diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2010-08-16 20:48:09 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2010-08-16 20:48:09 +0200 |
commit | a5994c8825512c04372e19226f9cb3f12816f9e5 (patch) | |
tree | ccc00b7f5ba7d22058e316c692c7e85fa00f0fda /kernel | |
parent | 584e8d0604a55fcda68848bef82a2954d8af71f5 (diff) |
ipset-4.3 releasedv4.3
Support of 2.6.35 kernels added.
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/ChangeLog | 3 | ||||
-rw-r--r-- | kernel/ipt_SET.c | 28 | ||||
-rw-r--r-- | kernel/ipt_set.c | 27 |
3 files changed, 45 insertions, 13 deletions
diff --git a/kernel/ChangeLog b/kernel/ChangeLog index 1ad54cd..dd1db22 100644 --- a/kernel/ChangeLog +++ b/kernel/ChangeLog @@ -1,3 +1,6 @@ +4.3 + - Kernel 2.6.35 support added + 4.2 - nethash and ipportnethash types counted every entry twice which could produce bogus entries when listing/saving these types diff --git a/kernel/ipt_SET.c b/kernel/ipt_SET.c index 6009d64..952b5d9 100644 --- a/kernel/ipt_SET.c +++ b/kernel/ipt_SET.c @@ -64,9 +64,12 @@ target(struct sk_buff *skb, unsigned int hooknum, const struct xt_target *target, const void *targinfo) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) target(struct sk_buff *skb, const struct xt_target_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +target(struct sk_buff *skb, + const struct xt_action_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -91,6 +94,14 @@ target(struct sk_buff *skb, return XT_CONTINUE; } +#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) +#define CHECK_OK 1 +#define CHECK_FAIL 0 +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +#define CHECK_OK 0 +#define CHECK_FAIL -EINVAL +#endif + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16) static int checkentry(const char *tablename, @@ -127,9 +138,12 @@ checkentry(const char *tablename, const struct xt_target *target, void *targinfo, unsigned int hook_mask) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) static bool checkentry(const struct xt_tgchk_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +static int +checkentry(const struct xt_tgchk_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -142,7 +156,7 @@ checkentry(const struct xt_tgchk_param *par) #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) if (targinfosize != IPT_ALIGN(sizeof(*info))) { DP("bad target info size %u", targinfosize); - return 0; + return CHECK_FAIL; } #endif @@ -151,7 +165,7 @@ checkentry(const struct xt_tgchk_param *par) if (index == IP_SET_INVALID_ID) { ip_set_printk("cannot find add_set index %u as target", info->add_set.index); - return 0; /* error */ + return CHECK_FAIL; /* error */ } } @@ -160,16 +174,16 @@ checkentry(const struct xt_tgchk_param *par) if (index == IP_SET_INVALID_ID) { ip_set_printk("cannot find del_set index %u as target", info->del_set.index); - return 0; /* error */ + return CHECK_FAIL; /* error */ } } if (info->add_set.flags[IP_SET_MAX_BINDINGS] != 0 || info->del_set.flags[IP_SET_MAX_BINDINGS] != 0) { ip_set_printk("That's nasty!"); - return 0; /* error */ + return CHECK_FAIL; /* error */ } - return 1; + return CHECK_OK; } #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) diff --git a/kernel/ipt_set.c b/kernel/ipt_set.c index 2f97cbb..3c661be 100644 --- a/kernel/ipt_set.c +++ b/kernel/ipt_set.c @@ -83,10 +83,14 @@ match(const struct sk_buff *skb, int offset, unsigned int protoff, bool *hotdrop) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) static bool match(const struct sk_buff *skb, const struct xt_match_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +static bool +match(const struct sk_buff *skb, + struct xt_action_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -100,6 +104,14 @@ match(const struct sk_buff *skb, info->match_set.flags[0] & IPSET_MATCH_INV); } +#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) +#define CHECK_OK 1 +#define CHECK_FAIL 0 +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +#define CHECK_OK 0 +#define CHECK_FAIL -EINVAL +#endif + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16) static int checkentry(const char *tablename, @@ -136,9 +148,12 @@ checkentry(const char *tablename, const struct xt_match *match, void *matchinfo, unsigned int hook_mask) -#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */ +#elif LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) static bool checkentry(const struct xt_mtchk_param *par) +#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */ +static int +checkentry(const struct xt_mtchk_param *par) #endif { #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) @@ -151,7 +166,7 @@ checkentry(const struct xt_mtchk_param *par) #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) { ip_set_printk("invalid matchsize %d", matchsize); - return 0; + return CHECK_FAIL; } #endif @@ -160,14 +175,14 @@ checkentry(const struct xt_mtchk_param *par) if (index == IP_SET_INVALID_ID) { ip_set_printk("Cannot find set indentified by id %u to match", info->match_set.index); - return 0; /* error */ + return CHECK_FAIL; /* error */ } if (info->match_set.flags[IP_SET_MAX_BINDINGS] != 0) { ip_set_printk("That's nasty!"); - return 0; /* error */ + return CHECK_FAIL; /* error */ } - return 1; + return CHECK_OK; } #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17) |