From 8ed17d12ee94aed32464c0cedbd8b94e47fed3ab Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Sun, 2 Mar 2003 15:18:08 +0000 Subject: trivial things --- kernel/linux2.5/net/bridge/netfilter/ebt_arp.c | 10 ++-- kernel/linux2.5/net/bridge/netfilter/ebt_dnat.c | 6 ++- kernel/linux2.5/net/bridge/netfilter/ebt_ip.c | 6 ++- kernel/linux2.5/net/bridge/netfilter/ebt_log.c | 6 ++- kernel/linux2.5/net/bridge/netfilter/ebt_mark.c | 13 +++-- kernel/linux2.5/net/bridge/netfilter/ebt_mark_m.c | 6 ++- .../linux2.5/net/bridge/netfilter/ebt_redirect.c | 6 ++- kernel/linux2.5/net/bridge/netfilter/ebt_snat.c | 6 ++- kernel/linux2.5/net/bridge/netfilter/ebt_vlan.c | 10 ++-- .../linux2.5/net/bridge/netfilter/ebtable_broute.c | 33 ++++++++---- .../linux2.5/net/bridge/netfilter/ebtable_filter.c | 58 ++++++++++++++++------ kernel/linux2.5/net/bridge/netfilter/ebtable_nat.c | 58 ++++++++++++++++------ 12 files changed, 152 insertions(+), 66 deletions(-) (limited to 'kernel/linux2.5/net/bridge/netfilter') diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_arp.c b/kernel/linux2.5/net/bridge/netfilter/ebt_arp.c index f3dae30..8673967 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_arp.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_arp.c @@ -37,10 +37,10 @@ static int ebt_filter_arp(const struct sk_buff *skb, const struct net_device *in uint32_t dst; uint32_t src; - // Make sure the packet is long enough. + /* Make sure the packet is long enough */ if ((((*skb).nh.raw) + arp_len) > (*skb).tail) return EBT_NOMATCH; - // IPv4 addresses are always 4 bytes. + /* IPv4 addresses are always 4 bytes */ if (((*skb).nh.arph)->ar_pln != sizeof(uint32_t)) return EBT_NOMATCH; @@ -82,8 +82,10 @@ static int ebt_arp_check(const char *tablename, unsigned int hookmask, static struct ebt_match filter_arp = { - {NULL, NULL}, EBT_ARP_MATCH, ebt_filter_arp, ebt_arp_check, NULL, - THIS_MODULE + .name = EBT_ARP_MATCH, + .match = ebt_filter_arp, + .check = ebt_arp_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_dnat.c b/kernel/linux2.5/net/bridge/netfilter/ebt_dnat.c index e125c01..b31093e 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_dnat.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_dnat.c @@ -45,8 +45,10 @@ static int ebt_target_dnat_check(const char *tablename, unsigned int hookmask, static struct ebt_target dnat = { - {NULL, NULL}, EBT_DNAT_TARGET, ebt_target_dnat, ebt_target_dnat_check, - NULL, THIS_MODULE + .name = EBT_DNAT_TARGET, + .target = ebt_target_dnat, + .check = ebt_target_dnat_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_ip.c b/kernel/linux2.5/net/bridge/netfilter/ebt_ip.c index 6a2154c..c5ae789 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_ip.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_ip.c @@ -101,8 +101,10 @@ static int ebt_ip_check(const char *tablename, unsigned int hookmask, static struct ebt_match filter_ip = { - {NULL, NULL}, EBT_IP_MATCH, ebt_filter_ip, ebt_ip_check, NULL, - THIS_MODULE + .name = EBT_IP_MATCH, + .match = ebt_filter_ip, + .check = ebt_ip_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_log.c b/kernel/linux2.5/net/bridge/netfilter/ebt_log.c index 4cb58f8..c1552d7 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_log.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_log.c @@ -80,8 +80,10 @@ static void ebt_log(const struct sk_buff *skb, const struct net_device *in, static struct ebt_watcher log = { - {NULL, NULL}, EBT_LOG_WATCHER, ebt_log, ebt_log_check, NULL, - THIS_MODULE + .name = EBT_LOG_WATCHER, + .watcher = ebt_log, + .check = ebt_log_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_mark.c b/kernel/linux2.5/net/bridge/netfilter/ebt_mark.c index 9edf7d2..47f90d9 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_mark.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_mark.c @@ -8,9 +8,10 @@ * */ -// The mark target can be used in any chain -// I believe adding a mangle table just for marking is total overkill -// Marking a frame doesn't really change anything in the frame anyway +/* The mark target can be used in any chain, + * I believe adding a mangle table just for marking is total overkill. + * Marking a frame doesn't really change anything in the frame anyway. + */ #include #include @@ -46,8 +47,10 @@ static int ebt_target_mark_check(const char *tablename, unsigned int hookmask, static struct ebt_target mark_target = { - {NULL, NULL}, EBT_MARK_TARGET, ebt_target_mark, - ebt_target_mark_check, NULL, THIS_MODULE + .name = EBT_MARK_TARGET, + .target = ebt_target_mark, + .check = ebt_target_mark_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_mark_m.c b/kernel/linux2.5/net/bridge/netfilter/ebt_mark_m.c index fce545d..715b213 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_mark_m.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_mark_m.c @@ -41,8 +41,10 @@ static int ebt_mark_check(const char *tablename, unsigned int hookmask, static struct ebt_match filter_mark = { - {NULL, NULL}, EBT_MARK_MATCH, ebt_filter_mark, ebt_mark_check, NULL, - THIS_MODULE + .name = EBT_MARK_MATCH, + .match = ebt_filter_mark, + .check = ebt_mark_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_redirect.c b/kernel/linux2.5/net/bridge/netfilter/ebt_redirect.c index 8813e93..9c7ce6c 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_redirect.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_redirect.c @@ -51,8 +51,10 @@ static int ebt_target_redirect_check(const char *tablename, unsigned int hookmas static struct ebt_target redirect_target = { - {NULL, NULL}, EBT_REDIRECT_TARGET, ebt_target_redirect, - ebt_target_redirect_check, NULL, THIS_MODULE + .name = EBT_REDIRECT_TARGET, + .target = ebt_target_redirect, + .check = ebt_target_redirect_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_snat.c b/kernel/linux2.5/net/bridge/netfilter/ebt_snat.c index 19fdaf2..da116ec 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_snat.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_snat.c @@ -44,8 +44,10 @@ static int ebt_target_snat_check(const char *tablename, unsigned int hookmask, static struct ebt_target snat = { - {NULL, NULL}, EBT_SNAT_TARGET, ebt_target_snat, ebt_target_snat_check, - NULL, THIS_MODULE + .name = EBT_SNAT_TARGET, + .target = ebt_target_snat, + .check = ebt_target_snat_check, + .me = THIS_MODULE }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebt_vlan.c b/kernel/linux2.5/net/bridge/netfilter/ebt_vlan.c index 2c8d996..f69aaf6 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebt_vlan.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebt_vlan.c @@ -226,12 +226,10 @@ ebt_check_vlan(const char *tablename, } static struct ebt_match filter_vlan = { - {NULL, NULL}, - EBT_VLAN_MATCH, - ebt_filter_vlan, - ebt_check_vlan, - NULL, - THIS_MODULE + .name = EBT_VLAN_MATCH, + .match = ebt_filter_vlan, + .check = ebt_check_vlan, + .me = THIS_MODULE }; /* diff --git a/kernel/linux2.5/net/bridge/netfilter/ebtable_broute.c b/kernel/linux2.5/net/bridge/netfilter/ebtable_broute.c index 3a34da1..c1fb15b 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebtable_broute.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebtable_broute.c @@ -16,15 +16,23 @@ #include #include -// EBT_ACCEPT means the frame will be bridged -// EBT_DROP means the frame will be routed -static struct ebt_entries initial_chain = - {0, "BROUTING", 0, EBT_ACCEPT, 0}; +/* EBT_ACCEPT means the frame will be bridged + * EBT_DROP means the frame will be routed + */ +static struct ebt_entries initial_chain = { + .name = "BROUTING", + .policy = EBT_ACCEPT, +}; static struct ebt_replace initial_table = { - "broute", 1 << NF_BR_BROUTING, 0, sizeof(struct ebt_entries), - { [NF_BR_BROUTING]&initial_chain}, 0, NULL, (char *)&initial_chain + .name = "broute", + .valid_hooks = 1 << NF_BR_BROUTING, + .entries_size = sizeof(struct ebt_entries), + .hook_entry = { + [NF_BR_BROUTING] = &initial_chain + }, + .entries = (char *)&initial_chain }; static int check(const struct ebt_table_info *info, unsigned int valid_hooks) @@ -36,8 +44,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks) static struct ebt_table broute_table = { - {NULL, NULL}, "broute", &initial_table, 1 << NF_BR_BROUTING, - RW_LOCK_UNLOCKED, check, NULL + .name = "broute", + .table = &initial_table, + .valid_hooks = 1 << NF_BR_BROUTING, + .lock = RW_LOCK_UNLOCKED, + .check = check, }; static int ebt_broute(struct sk_buff **pskb) @@ -47,8 +58,8 @@ static int ebt_broute(struct sk_buff **pskb) ret = ebt_do_table(NF_BR_BROUTING, pskb, (*pskb)->dev, NULL, &broute_table); if (ret == NF_DROP) - return 1; // route it - return 0; // bridge it + return 1; /* route it */ + return 0; /* bridge it */ } static int __init init(void) @@ -59,7 +70,7 @@ static int __init init(void) if (ret < 0) return ret; br_write_lock_bh(BR_NETPROTO_LOCK); - // see br_input.c + /* see br_input.c */ br_should_route_hook = ebt_broute; br_write_unlock_bh(BR_NETPROTO_LOCK); return ret; diff --git a/kernel/linux2.5/net/bridge/netfilter/ebtable_filter.c b/kernel/linux2.5/net/bridge/netfilter/ebtable_filter.c index 5f6a7bc..ba6de32 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebtable_filter.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebtable_filter.c @@ -16,16 +16,31 @@ static struct ebt_entries initial_chains[] = { - {0, "INPUT", 0, EBT_ACCEPT, 0}, - {0, "FORWARD", 0, EBT_ACCEPT, 0}, - {0, "OUTPUT", 0, EBT_ACCEPT, 0} + { + .name = "INPUT", + .policy = EBT_ACCEPT + }, + { + .name = "FORWARD", + .policy = EBT_ACCEPT + }, + { + .name = "OUTPUT", + .policy = EBT_ACCEPT + } }; static struct ebt_replace initial_table = { - "filter", FILTER_VALID_HOOKS, 0, 3 * sizeof(struct ebt_entries), - { [NF_BR_LOCAL_IN]&initial_chains[0], [NF_BR_FORWARD]&initial_chains[1], - [NF_BR_LOCAL_OUT]&initial_chains[2] }, 0, NULL, (char *)initial_chains + .name = "filter", + .valid_hooks = FILTER_VALID_HOOKS, + .entries_size = 3 * sizeof(struct ebt_entries), + .hook_entry = { + [NF_BR_LOCAL_IN] = &initial_chains[0], + [NF_BR_FORWARD] = &initial_chains[1], + [NF_BR_LOCAL_OUT] = &initial_chains[2], + }, + .entries = (char *)initial_chains }; static int check(const struct ebt_table_info *info, unsigned int valid_hooks) @@ -37,8 +52,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks) static struct ebt_table frame_filter = { - {NULL, NULL}, "filter", &initial_table, FILTER_VALID_HOOKS, - RW_LOCK_UNLOCKED, check, NULL + .name = "filter", + .table = &initial_table, + .valid_hooks = FILTER_VALID_HOOKS, + .lock = RW_LOCK_UNLOCKED, + .check = check }; static unsigned int @@ -49,12 +67,24 @@ ebt_hook (unsigned int hook, struct sk_buff **pskb, const struct net_device *in, } static struct nf_hook_ops ebt_ops_filter[] = { - { { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_LOCAL_IN, - NF_BR_PRI_FILTER_BRIDGED}, - { { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_FORWARD, - NF_BR_PRI_FILTER_BRIDGED}, - { { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_LOCAL_OUT, - NF_BR_PRI_FILTER_OTHER} + { + .hook = ebt_hook, + .pf = PF_BRIDGE, + .hooknum = NF_BR_LOCAL_IN, + .priority = NF_BR_PRI_FILTER_BRIDGED, + }, + { + .hook = ebt_hook, + .pf = PF_BRIDGE, + .hooknum = NF_BR_FORWARD, + .priority = NF_BR_PRI_FILTER_BRIDGED + }, + { + .hook = ebt_hook, + .pf = PF_BRIDGE, + .hooknum = NF_BR_LOCAL_OUT, + .priority = NF_BR_PRI_FILTER_OTHER + } }; static int __init init(void) diff --git a/kernel/linux2.5/net/bridge/netfilter/ebtable_nat.c b/kernel/linux2.5/net/bridge/netfilter/ebtable_nat.c index e2a140c..184d802 100644 --- a/kernel/linux2.5/net/bridge/netfilter/ebtable_nat.c +++ b/kernel/linux2.5/net/bridge/netfilter/ebtable_nat.c @@ -15,16 +15,31 @@ static struct ebt_entries initial_chains[] = { - {0, "PREROUTING", 0, EBT_ACCEPT, 0}, - {0, "OUTPUT", 0, EBT_ACCEPT, 0}, - {0, "POSTROUTING", 0, EBT_ACCEPT, 0} + { + .name = "PREROUTING", + .policy = EBT_ACCEPT + }, + { + .name = "OUTPUT", + .policy = EBT_ACCEPT + }, + { + .name = "POSTROUTING", + .policy = EBT_ACCEPT + } }; static struct ebt_replace initial_table = { - "nat", NAT_VALID_HOOKS, 0, 3 * sizeof(struct ebt_entries), - { [NF_BR_PRE_ROUTING]&initial_chains[0], [NF_BR_LOCAL_OUT]&initial_chains[1], - [NF_BR_POST_ROUTING]&initial_chains[2] }, 0, NULL, (char *)initial_chains + .name = "nat", + .valid_hooks = NAT_VALID_HOOKS, + .entries_size = 3 * sizeof(struct ebt_entries), + .hook_entry = { + [NF_BR_PRE_ROUTING] = &initial_chains[0], + [NF_BR_LOCAL_OUT] = &initial_chains[1], + [NF_BR_POST_ROUTING] = &initial_chains[2] + }, + .entries = (char *)initial_chains }; static int check(const struct ebt_table_info *info, unsigned int valid_hooks) @@ -36,8 +51,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks) static struct ebt_table frame_nat = { - {NULL, NULL}, "nat", &initial_table, NAT_VALID_HOOKS, - RW_LOCK_UNLOCKED, check, NULL + .name = "nat", + .table = &initial_table, + .valid_hooks = NAT_VALID_HOOKS, + .lock = RW_LOCK_UNLOCKED, + .check = check }; static unsigned int @@ -55,12 +73,24 @@ ebt_nat_src(unsigned int hook, struct sk_buff **pskb, const struct net_device *i } static struct nf_hook_ops ebt_ops_nat[] = { - { { NULL, NULL }, ebt_nat_dst, PF_BRIDGE, NF_BR_LOCAL_OUT, - NF_BR_PRI_NAT_DST_OTHER}, - { { NULL, NULL }, ebt_nat_src, PF_BRIDGE, NF_BR_POST_ROUTING, - NF_BR_PRI_NAT_SRC}, - { { NULL, NULL }, ebt_nat_dst, PF_BRIDGE, NF_BR_PRE_ROUTING, - NF_BR_PRI_NAT_DST_BRIDGED}, + { + .hook = ebt_nat_dst, + .pf = PF_BRIDGE, + .hooknum = NF_BR_LOCAL_OUT, + .priority = NF_BR_PRI_NAT_DST_OTHER + }, + { + .hook = ebt_nat_src, + .pf = PF_BRIDGE, + .hooknum = NF_BR_POST_ROUTING, + .priority = NF_BR_PRI_NAT_SRC + }, + { + .hook = ebt_nat_dst, + .pf = PF_BRIDGE, + .hooknum = NF_BR_PRE_ROUTING, + .priority = NF_BR_PRI_NAT_DST_BRIDGED + } }; static int __init init(void) -- cgit v1.2.3