diff options
Diffstat (limited to 'extensions')
42 files changed, 602 insertions, 1192 deletions
diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in index e1f1f494..709366a1 100644 --- a/extensions/GNUmakefile.in +++ b/extensions/GNUmakefile.in @@ -56,8 +56,8 @@ targets := libext4.a libext6.a matches4.man matches6.man \ targets_install := @ENABLE_STATIC_TRUE@ libext4_objs := ${pfx_objs} ${pf4_objs} @ENABLE_STATIC_TRUE@ libext6_objs := ${pfx_objs} ${pf6_objs} -@ENABLE_SHARED_TRUE@ targets += ${pfx_solibs} ${pf4_solibs} ${pf6_solibs} -@ENABLE_SHARED_TRUE@ targets_install += ${pfx_solibs} ${pf4_solibs} ${pf6_solibs} +@ENABLE_STATIC_FALSE@ targets += ${pfx_solibs} ${pf4_solibs} ${pf6_solibs} +@ENABLE_STATIC_FALSE@ targets_install += ${pfx_solibs} ${pf4_solibs} ${pf6_solibs} .SECONDARY: diff --git a/extensions/libip6t_eui64.c b/extensions/libip6t_eui64.c index c92c8687..607bf86f 100644 --- a/extensions/libip6t_eui64.c +++ b/extensions/libip6t_eui64.c @@ -1,38 +1,12 @@ /* Shared library add-on to ip6tables to add EUI64 address checking support. */ -#include <stdio.h> -#include <netdb.h> -#include <string.h> -#include <stdlib.h> -#include <getopt.h> -#if defined(__GLIBC__) && __GLIBC__ == 2 -#include <net/ethernet.h> -#else -#include <linux/if_ether.h> -#endif #include <xtables.h> -static void eui64_help(void) -{ - printf( -"eui64 match options:\n" -" This module hasn't got any option\n" -" This module checks for EUI64 IPv6 addresses\n"); -} - -static int eui64_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_match **match) -{ - return 0; -} - static struct xtables_match eui64_mt6_reg = { .name = "eui64", .version = XTABLES_VERSION, .family = NFPROTO_IPV6, .size = XT_ALIGN(sizeof(int)), .userspacesize = XT_ALIGN(sizeof(int)), - .help = eui64_help, - .parse = eui64_parse, }; void _init(void) diff --git a/extensions/libipt_MIRROR.c b/extensions/libipt_MIRROR.c index 81964dd7..fb78751d 100644 --- a/extensions/libipt_MIRROR.c +++ b/extensions/libipt_MIRROR.c @@ -1,32 +1,12 @@ /* Shared library add-on to iptables to add MIRROR target support. */ -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#include <getopt.h> - #include <xtables.h> -static void MIRROR_help(void) -{ - printf("MIRROR target takes no options\n"); -} - -static int MIRROR_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_target **target) -{ - return 0; -} - static struct xtables_target mirror_tg_reg = { .name = "MIRROR", .version = XTABLES_VERSION, .family = NFPROTO_IPV4, .size = XT_ALIGN(0), .userspacesize = XT_ALIGN(0), - .help = MIRROR_help, - .parse = MIRROR_parse, - .print = NULL, - .save = NULL, }; void _init(void) diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c index ecd51b51..cda70518 100644 --- a/extensions/libipt_addrtype.c +++ b/extensions/libipt_addrtype.c @@ -323,38 +323,38 @@ static const struct option addrtype_opts_v1[] = { { .name = NULL } }; -static struct xtables_match addrtype_mt_reg_v0 = { - .name = "addrtype", - .version = XTABLES_VERSION, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct ipt_addrtype_info)), - .userspacesize = XT_ALIGN(sizeof(struct ipt_addrtype_info)), - .help = addrtype_help_v0, - .parse = addrtype_parse_v0, - .final_check = addrtype_check_v0, - .print = addrtype_print_v0, - .save = addrtype_save_v0, - .extra_opts = addrtype_opts_v0, -}; - -static struct xtables_match addrtype_mt_reg_v1 = { - .name = "addrtype", - .version = XTABLES_VERSION, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct ipt_addrtype_info_v1)), - .userspacesize = XT_ALIGN(sizeof(struct ipt_addrtype_info_v1)), - .help = addrtype_help_v1, - .parse = addrtype_parse_v1, - .final_check = addrtype_check_v1, - .print = addrtype_print_v1, - .save = addrtype_save_v1, - .extra_opts = addrtype_opts_v1, - .revision = 1, +static struct xtables_match addrtype_mt_reg[] = { + { + .name = "addrtype", + .version = XTABLES_VERSION, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct ipt_addrtype_info)), + .userspacesize = XT_ALIGN(sizeof(struct ipt_addrtype_info)), + .help = addrtype_help_v0, + .parse = addrtype_parse_v0, + .final_check = addrtype_check_v0, + .print = addrtype_print_v0, + .save = addrtype_save_v0, + .extra_opts = addrtype_opts_v0, + }, + { + .name = "addrtype", + .revision = 1, + .version = XTABLES_VERSION, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct ipt_addrtype_info_v1)), + .userspacesize = XT_ALIGN(sizeof(struct ipt_addrtype_info_v1)), + .help = addrtype_help_v1, + .parse = addrtype_parse_v1, + .final_check = addrtype_check_v1, + .print = addrtype_print_v1, + .save = addrtype_save_v1, + .extra_opts = addrtype_opts_v1, + }, }; void _init(void) { - xtables_register_match(&addrtype_mt_reg_v0); - xtables_register_match(&addrtype_mt_reg_v1); + xtables_register_matches(addrtype_mt_reg, ARRAY_SIZE(addrtype_mt_reg)); } diff --git a/extensions/libipt_unclean.c b/extensions/libipt_unclean.c index 93d9013e..bc4a4a08 100644 --- a/extensions/libipt_unclean.c +++ b/extensions/libipt_unclean.c @@ -1,28 +1,12 @@ /* Shared library add-on to iptables for unclean. */ -#include <stdio.h> -#include <stdlib.h> -#include <getopt.h> #include <xtables.h> -static void unclean_help(void) -{ - printf("unclean match takes no options\n"); -} - -static int unclean_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_match **match) -{ - return 0; -} - static struct xtables_match unclean_mt_reg = { .name = "unclean", .version = XTABLES_VERSION, .family = NFPROTO_IPV4, .size = XT_ALIGN(0), .userspacesize = XT_ALIGN(0), - .help = unclean_help, - .parse = unclean_parse, }; void _init(void) diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c index 6e42898f..3cf62f07 100644 --- a/extensions/libxt_CONNMARK.c +++ b/extensions/libxt_CONNMARK.c @@ -398,74 +398,40 @@ connmark_tg_save(const void *ip, const struct xt_entry_target *target) } } -static struct xtables_target connmark_target = { - .family = NFPROTO_IPV4, - .name = "CONNMARK", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)), - .help = CONNMARK_help, - .init = CONNMARK_init, - .parse = CONNMARK_parse, - .final_check = connmark_tg_check, - .print = CONNMARK_print, - .save = CONNMARK_save, - .extra_opts = CONNMARK_opts, -}; - -static struct xtables_target connmark_target6 = { - .family = NFPROTO_IPV6, - .name = "CONNMARK", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)), - .help = CONNMARK_help, - .init = CONNMARK_init, - .parse = CONNMARK_parse, - .final_check = connmark_tg_check, - .print = CONNMARK_print, - .save = CONNMARK_save, - .extra_opts = CONNMARK_opts, -}; - -static struct xtables_target connmark_tg_reg = { - .version = XTABLES_VERSION, - .name = "CONNMARK", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), - .help = connmark_tg_help, - .init = connmark_tg_init, - .parse = connmark_tg_parse, - .final_check = connmark_tg_check, - .print = connmark_tg_print, - .save = connmark_tg_save, - .extra_opts = connmark_tg_opts, -}; - -static struct xtables_target connmark_tg6_reg = { - .version = XTABLES_VERSION, - .name = "CONNMARK", - .revision = 1, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), - .help = connmark_tg_help, - .init = connmark_tg_init, - .parse = connmark_tg_parse, - .final_check = connmark_tg_check, - .print = connmark_tg_print, - .save = connmark_tg_save, - .extra_opts = connmark_tg_opts, +static struct xtables_target connmark_tg_reg[] = { + { + .family = NFPROTO_UNSPEC, + .name = "CONNMARK", + .revision = 0, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)), + .help = CONNMARK_help, + .init = CONNMARK_init, + .parse = CONNMARK_parse, + .final_check = connmark_tg_check, + .print = CONNMARK_print, + .save = CONNMARK_save, + .extra_opts = CONNMARK_opts, + }, + { + .version = XTABLES_VERSION, + .name = "CONNMARK", + .revision = 1, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), + .help = connmark_tg_help, + .init = connmark_tg_init, + .parse = connmark_tg_parse, + .final_check = connmark_tg_check, + .print = connmark_tg_print, + .save = connmark_tg_save, + .extra_opts = connmark_tg_opts, + }, }; void _init(void) { - xtables_register_target(&connmark_target); - xtables_register_target(&connmark_target6); - xtables_register_target(&connmark_tg_reg); - xtables_register_target(&connmark_tg6_reg); + xtables_register_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg)); } diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c index 11ec01ab..d95339f3 100644 --- a/extensions/libxt_CONNSECMARK.c +++ b/extensions/libxt_CONNSECMARK.c @@ -107,22 +107,7 @@ CONNSECMARK_save(const void *ip, const struct xt_entry_target *target) } static struct xtables_target connsecmark_target = { - .family = NFPROTO_IPV4, - .name = "CONNSECMARK", - .version = XTABLES_VERSION, - .revision = 0, - .size = XT_ALIGN(sizeof(struct xt_connsecmark_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connsecmark_target_info)), - .parse = CONNSECMARK_parse, - .help = CONNSECMARK_help, - .final_check = CONNSECMARK_check, - .print = CONNSECMARK_print, - .save = CONNSECMARK_save, - .extra_opts = CONNSECMARK_opts, -}; - -static struct xtables_target connsecmark_target6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "CONNSECMARK", .version = XTABLES_VERSION, .revision = 0, @@ -139,5 +124,4 @@ static struct xtables_target connsecmark_target6 = { void _init(void) { xtables_register_target(&connsecmark_target); - xtables_register_target(&connsecmark_target6); } diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c index ddb9c997..82ac10c3 100644 --- a/extensions/libxt_DSCP.c +++ b/extensions/libxt_DSCP.c @@ -130,21 +130,7 @@ static void DSCP_save(const void *ip, const struct xt_entry_target *target) } static struct xtables_target dscp_target = { - .family = NFPROTO_IPV4, - .name = "DSCP", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_DSCP_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_DSCP_info)), - .help = DSCP_help, - .parse = DSCP_parse, - .final_check = DSCP_check, - .print = DSCP_print, - .save = DSCP_save, - .extra_opts = DSCP_opts, -}; - -static struct xtables_target dscp_target6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "DSCP", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_DSCP_info)), @@ -160,5 +146,4 @@ static struct xtables_target dscp_target6 = { void _init(void) { xtables_register_target(&dscp_target); - xtables_register_target(&dscp_target6); } diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c index ff48a764..f6a2c5c1 100644 --- a/extensions/libxt_MARK.c +++ b/extensions/libxt_MARK.c @@ -277,70 +277,52 @@ static void mark_tg_save(const void *ip, const struct xt_entry_target *target) printf("--set-xmark 0x%x/0x%x ", info->mark, info->mask); } -static struct xtables_target mark_target_v0 = { - .family = NFPROTO_IPV4, - .name = "MARK", - .version = XTABLES_VERSION, - .revision = 0, - .size = XT_ALIGN(sizeof(struct xt_mark_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mark_target_info)), - .help = MARK_help, - .parse = MARK_parse_v0, - .final_check = MARK_check, - .print = MARK_print_v0, - .save = MARK_save_v0, - .extra_opts = MARK_opts, -}; - -static struct xtables_target mark_target_v1 = { - .family = NFPROTO_IPV4, - .name = "MARK", - .version = XTABLES_VERSION, - .revision = 1, - .size = XT_ALIGN(sizeof(struct xt_mark_target_info_v1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mark_target_info_v1)), - .help = MARK_help, - .parse = MARK_parse_v1, - .final_check = MARK_check, - .print = MARK_print_v1, - .save = MARK_save_v1, - .extra_opts = MARK_opts, -}; - -static struct xtables_target mark_target6_v0 = { - .family = NFPROTO_IPV6, - .name = "MARK", - .version = XTABLES_VERSION, - .revision = 0, - .size = XT_ALIGN(sizeof(struct xt_mark_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mark_target_info)), - .help = MARK_help, - .parse = MARK_parse_v0, - .final_check = MARK_check, - .print = MARK_print_v0, - .save = MARK_save_v0, - .extra_opts = MARK_opts, -}; - -static struct xtables_target mark_tg_reg_v2 = { - .version = XTABLES_VERSION, - .name = "MARK", - .revision = 2, - .family = NFPROTO_UNSPEC, - .size = XT_ALIGN(sizeof(struct xt_mark_tginfo2)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mark_tginfo2)), - .help = mark_tg_help, - .parse = mark_tg_parse, - .final_check = mark_tg_check, - .print = mark_tg_print, - .save = mark_tg_save, - .extra_opts = mark_tg_opts, +static struct xtables_target mark_tg_reg[] = { + { + .family = NFPROTO_UNSPEC, + .name = "MARK", + .version = XTABLES_VERSION, + .revision = 0, + .size = XT_ALIGN(sizeof(struct xt_mark_target_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_mark_target_info)), + .help = MARK_help, + .parse = MARK_parse_v0, + .final_check = MARK_check, + .print = MARK_print_v0, + .save = MARK_save_v0, + .extra_opts = MARK_opts, + }, + { + .family = NFPROTO_IPV4, + .name = "MARK", + .version = XTABLES_VERSION, + .revision = 1, + .size = XT_ALIGN(sizeof(struct xt_mark_target_info_v1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_mark_target_info_v1)), + .help = MARK_help, + .parse = MARK_parse_v1, + .final_check = MARK_check, + .print = MARK_print_v1, + .save = MARK_save_v1, + .extra_opts = MARK_opts, + }, + { + .version = XTABLES_VERSION, + .name = "MARK", + .revision = 2, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_mark_tginfo2)), + .userspacesize = XT_ALIGN(sizeof(struct xt_mark_tginfo2)), + .help = mark_tg_help, + .parse = mark_tg_parse, + .final_check = mark_tg_check, + .print = mark_tg_print, + .save = mark_tg_save, + .extra_opts = mark_tg_opts, + }, }; void _init(void) { - xtables_register_target(&mark_target_v0); - xtables_register_target(&mark_target_v1); - xtables_register_target(&mark_target6_v0); - xtables_register_target(&mark_tg_reg_v2); + xtables_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); } diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c index 007c7b4e..0768e885 100644 --- a/extensions/libxt_NFLOG.c +++ b/extensions/libxt_NFLOG.c @@ -139,21 +139,7 @@ static void NFLOG_save(const void *ip, const struct xt_entry_target *target) } static struct xtables_target nflog_target = { - .family = NFPROTO_IPV4, - .name = "NFLOG", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_nflog_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)), - .help = NFLOG_help, - .init = NFLOG_init, - .parse = NFLOG_parse, - .print = NFLOG_print, - .save = NFLOG_save, - .extra_opts = NFLOG_opts, -}; - -static struct xtables_target nflog_target6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "NFLOG", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_nflog_info)), @@ -169,5 +155,4 @@ static struct xtables_target nflog_target6 = { void _init(void) { xtables_register_target(&nflog_target); - xtables_register_target(&nflog_target6); } diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c index 3ca2239f..53ecf1ca 100644 --- a/extensions/libxt_NFQUEUE.c +++ b/extensions/libxt_NFQUEUE.c @@ -78,7 +78,7 @@ static void NFQUEUE_save(const void *ip, const struct xt_entry_target *target) } static struct xtables_target nfqueue_target = { - .family = NFPROTO_IPV4, + .family = NFPROTO_UNSPEC, .name = "NFQUEUE", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_NFQ_info)), @@ -90,21 +90,7 @@ static struct xtables_target nfqueue_target = { .extra_opts = NFQUEUE_opts }; -static struct xtables_target nfqueue_target6 = { - .family = NFPROTO_IPV6, - .name = "NFQUEUE", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_NFQ_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info)), - .help = NFQUEUE_help, - .parse = NFQUEUE_parse, - .print = NFQUEUE_print, - .save = NFQUEUE_save, - .extra_opts = NFQUEUE_opts, -}; - void _init(void) { xtables_register_target(&nfqueue_target); - xtables_register_target(&nfqueue_target6); } diff --git a/extensions/libxt_NOTRACK.c b/extensions/libxt_NOTRACK.c index ef266543..ca587002 100644 --- a/extensions/libxt_NOTRACK.c +++ b/extensions/libxt_NOTRACK.c @@ -1,46 +1,15 @@ /* Shared library add-on to iptables to add NOTRACK target support. */ -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#include <getopt.h> - #include <xtables.h> -#include <linux/netfilter/x_tables.h> - -static void NOTRACK_help(void) -{ - printf("NOTRACK target takes no options\n"); -} - -static int -NOTRACK_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_target **target) -{ - return 0; -} static struct xtables_target notrack_target = { - .family = NFPROTO_IPV4, - .name = "NOTRACK", - .version = XTABLES_VERSION, - .size = XT_ALIGN(0), - .userspacesize = XT_ALIGN(0), - .help = NOTRACK_help, - .parse = NOTRACK_parse, -}; - -static struct xtables_target notrack_target6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "NOTRACK", .version = XTABLES_VERSION, .size = XT_ALIGN(0), .userspacesize = XT_ALIGN(0), - .help = NOTRACK_help, - .parse = NOTRACK_parse, }; void _init(void) { xtables_register_target(¬rack_target); - xtables_register_target(¬rack_target6); } diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c index cf946fc7..a063d0d9 100644 --- a/extensions/libxt_TCPOPTSTRIP.c +++ b/extensions/libxt_TCPOPTSTRIP.c @@ -180,22 +180,7 @@ tcpoptstrip_tg_save(const void *ip, const struct xt_entry_target *target) static struct xtables_target tcpoptstrip_tg_reg = { .version = XTABLES_VERSION, .name = "TCPOPTSTRIP", - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)), - .help = tcpoptstrip_tg_help, - .init = tcpoptstrip_tg_init, - .parse = tcpoptstrip_tg_parse, - .final_check = tcpoptstrip_tg_check, - .print = tcpoptstrip_tg_print, - .save = tcpoptstrip_tg_save, - .extra_opts = tcpoptstrip_tg_opts, -}; - -static struct xtables_target tcpoptstrip_tg6_reg = { - .version = XTABLES_VERSION, - .name = "TCPOPTSTRIP", - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .size = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)), .userspacesize = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)), .help = tcpoptstrip_tg_help, @@ -210,5 +195,4 @@ static struct xtables_target tcpoptstrip_tg6_reg = { void _init(void) { xtables_register_target(&tcpoptstrip_tg_reg); - xtables_register_target(&tcpoptstrip_tg6_reg); } diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c index c08f53bd..bf751a4e 100644 --- a/extensions/libxt_TOS.c +++ b/extensions/libxt_TOS.c @@ -205,54 +205,38 @@ static void tos_tg_save(const void *ip, const struct xt_entry_target *target) printf("--set-tos 0x%02x/0x%02x ", info->tos_value, info->tos_mask); } -static struct xtables_target tos_tg_reg_v0 = { - .version = XTABLES_VERSION, - .name = "TOS", - .revision = 0, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_tos_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)), - .help = tos_tg_help_v0, - .parse = tos_tg_parse_v0, - .final_check = tos_tg_check, - .print = tos_tg_print_v0, - .save = tos_tg_save_v0, - .extra_opts = tos_tg_opts_v0, -}; - -static struct xtables_target tos_tg_reg = { - .version = XTABLES_VERSION, - .name = "TOS", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_tos_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)), - .help = tos_tg_help, - .parse = tos_tg_parse, - .final_check = tos_tg_check, - .print = tos_tg_print, - .save = tos_tg_save, - .extra_opts = tos_tg_opts, -}; - -static struct xtables_target tos_tg6_reg = { - .version = XTABLES_VERSION, - .name = "TOS", - .family = NFPROTO_IPV6, - .revision = 1, - .size = XT_ALIGN(sizeof(struct xt_tos_target_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)), - .help = tos_tg_help, - .parse = tos_tg_parse, - .final_check = tos_tg_check, - .print = tos_tg_print, - .save = tos_tg_save, - .extra_opts = tos_tg_opts, +static struct xtables_target tos_tg_reg[] = { + { + .version = XTABLES_VERSION, + .name = "TOS", + .revision = 0, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_tos_target_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)), + .help = tos_tg_help_v0, + .parse = tos_tg_parse_v0, + .final_check = tos_tg_check, + .print = tos_tg_print_v0, + .save = tos_tg_save_v0, + .extra_opts = tos_tg_opts_v0, + }, + { + .version = XTABLES_VERSION, + .name = "TOS", + .revision = 1, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_tos_target_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)), + .help = tos_tg_help, + .parse = tos_tg_parse, + .final_check = tos_tg_check, + .print = tos_tg_print, + .save = tos_tg_save, + .extra_opts = tos_tg_opts, + }, }; void _init(void) { - xtables_register_target(&tos_tg_reg_v0); - xtables_register_target(&tos_tg_reg); - xtables_register_target(&tos_tg6_reg); + xtables_register_targets(tos_tg_reg, ARRAY_SIZE(tos_tg_reg)); } diff --git a/extensions/libxt_TRACE.c b/extensions/libxt_TRACE.c index 344b80dc..0282e6ff 100644 --- a/extensions/libxt_TRACE.c +++ b/extensions/libxt_TRACE.c @@ -7,25 +7,12 @@ #include <xtables.h> #include <linux/netfilter/x_tables.h> -static void TRACE_help(void) -{ - printf("TRACE target takes no options\n"); -} - -static int TRACE_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_target **target) -{ - return 0; -} - static struct xtables_target trace_target = { .family = NFPROTO_UNSPEC, .name = "TRACE", .version = XTABLES_VERSION, .size = XT_ALIGN(0), .userspacesize = XT_ALIGN(0), - .help = TRACE_help, - .parse = TRACE_parse, }; void _init(void) diff --git a/extensions/libxt_comment.c b/extensions/libxt_comment.c index 5f393bbf..2e665b12 100644 --- a/extensions/libxt_comment.c +++ b/extensions/libxt_comment.c @@ -89,21 +89,7 @@ comment_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match comment_match = { - .family = NFPROTO_IPV4, - .name = "comment", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_comment_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), - .help = comment_help, - .parse = comment_parse, - .final_check = comment_check, - .print = comment_print, - .save = comment_save, - .extra_opts = comment_opts, -}; - -static struct xtables_match comment_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "comment", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_comment_info)), @@ -119,5 +105,4 @@ static struct xtables_match comment_match6 = { void _init(void) { xtables_register_match(&comment_match); - xtables_register_match(&comment_match6); } diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c index c7bdff05..d6c3b1bb 100644 --- a/extensions/libxt_connbytes.c +++ b/extensions/libxt_connbytes.c @@ -180,21 +180,7 @@ static void connbytes_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match connbytes_match = { - .family = NFPROTO_IPV4, - .name = "connbytes", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connbytes_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connbytes_info)), - .help = connbytes_help, - .parse = connbytes_parse, - .final_check = connbytes_check, - .print = connbytes_print, - .save = connbytes_save, - .extra_opts = connbytes_opts, -}; - -static struct xtables_match connbytes_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "connbytes", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_connbytes_info)), @@ -210,5 +196,4 @@ static struct xtables_match connbytes_match6 = { void _init(void) { xtables_register_match(&connbytes_match); - xtables_register_match(&connbytes_match6); } diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c index 403e7e6f..1698561d 100644 --- a/extensions/libxt_connlimit.c +++ b/extensions/libxt_connlimit.c @@ -179,38 +179,38 @@ static void connlimit_save6(const void *ip, const struct xt_entry_match *match) count_bits6(info->v6_mask)); } -static struct xtables_match connlimit_match = { - .name = "connlimit", - .family = NFPROTO_IPV4, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connlimit_info)), - .userspacesize = offsetof(struct xt_connlimit_info, data), - .help = connlimit_help, - .init = connlimit_init, - .parse = connlimit_parse4, - .final_check = connlimit_check, - .print = connlimit_print4, - .save = connlimit_save4, - .extra_opts = connlimit_opts, -}; - -static struct xtables_match connlimit_match6 = { - .name = "connlimit", - .family = NFPROTO_IPV6, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connlimit_info)), - .userspacesize = offsetof(struct xt_connlimit_info, data), - .help = connlimit_help, - .init = connlimit_init, - .parse = connlimit_parse6, - .final_check = connlimit_check, - .print = connlimit_print6, - .save = connlimit_save6, - .extra_opts = connlimit_opts, +static struct xtables_match connlimit_mt_reg[] = { + { + .name = "connlimit", + .family = NFPROTO_IPV4, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_connlimit_info)), + .userspacesize = offsetof(struct xt_connlimit_info, data), + .help = connlimit_help, + .init = connlimit_init, + .parse = connlimit_parse4, + .final_check = connlimit_check, + .print = connlimit_print4, + .save = connlimit_save4, + .extra_opts = connlimit_opts, + }, + { + .name = "connlimit", + .family = NFPROTO_IPV6, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_connlimit_info)), + .userspacesize = offsetof(struct xt_connlimit_info, data), + .help = connlimit_help, + .init = connlimit_init, + .parse = connlimit_parse6, + .final_check = connlimit_check, + .print = connlimit_print6, + .save = connlimit_save6, + .extra_opts = connlimit_opts, + }, }; void _init(void) { - xtables_register_match(&connlimit_match); - xtables_register_match(&connlimit_match6); + xtables_register_matches(connlimit_mt_reg, ARRAY_SIZE(connlimit_mt_reg)); } diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c index ce2002ce..48c10b5d 100644 --- a/extensions/libxt_connmark.c +++ b/extensions/libxt_connmark.c @@ -163,70 +163,38 @@ connmark_mt_save(const void *ip, const struct xt_entry_match *match) print_mark(info->mark, info->mask); } -static struct xtables_match connmark_mt_reg_v0 = { - .family = NFPROTO_IPV4, - .name = "connmark", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connmark_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_info)), - .help = connmark_mt_help, - .parse = connmark_parse, - .final_check = connmark_mt_check, - .print = connmark_print, - .save = connmark_save, - .extra_opts = connmark_mt_opts, -}; - -static struct xtables_match connmark_mt6_reg_v0 = { - .family = NFPROTO_IPV6, - .name = "connmark", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_connmark_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_info)), - .help = connmark_mt_help, - .parse = connmark_parse, - .final_check = connmark_mt_check, - .print = connmark_print, - .save = connmark_save, - .extra_opts = connmark_mt_opts, -}; - -static struct xtables_match connmark_mt_reg = { - .version = XTABLES_VERSION, - .name = "connmark", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), - .help = connmark_mt_help, - .parse = connmark_mt_parse, - .final_check = connmark_mt_check, - .print = connmark_mt_print, - .save = connmark_mt_save, - .extra_opts = connmark_mt_opts, -}; - -static struct xtables_match connmark_mt6_reg = { - .version = XTABLES_VERSION, - .name = "connmark", - .revision = 1, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), - .help = connmark_mt_help, - .parse = connmark_mt_parse, - .final_check = connmark_mt_check, - .print = connmark_mt_print, - .save = connmark_mt_save, - .extra_opts = connmark_mt_opts, +static struct xtables_match connmark_mt_reg[] = { + { + .family = NFPROTO_UNSPEC, + .name = "connmark", + .revision = 0, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_connmark_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_info)), + .help = connmark_mt_help, + .parse = connmark_parse, + .final_check = connmark_mt_check, + .print = connmark_print, + .save = connmark_save, + .extra_opts = connmark_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "connmark", + .revision = 1, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), + .help = connmark_mt_help, + .parse = connmark_mt_parse, + .final_check = connmark_mt_check, + .print = connmark_mt_print, + .save = connmark_mt_save, + .extra_opts = connmark_mt_opts, + }, }; void _init(void) { - xtables_register_match(&connmark_mt_reg_v0); - xtables_register_match(&connmark_mt6_reg_v0); - xtables_register_match(&connmark_mt_reg); - xtables_register_match(&connmark_mt6_reg); + xtables_register_matches(connmark_mt_reg, ARRAY_SIZE(connmark_mt_reg)); } diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c index 68d40f8c..c9f8182b 100644 --- a/extensions/libxt_conntrack.c +++ b/extensions/libxt_conntrack.c @@ -1123,86 +1123,80 @@ conntrack1_mt6_save(const void *ip, const struct xt_entry_match *match) conntrack_dump(&up, "--", NFPROTO_IPV6, true); } -static struct xtables_match conntrack_mt_v0_reg = { - .version = XTABLES_VERSION, - .name = "conntrack", - .revision = 0, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_conntrack_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_info)), - .help = conntrack_mt_help, - .parse = conntrack_parse, - .final_check = conntrack_mt_check, - .print = conntrack_print, - .save = conntrack_save, - .extra_opts = conntrack_mt_opts_v0, -}; - -static struct xtables_match conntrack_mt_v1_reg = { - .version = XTABLES_VERSION, - .name = "conntrack", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), - .help = conntrack_mt_help, - .parse = conntrack1_mt4_parse, - .final_check = conntrack_mt_check, - .print = conntrack1_mt4_print, - .save = conntrack1_mt4_save, - .extra_opts = conntrack_mt_opts, -}; - -static struct xtables_match conntrack_mt6_v1_reg = { - .version = XTABLES_VERSION, - .name = "conntrack", - .revision = 1, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), - .help = conntrack_mt_help, - .parse = conntrack1_mt6_parse, - .final_check = conntrack_mt_check, - .print = conntrack1_mt6_print, - .save = conntrack1_mt6_save, - .extra_opts = conntrack_mt_opts, -}; - -static struct xtables_match conntrack_mt_v2_reg = { - .version = XTABLES_VERSION, - .name = "conntrack", - .revision = 2, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), - .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), - .help = conntrack_mt_help, - .parse = conntrack2_mt4_parse, - .final_check = conntrack_mt_check, - .print = conntrack_mt_print, - .save = conntrack_mt_save, - .extra_opts = conntrack_mt_opts, -}; - -static struct xtables_match conntrack_mt6_v2_reg = { - .version = XTABLES_VERSION, - .name = "conntrack", - .revision = 2, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), - .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), - .help = conntrack_mt_help, - .parse = conntrack2_mt6_parse, - .final_check = conntrack_mt_check, - .print = conntrack_mt6_print, - .save = conntrack_mt6_save, - .extra_opts = conntrack_mt_opts, +static struct xtables_match conntrack_mt_reg[] = { + { + .version = XTABLES_VERSION, + .name = "conntrack", + .revision = 0, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_conntrack_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_info)), + .help = conntrack_mt_help, + .parse = conntrack_parse, + .final_check = conntrack_mt_check, + .print = conntrack_print, + .save = conntrack_save, + .extra_opts = conntrack_mt_opts_v0, + }, + { + .version = XTABLES_VERSION, + .name = "conntrack", + .revision = 1, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), + .help = conntrack_mt_help, + .parse = conntrack1_mt4_parse, + .final_check = conntrack_mt_check, + .print = conntrack1_mt4_print, + .save = conntrack1_mt4_save, + .extra_opts = conntrack_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "conntrack", + .revision = 1, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)), + .help = conntrack_mt_help, + .parse = conntrack1_mt6_parse, + .final_check = conntrack_mt_check, + .print = conntrack1_mt6_print, + .save = conntrack1_mt6_save, + .extra_opts = conntrack_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "conntrack", + .revision = 2, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), + .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), + .help = conntrack_mt_help, + .parse = conntrack2_mt4_parse, + .final_check = conntrack_mt_check, + .print = conntrack_mt_print, + .save = conntrack_mt_save, + .extra_opts = conntrack_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "conntrack", + .revision = 2, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), + .userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo2)), + .help = conntrack_mt_help, + .parse = conntrack2_mt6_parse, + .final_check = conntrack_mt_check, + .print = conntrack_mt6_print, + .save = conntrack_mt6_save, + .extra_opts = conntrack_mt_opts, + }, }; void _init(void) { - xtables_register_match(&conntrack_mt_v0_reg); - xtables_register_match(&conntrack_mt_v1_reg); - xtables_register_match(&conntrack_mt6_v1_reg); - xtables_register_match(&conntrack_mt_v2_reg); - xtables_register_match(&conntrack_mt6_v2_reg); + xtables_register_matches(conntrack_mt_reg, ARRAY_SIZE(conntrack_mt_reg)); } diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c index 73211459..ae23225c 100644 --- a/extensions/libxt_dccp.c +++ b/extensions/libxt_dccp.c @@ -336,21 +336,7 @@ static void dccp_save(const void *ip, const struct xt_entry_match *match) static struct xtables_match dccp_match = { .name = "dccp", - .family = NFPROTO_IPV4, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_dccp_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_dccp_info)), - .help = dccp_help, - .init = dccp_init, - .parse = dccp_parse, - .print = dccp_print, - .save = dccp_save, - .extra_opts = dccp_opts, -}; - -static struct xtables_match dccp_match6 = { - .name = "dccp", - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_dccp_info)), .userspacesize = XT_ALIGN(sizeof(struct xt_dccp_info)), @@ -365,5 +351,4 @@ static struct xtables_match dccp_match6 = { void _init(void) { xtables_register_match(&dccp_match); - xtables_register_match(&dccp_match6); } diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c index 62fa6af5..306643e8 100644 --- a/extensions/libxt_dscp.c +++ b/extensions/libxt_dscp.c @@ -131,21 +131,7 @@ static void dscp_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match dscp_match = { - .family = NFPROTO_IPV4, - .name = "dscp", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_dscp_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_dscp_info)), - .help = dscp_help, - .parse = dscp_parse, - .final_check = dscp_check, - .print = dscp_print, - .save = dscp_save, - .extra_opts = dscp_opts, -}; - -static struct xtables_match dscp_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "dscp", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_dscp_info)), @@ -161,5 +147,4 @@ static struct xtables_match dscp_match6 = { void _init(void) { xtables_register_match(&dscp_match); - xtables_register_match(&dscp_match6); } diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c index 5769edb5..89c3fb43 100644 --- a/extensions/libxt_esp.c +++ b/extensions/libxt_esp.c @@ -149,21 +149,7 @@ static void esp_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match esp_match = { - .family = NFPROTO_IPV4, - .name = "esp", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_esp)), - .userspacesize = XT_ALIGN(sizeof(struct xt_esp)), - .help = esp_help, - .init = esp_init, - .parse = esp_parse, - .print = esp_print, - .save = esp_save, - .extra_opts = esp_opts, -}; - -static struct xtables_match esp_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "esp", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_esp)), @@ -180,5 +166,4 @@ void _init(void) { xtables_register_match(&esp_match); - xtables_register_match(&esp_match6); } diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c index 84dd7868..cdb407ab 100644 --- a/extensions/libxt_hashlimit.c +++ b/extensions/libxt_hashlimit.c @@ -659,74 +659,55 @@ hashlimit_mt6_save(const void *ip, const struct xt_entry_match *match) hashlimit_mt_save(info, 128); } -static struct xtables_match hashlimit_match = { - .family = NFPROTO_IPV4, - .name = "hashlimit", - .version = XTABLES_VERSION, - .revision = 0, - .size = XT_ALIGN(sizeof(struct xt_hashlimit_info)), - .userspacesize = offsetof(struct xt_hashlimit_info, hinfo), - .help = hashlimit_help, - .init = hashlimit_init, - .parse = hashlimit_parse, - .final_check = hashlimit_check, - .print = hashlimit_print, - .save = hashlimit_save, - .extra_opts = hashlimit_opts, -}; - -static struct xtables_match hashlimit_match6 = { - .family = NFPROTO_IPV6, - .name = "hashlimit", - .version = XTABLES_VERSION, - .revision = 0, - .size = XT_ALIGN(sizeof(struct xt_hashlimit_info)), - .userspacesize = offsetof(struct xt_hashlimit_info, hinfo), - .help = hashlimit_help, - .init = hashlimit_init, - .parse = hashlimit_parse, - .final_check = hashlimit_check, - .print = hashlimit_print, - .save = hashlimit_save, - .extra_opts = hashlimit_opts, -}; - -static struct xtables_match hashlimit_mt_reg = { - .version = XTABLES_VERSION, - .name = "hashlimit", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_hashlimit_mtinfo1)), - .userspacesize = offsetof(struct xt_hashlimit_mtinfo1, hinfo), - .help = hashlimit_mt_help, - .init = hashlimit_mt4_init, - .parse = hashlimit_mt4_parse, - .final_check = hashlimit_mt_check, - .print = hashlimit_mt4_print, - .save = hashlimit_mt4_save, - .extra_opts = hashlimit_mt_opts, -}; - -static struct xtables_match hashlimit_mt6_reg = { - .version = XTABLES_VERSION, - .name = "hashlimit", - .revision = 1, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_hashlimit_mtinfo1)), - .userspacesize = offsetof(struct xt_hashlimit_mtinfo1, hinfo), - .help = hashlimit_mt_help, - .init = hashlimit_mt6_init, - .parse = hashlimit_mt6_parse, - .final_check = hashlimit_mt_check, - .print = hashlimit_mt6_print, - .save = hashlimit_mt6_save, - .extra_opts = hashlimit_mt_opts, +static struct xtables_match hashlimit_mt_reg[] = { + { + .family = NFPROTO_UNSPEC, + .name = "hashlimit", + .version = XTABLES_VERSION, + .revision = 0, + .size = XT_ALIGN(sizeof(struct xt_hashlimit_info)), + .userspacesize = offsetof(struct xt_hashlimit_info, hinfo), + .help = hashlimit_help, + .init = hashlimit_init, + .parse = hashlimit_parse, + .final_check = hashlimit_check, + .print = hashlimit_print, + .save = hashlimit_save, + .extra_opts = hashlimit_opts, + }, + { + .version = XTABLES_VERSION, + .name = "hashlimit", + .revision = 1, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_hashlimit_mtinfo1)), + .userspacesize = offsetof(struct xt_hashlimit_mtinfo1, hinfo), + .help = hashlimit_mt_help, + .init = hashlimit_mt4_init, + .parse = hashlimit_mt4_parse, + .final_check = hashlimit_mt_check, + .print = hashlimit_mt4_print, + .save = hashlimit_mt4_save, + .extra_opts = hashlimit_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "hashlimit", + .revision = 1, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct xt_hashlimit_mtinfo1)), + .userspacesize = offsetof(struct xt_hashlimit_mtinfo1, hinfo), + .help = hashlimit_mt_help, + .init = hashlimit_mt6_init, + .parse = hashlimit_mt6_parse, + .final_check = hashlimit_mt_check, + .print = hashlimit_mt6_print, + .save = hashlimit_mt6_save, + .extra_opts = hashlimit_mt_opts, + }, }; void _init(void) { - xtables_register_match(&hashlimit_match); - xtables_register_match(&hashlimit_match6); - xtables_register_match(&hashlimit_mt_reg); - xtables_register_match(&hashlimit_mt6_reg); + xtables_register_matches(hashlimit_mt_reg, ARRAY_SIZE(hashlimit_mt_reg)); } diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c index b136d8a6..adced437 100644 --- a/extensions/libxt_helper.c +++ b/extensions/libxt_helper.c @@ -69,20 +69,7 @@ static void helper_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match helper_match = { - .family = NFPROTO_IPV4, - .name = "helper", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_helper_info)), - .help = helper_help, - .parse = helper_parse, - .final_check = helper_check, - .print = helper_print, - .save = helper_save, - .extra_opts = helper_opts, -}; - -static struct xtables_match helper_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "helper", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_helper_info)), @@ -97,5 +84,4 @@ static struct xtables_match helper_match6 = { void _init(void) { xtables_register_match(&helper_match); - xtables_register_match(&helper_match6); } diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c index bc5b2aeb..7b3ccc2b 100644 --- a/extensions/libxt_iprange.c +++ b/extensions/libxt_iprange.c @@ -344,54 +344,52 @@ static void iprange_mt6_save(const void *ip, const struct xt_entry_match *match) } } -static struct xtables_match iprange_match = { - .version = XTABLES_VERSION, - .name = "iprange", - .revision = 0, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct ipt_iprange_info)), - .userspacesize = XT_ALIGN(sizeof(struct ipt_iprange_info)), - .help = iprange_mt_help, - .parse = iprange_parse, - .final_check = iprange_mt_check, - .print = iprange_print, - .save = iprange_save, - .extra_opts = iprange_mt_opts, -}; - -static struct xtables_match iprange_mt_reg = { - .version = XTABLES_VERSION, - .name = "iprange", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), - .userspacesize = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), - .help = iprange_mt_help, - .parse = iprange_mt4_parse, - .final_check = iprange_mt_check, - .print = iprange_mt4_print, - .save = iprange_mt4_save, - .extra_opts = iprange_mt_opts, -}; - -static struct xtables_match iprange_mt6_reg = { - .version = XTABLES_VERSION, - .name = "iprange", - .revision = 1, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), - .userspacesize = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), - .help = iprange_mt_help, - .parse = iprange_mt6_parse, - .final_check = iprange_mt_check, - .print = iprange_mt6_print, - .save = iprange_mt6_save, - .extra_opts = iprange_mt_opts, +static struct xtables_match iprange_mt_reg[] = { + { + .version = XTABLES_VERSION, + .name = "iprange", + .revision = 0, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct ipt_iprange_info)), + .userspacesize = XT_ALIGN(sizeof(struct ipt_iprange_info)), + .help = iprange_mt_help, + .parse = iprange_parse, + .final_check = iprange_mt_check, + .print = iprange_print, + .save = iprange_save, + .extra_opts = iprange_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "iprange", + .revision = 1, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), + .userspacesize = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), + .help = iprange_mt_help, + .parse = iprange_mt4_parse, + .final_check = iprange_mt_check, + .print = iprange_mt4_print, + .save = iprange_mt4_save, + .extra_opts = iprange_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "iprange", + .revision = 1, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), + .userspacesize = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)), + .help = iprange_mt_help, + .parse = iprange_mt6_parse, + .final_check = iprange_mt_check, + .print = iprange_mt6_print, + .save = iprange_mt6_save, + .extra_opts = iprange_mt_opts, + }, }; void _init(void) { - xtables_register_match(&iprange_match); - xtables_register_match(&iprange_mt_reg); - xtables_register_match(&iprange_mt6_reg); + xtables_register_matches(iprange_mt_reg, ARRAY_SIZE(iprange_mt_reg)); } diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c index a57e3410..449fff92 100644 --- a/extensions/libxt_mac.c +++ b/extensions/libxt_mac.c @@ -112,21 +112,7 @@ static void mac_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match mac_match = { - .family = NFPROTO_IPV4, - .name = "mac", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_mac_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mac_info)), - .help = mac_help, - .parse = mac_parse, - .final_check = mac_check, - .print = mac_print, - .save = mac_save, - .extra_opts = mac_opts, -}; - -static struct xtables_match mac_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "mac", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_mac_info)), @@ -142,5 +128,4 @@ static struct xtables_match mac_match6 = { void _init(void) { xtables_register_match(&mac_match); - xtables_register_match(&mac_match6); } diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c index 6f8cc570..fc3d6466 100644 --- a/extensions/libxt_mark.c +++ b/extensions/libxt_mark.c @@ -143,38 +143,38 @@ mark_save(const void *ip, const struct xt_entry_match *match) print_mark(info->mark, info->mask); } -static struct xtables_match mark_match = { - .family = NFPROTO_UNSPEC, - .name = "mark", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_mark_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mark_info)), - .help = mark_mt_help, - .parse = mark_parse, - .final_check = mark_mt_check, - .print = mark_print, - .save = mark_save, - .extra_opts = mark_mt_opts, -}; - -static struct xtables_match mark_mt_reg = { - .version = XTABLES_VERSION, - .name = "mark", - .revision = 1, - .family = NFPROTO_UNSPEC, - .size = XT_ALIGN(sizeof(struct xt_mark_mtinfo1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_mark_mtinfo1)), - .help = mark_mt_help, - .parse = mark_mt_parse, - .final_check = mark_mt_check, - .print = mark_mt_print, - .save = mark_mt_save, - .extra_opts = mark_mt_opts, +static struct xtables_match mark_mt_reg[] = { + { + .family = NFPROTO_UNSPEC, + .name = "mark", + .revision = 0, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_mark_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_mark_info)), + .help = mark_mt_help, + .parse = mark_parse, + .final_check = mark_mt_check, + .print = mark_print, + .save = mark_save, + .extra_opts = mark_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "mark", + .revision = 1, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_mark_mtinfo1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_mark_mtinfo1)), + .help = mark_mt_help, + .parse = mark_mt_parse, + .final_check = mark_mt_check, + .print = mark_mt_print, + .save = mark_mt_save, + .extra_opts = mark_mt_opts, + }, }; void _init(void) { - xtables_register_match(&mark_match); - xtables_register_match(&mark_mt_reg); + xtables_register_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg)); } diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c index 9959a20e..d9b6e741 100644 --- a/extensions/libxt_multiport.c +++ b/extensions/libxt_multiport.c @@ -509,71 +509,67 @@ static void multiport_save6_v1(const void *ip_void, __multiport_save_v1(match, ip->proto); } -static struct xtables_match multiport_match = { - .family = NFPROTO_IPV4, - .name = "multiport", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_multiport)), - .userspacesize = XT_ALIGN(sizeof(struct xt_multiport)), - .help = multiport_help, - .parse = multiport_parse, - .final_check = multiport_check, - .print = multiport_print, - .save = multiport_save, - .extra_opts = multiport_opts, -}; - -static struct xtables_match multiport_match6 = { - .family = NFPROTO_IPV6, - .name = "multiport", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_multiport)), - .userspacesize = XT_ALIGN(sizeof(struct xt_multiport)), - .help = multiport_help, - .parse = multiport_parse6, - .final_check = multiport_check, - .print = multiport_print6, - .save = multiport_save6, - .extra_opts = multiport_opts, -}; - -static struct xtables_match multiport_match_v1 = { - .family = NFPROTO_IPV4, - .name = "multiport", - .version = XTABLES_VERSION, - .revision = 1, - .size = XT_ALIGN(sizeof(struct xt_multiport_v1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_multiport_v1)), - .help = multiport_help_v1, - .parse = multiport_parse_v1, - .final_check = multiport_check, - .print = multiport_print_v1, - .save = multiport_save_v1, - .extra_opts = multiport_opts, -}; - -static struct xtables_match multiport_match6_v1 = { - .family = NFPROTO_IPV6, - .name = "multiport", - .version = XTABLES_VERSION, - .revision = 1, - .size = XT_ALIGN(sizeof(struct xt_multiport_v1)), - .userspacesize = XT_ALIGN(sizeof(struct xt_multiport_v1)), - .help = multiport_help_v1, - .parse = multiport_parse6_v1, - .final_check = multiport_check, - .print = multiport_print6_v1, - .save = multiport_save6_v1, - .extra_opts = multiport_opts, +static struct xtables_match multiport_mt_reg[] = { + { + .family = NFPROTO_IPV4, + .name = "multiport", + .revision = 0, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_multiport)), + .userspacesize = XT_ALIGN(sizeof(struct xt_multiport)), + .help = multiport_help, + .parse = multiport_parse, + .final_check = multiport_check, + .print = multiport_print, + .save = multiport_save, + .extra_opts = multiport_opts, + }, + { + .family = NFPROTO_IPV6, + .name = "multiport", + .revision = 0, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_multiport)), + .userspacesize = XT_ALIGN(sizeof(struct xt_multiport)), + .help = multiport_help, + .parse = multiport_parse6, + .final_check = multiport_check, + .print = multiport_print6, + .save = multiport_save6, + .extra_opts = multiport_opts, + }, + { + .family = NFPROTO_IPV4, + .name = "multiport", + .version = XTABLES_VERSION, + .revision = 1, + .size = XT_ALIGN(sizeof(struct xt_multiport_v1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_multiport_v1)), + .help = multiport_help_v1, + .parse = multiport_parse_v1, + .final_check = multiport_check, + .print = multiport_print_v1, + .save = multiport_save_v1, + .extra_opts = multiport_opts, + }, + { + .family = NFPROTO_IPV6, + .name = "multiport", + .version = XTABLES_VERSION, + .revision = 1, + .size = XT_ALIGN(sizeof(struct xt_multiport_v1)), + .userspacesize = XT_ALIGN(sizeof(struct xt_multiport_v1)), + .help = multiport_help_v1, + .parse = multiport_parse6_v1, + .final_check = multiport_check, + .print = multiport_print6_v1, + .save = multiport_save6_v1, + .extra_opts = multiport_opts, + }, }; void _init(void) { - xtables_register_match(&multiport_match); - xtables_register_match(&multiport_match6); - xtables_register_match(&multiport_match_v1); - xtables_register_match(&multiport_match6_v1); + xtables_register_matches(multiport_mt_reg, ARRAY_SIZE(multiport_mt_reg)); } diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index d27b3ae5..25441384 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -533,70 +533,52 @@ static void owner_mt_save(const void *ip, const struct xt_entry_match *match) owner_mt_print_item(info, "--gid-owner", XT_OWNER_GID, false); } -static struct xtables_match owner_mt_reg_v0 = { - .version = XTABLES_VERSION, - .name = "owner", - .revision = 0, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct ipt_owner_info)), - .userspacesize = XT_ALIGN(sizeof(struct ipt_owner_info)), - .help = owner_mt_help_v0, - .parse = owner_mt_parse_v0, - .final_check = owner_mt_check, - .print = owner_mt_print_v0, - .save = owner_mt_save_v0, - .extra_opts = owner_mt_opts_v0, -}; - -static struct xtables_match owner_mt6_reg_v0 = { - .version = XTABLES_VERSION, - .name = "owner", - .revision = 0, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct ip6t_owner_info)), - .userspacesize = XT_ALIGN(sizeof(struct ip6t_owner_info)), - .help = owner_mt6_help_v0, - .parse = owner_mt6_parse_v0, - .final_check = owner_mt_check, - .print = owner_mt6_print_v0, - .save = owner_mt6_save_v0, - .extra_opts = owner_mt6_opts_v0, -}; - -static struct xtables_match owner_mt_reg = { - .version = XTABLES_VERSION, - .name = "owner", - .revision = 1, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_owner_match_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_owner_match_info)), - .help = owner_mt_help, - .parse = owner_mt_parse, - .final_check = owner_mt_check, - .print = owner_mt_print, - .save = owner_mt_save, - .extra_opts = owner_mt_opts, -}; - -static struct xtables_match owner_mt6_reg = { - .version = XTABLES_VERSION, - .name = "owner", - .revision = 1, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_owner_match_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_owner_match_info)), - .help = owner_mt_help, - .parse = owner_mt_parse, - .final_check = owner_mt_check, - .print = owner_mt_print, - .save = owner_mt_save, - .extra_opts = owner_mt_opts, +static struct xtables_match owner_mt_reg[] = { + { + .version = XTABLES_VERSION, + .name = "owner", + .revision = 0, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct ipt_owner_info)), + .userspacesize = XT_ALIGN(sizeof(struct ipt_owner_info)), + .help = owner_mt_help_v0, + .parse = owner_mt_parse_v0, + .final_check = owner_mt_check, + .print = owner_mt_print_v0, + .save = owner_mt_save_v0, + .extra_opts = owner_mt_opts_v0, + }, + { + .version = XTABLES_VERSION, + .name = "owner", + .revision = 0, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct ip6t_owner_info)), + .userspacesize = XT_ALIGN(sizeof(struct ip6t_owner_info)), + .help = owner_mt6_help_v0, + .parse = owner_mt6_parse_v0, + .final_check = owner_mt_check, + .print = owner_mt6_print_v0, + .save = owner_mt6_save_v0, + .extra_opts = owner_mt6_opts_v0, + }, + { + .version = XTABLES_VERSION, + .name = "owner", + .revision = 1, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_owner_match_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_owner_match_info)), + .help = owner_mt_help, + .parse = owner_mt_parse, + .final_check = owner_mt_check, + .print = owner_mt_print, + .save = owner_mt_save, + .extra_opts = owner_mt_opts, + }, }; void _init(void) { - xtables_register_match(&owner_mt_reg_v0); - xtables_register_match(&owner_mt6_reg_v0); - xtables_register_match(&owner_mt_reg); - xtables_register_match(&owner_mt6_reg); + xtables_register_matches(owner_mt_reg, ARRAY_SIZE(owner_mt_reg)); } diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c index 5522a325..74d311da 100644 --- a/extensions/libxt_physdev.c +++ b/extensions/libxt_physdev.c @@ -161,21 +161,7 @@ static void physdev_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match physdev_match = { - .family = NFPROTO_IPV4, - .name = "physdev", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_physdev_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_physdev_info)), - .help = physdev_help, - .parse = physdev_parse, - .final_check = physdev_check, - .print = physdev_print, - .save = physdev_save, - .extra_opts = physdev_opts, -}; - -static struct xtables_match physdev_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "physdev", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_physdev_info)), @@ -191,5 +177,4 @@ static struct xtables_match physdev_match6 = { void _init(void) { xtables_register_match(&physdev_match); - xtables_register_match(&physdev_match6); } diff --git a/extensions/libxt_policy.c b/extensions/libxt_policy.c index d17b1bbc..858eaaad 100644 --- a/extensions/libxt_policy.c +++ b/extensions/libxt_policy.c @@ -478,36 +478,36 @@ static void policy6_save(const void *ip, const struct xt_entry_match *match) } } -static struct xtables_match policy_mt_reg = { - .name = "policy", - .version = XTABLES_VERSION, - .family = NFPROTO_IPV4, - .size = XT_ALIGN(sizeof(struct xt_policy_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_policy_info)), - .help = policy_help, - .parse = policy4_parse, - .final_check = policy_check, - .print = policy4_print, - .save = policy4_save, - .extra_opts = policy_opts, -}; - -static struct xtables_match policy_mt6_reg = { - .name = "policy", - .version = XTABLES_VERSION, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_policy_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_policy_info)), - .help = policy_help, - .parse = policy6_parse, - .final_check = policy_check, - .print = policy6_print, - .save = policy6_save, - .extra_opts = policy_opts, +static struct xtables_match policy_mt_reg[] = { + { + .name = "policy", + .version = XTABLES_VERSION, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_policy_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_policy_info)), + .help = policy_help, + .parse = policy4_parse, + .final_check = policy_check, + .print = policy4_print, + .save = policy4_save, + .extra_opts = policy_opts, + }, + { + .name = "policy", + .version = XTABLES_VERSION, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct xt_policy_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_policy_info)), + .help = policy_help, + .parse = policy6_parse, + .final_check = policy_check, + .print = policy6_print, + .save = policy6_save, + .extra_opts = policy_opts, + }, }; void _init(void) { - xtables_register_match(&policy_mt_reg); - xtables_register_match(&policy_mt6_reg); + xtables_register_matches(policy_mt_reg, ARRAY_SIZE(policy_mt_reg)); } diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c index 47c35ff7..d503685c 100644 --- a/extensions/libxt_recent.c +++ b/extensions/libxt_recent.c @@ -215,7 +215,7 @@ static void recent_save(const void *ip, const struct xt_entry_match *match) static struct xtables_match recent_mt_reg = { .name = "recent", .version = XTABLES_VERSION, - .family = NFPROTO_IPV4, + .family = NFPROTO_UNSPEC, .size = XT_ALIGN(sizeof(struct xt_recent_mtinfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_recent_mtinfo)), .help = recent_help, @@ -227,24 +227,7 @@ static struct xtables_match recent_mt_reg = { .extra_opts = recent_opts, }; -static struct xtables_match recent_mt6_reg = { - .version = XTABLES_VERSION, - .name = "recent", - .revision = 0, - .family = NFPROTO_IPV6, - .size = XT_ALIGN(sizeof(struct xt_recent_mtinfo)), - .userspacesize = XT_ALIGN(sizeof(struct xt_recent_mtinfo)), - .help = recent_help, - .init = recent_init, - .parse = recent_parse, - .final_check = recent_check, - .print = recent_print, - .save = recent_save, - .extra_opts = recent_opts, -}; - void _init(void) { xtables_register_match(&recent_mt_reg); - xtables_register_match(&recent_mt6_reg); } diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c index 829eade0..dfa72d3d 100644 --- a/extensions/libxt_sctp.c +++ b/extensions/libxt_sctp.c @@ -496,21 +496,7 @@ static void sctp_save(const void *ip, const struct xt_entry_match *match) static struct xtables_match sctp_match = { .name = "sctp", - .family = NFPROTO_IPV4, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_sctp_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_sctp_info)), - .help = sctp_help, - .init = sctp_init, - .parse = sctp_parse, - .print = sctp_print, - .save = sctp_save, - .extra_opts = sctp_opts, -}; - -static struct xtables_match sctp_match6 = { - .name = "sctp", - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_sctp_info)), .userspacesize = XT_ALIGN(sizeof(struct xt_sctp_info)), @@ -525,5 +511,4 @@ static struct xtables_match sctp_match6 = { void _init(void) { xtables_register_match(&sctp_match); - xtables_register_match(&sctp_match6); } diff --git a/extensions/libxt_socket.c b/extensions/libxt_socket.c index eebc7c55..1490473b 100644 --- a/extensions/libxt_socket.c +++ b/extensions/libxt_socket.c @@ -3,34 +3,14 @@ * * Copyright (C) 2007 BalaBit IT Ltd. */ -#include <stdio.h> -#include <getopt.h> #include <xtables.h> -static void socket_mt_help(void) -{ - printf("socket v%s has no options\n\n", XTABLES_VERSION); -} - -static int socket_mt_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_match **match) -{ - return 0; -} - -static void socket_mt_check(unsigned int flags) -{ -} - static struct xtables_match socket_mt_reg = { .name = "socket", .version = XTABLES_VERSION, .family = NFPROTO_IPV4, .size = XT_ALIGN(0), .userspacesize = XT_ALIGN(0), - .parse = socket_mt_parse, - .final_check = socket_mt_check, - .help = socket_mt_help, }; void _init(void) diff --git a/extensions/libxt_standard.c b/extensions/libxt_standard.c index 56dc2d29..c64ba297 100644 --- a/extensions/libxt_standard.c +++ b/extensions/libxt_standard.c @@ -1,10 +1,5 @@ /* Shared library add-on to iptables for standard target support. */ #include <stdio.h> -#include <netdb.h> -#include <string.h> -#include <stdlib.h> -#include <limits.h> -#include <getopt.h> #include <xtables.h> static void standard_help(void) @@ -14,12 +9,6 @@ static void standard_help(void) "(If target is DROP, ACCEPT, RETURN or nothing)\n"); } -static int standard_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_target **target) -{ - return 0; -} - static struct xtables_target standard_target = { .family = NFPROTO_UNSPEC, .name = "standard", @@ -27,7 +16,6 @@ static struct xtables_target standard_target = { .size = XT_ALIGN(sizeof(int)), .userspacesize = XT_ALIGN(sizeof(int)), .help = standard_help, - .parse = standard_parse, }; void _init(void) diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c index 7387e264..c8a7454a 100644 --- a/extensions/libxt_state.c +++ b/extensions/libxt_state.c @@ -139,21 +139,7 @@ static void state_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match state_match = { - .family = NFPROTO_IPV4, - .name = "state", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_state_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_state_info)), - .help = state_help, - .parse = state_parse, - .final_check = state_final_check, - .print = state_print, - .save = state_save, - .extra_opts = state_opts, -}; - -static struct xtables_match state_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "state", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_state_info)), @@ -169,5 +155,4 @@ static struct xtables_match state_match6 = { void _init(void) { xtables_register_match(&state_match); - xtables_register_match(&state_match6); } diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c index 18e3ed25..62c3a97a 100644 --- a/extensions/libxt_string.c +++ b/extensions/libxt_string.c @@ -350,40 +350,40 @@ static void string_save(const void *ip, const struct xt_entry_match *match) } -static struct xtables_match string_match = { - .name = "string", - .revision = 0, - .family = NFPROTO_UNSPEC, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_string_info)), - .userspacesize = offsetof(struct xt_string_info, config), - .help = string_help, - .init = string_init, - .parse = string_parse, - .final_check = string_check, - .print = string_print, - .save = string_save, - .extra_opts = string_opts, -}; - -static struct xtables_match string_match_v1 = { - .name = "string", - .revision = 1, - .family = NFPROTO_UNSPEC, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_string_info)), - .userspacesize = offsetof(struct xt_string_info, config), - .help = string_help, - .init = string_init, - .parse = string_parse, - .final_check = string_check, - .print = string_print, - .save = string_save, - .extra_opts = string_opts, +static struct xtables_match string_mt_reg[] = { + { + .name = "string", + .revision = 0, + .family = NFPROTO_UNSPEC, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_string_info)), + .userspacesize = offsetof(struct xt_string_info, config), + .help = string_help, + .init = string_init, + .parse = string_parse, + .final_check = string_check, + .print = string_print, + .save = string_save, + .extra_opts = string_opts, + }, + { + .name = "string", + .revision = 1, + .family = NFPROTO_UNSPEC, + .version = XTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_string_info)), + .userspacesize = offsetof(struct xt_string_info, config), + .help = string_help, + .init = string_init, + .parse = string_parse, + .final_check = string_check, + .print = string_print, + .save = string_save, + .extra_opts = string_opts, + }, }; void _init(void) { - xtables_register_match(&string_match); - xtables_register_match(&string_match_v1); + xtables_register_matches(string_mt_reg, ARRAY_SIZE(string_mt_reg)); } diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c index 5ea9ebd2..7abecc16 100644 --- a/extensions/libxt_tcp.c +++ b/extensions/libxt_tcp.c @@ -375,21 +375,7 @@ static void tcp_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match tcp_match = { - .family = NFPROTO_IPV4, - .name = "tcp", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_tcp)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tcp)), - .help = tcp_help, - .init = tcp_init, - .parse = tcp_parse, - .print = tcp_print, - .save = tcp_save, - .extra_opts = tcp_opts, -}; - -static struct xtables_match tcp_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "tcp", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_tcp)), @@ -406,5 +392,4 @@ void _init(void) { xtables_register_match(&tcp_match); - xtables_register_match(&tcp_match6); } diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c index 46529f97..36785a32 100644 --- a/extensions/libxt_tcpmss.c +++ b/extensions/libxt_tcpmss.c @@ -109,21 +109,7 @@ static void tcpmss_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match tcpmss_match = { - .family = NFPROTO_IPV4, - .name = "tcpmss", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)), - .help = tcpmss_help, - .parse = tcpmss_parse, - .final_check = tcpmss_check, - .print = tcpmss_print, - .save = tcpmss_save, - .extra_opts = tcpmss_opts, -}; - -static struct xtables_match tcpmss_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "tcpmss", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)), @@ -139,5 +125,4 @@ static struct xtables_match tcpmss_match6 = { void _init(void) { xtables_register_match(&tcpmss_match); - xtables_register_match(&tcpmss_match6); } diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c index b810ea6d..0a81f461 100644 --- a/extensions/libxt_tos.c +++ b/extensions/libxt_tos.c @@ -137,54 +137,38 @@ static void tos_mt_save(const void *ip, const struct xt_entry_match *match) printf("--tos 0x%02x/0x%02x ", info->tos_value, info->tos_mask); } -static struct xtables_match tos_mt_reg_v0 = { - .version = XTABLES_VERSION, - .name = "tos", - .family = NFPROTO_IPV4, - .revision = 0, - .size = XT_ALIGN(sizeof(struct ipt_tos_info)), - .userspacesize = XT_ALIGN(sizeof(struct ipt_tos_info)), - .help = tos_mt_help, - .parse = tos_mt_parse_v0, - .final_check = tos_mt_check, - .print = tos_mt_print_v0, - .save = tos_mt_save_v0, - .extra_opts = tos_mt_opts, -}; - -static struct xtables_match tos_mt_reg = { - .version = XTABLES_VERSION, - .name = "tos", - .family = NFPROTO_IPV4, - .revision = 1, - .size = XT_ALIGN(sizeof(struct xt_tos_match_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tos_match_info)), - .help = tos_mt_help, - .parse = tos_mt_parse, - .final_check = tos_mt_check, - .print = tos_mt_print, - .save = tos_mt_save, - .extra_opts = tos_mt_opts, -}; - -static struct xtables_match tos_mt6_reg = { - .version = XTABLES_VERSION, - .name = "tos", - .family = NFPROTO_IPV6, - .revision = 1, - .size = XT_ALIGN(sizeof(struct xt_tos_match_info)), - .userspacesize = XT_ALIGN(sizeof(struct xt_tos_match_info)), - .help = tos_mt_help, - .parse = tos_mt_parse, - .final_check = tos_mt_check, - .print = tos_mt_print, - .save = tos_mt_save, - .extra_opts = tos_mt_opts, +static struct xtables_match tos_mt_reg[] = { + { + .version = XTABLES_VERSION, + .name = "tos", + .family = NFPROTO_IPV4, + .revision = 0, + .size = XT_ALIGN(sizeof(struct ipt_tos_info)), + .userspacesize = XT_ALIGN(sizeof(struct ipt_tos_info)), + .help = tos_mt_help, + .parse = tos_mt_parse_v0, + .final_check = tos_mt_check, + .print = tos_mt_print_v0, + .save = tos_mt_save_v0, + .extra_opts = tos_mt_opts, + }, + { + .version = XTABLES_VERSION, + .name = "tos", + .family = NFPROTO_UNSPEC, + .revision = 1, + .size = XT_ALIGN(sizeof(struct xt_tos_match_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_tos_match_info)), + .help = tos_mt_help, + .parse = tos_mt_parse, + .final_check = tos_mt_check, + .print = tos_mt_print, + .save = tos_mt_save, + .extra_opts = tos_mt_opts, + }, }; void _init(void) { - xtables_register_match(&tos_mt_reg_v0); - xtables_register_match(&tos_mt_reg); - xtables_register_match(&tos_mt6_reg); + xtables_register_matches(tos_mt_reg, ARRAY_SIZE(tos_mt_reg)); } diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c index 4b4e84fb..bf0b34fb 100644 --- a/extensions/libxt_udp.c +++ b/extensions/libxt_udp.c @@ -191,21 +191,7 @@ static void udp_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match udp_match = { - .family = NFPROTO_IPV4, - .name = "udp", - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_udp)), - .userspacesize = XT_ALIGN(sizeof(struct xt_udp)), - .help = udp_help, - .init = udp_init, - .parse = udp_parse, - .print = udp_print, - .save = udp_save, - .extra_opts = udp_opts, -}; - -static struct xtables_match udp_match6 = { - .family = NFPROTO_IPV6, + .family = NFPROTO_UNSPEC, .name = "udp", .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_udp)), @@ -222,5 +208,4 @@ void _init(void) { xtables_register_match(&udp_match); - xtables_register_match(&udp_match6); } |