mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-06 04:35:12 +02:00
compat_xtables: remove no longer needed target API redirection
Function signature for targets stayed the same since 3.7.
This commit is contained in:
Jan Engelhardt
@@ -474,14 +474,15 @@ static void ipt_acc_depth2_insert(struct ipt_acc_mask_8 *mask_8,
|
||||
}
|
||||
}
|
||||
|
||||
static unsigned int ipt_acc_target(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
static unsigned int
|
||||
ipt_acc_target(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct ipt_acc_info *info =
|
||||
par->targinfo;
|
||||
|
||||
__be32 src_ip = ip_hdr(*pskb)->saddr;
|
||||
__be32 dst_ip = ip_hdr(*pskb)->daddr;
|
||||
uint32_t size = ntohs(ip_hdr(*pskb)->tot_len);
|
||||
__be32 src_ip = ip_hdr(skb)->saddr;
|
||||
__be32 dst_ip = ip_hdr(skb)->daddr;
|
||||
uint32_t size = ntohs(ip_hdr(skb)->tot_len);
|
||||
|
||||
spin_lock_bh(&ipt_acc_lock);
|
||||
|
||||
|
||||
@@ -28,82 +28,6 @@
|
||||
# define WITH_IPV6 1
|
||||
#endif
|
||||
|
||||
static unsigned int
|
||||
xtnu_target_run(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
struct xtnu_target *nt = xtcompat_nutarget(par->target);
|
||||
|
||||
return nt->target(&skb, par);
|
||||
}
|
||||
|
||||
int xtnu_register_target(struct xtnu_target *nt)
|
||||
{
|
||||
struct xt_target *ct;
|
||||
char *tmp;
|
||||
int ret;
|
||||
|
||||
ct = kzalloc(sizeof(struct xt_target), GFP_KERNEL);
|
||||
if (ct == NULL)
|
||||
return -ENOMEM;
|
||||
|
||||
tmp = (char *)ct->name;
|
||||
memcpy(tmp, nt->name, sizeof(nt->name));
|
||||
tmp = (char *)(ct->name + sizeof(ct->name) - sizeof(void *));
|
||||
*(tmp-1) = '\0';
|
||||
memcpy(tmp, &nt, sizeof(void *));
|
||||
|
||||
ct->revision = nt->revision;
|
||||
ct->family = nt->family;
|
||||
ct->table = (char *)nt->table;
|
||||
ct->hooks = nt->hooks;
|
||||
ct->proto = nt->proto;
|
||||
ct->target = xtnu_target_run;
|
||||
ct->checkentry = nt->checkentry;
|
||||
ct->destroy = nt->destroy;
|
||||
ct->targetsize = nt->targetsize;
|
||||
ct->me = nt->me;
|
||||
|
||||
nt->__compat_target = ct;
|
||||
ret = xt_register_target(ct);
|
||||
if (ret != 0)
|
||||
kfree(ct);
|
||||
return ret;
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xtnu_register_target);
|
||||
|
||||
int xtnu_register_targets(struct xtnu_target *nt, unsigned int num)
|
||||
{
|
||||
unsigned int i;
|
||||
int ret;
|
||||
|
||||
for (i = 0; i < num; ++i) {
|
||||
ret = xtnu_register_target(&nt[i]);
|
||||
if (ret < 0) {
|
||||
if (i > 0)
|
||||
xtnu_unregister_targets(nt, i);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xtnu_register_targets);
|
||||
|
||||
void xtnu_unregister_target(struct xtnu_target *nt)
|
||||
{
|
||||
xt_unregister_target(nt->__compat_target);
|
||||
kfree(nt->__compat_target);
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xtnu_unregister_target);
|
||||
|
||||
void xtnu_unregister_targets(struct xtnu_target *nt, unsigned int num)
|
||||
{
|
||||
unsigned int i;
|
||||
|
||||
for (i = 0; i < num; ++i)
|
||||
xtnu_unregister_target(&nt[i]);
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xtnu_unregister_targets);
|
||||
|
||||
void *HX_memmem(const void *space, size_t spacesize,
|
||||
const void *point, size_t pointsize)
|
||||
{
|
||||
|
||||
@@ -42,12 +42,6 @@
|
||||
# define NIPQUAD_FMT "%u.%u.%u.%u"
|
||||
#endif
|
||||
|
||||
#define xt_target xtnu_target
|
||||
#define xt_register_target xtnu_register_target
|
||||
#define xt_unregister_target xtnu_unregister_target
|
||||
#define xt_register_targets xtnu_register_targets
|
||||
#define xt_unregister_targets xtnu_unregister_targets
|
||||
|
||||
#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 9, 0)
|
||||
static inline struct inode *file_inode(struct file *f)
|
||||
{
|
||||
|
||||
@@ -85,7 +85,7 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
chaos_tg(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
chaos_tg(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
/*
|
||||
* Equivalent to:
|
||||
@@ -96,7 +96,6 @@ chaos_tg(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
* -A chaos -j DROP;
|
||||
*/
|
||||
const struct xt_chaos_tginfo *info = par->targinfo;
|
||||
struct sk_buff *skb = *pskb;
|
||||
const struct iphdr *iph = ip_hdr(skb);
|
||||
|
||||
if ((unsigned int)net_random() <= reject_percentage) {
|
||||
|
||||
@@ -138,14 +138,14 @@ static void delude_send_reset(struct sk_buff *oldskb, unsigned int hook)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
delude_tg(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
delude_tg(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
/*
|
||||
* Sending the reset causes reentrancy within iptables - and should not pose
|
||||
* a problem, as that is supported since Linux 2.6.35. But since we do not
|
||||
* actually want to have a connection open, we are still going to drop it.
|
||||
*/
|
||||
delude_send_reset(*pskb, par->hooknum);
|
||||
delude_send_reset(skb, par->hooknum);
|
||||
return NF_DROP;
|
||||
}
|
||||
|
||||
|
||||
@@ -89,12 +89,11 @@ dhcpmac_mt(const struct sk_buff *skb, struct xt_action_param *par)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
dhcpmac_tg(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
dhcpmac_tg(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct dhcpmac_info *info = par->targinfo;
|
||||
struct dhcp_message dhcpbuf, *dh;
|
||||
struct udphdr udpbuf, *udph;
|
||||
struct sk_buff *skb = *pskb;
|
||||
unsigned int i;
|
||||
|
||||
if (!skb_make_writable(skb, 0))
|
||||
|
||||
@@ -353,9 +353,8 @@ out:
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
dnetmap_tg(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
dnetmap_tg(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
struct sk_buff *skb = *pskb;
|
||||
struct net *net = dev_net(par->in ? par->in : par->out);
|
||||
struct dnetmap_net *dnetmap_net = dnetmap_pernet(net);
|
||||
struct nf_conn *ct;
|
||||
|
||||
@@ -24,9 +24,8 @@
|
||||
#include "compat_xtables.h"
|
||||
|
||||
static unsigned int
|
||||
echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
echo_tg6(struct sk_buff *oldskb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct sk_buff *oldskb = *poldskb;
|
||||
const struct udphdr *oldudp;
|
||||
const struct ipv6hdr *oldip;
|
||||
struct udphdr *newudp, oldudp_buf;
|
||||
@@ -39,7 +38,7 @@ echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
struct net *net = dev_net((par->in != NULL) ? par->in : par->out);
|
||||
|
||||
/* This allows us to do the copy operation in fewer lines of code. */
|
||||
if (skb_linearize(*poldskb) < 0)
|
||||
if (skb_linearize(oldskb) < 0)
|
||||
return NF_DROP;
|
||||
|
||||
oldip = ipv6_hdr(oldskb);
|
||||
@@ -112,7 +111,7 @@ echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
if (newskb->len > dst_mtu(skb_dst(newskb)))
|
||||
goto free_nskb;
|
||||
|
||||
nf_ct_attach(newskb, *poldskb);
|
||||
nf_ct_attach(newskb, oldskb);
|
||||
ip6_local_out(newskb);
|
||||
return NF_DROP;
|
||||
|
||||
@@ -122,9 +121,8 @@ echo_tg6(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
echo_tg4(struct sk_buff *oldskb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct sk_buff *oldskb = *poldskb;
|
||||
const struct udphdr *oldudp;
|
||||
const struct iphdr *oldip;
|
||||
struct udphdr *newudp, oldudp_buf;
|
||||
@@ -134,7 +132,7 @@ echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
void *payload;
|
||||
|
||||
/* This allows us to do the copy operation in fewer lines of code. */
|
||||
if (skb_linearize(*poldskb) < 0)
|
||||
if (skb_linearize(oldskb) < 0)
|
||||
return NF_DROP;
|
||||
|
||||
oldip = ip_hdr(oldskb);
|
||||
@@ -202,7 +200,7 @@ echo_tg4(struct sk_buff **poldskb, const struct xt_action_param *par)
|
||||
if (newskb->len > dst_mtu(skb_dst(newskb)))
|
||||
goto free_nskb;
|
||||
|
||||
nf_ct_attach(newskb, *poldskb);
|
||||
nf_ct_attach(newskb, oldskb);
|
||||
ip_local_out(newskb);
|
||||
return NF_DROP;
|
||||
|
||||
|
||||
@@ -25,10 +25,9 @@ MODULE_ALIAS("ipt_IPMARK");
|
||||
MODULE_ALIAS("ip6t_IPMARK");
|
||||
|
||||
static unsigned int
|
||||
ipmark_tg4(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
ipmark_tg4(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct xt_ipmark_tginfo *ipmarkinfo = par->targinfo;
|
||||
const struct sk_buff *skb = *pskb;
|
||||
const struct iphdr *iph = ip_hdr(skb);
|
||||
__u32 mark;
|
||||
|
||||
@@ -61,10 +60,9 @@ static __u32 ipmark_from_ip6(const struct in6_addr *a, unsigned int s)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
ipmark_tg6(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
ipmark_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct xt_ipmark_tginfo *info = par->targinfo;
|
||||
const struct sk_buff *skb = *pskb;
|
||||
const struct ipv6hdr *iph = ipv6_hdr(skb);
|
||||
__u32 mark;
|
||||
|
||||
|
||||
@@ -63,9 +63,8 @@ static void logmark_ct(const struct nf_conn *ct, enum ip_conntrack_info ctinfo)
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
logmark_tg(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
logmark_tg(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct sk_buff *skb = *pskb;
|
||||
const struct xt_logmark_tginfo *info = par->targinfo;
|
||||
const struct nf_conn *ct;
|
||||
enum ip_conntrack_info ctinfo;
|
||||
|
||||
@@ -189,9 +189,8 @@ static unsigned int sysrq_tg(const void *pdata, uint16_t len)
|
||||
#endif
|
||||
|
||||
static unsigned int
|
||||
sysrq_tg4(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
sysrq_tg4(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
struct sk_buff *skb = *pskb;
|
||||
const struct iphdr *iph;
|
||||
const struct udphdr *udph;
|
||||
uint16_t len;
|
||||
@@ -220,9 +219,8 @@ sysrq_tg4(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
|
||||
#ifdef WITH_IPV6
|
||||
static unsigned int
|
||||
sysrq_tg6(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
sysrq_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
struct sk_buff *skb = *pskb;
|
||||
const struct ipv6hdr *iph;
|
||||
const struct udphdr *udph;
|
||||
unsigned short frag_off;
|
||||
|
||||
@@ -404,9 +404,8 @@ static void tarpit_tcp6(struct sk_buff *oldskb, unsigned int hook,
|
||||
#endif
|
||||
|
||||
static unsigned int
|
||||
tarpit_tg4(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
tarpit_tg4(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct sk_buff *skb = *pskb;
|
||||
const struct iphdr *iph = ip_hdr(skb);
|
||||
const struct rtable *rt = skb_rtable(skb);
|
||||
const struct xt_tarpit_tginfo *info = par->targinfo;
|
||||
@@ -435,15 +434,14 @@ tarpit_tg4(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
if (iph->frag_off & htons(IP_OFFSET))
|
||||
return NF_DROP;
|
||||
|
||||
tarpit_tcp4(*pskb, par->hooknum, info->variant);
|
||||
tarpit_tcp4(skb, par->hooknum, info->variant);
|
||||
return NF_DROP;
|
||||
}
|
||||
|
||||
#ifdef WITH_IPV6
|
||||
static unsigned int
|
||||
tarpit_tg6(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
tarpit_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
const struct sk_buff *skb = *pskb;
|
||||
const struct ipv6hdr *iph = ipv6_hdr(skb);
|
||||
const struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
|
||||
const struct xt_tarpit_tginfo *info = par->targinfo;
|
||||
@@ -478,7 +476,7 @@ tarpit_tg6(struct sk_buff **pskb, const struct xt_action_param *par)
|
||||
return NF_DROP;
|
||||
}
|
||||
|
||||
tarpit_tcp6(*pskb, par->hooknum, info->variant);
|
||||
tarpit_tcp6(skb, par->hooknum, info->variant);
|
||||
return NF_DROP;
|
||||
}
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user