From: Massimiliano Hofer <max@nucleus.it>
To: netfilter-devel@lists.netfilter.org
Subject: [PATCH] entry_data
Date: Mon, 5 Jun 2006 00:29:08 +0200 [thread overview]
Message-ID: <200606050029.08602.max@nucleus.it> (raw)
[-- Attachment #1: Type: text/plain, Size: 1020 bytes --]
Hi,
here is my proposed patch for an API change that supports entry specific data.
As explained in my previous posts the purpose of this patch is to give matches
the opportunity to store entry specific data. Several matches already achieve
this reserving some space in the data fields, but these come from userspace
and I don't think it is the Right Way(TM) to do it.
How it works:
- xt_entry_match.u.kernel now includes void *entry_data;
- (*checkentry)() now receives void **entry_data that points to the above
mentioned field and has the ability to write to it;
- (*match)() and (*destroy)() are fed back the value set by (*checkentry)().
I did it just for matches. If anyone feels that it could be useful for
targets, plese let me know.
I split it into 2 patches. One lays the infrastructure (this is the real patch
and is really short), while the other changes every match in the mainline
kernel according to the new API.
Feel free to criticize and suggest improvements.
--
Bye,
Massimiliano Hofer
[-- Attachment #2: 2.6.17-rc5-entry_data_core.patch --]
[-- Type: text/x-diff, Size: 4843 bytes --]
diff -Nru linux-2.6.17-rc5/include/linux/netfilter/x_tables.h linux-2.6.17-rc5.entry_data_core/include/linux/netfilter/x_tables.h
--- linux-2.6.17-rc5/include/linux/netfilter/x_tables.h 2006-06-04 21:30:58.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_core/include/linux/netfilter/x_tables.h 2006-06-04 21:34:03.000000000 +0200
@@ -20,6 +20,7 @@
/* Used inside the kernel */
struct xt_match *match;
+ void *entry_data;
} kernel;
/* Total length */
@@ -166,7 +167,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop);
+ int *hotdrop,
+ void *entry_data);
/* Called when user tries to insert an entry of this type. */
/* Should return true or false. */
@@ -175,11 +177,12 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask);
+ unsigned int hook_mask,
+ void **entry_data);
/* Called when entry of this type deleted. */
void (*destroy)(const struct xt_match *match, void *matchinfo,
- unsigned int matchinfosize);
+ unsigned int matchinfosize, void *entry_data);
/* Called when userspace align differs from kernel space one */
int (*compat)(void *match, void **dstptr, int *size, int convert);
diff -Nru linux-2.6.17-rc5/net/ipv4/netfilter/ip_tables.c linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ip_tables.c
--- linux-2.6.17-rc5/net/ipv4/netfilter/ip_tables.c 2006-06-04 21:31:12.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ip_tables.c 2006-06-04 21:34:03.000000000 +0200
@@ -200,7 +200,8 @@
{
/* Stop iteration if it doesn't match */
if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data,
- offset, skb->nh.iph->ihl*4, hotdrop))
+ offset, skb->nh.iph->ihl*4, hotdrop,
+ m->u.kernel.entry_data))
return 1;
else
return 0;
@@ -468,7 +469,8 @@
if (m->u.kernel.match->destroy)
m->u.kernel.match->destroy(m->u.kernel.match, m->data,
- m->u.match_size - sizeof(*m));
+ m->u.match_size - sizeof(*m),
+ m->u.kernel.entry_data);
module_put(m->u.kernel.match->me);
return 0;
}
@@ -519,10 +521,12 @@
if (ret)
goto err;
+ m->u.kernel.entry_data=NULL;
if (m->u.kernel.match->checkentry
&& !m->u.kernel.match->checkentry(name, ip, match, m->data,
m->u.match_size - sizeof(*m),
- hookmask)) {
+ hookmask,
+ &m->u.kernel.entry_data)) {
duprintf("ip_tables: check failed for `%s'.\n",
m->u.kernel.match->name);
ret = -EINVAL;
@@ -2152,7 +2156,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct icmphdr _icmph, *ic;
const struct ipt_icmp *icmpinfo = matchinfo;
@@ -2185,7 +2190,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ipt_icmp *icmpinfo = matchinfo;
diff -Nru linux-2.6.17-rc5/net/ipv6/netfilter/ip6_tables.c linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6_tables.c
--- linux-2.6.17-rc5/net/ipv6/netfilter/ip6_tables.c 2006-06-04 21:31:13.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6_tables.c 2006-06-04 21:34:03.000000000 +0200
@@ -240,7 +240,8 @@
{
/* Stop iteration if it doesn't match */
if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data,
- offset, protoff, hotdrop))
+ offset, protoff, hotdrop,
+ m->u.kernel.entry_data))
return 1;
else
return 0;
@@ -508,7 +509,8 @@
if (m->u.kernel.match->destroy)
m->u.kernel.match->destroy(m->u.kernel.match, m->data,
- m->u.match_size - sizeof(*m));
+ m->u.match_size - sizeof(*m),
+ m->u.kernel.entry_data);
module_put(m->u.kernel.match->me);
return 0;
}
@@ -559,10 +561,12 @@
if (ret)
goto err;
+ m->u.kernel.entry_data=NULL;
if (m->u.kernel.match->checkentry
&& !m->u.kernel.match->checkentry(name, ipv6, match, m->data,
m->u.match_size - sizeof(*m),
- hookmask)) {
+ hookmask,
+ &m->u.kernel.entry_data)) {
duprintf("ip_tables: check failed for `%s'.\n",
m->u.kernel.match->name);
ret = -EINVAL;
@@ -1320,7 +1324,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct icmp6hdr _icmp, *ic;
const struct ip6t_icmp *icmpinfo = matchinfo;
@@ -1352,7 +1357,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_icmp *icmpinfo = matchinfo;
[-- Attachment #3: 2.6.17-rc5-entry_data_matches.patch --]
[-- Type: text/x-diff, Size: 36294 bytes --]
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_addrtype.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_addrtype.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_addrtype.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_addrtype.c 2006-06-04 20:52:42.000000000 +0200
@@ -30,7 +30,8 @@
static int match(const struct sk_buff *skb,
const struct net_device *in, const struct net_device *out,
const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, int *hotdrop)
+ int offset, unsigned int protoff, int *hotdrop,
+ void *entry_data)
{
const struct ipt_addrtype_info *info = matchinfo;
const struct iphdr *iph = skb->nh.iph;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_ah.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_ah.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_ah.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_ah.c 2006-06-04 20:52:42.000000000 +0200
@@ -43,7 +43,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ip_auth_hdr _ahdr, *ah;
const struct ipt_ah *ahinfo = matchinfo;
@@ -75,7 +76,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ipt_ah *ahinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_dscp.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_dscp.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_dscp.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_dscp.c 2006-06-04 20:52:42.000000000 +0200
@@ -22,7 +22,8 @@
static int match(const struct sk_buff *skb,
const struct net_device *in, const struct net_device *out,
const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, int *hotdrop)
+ int offset, unsigned int protoff, int *hotdrop,
+ void *entry_data)
{
const struct ipt_dscp_info *info = matchinfo;
const struct iphdr *iph = skb->nh.iph;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_ecn.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_ecn.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_ecn.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_ecn.c 2006-06-04 20:52:42.000000000 +0200
@@ -68,7 +68,8 @@
static int match(const struct sk_buff *skb,
const struct net_device *in, const struct net_device *out,
const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, int *hotdrop)
+ int offset, unsigned int protoff, int *hotdrop,
+ void *entry_data)
{
const struct ipt_ecn_info *info = matchinfo;
@@ -89,7 +90,7 @@
static int checkentry(const char *tablename, const void *ip_void,
const struct xt_match *match,
void *matchinfo, unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask, void **entry_data)
{
const struct ipt_ecn_info *info = matchinfo;
const struct ipt_ip *ip = ip_void;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_hashlimit.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_hashlimit.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_hashlimit.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_hashlimit.c 2006-06-04 20:52:42.000000000 +0200
@@ -432,7 +432,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ipt_hashlimit_info *r =
((struct ipt_hashlimit_info *)matchinfo)->u.master;
@@ -511,7 +512,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
struct ipt_hashlimit_info *r = matchinfo;
@@ -559,7 +561,7 @@
static void
hashlimit_destroy(const struct xt_match *match, void *matchinfo,
- unsigned int matchsize)
+ unsigned int matchsize, void *entry_data)
{
struct ipt_hashlimit_info *r = (struct ipt_hashlimit_info *) matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_iprange.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_iprange.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_iprange.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_iprange.c 2006-06-04 20:52:42.000000000 +0200
@@ -29,7 +29,7 @@
const struct net_device *out,
const struct xt_match *match,
const void *matchinfo,
- int offset, unsigned int protoff, int *hotdrop)
+ int offset, unsigned int protoff, int *hotdrop, void *entry_data)
{
const struct ipt_iprange_info *info = matchinfo;
const struct iphdr *iph = skb->nh.iph;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_owner.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_owner.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_owner.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_owner.c 2006-06-04 20:52:42.000000000 +0200
@@ -29,7 +29,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct ipt_owner_info *info = matchinfo;
@@ -57,7 +58,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ipt_owner_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_recent.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_recent.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_recent.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_recent.c 2006-06-04 20:52:42.000000000 +0200
@@ -106,7 +106,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop);
+ int *hotdrop,
+ void *entry_data);
/* Function to hash a given address into the hash table of table_size size */
static int hash_func(unsigned int addr, int table_size)
@@ -319,7 +320,7 @@
skb->nh.iph->daddr = 0;
/* Clear ttl since we have no way of knowing it */
skb->nh.iph->ttl = 0;
- match(skb,NULL,NULL,NULL,info,0,0,NULL);
+ match(skb,NULL,NULL,NULL,info,0,0,NULL,NULL);
kfree(skb->nh.iph);
out_free_skb:
@@ -361,7 +362,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
int pkt_count, hits_found, ans;
unsigned long now;
@@ -662,7 +664,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
int flag = 0, c;
unsigned long *hold;
@@ -872,7 +875,8 @@
* up its memory.
*/
static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+destroy(const struct xt_match *match, void *matchinfo,
+ unsigned int matchsize, void *entry_data)
{
const struct ipt_recent_info *info = matchinfo;
struct recent_ip_tables *curr_table, *last_table;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_tos.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_tos.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_tos.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_tos.c 2006-06-04 20:52:42.000000000 +0200
@@ -25,7 +25,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct ipt_tos_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_ttl.c linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_ttl.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv4/netfilter/ipt_ttl.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv4/netfilter/ipt_ttl.c 2006-06-04 20:52:42.000000000 +0200
@@ -22,7 +22,8 @@
static int match(const struct sk_buff *skb,
const struct net_device *in, const struct net_device *out,
const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, int *hotdrop)
+ int offset, unsigned int protoff, int *hotdrop,
+ void *entry_data)
{
const struct ipt_ttl_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_ah.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_ah.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_ah.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_ah.c 2006-06-04 20:52:42.000000000 +0200
@@ -48,7 +48,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ip_auth_hdr *ah, _ah;
const struct ip6t_ah *ahinfo = matchinfo;
@@ -103,7 +104,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_ah *ahinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_dst.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_dst.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_dst.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_dst.c 2006-06-04 20:52:42.000000000 +0200
@@ -59,7 +59,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ipv6_opt_hdr _optsh, *oh;
const struct ip6t_opts *optinfo = matchinfo;
@@ -183,7 +184,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_opts *optsinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_eui64.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_eui64.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_eui64.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_eui64.c 2006-06-04 20:52:42.000000000 +0200
@@ -26,7 +26,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
unsigned char eui64[8];
int i = 0;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_frag.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_frag.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_frag.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_frag.c 2006-06-04 20:52:42.000000000 +0200
@@ -47,7 +47,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct frag_hdr _frag, *fh;
const struct ip6t_frag *fraginfo = matchinfo;
@@ -120,7 +121,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_frag *fraginfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_hbh.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_hbh.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_hbh.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_hbh.c 2006-06-04 20:52:42.000000000 +0200
@@ -59,7 +59,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ipv6_opt_hdr _optsh, *oh;
const struct ip6t_opts *optinfo = matchinfo;
@@ -183,7 +184,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_opts *optsinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_hl.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_hl.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_hl.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_hl.c 2006-06-04 20:52:42.000000000 +0200
@@ -21,7 +21,8 @@
static int match(const struct sk_buff *skb,
const struct net_device *in, const struct net_device *out,
const struct xt_match *match, const void *matchinfo,
- int offset, unsigned int protoff, int *hotdrop)
+ int offset, unsigned int protoff, int *hotdrop,
+ void *entry_data)
{
const struct ip6t_hl_info *info = matchinfo;
const struct ipv6hdr *ip6h = skb->nh.ipv6h;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_ipv6header.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_ipv6header.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_ipv6header.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_ipv6header.c 2006-06-04 20:52:42.000000000 +0200
@@ -33,7 +33,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct ip6t_ipv6header_info *info = matchinfo;
unsigned int temp;
@@ -129,7 +130,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_ipv6header_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_owner.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_owner.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_owner.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_owner.c 2006-06-04 20:52:42.000000000 +0200
@@ -30,7 +30,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct ip6t_owner_info *info = matchinfo;
@@ -58,7 +59,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_owner_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_rt.c linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_rt.c
--- linux-2.6.17-rc5.entry_data_core/net/ipv6/netfilter/ip6t_rt.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/ipv6/netfilter/ip6t_rt.c 2006-06-04 20:52:42.000000000 +0200
@@ -49,7 +49,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ipv6_rt_hdr _route, *rh;
const struct ip6t_rt *rtinfo = matchinfo;
@@ -198,7 +199,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_rt *rtinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_comment.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_comment.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_comment.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_comment.c 2006-06-04 20:52:42.000000000 +0200
@@ -23,7 +23,8 @@
const void *matchinfo,
int offset,
unsigned int protooff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
/* We always match */
return 1;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_connbytes.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_connbytes.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_connbytes.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_connbytes.c 2006-06-04 20:52:42.000000000 +0200
@@ -48,7 +48,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_connbytes_info *sinfo = matchinfo;
u_int64_t what = 0; /* initialize to make gcc happy */
@@ -126,7 +127,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_connbytes_info *sinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_connmark.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_connmark.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_connmark.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_connmark.c 2006-06-04 20:52:42.000000000 +0200
@@ -39,7 +39,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_connmark_info *info = matchinfo;
u_int32_t ctinfo;
@@ -56,7 +57,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
struct xt_connmark_info *cm = (struct xt_connmark_info *)matchinfo;
@@ -75,7 +77,8 @@
}
static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+destroy(const struct xt_match *match, void *matchinfo,
+ unsigned int matchsize, void *entry_data)
{
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
nf_ct_l3proto_module_put(match->family);
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_conntrack.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_conntrack.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_conntrack.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_conntrack.c 2006-06-04 20:52:42.000000000 +0200
@@ -36,7 +36,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_conntrack_info *sinfo = matchinfo;
struct ip_conntrack *ct;
@@ -123,7 +124,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_conntrack_info *sinfo = matchinfo;
struct nf_conn *ct;
@@ -209,7 +211,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
@@ -222,7 +225,8 @@
}
static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+destroy(const struct xt_match *match, void *matchinfo,
+ unsigned int matchsize, void *entry_data)
{
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
nf_ct_l3proto_module_put(match->family);
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_dccp.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_dccp.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_dccp.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_dccp.c 2006-06-04 20:52:42.000000000 +0200
@@ -99,7 +99,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_dccp_info *info =
(const struct xt_dccp_info *)matchinfo;
@@ -133,7 +134,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_dccp_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_esp.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_esp.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_esp.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_esp.c 2006-06-04 20:52:42.000000000 +0200
@@ -50,7 +50,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ip_esp_hdr _esp, *eh;
const struct xt_esp *espinfo = matchinfo;
@@ -80,7 +81,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchinfosize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_esp *espinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_helper.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_helper.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_helper.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_helper.c 2006-06-04 20:52:42.000000000 +0200
@@ -46,7 +46,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_helper_info *info = matchinfo;
struct ip_conntrack *ct;
@@ -94,7 +95,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_helper_info *info = matchinfo;
struct nf_conn *ct;
@@ -140,7 +142,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
struct xt_helper_info *info = matchinfo;
@@ -156,7 +159,8 @@
}
static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+destroy(const struct xt_match *match, void *matchinfo,
+ unsigned int matchsize, void *entry_data)
{
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
nf_ct_l3proto_module_put(match->family);
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_length.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_length.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_length.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_length.c 2006-06-04 20:52:42.000000000 +0200
@@ -28,7 +28,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_length_info *info = matchinfo;
u_int16_t pktlen = ntohs(skb->nh.iph->tot_len);
@@ -44,7 +45,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_length_info *info = matchinfo;
u_int16_t pktlen = ntohs(skb->nh.ipv6h->payload_len) + sizeof(struct ipv6hdr);
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_limit.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_limit.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_limit.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_limit.c 2006-06-04 20:52:42.000000000 +0200
@@ -72,7 +72,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct xt_rateinfo *r = ((struct xt_rateinfo *)matchinfo)->master;
unsigned long now = jiffies;
@@ -111,7 +112,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
struct xt_rateinfo *r = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_mac.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_mac.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_mac.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_mac.c 2006-06-04 20:52:42.000000000 +0200
@@ -31,7 +31,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_mac_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_mark.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_mark.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_mark.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_mark.c 2006-06-04 20:52:42.000000000 +0200
@@ -27,7 +27,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_mark_info *info = matchinfo;
@@ -40,7 +41,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
struct xt_mark_info *minfo = (struct xt_mark_info *) matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_multiport.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_multiport.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_multiport.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_multiport.c 2006-06-04 20:52:42.000000000 +0200
@@ -102,7 +102,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
u16 _ports[2], *pptr;
const struct xt_multiport *multiinfo = matchinfo;
@@ -133,7 +134,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
u16 _ports[2], *pptr;
const struct xt_multiport_v1 *multiinfo = matchinfo;
@@ -176,7 +178,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ipt_ip *ip = info;
const struct xt_multiport *multiinfo = matchinfo;
@@ -191,7 +194,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ipt_ip *ip = info;
const struct xt_multiport_v1 *multiinfo = matchinfo;
@@ -206,7 +210,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_ip6 *ip = info;
const struct xt_multiport *multiinfo = matchinfo;
@@ -221,7 +226,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct ip6t_ip6 *ip = info;
const struct xt_multiport_v1 *multiinfo = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_physdev.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_physdev.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_physdev.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_physdev.c 2006-06-04 20:52:42.000000000 +0200
@@ -30,7 +30,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
int i;
static const char nulldevname[IFNAMSIZ];
@@ -106,7 +107,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_physdev_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_pkttype.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_pkttype.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_pkttype.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_pkttype.c 2006-06-04 20:52:42.000000000 +0200
@@ -26,7 +26,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_pkttype_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_policy.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_policy.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_policy.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_policy.c 2006-06-04 20:52:42.000000000 +0200
@@ -116,7 +116,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_policy_info *info = matchinfo;
int ret;
@@ -137,7 +138,7 @@
static int checkentry(const char *tablename, const void *ip_void,
const struct xt_match *match,
void *matchinfo, unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask, void **entry_data)
{
struct xt_policy_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_realm.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_realm.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_realm.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_realm.c 2006-06-04 20:52:42.000000000 +0200
@@ -31,7 +31,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_realm_info *info = matchinfo;
struct dst_entry *dst = skb->dst;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_sctp.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_sctp.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_sctp.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_sctp.c 2006-06-04 20:52:42.000000000 +0200
@@ -127,7 +127,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_sctp_info *info;
sctp_sctphdr_t _sh, *sh;
@@ -166,7 +167,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_sctp_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_state.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_state.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_state.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_state.c 2006-06-04 20:52:42.000000000 +0200
@@ -28,7 +28,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_state_info *sinfo = matchinfo;
enum ip_conntrack_info ctinfo;
@@ -49,7 +50,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
@@ -62,7 +64,8 @@
}
static void
-destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+destroy(const struct xt_match *match, void *matchinfo,
+ unsigned int matchsize, void *entry_data)
{
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
nf_ct_l3proto_module_put(match->family);
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_string.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_string.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_string.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_string.c 2006-06-04 20:52:42.000000000 +0200
@@ -28,7 +28,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct ts_state state;
struct xt_string_info *conf = (struct xt_string_info *) matchinfo;
@@ -47,7 +48,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
struct xt_string_info *conf = matchinfo;
struct ts_config *ts_conf;
@@ -67,7 +69,7 @@
}
static void destroy(const struct xt_match *match, void *matchinfo,
- unsigned int matchsize)
+ unsigned int matchsize, void *entry_data)
{
textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config);
}
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_tcpmss.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_tcpmss.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_tcpmss.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_tcpmss.c 2006-06-04 20:52:42.000000000 +0200
@@ -85,7 +85,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
const struct xt_tcpmss_match_info *info = matchinfo;
diff -Nru linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_tcpudp.c linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_tcpudp.c
--- linux-2.6.17-rc5.entry_data_core/net/netfilter/xt_tcpudp.c 2006-06-04 21:33:27.000000000 +0200
+++ linux-2.6.17-rc5.entry_data_matches/net/netfilter/xt_tcpudp.c 2006-06-04 20:52:42.000000000 +0200
@@ -78,7 +78,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct tcphdr _tcph, *th;
const struct xt_tcp *tcpinfo = matchinfo;
@@ -142,7 +143,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_tcp *tcpinfo = matchinfo;
@@ -158,7 +160,8 @@
const void *matchinfo,
int offset,
unsigned int protoff,
- int *hotdrop)
+ int *hotdrop,
+ void *entry_data)
{
struct udphdr _udph, *uh;
const struct xt_udp *udpinfo = matchinfo;
@@ -191,7 +194,8 @@
const struct xt_match *match,
void *matchinfo,
unsigned int matchsize,
- unsigned int hook_mask)
+ unsigned int hook_mask,
+ void **entry_data)
{
const struct xt_tcp *udpinfo = matchinfo;
next reply other threads:[~2006-06-04 22:29 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-04 22:29 Massimiliano Hofer [this message]
2006-06-11 23:19 ` [PATCH] entry_data Massimiliano Hofer
2006-06-12 9:50 ` Pablo Neira Ayuso
2006-06-12 12:45 ` Massimiliano Hofer
2006-06-13 15:19 ` Pablo Neira Ayuso
2006-06-13 20:56 ` Massimiliano Hofer
2006-06-19 0:15 ` Pablo Neira Ayuso
2006-06-19 7:02 ` Massimiliano Hofer
2006-06-19 23:37 ` Pablo Neira Ayuso
2006-06-20 1:39 ` Patrick McHardy
2006-06-14 9:03 ` Sven Anders
2006-06-17 22:55 ` Massimiliano Hofer
2006-06-19 17:45 ` Patrick McHardy
2006-06-19 23:05 ` Massimiliano Hofer
2006-06-20 1:29 ` Patrick McHardy
2006-06-19 17:34 ` Patrick McHardy
2006-06-19 22:35 ` Massimiliano Hofer
2006-06-19 23:13 ` Patrick McHardy
2006-06-20 11:25 ` Massimiliano Hofer
2006-06-20 13:17 ` Patrick McHardy
2006-06-21 0:03 ` [PATCH] priv_data (formerly entry_data) Massimiliano Hofer
2006-06-21 0:30 ` Patrick McHardy
2006-06-21 0:45 ` Massimiliano Hofer
2006-06-21 1:04 ` Patrick McHardy
2006-06-21 8:31 ` Massimiliano Hofer
2006-06-21 23:50 ` Massimiliano Hofer
2006-06-22 15:18 ` Patrick McHardy
2006-06-21 0:33 ` Massimiliano Hofer
2006-06-21 0:42 ` Massimiliano Hofer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200606050029.08602.max@nucleus.it \
--to=max@nucleus.it \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.