X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=net%2Fipv4%2Fnetfilter%2Fipt_NETMAP.c;fp=net%2Fipv4%2Fnetfilter%2Fipt_NETMAP.c;h=b074467fe67b642c0345c152c989363dd617c9bc;hb=64ba3f394c830ec48a1c31b53dcae312c56f1604;hp=736c4b5a86a79f5158f114eec47c902af22c0cff;hpb=be1e6109ac94a859551f8e1774eb9a8469fe055c;p=linux-2.6.git

diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c
index 736c4b5a8..b074467fe 100644
--- a/net/ipv4/netfilter/ipt_NETMAP.c
+++ b/net/ipv4/netfilter/ipt_NETMAP.c
@@ -10,6 +10,7 @@
  * published by the Free Software Foundation.
  */
 
+#include <linux/config.h>
 #include <linux/ip.h>
 #include <linux/module.h>
 #include <linux/netdevice.h>
@@ -31,13 +32,25 @@ MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target");
 static int
 check(const char *tablename,
       const void *e,
-      const struct xt_target *target,
       void *targinfo,
       unsigned int targinfosize,
       unsigned int hook_mask)
 {
 	const struct ip_nat_multi_range_compat *mr = targinfo;
 
+	if (strcmp(tablename, "nat") != 0) {
+		DEBUGP(MODULENAME":check: bad table `%s'.\n", tablename);
+		return 0;
+	}
+	if (targinfosize != IPT_ALIGN(sizeof(*mr))) {
+		DEBUGP(MODULENAME":check: size %u.\n", targinfosize);
+		return 0;
+	}
+	if (hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_POST_ROUTING) |
+	                  (1 << NF_IP_LOCAL_OUT))) {
+		DEBUGP(MODULENAME":check: bad hooks %x.\n", hook_mask);
+		return 0;
+	}
 	if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) {
 		DEBUGP(MODULENAME":check: bad MAP_IPS.\n");
 		return 0;
@@ -54,7 +67,6 @@ target(struct sk_buff **pskb,
        const struct net_device *in,
        const struct net_device *out,
        unsigned int hooknum,
-       const struct xt_target *target,
        const void *targinfo,
        void *userinfo)
 {
@@ -89,23 +101,19 @@ target(struct sk_buff **pskb,
 static struct ipt_target target_module = { 
 	.name 		= MODULENAME,
 	.target 	= target, 
-	.targetsize	= sizeof(struct ip_nat_multi_range_compat),
-	.table		= "nat",
-	.hooks		= (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_POST_ROUTING) |
-			  (1 << NF_IP_LOCAL_OUT),
 	.checkentry 	= check,
     	.me 		= THIS_MODULE 
 };
 
-static int __init ipt_netmap_init(void)
+static int __init init(void)
 {
 	return ipt_register_target(&target_module);
 }
 
-static void __exit ipt_netmap_fini(void)
+static void __exit fini(void)
 {
 	ipt_unregister_target(&target_module);
 }
 
-module_init(ipt_netmap_init);
-module_exit(ipt_netmap_fini);
+module_init(init);
+module_exit(fini);