diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2008-02-11 01:23:01 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-04-14 08:49:38 +0200 |
commit | ca7cd666949b68bf41a32de38ee38e332e89863b (patch) | |
tree | ed71bef42050e949bf38c443d1cfb1e175100197 /include/linux/netfilter_ipv4/ip_tables.h | |
parent | 8d458beec463e0b16467ee4649d4575377854fd7 (diff) |
Add all necessary header files - compilation fix for various cases
Allow iptables to compile without a kernel source tree. This
implies fixing build for older kernels, such as 2.6.17 which
lack xt_SECMARK.h.
Diffstat (limited to 'include/linux/netfilter_ipv4/ip_tables.h')
-rw-r--r-- | include/linux/netfilter_ipv4/ip_tables.h | 66 |
1 files changed, 9 insertions, 57 deletions
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 2934ceed..fc64b97a 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h @@ -148,10 +148,10 @@ struct ipt_getinfo unsigned int valid_hooks; /* Hook entry points: one per netfilter hook. */ - unsigned int hook_entry[NF_IP_NUMHOOKS]; + unsigned int hook_entry[NF_INET_NUMHOOKS]; /* Underflow points. */ - unsigned int underflow[NF_IP_NUMHOOKS]; + unsigned int underflow[NF_INET_NUMHOOKS]; /* Number of entries */ unsigned int num_entries; @@ -177,16 +177,16 @@ struct ipt_replace unsigned int size; /* Hook entry points. */ - unsigned int hook_entry[NF_IP_NUMHOOKS]; + unsigned int hook_entry[NF_INET_NUMHOOKS]; /* Underflow points. */ - unsigned int underflow[NF_IP_NUMHOOKS]; + unsigned int underflow[NF_INET_NUMHOOKS]; /* Information about old entries: */ /* Number of counters (must be equal to current number of entries). */ unsigned int num_counters; /* The old entries' counters. */ - struct xt_counters __user *counters; + struct xt_counters *counters; /* The entries (hang off end: not really an array). */ struct ipt_entry entries[0]; @@ -221,60 +221,12 @@ ipt_get_target(struct ipt_entry *e) } /* fn returns 0 to continue iteration */ -#define IPT_MATCH_ITERATE(e, fn, args...) \ -({ \ - unsigned int __i; \ - int __ret = 0; \ - struct ipt_entry_match *__match; \ - \ - for (__i = sizeof(struct ipt_entry); \ - __i < (e)->target_offset; \ - __i += __match->u.match_size) { \ - __match = (void *)(e) + __i; \ - \ - __ret = fn(__match , ## args); \ - if (__ret != 0) \ - break; \ - } \ - __ret; \ -}) +#define IPT_MATCH_ITERATE(e, fn, args...) \ + XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args) /* fn returns 0 to continue iteration */ -#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ -({ \ - unsigned int __i; \ - int __ret = 0; \ - struct ipt_entry *__entry; \ - \ - for (__i = 0; __i < (size); __i += __entry->next_offset) { \ - __entry = (void *)(entries) + __i; \ - \ - __ret = fn(__entry , ## args); \ - if (__ret != 0) \ - break; \ - } \ - __ret; \ -}) - -/* fn returns 0 to continue iteration */ -#define IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ -({ \ - unsigned int __i, __n; \ - int __ret = 0; \ - struct ipt_entry *__entry; \ - \ - for (__i = 0, __n = 0; __i < (size); \ - __i += __entry->next_offset, __n++) { \ - __entry = (void *)(entries) + __i; \ - if (__n < n) \ - continue; \ - \ - __ret = fn(__entry , ## args); \ - if (__ret != 0) \ - break; \ - } \ - __ret; \ -}) +#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ + XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args) /* * Main firewall chains definitions and global var's definitions. |