*/
#include <linux/module.h>
+#include <linux/moduleparam.h>
#include <linux/netfilter_ipv6/ip6_tables.h>
MODULE_LICENSE("GPL");
static struct ip6t_table packet_filter = {
.name = "filter",
- .table = &initial_table.repl,
.valid_hooks = FILTER_VALID_HOOKS,
.lock = RW_LOCK_UNLOCKED,
.me = THIS_MODULE,
+ .af = AF_INET6,
};
/* The work comes in here from netfilter.c. */
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- return ip6t_do_table(pskb, hook, in, out, &packet_filter, NULL);
+ return ip6t_do_table(pskb, hook, in, out, &packet_filter);
}
static unsigned int
}
#endif
- return ip6t_do_table(pskb, hook, in, out, &packet_filter, NULL);
+ return ip6t_do_table(pskb, hook, in, out, &packet_filter);
}
static struct nf_hook_ops ip6t_ops[] = {
/* Default to forward because I got too much mail already. */
static int forward = NF_ACCEPT;
-MODULE_PARM(forward, "i");
+module_param(forward, bool, 0000);
-static int __init init(void)
+static int __init ip6table_filter_init(void)
{
int ret;
initial_table.entries[1].target.verdict = -forward - 1;
/* Register table */
- ret = ip6t_register_table(&packet_filter);
+ ret = ip6t_register_table(&packet_filter, &initial_table.repl);
if (ret < 0)
return ret;
/* Register hooks */
- ret = nf_register_hook(&ip6t_ops[0]);
+ ret = nf_register_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops));
if (ret < 0)
goto cleanup_table;
- ret = nf_register_hook(&ip6t_ops[1]);
- if (ret < 0)
- goto cleanup_hook0;
-
- ret = nf_register_hook(&ip6t_ops[2]);
- if (ret < 0)
- goto cleanup_hook1;
-
return ret;
- cleanup_hook1:
- nf_unregister_hook(&ip6t_ops[1]);
- cleanup_hook0:
- nf_unregister_hook(&ip6t_ops[0]);
cleanup_table:
ip6t_unregister_table(&packet_filter);
-
return ret;
}
-static void __exit fini(void)
+static void __exit ip6table_filter_fini(void)
{
- unsigned int i;
-
- for (i = 0; i < sizeof(ip6t_ops)/sizeof(struct nf_hook_ops); i++)
- nf_unregister_hook(&ip6t_ops[i]);
-
+ nf_unregister_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops));
ip6t_unregister_table(&packet_filter);
}
-module_init(init);
-module_exit(fini);
+module_init(ip6table_filter_init);
+module_exit(ip6table_filter_fini);