From 85844ecdd8923a08143af27df1f0806f9809ace8 Mon Sep 17 00:00:00 2001
From: Bart De Schuymer <bdschuym@pandora.be>
Date: Sun, 21 Nov 2004 19:33:49 +0000
Subject: update to 2.6.10

---
 .../include/linux/netfilter_bridge/ebt_802_3.h     |  9 ++++
 .../include/linux/netfilter_bridge/ebt_among.h     | 55 ++++++++++------------
 .../include/linux/netfilter_bridge/ebt_arpreply.h  | 11 +++++
 .../include/linux/netfilter_bridge/ebt_stp.h       | 46 ++++++++++++++++++
 .../include/linux/netfilter_bridge/ebtables.h      | 52 ++++++++++----------
 5 files changed, 117 insertions(+), 56 deletions(-)
 create mode 100644 kernel/linux2.5/include/linux/netfilter_bridge/ebt_arpreply.h
 create mode 100644 kernel/linux2.5/include/linux/netfilter_bridge/ebt_stp.h

(limited to 'kernel')

diff --git a/kernel/linux2.5/include/linux/netfilter_bridge/ebt_802_3.h b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_802_3.h
index b3d6c32..b9f712c 100644
--- a/kernel/linux2.5/include/linux/netfilter_bridge/ebt_802_3.h
+++ b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_802_3.h
@@ -49,6 +49,15 @@ struct ebt_802_3_hdr {
 	} llc;
 };
 
+#ifdef __KERNEL__
+#include <linux/skbuff.h>
+
+static inline struct ebt_802_3_hdr *ebt_802_3_hdr(const struct sk_buff *skb)
+{
+	return (struct ebt_802_3_hdr *)skb->mac.raw;
+}
+#endif
+
 struct ebt_802_3_info 
 {
 	uint8_t  sap;
diff --git a/kernel/linux2.5/include/linux/netfilter_bridge/ebt_among.h b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_among.h
index f98f5fb..307c1fe 100644
--- a/kernel/linux2.5/include/linux/netfilter_bridge/ebt_among.h
+++ b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_among.h
@@ -4,9 +4,11 @@
 #define EBT_AMONG_DST 0x01
 #define EBT_AMONG_SRC 0x02
 
-/* Write-once-read-many hash table, used for checking if a given
- * MAC address belongs to a set or not. It remembers up to 256
- * addresses.
+/* Grzegorz Borowiak <grzes@gnu.univ.gda.pl> 2003
+ * 
+ * Write-once-read-many hash table, used for checking if a given
+ * MAC address belongs to a set or not and possibly for checking
+ * if it is related with a given IPv4 address.
  *
  * The hash value of an address is its last byte.
  * 
@@ -25,48 +27,39 @@
  * if they are the same we compare 2 first.
  *
  * Yes, it is a memory overhead, but in 2003 AD, who cares?
- *
- * `next_ofs' contains a "serialized" pointer to the next tuple in
- * the synonym list. It is a difference between address of the next
- * tuple and address of the entire wormhash structure, in bytes
- * or 0 if there is no next tuple.
- *
- * `table' contains begins of the synonym lists for 
- *
- * This was introduced to make wormhash structure movable. As you may
- * guess, once structure is passed to the kernel, the real pointers
- * would become invalid. Also comparison would not work if they were
- * built of absolute pointers.
- *
- * From the other side, using indices of the `pool' array would be
- * slower. CPU would have to multiply index * size of tuple at each
- * access to a tuple and add this to the address of the beginning
- * of the `pool' array.
- *
- * Summary:
- *
- * The code is damn unreadable and unclear, but - and that's the
- * point - effective.
  */
 
 struct ebt_mac_wormhash_tuple
 {
-	int next_ofs;
 	uint32_t cmp[2];
+	uint32_t ip;
 };
 
 struct ebt_mac_wormhash
 {
-	int table[256];
-	struct ebt_mac_wormhash_tuple pool[256];
+	int table[257];
+	int poolsize;
+	struct ebt_mac_wormhash_tuple pool[0];
 };
 
+#define ebt_mac_wormhash_size(x) ((x) ? sizeof(struct ebt_mac_wormhash) \
+		+ (x)->poolsize * sizeof(struct ebt_mac_wormhash_tuple) : 0)
+
 struct ebt_among_info
 {
-	uint32_t bitmask;
-	struct ebt_mac_wormhash wh_dst;
-	struct ebt_mac_wormhash wh_src;
+	int wh_dst_ofs;
+	int wh_src_ofs;
+	int bitmask;
 };
+
+#define EBT_AMONG_DST_NEG 0x1
+#define EBT_AMONG_SRC_NEG 0x2
+
+#define ebt_among_wh_dst(x) ((x)->wh_dst_ofs ? \
+	(struct ebt_mac_wormhash*)((char*)(x) + (x)->wh_dst_ofs) : NULL)
+#define ebt_among_wh_src(x) ((x)->wh_src_ofs ? \
+	(struct ebt_mac_wormhash*)((char*)(x) + (x)->wh_src_ofs) : NULL)
+
 #define EBT_AMONG_MATCH "among"
 
 #endif
diff --git a/kernel/linux2.5/include/linux/netfilter_bridge/ebt_arpreply.h b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_arpreply.h
new file mode 100644
index 0000000..96a8339
--- /dev/null
+++ b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_arpreply.h
@@ -0,0 +1,11 @@
+#ifndef __LINUX_BRIDGE_EBT_ARPREPLY_H
+#define __LINUX_BRIDGE_EBT_ARPREPLY_H
+
+struct ebt_arpreply_info
+{
+	unsigned char mac[ETH_ALEN];
+	int target;
+};
+#define EBT_ARPREPLY_TARGET "arpreply"
+
+#endif
diff --git a/kernel/linux2.5/include/linux/netfilter_bridge/ebt_stp.h b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_stp.h
new file mode 100644
index 0000000..e5fd678
--- /dev/null
+++ b/kernel/linux2.5/include/linux/netfilter_bridge/ebt_stp.h
@@ -0,0 +1,46 @@
+#ifndef __LINUX_BRIDGE_EBT_STP_H
+#define __LINUX_BRIDGE_EBT_STP_H
+
+#define EBT_STP_TYPE		0x0001
+
+#define EBT_STP_FLAGS		0x0002
+#define EBT_STP_ROOTPRIO	0x0004
+#define EBT_STP_ROOTADDR	0x0008
+#define EBT_STP_ROOTCOST	0x0010
+#define EBT_STP_SENDERPRIO	0x0020
+#define EBT_STP_SENDERADDR	0x0040
+#define EBT_STP_PORT		0x0080
+#define EBT_STP_MSGAGE		0x0100
+#define EBT_STP_MAXAGE		0x0200
+#define EBT_STP_HELLOTIME	0x0400
+#define EBT_STP_FWDD		0x0800
+
+#define EBT_STP_MASK		0x0fff
+#define EBT_STP_CONFIG_MASK	0x0ffe
+
+#define EBT_STP_MATCH "stp"
+
+struct ebt_stp_config_info
+{
+	uint8_t flags;
+	uint16_t root_priol, root_priou;
+	char root_addr[6], root_addrmsk[6];
+	uint32_t root_costl, root_costu;
+	uint16_t sender_priol, sender_priou;
+	char sender_addr[6], sender_addrmsk[6];
+	uint16_t portl, portu;
+	uint16_t msg_agel, msg_ageu;
+	uint16_t max_agel, max_ageu;
+	uint16_t hello_timel, hello_timeu;
+	uint16_t forward_delayl, forward_delayu;
+};
+
+struct ebt_stp_info
+{
+	uint8_t type;
+	struct ebt_stp_config_info config;
+	uint16_t bitmask;
+	uint16_t invflags;
+};
+
+#endif
diff --git a/kernel/linux2.5/include/linux/netfilter_bridge/ebtables.h b/kernel/linux2.5/include/linux/netfilter_bridge/ebtables.h
index 1056e45..b1a7cc9 100644
--- a/kernel/linux2.5/include/linux/netfilter_bridge/ebtables.h
+++ b/kernel/linux2.5/include/linux/netfilter_bridge/ebtables.h
@@ -33,6 +33,23 @@ struct ebt_counter
 	uint64_t bcnt;
 };
 
+struct ebt_replace
+{
+	char name[EBT_TABLE_MAXNAMELEN];
+	unsigned int valid_hooks;
+	/* nr of rules in the table */
+	unsigned int nentries;
+	/* total size of the entries */
+	unsigned int entries_size;
+	/* start of the chains */
+	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
+	/* nr of counters userspace expects back */
+	unsigned int num_counters;
+	/* where the kernel will put the old counters */
+	struct ebt_counter *counters;
+	char *entries;
+};
+
 struct ebt_entries {
 	/* this field is always set to zero
 	 * See EBT_ENTRY_OR_ENTRIES.
@@ -47,7 +64,7 @@ struct ebt_entries {
 	/* nr. of entries */
 	unsigned int nentries;
 	/* entry list */
-	char data[0];
+	char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
 /* used for the bitmask of struct ebt_entry */
@@ -87,7 +104,7 @@ struct ebt_entry_match
 	} u;
 	/* size of data */
 	unsigned int match_size;
-	unsigned char data[0];
+	unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
 struct ebt_entry_watcher
@@ -98,7 +115,7 @@ struct ebt_entry_watcher
 	} u;
 	/* size of data */
 	unsigned int watcher_size;
-	unsigned char data[0];
+	unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
 struct ebt_entry_target
@@ -109,7 +126,7 @@ struct ebt_entry_target
 	} u;
 	/* size of data */
 	unsigned int target_size;
-	unsigned char data[0];
+	unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
 #define EBT_STANDARD_TARGET "standard"
@@ -143,24 +160,7 @@ struct ebt_entry {
 	unsigned int target_offset;
 	/* sizeof ebt_entry + matches + watchers + target */
 	unsigned int next_offset;
-	unsigned char elems[0];
-};
-
-struct ebt_replace
-{
-	char name[EBT_TABLE_MAXNAMELEN];
-	unsigned int valid_hooks;
-	/* nr of rules in the table */
-	unsigned int nentries;
-	/* total size of the entries */
-	unsigned int entries_size;
-	/* start of the chains */
-	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
-	/* nr of counters userspace expects back */
-	unsigned int num_counters;
-	/* where the kernel will put the old counters */
-	struct ebt_counter *counters;
-	char *entries;
+	unsigned char elems[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
 /* {g,s}etsockopt numbers */
@@ -201,9 +201,9 @@ struct ebt_watcher
 {
 	struct list_head list;
 	const char name[EBT_FUNCTION_MAXNAMELEN];
-	void (*watcher)(const struct sk_buff *skb, const struct net_device *in,
-	   const struct net_device *out, const void *watcherdata,
-	   unsigned int datalen);
+	void (*watcher)(const struct sk_buff *skb, unsigned int hooknr,
+	   const struct net_device *in, const struct net_device *out,
+	   const void *watcherdata, unsigned int datalen);
 	/* 0 == let it in */
 	int (*check)(const char *tablename, unsigned int hookmask,
 	   const struct ebt_entry *e, void *watcherdata, unsigned int datalen);
@@ -263,6 +263,8 @@ struct ebt_table
 	struct module *me;
 };
 
+#define EBT_ALIGN(s) (((s) + (__alignof__(struct ebt_replace)-1)) & \
+		     ~(__alignof__(struct ebt_replace)-1))
 extern int ebt_register_table(struct ebt_table *table);
 extern void ebt_unregister_table(struct ebt_table *table);
 extern int ebt_register_match(struct ebt_match *match);
-- 
cgit v1.2.3