match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
- const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
}
+static int check(const char *tablename,
+ const void *ip,
+ void *matchinfo,
+ unsigned int matchsize,
+ unsigned int hook_mask)
+{
+ if (hook_mask
+ & ~((1 << NF_IP_POST_ROUTING) | (1 << NF_IP_FORWARD) |
+ (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_LOCAL_IN))) {
+ printk("xt_realm: only valid for POST_ROUTING, LOCAL_OUT, "
+ "LOCAL_IN or FORWARD.\n");
+ return 0;
+ }
+ if (matchsize != XT_ALIGN(sizeof(struct xt_realm_info))) {
+ printk("xt_realm: invalid matchsize.\n");
+ return 0;
+ }
+ return 1;
+}
+
static struct xt_match realm_match = {
.name = "realm",
- .match = match,
- .matchsize = sizeof(struct xt_realm_info),
- .hooks = (1 << NF_IP_POST_ROUTING) | (1 << NF_IP_FORWARD) |
- (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_LOCAL_IN),
- .family = AF_INET,
+ .match = match,
+ .checkentry = check,
.me = THIS_MODULE
};
-static int __init xt_realm_init(void)
+static int __init init(void)
{
- return xt_register_match(&realm_match);
+ return xt_register_match(AF_INET, &realm_match);
}
-static void __exit xt_realm_fini(void)
+static void __exit fini(void)
{
- xt_unregister_match(&realm_match);
+ xt_unregister_match(AF_INET, &realm_match);
}
-module_init(xt_realm_init);
-module_exit(xt_realm_fini);
+module_init(init);
+module_exit(fini);
git://git.onelab.eu / linux-2.6.git / blobdiff