Merge to Fedora kernel-2.6.18-1.2260_FC5 patched with stable patch-2.6.18.5-vs2.0...

[linux-2.6.git] / net / ipv4 / netfilter / ipt_set.c

diff --git a/net/ipv4/netfilter/ipt_set.c b/net/ipv4/netfilter/ipt_set.c
index 9e36c81..e3e0676 100644 (file)
--- a/net/ipv4/netfilter/ipt_set.c
+++ b/net/ipv4/netfilter/ipt_set.c
@@ -13,6 +13,7 @@
 #include <linux/module.h>
 #include <linux/ip.h>
 #include <linux/skbuff.h>
+#include <linux/version.h>
 
 #include <linux/netfilter_ipv4/ip_tables.h>
 #include <linux/netfilter_ipv4/ip_set.h>
@@ -32,9 +33,15 @@ static int
 match(const struct sk_buff *skb,
       const struct net_device *in,
       const struct net_device *out,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+      const struct xt_match *match,
+#endif
       const void *matchinfo,
-      int offset,
-      int *hotdrop)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+      int offset, unsigned int protoff, int *hotdrop)
+#else
+      int offset, int *hotdrop)
+#endif
 {
        const struct ipt_set_info_match *info = matchinfo;
                
@@ -45,19 +52,30 @@ match(const struct sk_buff *skb,
 
 static int
 checkentry(const char *tablename,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+          const void *inf,
+#else
           const struct ipt_ip *ip,
+#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+          const struct xt_match *match,
+#endif
           void *matchinfo,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
           unsigned int matchsize,
+#endif
           unsigned int hook_mask)
 {
        struct ipt_set_info_match *info = 
                (struct ipt_set_info_match *) matchinfo;
        ip_set_id_t index;
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
        if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
                ip_set_printk("invalid matchsize %d", matchsize);
                return 0;
        }
+#endif
 
        index = ip_set_get_byindex(info->match_set.index);
                
@@ -74,21 +92,33 @@ checkentry(const char *tablename,
        return 1;
 }
 
-static void destroy(void *matchinfo, unsigned int matchsize)
+static void destroy(
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+                   const struct xt_match *match,
+#endif
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+                   void *matchinfo, unsigned int matchsize)
+#else
+                   void *matchinfo)
+#endif
 {
        struct ipt_set_info_match *info = matchinfo;
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
        if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
                ip_set_printk("invalid matchsize %d", matchsize);
                return;
        }
-
+#endif
        ip_set_put(info->match_set.index);
 }
 
 static struct ipt_match set_match = {
        .name           = "set",
        .match          = &match,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+       .matchsize      = sizeof(struct ipt_set_info_match),
+#endif
        .checkentry     = &checkentry,
        .destroy        = &destroy,
        .me             = THIS_MODULE
@@ -98,15 +128,15 @@ MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
 MODULE_DESCRIPTION("iptables IP set match module");
 
-static int __init init(void)
+static int __init ipt_ipset_init(void)
 {
        return ipt_register_match(&set_match);
 }
 
-static void __exit fini(void)
+static void __exit ipt_ipset_fini(void)
 {
        ipt_unregister_match(&set_match);
 }
 
-module_init(init);
-module_exit(fini);
+module_init(ipt_ipset_init);
+module_exit(ipt_ipset_fini);