u_int16_t match_size;
/* Used by userspace */
- char name[IPT_FUNCTION_MAXNAMELEN];
+ char name[IPT_FUNCTION_MAXNAMELEN-1];
+
+ u_int8_t revision;
} user;
struct {
u_int16_t match_size;
u_int16_t target_size;
/* Used by userspace */
- char name[IPT_FUNCTION_MAXNAMELEN];
+ char name[IPT_FUNCTION_MAXNAMELEN-1];
+
+ u_int8_t revision;
} user;
struct {
u_int16_t target_size;
#define IPT_SO_SET_ADD_COUNTERS (IPT_BASE_CTL + 1)
#define IPT_SO_SET_MAX IPT_SO_SET_ADD_COUNTERS
-#define IPT_SO_GET_INFO (IPT_BASE_CTL)
-#define IPT_SO_GET_ENTRIES (IPT_BASE_CTL + 1)
-#define IPT_SO_GET_MAX IPT_SO_GET_ENTRIES
+#define IPT_SO_GET_INFO (IPT_BASE_CTL)
+#define IPT_SO_GET_ENTRIES (IPT_BASE_CTL + 1)
+#define IPT_SO_GET_REVISION_MATCH (IPT_BASE_CTL + 2)
+#define IPT_SO_GET_REVISION_TARGET (IPT_BASE_CTL + 3)
+#define IPT_SO_GET_MAX IPT_SO_GET_REVISION_TARGET
/* CONTINUE verdict for targets */
#define IPT_CONTINUE 0xFFFFFFFF
struct ipt_entry entrytable[0];
};
+/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision
+ * kernel supports, if >= revision. */
+struct ipt_get_revision
+{
+ char name[IPT_FUNCTION_MAXNAMELEN-1];
+
+ u_int8_t revision;
+};
+
/* Standard return verdict, or do jump. */
#define IPT_STANDARD_TARGET ""
/* Error verdict. */
{
struct list_head list;
- const char name[IPT_FUNCTION_MAXNAMELEN];
+ const char name[IPT_FUNCTION_MAXNAMELEN-1];
+
+ u_int8_t revision;
/* Return true or false: return FALSE and set *hotdrop = 1 to
force immediate packet drop. */
{
struct list_head list;
- const char name[IPT_FUNCTION_MAXNAMELEN];
+ const char name[IPT_FUNCTION_MAXNAMELEN-1];
+
+ u_int8_t revision;
/* Called when user tries to insert an entry of this type:
hook_mask is a bitmask of hooks from which it can be
struct module *me;
};
-extern struct ipt_target *
-ipt_find_target_lock(const char *name, int *error, struct semaphore *mutex);
-extern struct arpt_target *
-arpt_find_target_lock(const char *name, int *error, struct semaphore *mutex);
-
extern int ipt_register_target(struct ipt_target *target);
extern void ipt_unregister_target(struct ipt_target *target);
/* A unique name... */
char name[IPT_TABLE_MAXNAMELEN];
- /* Seed table: copied in register_table */
- struct ipt_replace *table;
-
/* What hooks you will enter on */
unsigned int valid_hooks;
struct module *me;
};
-extern int ipt_register_table(struct ipt_table *table);
+/* net/sched/ipt.c: Gimme access to your targets! Gets target->me. */
+extern struct ipt_target *ipt_find_target(const char *name, u8 revision);
+
+/* Standard entry. */
+struct ipt_standard
+{
+ struct ipt_entry entry;
+ struct ipt_standard_target target;
+};
+
+struct ipt_error_target
+{
+ struct ipt_entry_target target;
+ char errorname[IPT_FUNCTION_MAXNAMELEN];
+};
+
+struct ipt_error
+{
+ struct ipt_entry entry;
+ struct ipt_error_target target;
+};
+
+extern int ipt_register_table(struct ipt_table *table,
+ const struct ipt_replace *repl);
extern void ipt_unregister_table(struct ipt_table *table);
extern unsigned int ipt_do_table(struct sk_buff **pskb,
unsigned int hook,