int (*get)(struct sock *sk, int optval, void *user, int *len);
+ int (*get)(struct sock *sk, int optval, void __user *user, int *len);
/* Number of users inside set() or get(). */
unsigned int use;
int (*okfn)(struct sk_buff *), int thresh);
/* Call setsockopt() */
-int nf_setsockopt(struct sock *sk, int pf, int optval, char *opt,
+int nf_setsockopt(struct sock *sk, int pf, int optval, char __user *opt,
int len);
-int nf_getsockopt(struct sock *sk, int pf, int optval, char *opt,
+int nf_getsockopt(struct sock *sk, int pf, int optval, char __user *opt,
int *len);
/* Packet queuing */
struct nf_info *info,
unsigned int verdict);
-extern void (*ip_ct_attach)(struct sk_buff *, struct nf_ct_info *);
+extern inline struct ipt_target *
+ipt_find_target_lock(const char *name, int *error, struct semaphore *mutex);
+extern inline struct ip6t_target *
+ip6t_find_target_lock(const char *name, int *error, struct semaphore *mutex);
+extern inline struct arpt_target *
+arpt_find_target_lock(const char *name, int *error, struct semaphore *mutex);
+extern void (*ip_ct_attach)(struct sk_buff *, struct sk_buff *);
#ifdef CONFIG_NETFILTER_DEBUG
extern void nf_dump_skb(int pf, struct sk_buff *skb);
git://git.onelab.eu / linux-2.6.git / blobdiff