1 files changed, 18 insertions, 43 deletions
diff --git a/net/netfilter/xt_realm.c b/net/netfilter/xt_realm.c
index 2b7e1781d34..459a7b256eb 100644
--- a/net/netfilter/xt_realm.c
+++ b/net/netfilter/xt_realm.c
@@ -1,7 +1,5 @@
 /* IP tables module for matching the routing realm
  *
- * $Id: ipt_realm.c,v 1.3 2004/03/05 13:25:40 laforge Exp $
- *
  * (C) 2003 by Sampsa Ranta <sampsa@netsonic.fi>
  *
  * This program is free software; you can redistribute it and/or modify
@@ -20,60 +18,37 @@
 
 MODULE_AUTHOR("Sampsa Ranta <sampsa@netsonic.fi>");
 MODULE_LICENSE("GPL");
-MODULE_DESCRIPTION("X_tables realm match");
+MODULE_DESCRIPTION("Xtables: Routing realm match");
 MODULE_ALIAS("ipt_realm");
 
-static int
-match(const struct sk_buff *skb,
-      const struct net_device *in,
-      const struct net_device *out,
-      const void *matchinfo,
-      int offset,
-      unsigned int protoff,
-      int *hotdrop)
+static bool
+realm_mt(const struct sk_buff *skb, struct xt_action_param *par)
 {
-	const struct xt_realm_info *info = matchinfo;
-	struct dst_entry *dst = skb->dst;
-    
-	return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
-}
+	const struct xt_realm_info *info = par->matchinfo;
+	const struct dst_entry *dst = skb_dst(skb);
 
-static int check(const char *tablename,
-                 const void *ip,
-                 void *matchinfo,
-                 unsigned int matchsize,
-                 unsigned int hook_mask)
-{
-	if (hook_mask
-	    & ~((1 << NF_IP_POST_ROUTING) | (1 << NF_IP_FORWARD) |
-	        (1 << NF_IP_LOCAL_OUT) | (1 << NF_IP_LOCAL_IN))) {
-		printk("xt_realm: only valid for POST_ROUTING, LOCAL_OUT, "
-		       "LOCAL_IN or FORWARD.\n");
-		return 0;
-	}
-	if (matchsize != XT_ALIGN(sizeof(struct xt_realm_info))) {
-		printk("xt_realm: invalid matchsize.\n");
-		return 0;
-	}
-	return 1;
+	return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
 }
 
-static struct xt_match realm_match = {
+static struct xt_match realm_mt_reg __read_mostly = {
 	.name		= "realm",
-	.match		= match, 
-	.checkentry	= check,
+	.match		= realm_mt,
+	.matchsize	= sizeof(struct xt_realm_info),
+	.hooks		= (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) |
+			  (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN),
+	.family		= NFPROTO_UNSPEC,
 	.me		= THIS_MODULE
 };
 
-static int __init init(void)
+static int __init realm_mt_init(void)
 {
-	return xt_register_match(AF_INET, &realm_match);
+	return xt_register_match(&realm_mt_reg);
 }
 
-static void __exit fini(void)
+static void __exit realm_mt_exit(void)
 {
-	xt_unregister_match(AF_INET, &realm_match);
+	xt_unregister_match(&realm_mt_reg);
 }
 
-module_init(init);
-module_exit(fini);
+module_init(realm_mt_init);
+module_exit(realm_mt_exit);