match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
- const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
skb->nh.iph->daddr = 0;
/* Clear ttl since we have no way of knowing it */
skb->nh.iph->ttl = 0;
- match(skb,NULL,NULL,NULL,info,0,0,NULL);
+ match(skb,NULL,NULL,info,0,0,NULL);
kfree(skb->nh.iph);
out_free_skb:
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
- const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
static int
checkentry(const char *tablename,
const void *ip,
- const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
unsigned int hook_mask)
if(debug) printk(KERN_INFO RECENT_NAME ": checkentry() entered.\n");
#endif
+ if (matchsize != IPT_ALIGN(sizeof(struct ipt_recent_info))) return 0;
+
/* seconds and hit_count only valid for CHECK/UPDATE */
if(info->check_set & IPT_RECENT_SET) { flag++; if(info->seconds || info->hit_count) return 0; }
if(info->check_set & IPT_RECENT_REMOVE) { flag++; if(info->seconds || info->hit_count) return 0; }
/* Create our proc 'status' entry. */
curr_table->status_proc = create_proc_entry(curr_table->name, ip_list_perms, proc_net_ipt_recent);
if (!curr_table->status_proc) {
- vfree(hold);
printk(KERN_INFO RECENT_NAME ": checkentry: unable to allocate for /proc entry.\n");
/* Destroy the created table */
spin_lock_bh(&recent_lock);
spin_unlock_bh(&recent_lock);
vfree(curr_table->time_info);
vfree(curr_table->hash_table);
+ vfree(hold);
vfree(curr_table->table);
vfree(curr_table);
return 0;
* up its memory.
*/
static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+destroy(void *matchinfo, unsigned int matchsize)
{
const struct ipt_recent_info *info = matchinfo;
struct recent_ip_tables *curr_table, *last_table;
/* This is the structure we pass to ipt_register to register our
* module with iptables.
*/
-static struct ipt_match recent_match = {
- .name = "recent",
- .match = match,
- .matchsize = sizeof(struct ipt_recent_info),
- .checkentry = checkentry,
- .destroy = destroy,
- .me = THIS_MODULE
+static struct ipt_match recent_match = {
+ .name = "recent",
+ .match = &match,
+ .checkentry = &checkentry,
+ .destroy = &destroy,
+ .me = THIS_MODULE
};
/* Kernel module initialization. */
-static int __init ipt_recent_init(void)
+static int __init init(void)
{
int err, count;
}
/* Kernel module destruction. */
-static void __exit ipt_recent_fini(void)
+static void __exit fini(void)
{
ipt_unregister_match(&recent_match);
}
/* Register our module with the kernel. */
-module_init(ipt_recent_init);
-module_exit(ipt_recent_fini);
+module_init(init);
+module_exit(fini);