From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, Patrick McHardy <kaber@trash.net>,
netfilter-devel@vger.kernel.org
Subject: netfilter 04/31: xtables: remove xt_CONNMARK v0
Date: Thu, 10 Sep 2009 18:11:52 +0200 (MEST) [thread overview]
Message-ID: <20090910161147.31179.17877.sendpatchset@x2.localnet> (raw)
In-Reply-To: <20090910161142.31179.5256.sendpatchset@x2.localnet>
commit e973a70ca033bfcd4d8b59d1f66bfc1e782e1276
Author: Jan Engelhardt <jengelh@medozas.de>
Date: Fri Jun 12 18:42:12 2009 +0200
netfilter: xtables: remove xt_CONNMARK v0
Superseded by xt_CONNMARK v1 (v2.6.24-2917-g0dc8c76).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt
index 3aa4a77..7eccf94 100644
--- a/Documentation/feature-removal-schedule.txt
+++ b/Documentation/feature-removal-schedule.txt
@@ -238,9 +238,6 @@ What (Why):
- "forwarding" header files like ipt_mac.h in
include/linux/netfilter_ipv4/ and include/linux/netfilter_ipv6/
- - xt_CONNMARK match revision 0
- (superseded by xt_CONNMARK match revision 1)
-
- xt_MARK target revisions 0 and 1
(superseded by xt_MARK match revision 2)
diff --git a/include/linux/netfilter/xt_CONNMARK.h b/include/linux/netfilter/xt_CONNMARK.h
index 7635c8f..0a85458 100644
--- a/include/linux/netfilter/xt_CONNMARK.h
+++ b/include/linux/netfilter/xt_CONNMARK.h
@@ -18,12 +18,6 @@ enum {
XT_CONNMARK_RESTORE
};
-struct xt_connmark_target_info {
- unsigned long mark;
- unsigned long mask;
- __u8 mode;
-};
-
struct xt_connmark_tginfo1 {
__u32 ctmark, ctmask, nfmask;
__u8 mode;
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c
index d6e5ab4..5934570 100644
--- a/net/netfilter/xt_CONNMARK.c
+++ b/net/netfilter/xt_CONNMARK.c
@@ -36,45 +36,6 @@ MODULE_ALIAS("ip6t_CONNMARK");
#include <net/netfilter/nf_conntrack_ecache.h>
static unsigned int
-connmark_tg_v0(struct sk_buff *skb, const struct xt_target_param *par)
-{
- const struct xt_connmark_target_info *markinfo = par->targinfo;
- struct nf_conn *ct;
- enum ip_conntrack_info ctinfo;
- u_int32_t diff;
- u_int32_t mark;
- u_int32_t newmark;
-
- ct = nf_ct_get(skb, &ctinfo);
- if (ct) {
- switch(markinfo->mode) {
- case XT_CONNMARK_SET:
- newmark = (ct->mark & ~markinfo->mask) | markinfo->mark;
- if (newmark != ct->mark) {
- ct->mark = newmark;
- nf_conntrack_event_cache(IPCT_MARK, ct);
- }
- break;
- case XT_CONNMARK_SAVE:
- newmark = (ct->mark & ~markinfo->mask) |
- (skb->mark & markinfo->mask);
- if (ct->mark != newmark) {
- ct->mark = newmark;
- nf_conntrack_event_cache(IPCT_MARK, ct);
- }
- break;
- case XT_CONNMARK_RESTORE:
- mark = skb->mark;
- diff = (ct->mark ^ mark) & markinfo->mask;
- skb->mark = mark ^ diff;
- break;
- }
- }
-
- return XT_CONTINUE;
-}
-
-static unsigned int
connmark_tg(struct sk_buff *skb, const struct xt_target_param *par)
{
const struct xt_connmark_tginfo1 *info = par->targinfo;
@@ -112,30 +73,6 @@ connmark_tg(struct sk_buff *skb, const struct xt_target_param *par)
return XT_CONTINUE;
}
-static bool connmark_tg_check_v0(const struct xt_tgchk_param *par)
-{
- const struct xt_connmark_target_info *matchinfo = par->targinfo;
-
- if (matchinfo->mode == XT_CONNMARK_RESTORE) {
- if (strcmp(par->table, "mangle") != 0) {
- printk(KERN_WARNING "CONNMARK: restore can only be "
- "called from \"mangle\" table, not \"%s\"\n",
- par->table);
- return false;
- }
- }
- if (matchinfo->mark > 0xffffffff || matchinfo->mask > 0xffffffff) {
- printk(KERN_WARNING "CONNMARK: Only supports 32bit mark\n");
- return false;
- }
- if (nf_ct_l3proto_try_module_get(par->family) < 0) {
- printk(KERN_WARNING "can't load conntrack support for "
- "proto=%u\n", par->family);
- return false;
- }
- return true;
-}
-
static bool connmark_tg_check(const struct xt_tgchk_param *par)
{
if (nf_ct_l3proto_try_module_get(par->family) < 0) {
@@ -151,74 +88,25 @@ static void connmark_tg_destroy(const struct xt_tgdtor_param *par)
nf_ct_l3proto_module_put(par->family);
}
-#ifdef CONFIG_COMPAT
-struct compat_xt_connmark_target_info {
- compat_ulong_t mark, mask;
- u_int8_t mode;
- u_int8_t __pad1;
- u_int16_t __pad2;
-};
-
-static void connmark_tg_compat_from_user_v0(void *dst, void *src)
-{
- const struct compat_xt_connmark_target_info *cm = src;
- struct xt_connmark_target_info m = {
- .mark = cm->mark,
- .mask = cm->mask,
- .mode = cm->mode,
- };
- memcpy(dst, &m, sizeof(m));
-}
-
-static int connmark_tg_compat_to_user_v0(void __user *dst, void *src)
-{
- const struct xt_connmark_target_info *m = src;
- struct compat_xt_connmark_target_info cm = {
- .mark = m->mark,
- .mask = m->mask,
- .mode = m->mode,
- };
- return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
-}
-#endif /* CONFIG_COMPAT */
-
-static struct xt_target connmark_tg_reg[] __read_mostly = {
- {
- .name = "CONNMARK",
- .revision = 0,
- .family = NFPROTO_UNSPEC,
- .checkentry = connmark_tg_check_v0,
- .destroy = connmark_tg_destroy,
- .target = connmark_tg_v0,
- .targetsize = sizeof(struct xt_connmark_target_info),
-#ifdef CONFIG_COMPAT
- .compatsize = sizeof(struct compat_xt_connmark_target_info),
- .compat_from_user = connmark_tg_compat_from_user_v0,
- .compat_to_user = connmark_tg_compat_to_user_v0,
-#endif
- .me = THIS_MODULE
- },
- {
- .name = "CONNMARK",
- .revision = 1,
- .family = NFPROTO_UNSPEC,
- .checkentry = connmark_tg_check,
- .target = connmark_tg,
- .targetsize = sizeof(struct xt_connmark_tginfo1),
- .destroy = connmark_tg_destroy,
- .me = THIS_MODULE,
- },
+static struct xt_target connmark_tg_reg __read_mostly = {
+ .name = "CONNMARK",
+ .revision = 1,
+ .family = NFPROTO_UNSPEC,
+ .checkentry = connmark_tg_check,
+ .target = connmark_tg,
+ .targetsize = sizeof(struct xt_connmark_tginfo1),
+ .destroy = connmark_tg_destroy,
+ .me = THIS_MODULE,
};
static int __init connmark_tg_init(void)
{
- return xt_register_targets(connmark_tg_reg,
- ARRAY_SIZE(connmark_tg_reg));
+ return xt_register_target(&connmark_tg_reg);
}
static void __exit connmark_tg_exit(void)
{
- xt_unregister_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg));
+ xt_unregister_target(&connmark_tg_reg);
}
module_init(connmark_tg_init);
next prev parent reply other threads:[~2009-09-10 16:11 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-10 16:11 netfilter 00/31: netfilter 2.6.32 update Patrick McHardy
2009-09-10 16:11 ` netfilter 01/31: nf_conntrack: add SCTP support for SO_ORIGINAL_DST Patrick McHardy
2009-09-10 16:11 ` netfilter 02/31: ebtables: Use %pM conversion specifier Patrick McHardy
2009-09-10 16:11 ` netfilter 03/31: xtables: remove xt_TOS v0 Patrick McHardy
2009-09-10 16:11 ` Patrick McHardy [this message]
2009-09-10 16:11 ` netfilter 05/31: xtables: remove xt_MARK v0, v1 Patrick McHardy
2009-09-10 16:11 ` netfilter 06/31: xtables: remove xt_connmark v0 Patrick McHardy
2009-09-10 16:11 ` netfilter 07/31: xtables: remove xt_conntrack v0 Patrick McHardy
2009-09-10 16:11 ` netfilter 08/31: xtables: remove xt_iprange v0 Patrick McHardy
2009-09-10 16:11 ` netfilter 09/31: xtables: remove xt_mark v0 Patrick McHardy
2009-09-10 16:11 ` netfilter 10/31: xtables: remove xt_owner v0 Patrick McHardy
2009-09-10 16:12 ` netfilter 11/31: xtables: remove redirecting header files Patrick McHardy
2009-09-10 16:12 ` netfilter 12/31: conntrack: switch hook PFs to nfproto Patrick McHardy
2009-09-10 16:12 ` netfilter 13/31: xtables: " Patrick McHardy
2009-09-10 16:12 ` netfilter 14/31: xtables: switch table AFs " Patrick McHardy
2009-09-10 16:12 ` netfilter 15/31: xtables: realign struct xt_target_param Patrick McHardy
2009-09-10 16:12 ` netfilter 16/31: iptables: remove unused datalen variable Patrick McHardy
2009-09-10 16:12 ` netfilter 17/31: xtables: use memcmp in unconditional check Patrick McHardy
2009-09-10 16:12 ` netfilter 18/31: xtables: ignore unassigned hooks in check_entry_size_and_hooks Patrick McHardy
2009-09-10 16:12 ` netfilter 19/31: xtables: check for unconditionality of policies Patrick McHardy
2009-09-10 16:12 ` netfilter 20/31: xtables: check for standard verdicts in policies Patrick McHardy
2009-09-10 16:12 ` netfilter 21/31: xtables: mark initial tables constant Patrick McHardy
2009-09-10 16:12 ` netfilter 22/31: nf_nat: fix inverted logic for persistent NAT mappings Patrick McHardy
2009-09-10 16:12 ` netfilter 23/31: bridge: refcount fix Patrick McHardy
2009-09-10 16:12 ` netfilter 24/31: nf_conntrack: log packets dropped by helpers Patrick McHardy
2009-09-10 16:12 ` netlink 25/31: constify nlmsghdr arguments Patrick McHardy
2009-09-10 16:12 ` netfilter 26/31: nfnetlink: constify message attributes and headers Patrick McHardy
2009-09-10 16:12 ` ipvs 27/31: Use atomic operations atomicly Patrick McHardy
2009-09-10 16:12 ` netfilter 28/31: nf_conntrack: netns fix re reliable conntrack event delivery Patrick McHardy
2009-09-10 16:12 ` netfilter 29/31: ip6t_eui: fix read outside array bounds Patrick McHardy
2009-09-10 16:12 ` IPVS 30/31: Add handling of incoming ICMPV6 messages Patrick McHardy
2009-09-10 16:12 ` netfilter 31/31: ebt_ulog: fix checkentry return value Patrick McHardy
2009-09-11 1:25 ` netfilter 00/31: netfilter 2.6.32 update David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090910161147.31179.17877.sendpatchset@x2.localnet \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.