diff --git a/extensions/ACCOUNT/xt_ACCOUNT.c b/extensions/ACCOUNT/xt_ACCOUNT.c index 3532285..fa51802 100644 --- a/extensions/ACCOUNT/xt_ACCOUNT.c +++ b/extensions/ACCOUNT/xt_ACCOUNT.c @@ -474,14 +474,15 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8, } } -static unsigned int ipt_acc_target(struct sk_buff **pskb, const struct xt_action_param *par) +static unsigned int +ipt_acc_target(struct sk_buff *skb, const struct xt_action_param *par) { const struct ipt_acc_info *info = par->targinfo; - __be32 src_ip = ip_hdr(*pskb)->saddr; - __be32 dst_ip = ip_hdr(*pskb)->daddr; - uint32_t size = ntohs(ip_hdr(*pskb)->tot_len); + __be32 src_ip = ip_hdr(skb)->saddr; + __be32 dst_ip = ip_hdr(skb)->daddr; + uint32_t size = ntohs(ip_hdr(skb)->tot_len); spin_lock_bh(&ipt_acc_lock); diff --git a/extensions/compat_xtables.c b/extensions/compat_xtables.c index acf3606..d3312d5 100644 --- a/extensions/compat_xtables.c +++ b/extensions/compat_xtables.c @@ -28,82 +28,6 @@ # define WITH_IPV6 1 #endif -static unsigned int -xtnu_target_run(struct sk_buff *skb, const struct xt_action_param *par) -{ - struct xtnu_target *nt = xtcompat_nutarget(par->target); - - return nt->target(&skb, par); -} - -int xtnu_register_target(struct xtnu_target *nt) -{ - struct xt_target *ct; - char *tmp; - int ret; - - ct = kzalloc(sizeof(struct xt_target), GFP_KERNEL); - if (ct == NULL) - return -ENOMEM; - - tmp = (char *)ct->name; - memcpy(tmp, nt->name, sizeof(nt->name)); - tmp = (char *)(ct->name + sizeof(ct->name) - sizeof(void *)); - *(tmp-1) = '\0'; - memcpy(tmp, &nt, sizeof(void *)); - - ct->revision = nt->revision; - ct->family = nt->family; - ct->table = (char *)nt->table; - ct->hooks = nt->hooks; - ct->proto = nt->proto; - ct->target = xtnu_target_run; - ct->checkentry = nt->checkentry; - ct->destroy = nt->destroy; - ct->targetsize = nt->targetsize; - ct->me = nt->me; - - nt->__compat_target = ct; - ret = xt_register_target(ct); - if (ret != 0) - kfree(ct); - return ret; -} -EXPORT_SYMBOL_GPL(xtnu_register_target); - -int xtnu_register_targets(struct xtnu_target *nt, unsigned int num) -{ - unsigned int i; - int ret; - - for (i = 0; i < num; ++i) { - ret = xtnu_register_target(&nt[i]); - if (ret < 0) { - if (i > 0) - xtnu_unregister_targets(nt, i); - return ret; - } - } - return 0; -} -EXPORT_SYMBOL_GPL(xtnu_register_targets); - -void xtnu_unregister_target(struct xtnu_target *nt) -{ - xt_unregister_target(nt->__compat_target); - kfree(nt->__compat_target); -} -EXPORT_SYMBOL_GPL(xtnu_unregister_target); - -void xtnu_unregister_targets(struct xtnu_target *nt, unsigned int num) -{ - unsigned int i; - - for (i = 0; i < num; ++i) - xtnu_unregister_target(&nt[i]); -} -EXPORT_SYMBOL_GPL(xtnu_unregister_targets); - void *HX_memmem(const void *space, size_t spacesize, const void *point, size_t pointsize) { diff --git a/extensions/compat_xtables.h b/extensions/compat_xtables.h index 7a78335..8ad8de4 100644 --- a/extensions/compat_xtables.h +++ b/extensions/compat_xtables.h @@ -42,12 +42,6 @@ # define NIPQUAD_FMT "%u.%u.%u.%u" #endif -#define xt_target xtnu_target -#define xt_register_target xtnu_register_target -#define xt_unregister_target xtnu_unregister_target -#define xt_register_targets xtnu_register_targets -#define xt_unregister_targets xtnu_unregister_targets - #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 9, 0) static inline struct inode *file_inode(struct file *f) { diff --git a/extensions/xt_CHAOS.c b/extensions/xt_CHAOS.c index 28544d0..f6a89ca 100644 --- a/extensions/xt_CHAOS.c +++ b/extensions/xt_CHAOS.c @@ -85,7 +85,7 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par) } static unsigned int -chaos_tg(struct sk_buff **pskb, const struct xt_action_param *par) +chaos_tg(struct sk_buff *skb, const struct xt_action_param *par) { /* * Equivalent to: @@ -96,7 +96,6 @@ chaos_tg(struct sk_buff **pskb, const struct xt_action_param *par) * -A chaos -j DROP; */ const struct xt_chaos_tginfo *info = par->targinfo; - struct sk_buff *skb = *pskb; const struct iphdr *iph = ip_hdr(skb); if ((unsigned int)net_random() <= reject_percentage) { diff --git a/extensions/xt_DELUDE.c b/extensions/xt_DELUDE.c index 466541e..39d92e3 100644 --- a/extensions/xt_DELUDE.c +++ b/extensions/xt_DELUDE.c @@ -138,14 +138,14 @@ static void delude_send_reset(struct sk_buff *oldskb, unsigned int hook) } static unsigned int -delude_tg(struct sk_buff **pskb, const struct xt_action_param *par) +delude_tg(struct sk_buff *skb, const struct xt_action_param *par) { /* * Sending the reset causes reentrancy within iptables - and should not pose * a problem, as that is supported since Linux 2.6.35. But since we do not * actually want to have a connection open, we are still going to drop it. */ - delude_send_reset(*pskb, par->hooknum); + delude_send_reset(skb, par->hooknum); return NF_DROP; } diff --git a/extensions/xt_DHCPMAC.c b/extensions/xt_DHCPMAC.c index 91223f8..5abb452 100644 --- a/extensions/xt_DHCPMAC.c +++ b/extensions/xt_DHCPMAC.c @@ -89,12 +89,11 @@ dhcpmac_mt(const struct sk_buff *skb, struct xt_action_param *par) } static unsigned int -dhcpmac_tg(struct sk_buff **pskb, const struct xt_action_param *par) +dhcpmac_tg(struct sk_buff *skb, const struct xt_action_param *par) { const struct dhcpmac_info *info = par->targinfo; struct dhcp_message dhcpbuf, *dh; struct udphdr udpbuf, *udph; - struct sk_buff *skb = *pskb; unsigned int i; if (!skb_make_writable(skb, 0)) diff --git a/extensions/xt_DNETMAP.c b/extensions/xt_DNETMAP.c index 594ef5b..1049095 100644 --- a/extensions/xt_DNETMAP.c +++ b/extensions/xt_DNETMAP.c @@ -353,9 +353,8 @@ out: } static unsigned int -dnetmap_tg(struct sk_buff **pskb, const struct xt_action_param *par) +dnetmap_tg(struct sk_buff *skb, const struct xt_action_param *par) { - struct sk_buff *skb = *pskb; struct net *net = dev_net(par->in ? par->in : par->out); struct dnetmap_net *dnetmap_net = dnetmap_pernet(net); struct nf_conn *ct; diff --git a/extensions/xt_ECHO.c b/extensions/xt_ECHO.c index c3d4ee0..c5b529c 100644 --- a/extensions/xt_ECHO.c +++ b/extensions/xt_ECHO.c @@ -24,9 +24,8 @@ #include "compat_xtables.h" static unsigned int -echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par) +echo_tg6(struct sk_buff *oldskb, const struct xt_action_param *par) { - const struct sk_buff *oldskb = *poldskb; const struct udphdr *oldudp; const struct ipv6hdr *oldip; struct udphdr *newudp, oldudp_buf; @@ -39,7 +38,7 @@ echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par) struct net *net = dev_net((par->in != NULL) ? par->in : par->out); /* This allows us to do the copy operation in fewer lines of code. */ - if (skb_linearize(*poldskb) < 0) + if (skb_linearize(oldskb) < 0) return NF_DROP; oldip = ipv6_hdr(oldskb); @@ -112,7 +111,7 @@ echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par) if (newskb->len > dst_mtu(skb_dst(newskb))) goto free_nskb; - nf_ct_attach(newskb, *poldskb); + nf_ct_attach(newskb, oldskb); ip6_local_out(newskb); return NF_DROP; @@ -122,9 +121,8 @@ echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par) } static unsigned int -echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par) +echo_tg4(struct sk_buff *oldskb, const struct xt_action_param *par) { - const struct sk_buff *oldskb = *poldskb; const struct udphdr *oldudp; const struct iphdr *oldip; struct udphdr *newudp, oldudp_buf; @@ -134,7 +132,7 @@ echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par) void *payload; /* This allows us to do the copy operation in fewer lines of code. */ - if (skb_linearize(*poldskb) < 0) + if (skb_linearize(oldskb) < 0) return NF_DROP; oldip = ip_hdr(oldskb); @@ -202,7 +200,7 @@ echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par) if (newskb->len > dst_mtu(skb_dst(newskb))) goto free_nskb; - nf_ct_attach(newskb, *poldskb); + nf_ct_attach(newskb, oldskb); ip_local_out(newskb); return NF_DROP; diff --git a/extensions/xt_IPMARK.c b/extensions/xt_IPMARK.c index 826a6f9..19b4f90 100644 --- a/extensions/xt_IPMARK.c +++ b/extensions/xt_IPMARK.c @@ -25,10 +25,9 @@ MODULE_ALIAS("ipt_IPMARK"); MODULE_ALIAS("ip6t_IPMARK"); static unsigned int -ipmark_tg4(struct sk_buff **pskb, const struct xt_action_param *par) +ipmark_tg4(struct sk_buff *skb, const struct xt_action_param *par) { const struct xt_ipmark_tginfo *ipmarkinfo = par->targinfo; - const struct sk_buff *skb = *pskb; const struct iphdr *iph = ip_hdr(skb); __u32 mark; @@ -61,10 +60,9 @@ static __u32 ipmark_from_ip6(const struct in6_addr *a, unsigned int s) } static unsigned int -ipmark_tg6(struct sk_buff **pskb, const struct xt_action_param *par) +ipmark_tg6(struct sk_buff *skb, const struct xt_action_param *par) { const struct xt_ipmark_tginfo *info = par->targinfo; - const struct sk_buff *skb = *pskb; const struct ipv6hdr *iph = ipv6_hdr(skb); __u32 mark; diff --git a/extensions/xt_LOGMARK.c b/extensions/xt_LOGMARK.c index 040041a..271931b 100644 --- a/extensions/xt_LOGMARK.c +++ b/extensions/xt_LOGMARK.c @@ -63,9 +63,8 @@ static void logmark_ct(const struct nf_conn *ct, enum ip_conntrack_info ctinfo) } static unsigned int -logmark_tg(struct sk_buff **pskb, const struct xt_action_param *par) +logmark_tg(struct sk_buff *skb, const struct xt_action_param *par) { - const struct sk_buff *skb = *pskb; const struct xt_logmark_tginfo *info = par->targinfo; const struct nf_conn *ct; enum ip_conntrack_info ctinfo; diff --git a/extensions/xt_SYSRQ.c b/extensions/xt_SYSRQ.c index 7964c16..cb2ceb1 100644 --- a/extensions/xt_SYSRQ.c +++ b/extensions/xt_SYSRQ.c @@ -189,9 +189,8 @@ static unsigned int sysrq_tg(const void *pdata, uint16_t len) #endif static unsigned int -sysrq_tg4(struct sk_buff **pskb, const struct xt_action_param *par) +sysrq_tg4(struct sk_buff *skb, const struct xt_action_param *par) { - struct sk_buff *skb = *pskb; const struct iphdr *iph; const struct udphdr *udph; uint16_t len; @@ -220,9 +219,8 @@ sysrq_tg4(struct sk_buff **pskb, const struct xt_action_param *par) #ifdef WITH_IPV6 static unsigned int -sysrq_tg6(struct sk_buff **pskb, const struct xt_action_param *par) +sysrq_tg6(struct sk_buff *skb, const struct xt_action_param *par) { - struct sk_buff *skb = *pskb; const struct ipv6hdr *iph; const struct udphdr *udph; unsigned short frag_off; diff --git a/extensions/xt_TARPIT.c b/extensions/xt_TARPIT.c index bb41057..dc1d866 100644 --- a/extensions/xt_TARPIT.c +++ b/extensions/xt_TARPIT.c @@ -404,9 +404,8 @@ static void tarpit_tcp6(struct sk_buff *oldskb, unsigned int hook, #endif static unsigned int -tarpit_tg4(struct sk_buff **pskb, const struct xt_action_param *par) +tarpit_tg4(struct sk_buff *skb, const struct xt_action_param *par) { - const struct sk_buff *skb = *pskb; const struct iphdr *iph = ip_hdr(skb); const struct rtable *rt = skb_rtable(skb); const struct xt_tarpit_tginfo *info = par->targinfo; @@ -435,15 +434,14 @@ tarpit_tg4(struct sk_buff **pskb, const struct xt_action_param *par) if (iph->frag_off & htons(IP_OFFSET)) return NF_DROP; - tarpit_tcp4(*pskb, par->hooknum, info->variant); + tarpit_tcp4(skb, par->hooknum, info->variant); return NF_DROP; } #ifdef WITH_IPV6 static unsigned int -tarpit_tg6(struct sk_buff **pskb, const struct xt_action_param *par) +tarpit_tg6(struct sk_buff *skb, const struct xt_action_param *par) { - const struct sk_buff *skb = *pskb; const struct ipv6hdr *iph = ipv6_hdr(skb); const struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); const struct xt_tarpit_tginfo *info = par->targinfo; @@ -478,7 +476,7 @@ tarpit_tg6(struct sk_buff **pskb, const struct xt_action_param *par) return NF_DROP; } - tarpit_tcp6(*pskb, par->hooknum, info->variant); + tarpit_tcp6(skb, par->hooknum, info->variant); return NF_DROP; } #endif