#define XT_FUNCTION_MAXNAMELEN 30
#define XT_TABLE_MAXNAMELEN 32
-struct xt_entry_match
-{
- union {
- struct {
- u_int16_t match_size;
-
- /* Used by userspace */
- char name[XT_FUNCTION_MAXNAMELEN-1];
-
- u_int8_t revision;
- } user;
- struct {
- u_int16_t match_size;
-
- /* Used inside the kernel */
- struct xt_match *match;
- } kernel;
-
- /* Total length */
- u_int16_t match_size;
- } u;
-
- unsigned char data[0];
-};
-
-struct xt_entry_target
-{
- union {
- struct {
- u_int16_t target_size;
-
- /* Used by userspace */
- char name[XT_FUNCTION_MAXNAMELEN-1];
-
- u_int8_t revision;
- } user;
- struct {
- u_int16_t target_size;
-
- /* Used inside the kernel */
- struct xt_target *target;
- } kernel;
-
- /* Total length */
- u_int16_t target_size;
- } u;
-
- unsigned char data[0];
-};
-
-struct xt_standard_target
-{
- struct xt_entry_target target;
- int verdict;
-};
-
/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision
* kernel supports, if >= revision. */
struct xt_get_revision
#define ASSERT_WRITE_LOCK(x)
#include <linux/netfilter_ipv4/listhelp.h>
-#ifdef CONFIG_COMPAT
-#define COMPAT_TO_USER 1
-#define COMPAT_FROM_USER -1
-#define COMPAT_CALC_SIZE 0
-#endif
-
struct xt_match
{
struct list_head list;
const char name[XT_FUNCTION_MAXNAMELEN-1];
+ u_int8_t revision;
+
/* Return true or false: return FALSE and set *hotdrop = 1 to
force immediate packet drop. */
/* Arguments changed since 2.6.9, as this must now handle
int (*match)(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
- const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
/* Should return true or false. */
int (*checkentry)(const char *tablename,
const void *ip,
- const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
unsigned int hook_mask);
/* Called when entry of this type deleted. */
- void (*destroy)(const struct xt_match *match, void *matchinfo,
- unsigned int matchinfosize);
-
- /* Called when userspace align differs from kernel space one */
- int (*compat)(void *match, void **dstptr, int *size, int convert);
+ void (*destroy)(void *matchinfo, unsigned int matchinfosize);
/* Set this to THIS_MODULE if you are a module, otherwise NULL */
struct module *me;
-
- char *table;
- unsigned int matchsize;
- unsigned int hooks;
- unsigned short proto;
-
- unsigned short family;
- u_int8_t revision;
};
/* Registration hooks for targets. */
const char name[XT_FUNCTION_MAXNAMELEN-1];
+ u_int8_t revision;
+
/* Returns verdict. Argument order changed since 2.6.9, as this
must now handle non-linear skbs, using skb_copy_bits and
skb_ip_make_writable. */
const struct net_device *in,
const struct net_device *out,
unsigned int hooknum,
- const struct xt_target *target,
const void *targinfo,
void *userdata);
/* Should return true or false. */
int (*checkentry)(const char *tablename,
const void *entry,
- const struct xt_target *target,
void *targinfo,
unsigned int targinfosize,
unsigned int hook_mask);
/* Called when entry of this type deleted. */
- void (*destroy)(const struct xt_target *target, void *targinfo,
- unsigned int targinfosize);
-
- /* Called when userspace align differs from kernel space one */
- int (*compat)(void *target, void **dstptr, int *size, int convert);
+ void (*destroy)(void *targinfo, unsigned int targinfosize);
/* Set this to THIS_MODULE if you are a module, otherwise NULL */
struct module *me;
-
- char *table;
- unsigned int targetsize;
- unsigned int hooks;
- unsigned short proto;
-
- unsigned short family;
- u_int8_t revision;
};
/* Furniture shopping... */
char *entries[NR_CPUS];
};
-extern int xt_register_target(struct xt_target *target);
-extern void xt_unregister_target(struct xt_target *target);
-extern int xt_register_match(struct xt_match *target);
-extern void xt_unregister_match(struct xt_match *target);
-
-extern int xt_check_match(const struct xt_match *match, unsigned short family,
- unsigned int size, const char *table, unsigned int hook,
- unsigned short proto, int inv_proto);
-extern int xt_check_target(const struct xt_target *target, unsigned short family,
- unsigned int size, const char *table, unsigned int hook,
- unsigned short proto, int inv_proto);
+extern int xt_register_target(int af, struct xt_target *target);
+extern void xt_unregister_target(int af, struct xt_target *target);
+extern int xt_register_match(int af, struct xt_match *target);
+extern void xt_unregister_match(int af, struct xt_match *target);
extern int xt_register_table(struct xt_table *table,
struct xt_table_info *bootstrap,
extern struct xt_table_info *xt_alloc_table_info(unsigned int size);
extern void xt_free_table_info(struct xt_table_info *info);
-#ifdef CONFIG_COMPAT
-#include <net/compat.h>
-
-struct compat_xt_entry_match
-{
- union {
- struct {
- u_int16_t match_size;
- char name[XT_FUNCTION_MAXNAMELEN - 1];
- u_int8_t revision;
- } user;
- struct {
- u_int16_t match_size;
- compat_uptr_t match;
- } kernel;
- u_int16_t match_size;
- } u;
- unsigned char data[0];
-};
-
-struct compat_xt_entry_target
-{
- union {
- struct {
- u_int16_t target_size;
- char name[XT_FUNCTION_MAXNAMELEN - 1];
- u_int8_t revision;
- } user;
- struct {
- u_int16_t target_size;
- compat_uptr_t target;
- } kernel;
- u_int16_t target_size;
- } u;
- unsigned char data[0];
-};
-
-/* FIXME: this works only on 32 bit tasks
- * need to change whole approach in order to calculate align as function of
- * current task alignment */
-
-struct compat_xt_counters
-{
-#if defined(CONFIG_X86_64) || defined(CONFIG_IA64)
- u_int32_t cnt[4];
-#else
- u_int64_t cnt[2];
-#endif
-};
-
-struct compat_xt_counters_info
-{
- char name[XT_TABLE_MAXNAMELEN];
- compat_uint_t num_counters;
- struct compat_xt_counters counters[0];
-};
-
-#define COMPAT_XT_ALIGN(s) (((s) + (__alignof__(struct compat_xt_counters)-1)) \
- & ~(__alignof__(struct compat_xt_counters)-1))
-
-extern void xt_compat_lock(int af);
-extern void xt_compat_unlock(int af);
-extern int xt_compat_match(void *match, void **dstptr, int *size, int convert);
-extern int xt_compat_target(void *target, void **dstptr, int *size,
- int convert);
-
-#endif /* CONFIG_COMPAT */
#endif /* __KERNEL__ */
#endif /* _X_TABLES_H */
git://git.onelab.eu / linux-2.6.git / blobdiff