diff options
Diffstat (limited to 'net/netfilter/xt_u32.c')
| -rw-r--r-- | net/netfilter/xt_u32.c | 58 |
1 files changed, 22 insertions, 36 deletions
diff --git a/net/netfilter/xt_u32.c b/net/netfilter/xt_u32.c index af75b8c3f20..a95b50342db 100644 --- a/net/netfilter/xt_u32.c +++ b/net/netfilter/xt_u32.c @@ -3,7 +3,6 @@ * * Original author: Don Cohen <don@isis.cs3-inc.com> * (C) CC Computer Consultants GmbH, 2007 - * Contact: <jengelh@computergmbh.de> */ #include <linux/module.h> @@ -26,7 +25,6 @@ static bool u32_match_it(const struct xt_u32 *data, u_int32_t pos; u_int32_t val; u_int32_t at; - int ret; /* * Small example: "0 >> 28 == 4 && 8 & 0xFF0000 >> 16 = 6, 17" @@ -40,8 +38,8 @@ static bool u32_match_it(const struct xt_u32 *data, if (skb->len < 4 || pos > skb->len - 4) return false; - ret = skb_copy_bits(skb, pos, &n, sizeof(n)); - BUG_ON(ret < 0); + if (skb_copy_bits(skb, pos, &n, sizeof(n)) < 0) + BUG(); val = ntohl(n); nnums = ct->nnums; @@ -67,9 +65,9 @@ static bool u32_match_it(const struct xt_u32 *data, pos > skb->len - at - 4) return false; - ret = skb_copy_bits(skb, at + pos, &n, - sizeof(n)); - BUG_ON(ret < 0); + if (skb_copy_bits(skb, at + pos, &n, + sizeof(n)) < 0) + BUG(); val = ntohl(n); break; } @@ -88,50 +86,38 @@ static bool u32_match_it(const struct xt_u32 *data, return true; } -static bool u32_match(const struct sk_buff *skb, - const struct net_device *in, - const struct net_device *out, - const struct xt_match *match, const void *matchinfo, - int offset, unsigned int protoff, bool *hotdrop) +static bool u32_mt(const struct sk_buff *skb, struct xt_action_param *par) { - const struct xt_u32 *data = matchinfo; + const struct xt_u32 *data = par->matchinfo; bool ret; ret = u32_match_it(data, skb); return ret ^ data->invert; } -static struct xt_match u32_reg[] __read_mostly = { - { - .name = "u32", - .family = AF_INET, - .match = u32_match, - .matchsize = sizeof(struct xt_u32), - .me = THIS_MODULE, - }, - { - .name = "u32", - .family = AF_INET6, - .match = u32_match, - .matchsize = sizeof(struct xt_u32), - .me = THIS_MODULE, - }, +static struct xt_match xt_u32_mt_reg __read_mostly = { + .name = "u32", + .revision = 0, + .family = NFPROTO_UNSPEC, + .match = u32_mt, + .matchsize = sizeof(struct xt_u32), + .me = THIS_MODULE, }; -static int __init xt_u32_init(void) +static int __init u32_mt_init(void) { - return xt_register_matches(u32_reg, ARRAY_SIZE(u32_reg)); + return xt_register_match(&xt_u32_mt_reg); } -static void __exit xt_u32_exit(void) +static void __exit u32_mt_exit(void) { - xt_unregister_matches(u32_reg, ARRAY_SIZE(u32_reg)); + xt_unregister_match(&xt_u32_mt_reg); } -module_init(xt_u32_init); -module_exit(xt_u32_exit); -MODULE_AUTHOR("Jan Engelhardt <jengelh@computergmbh.de>"); -MODULE_DESCRIPTION("netfilter u32 match module"); +module_init(u32_mt_init); +module_exit(u32_mt_exit); +MODULE_AUTHOR("Jan Engelhardt <jengelh@medozas.de>"); +MODULE_DESCRIPTION("Xtables: arbitrary byte matching"); MODULE_LICENSE("GPL"); MODULE_ALIAS("ipt_u32"); MODULE_ALIAS("ip6t_u32"); |