X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=net%2Fnetfilter%2Fxt_connmark.c;h=d06e925032dab42562b03e7deee4d6cc6a8f3ad8;hb=987b0145d94eecf292d8b301228356f44611ab7c;hp=dc26a27cbcafc2df58bad0ca5687a71d0aa29edf;hpb=f7ed79d23a47594e7834d66a8f14449796d4f3e6;p=linux-2.6.git

diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index dc26a27cb..d06e92503 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -35,7 +35,6 @@ static int
 match(const struct sk_buff *skb,
       const struct net_device *in,
       const struct net_device *out,
-      const struct xt_match *match,
       const void *matchinfo,
       int offset,
       unsigned int protoff,
@@ -53,76 +52,58 @@ match(const struct sk_buff *skb,
 static int
 checkentry(const char *tablename,
 	   const void *ip,
-	   const struct xt_match *match,
 	   void *matchinfo,
 	   unsigned int matchsize,
 	   unsigned int hook_mask)
 {
-	struct xt_connmark_info *cm = (struct xt_connmark_info *)matchinfo;
+	struct xt_connmark_info *cm = 
+				(struct xt_connmark_info *)matchinfo;
+	if (matchsize != XT_ALIGN(sizeof(struct xt_connmark_info)))
+		return 0;
 
 	if (cm->mark > 0xffffffff || cm->mask > 0xffffffff) {
 		printk(KERN_WARNING "connmark: only support 32bit mark\n");
 		return 0;
 	}
-#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
-	if (nf_ct_l3proto_try_module_get(match->family) < 0) {
-		printk(KERN_WARNING "can't load nf_conntrack support for "
-				    "proto=%d\n", match->family);
-		return 0;
-	}
-#endif
-	return 1;
-}
 
-static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
-{
-#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
-	nf_ct_l3proto_module_put(match->family);
-#endif
+	return 1;
 }
 
 static struct xt_match connmark_match = {
-	.name		= "connmark",
-	.match		= match,
-	.matchsize	= sizeof(struct xt_connmark_info),
-	.checkentry	= checkentry,
-	.destroy	= destroy,
-	.family		= AF_INET,
-	.me		= THIS_MODULE
+	.name = "connmark",
+	.match = &match,
+	.checkentry = &checkentry,
+	.me = THIS_MODULE
 };
-
 static struct xt_match connmark6_match = {
-	.name		= "connmark",
-	.match		= match,
-	.matchsize	= sizeof(struct xt_connmark_info),
-	.checkentry	= checkentry,
-	.destroy	= destroy,
-	.family		= AF_INET6,
-	.me		= THIS_MODULE
+	.name = "connmark",
+	.match = &match,
+	.checkentry = &checkentry,
+	.me = THIS_MODULE
 };
 
-static int __init xt_connmark_init(void)
+
+static int __init init(void)
 {
 	int ret;
 
 	need_conntrack();
 
-	ret = xt_register_match(&connmark_match);
+	ret = xt_register_match(AF_INET, &connmark_match);
 	if (ret)
 		return ret;
 
-	ret = xt_register_match(&connmark6_match);
+	ret = xt_register_match(AF_INET6, &connmark6_match);
 	if (ret)
-		xt_unregister_match(&connmark_match);
+		xt_unregister_match(AF_INET, &connmark_match);
 	return ret;
 }
 
-static void __exit xt_connmark_fini(void)
+static void __exit fini(void)
 {
-	xt_unregister_match(&connmark6_match);
-	xt_unregister_match(&connmark_match);
+	xt_unregister_match(AF_INET6, &connmark6_match);
+	xt_unregister_match(AF_INET, &connmark_match);
 }
 
-module_init(xt_connmark_init);
-module_exit(xt_connmark_fini);
+module_init(init);
+module_exit(fini);