summaryrefslogtreecommitdiffstats
path: root/iptables/nft-ipv4.c
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/nft-ipv4.c')
-rw-r--r--iptables/nft-ipv4.c28
1 files changed, 11 insertions, 17 deletions
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
index bdb105f8..af3d0c98 100644
--- a/iptables/nft-ipv4.c
+++ b/iptables/nft-ipv4.c
@@ -26,9 +26,9 @@
#include "nft.h"
#include "nft-shared.h"
-static int nft_ipv4_add(struct nft_handle *h, struct nftnl_rule *r, void *data)
+static int nft_ipv4_add(struct nft_handle *h, struct nftnl_rule *r,
+ struct iptables_command_state *cs)
{
- struct iptables_command_state *cs = data;
struct xtables_rule_match *matchp;
uint32_t op;
int ret;
@@ -93,12 +93,9 @@ static int nft_ipv4_add(struct nft_handle *h, struct nftnl_rule *r, void *data)
return add_action(r, cs, !!(cs->fw.ip.flags & IPT_F_GOTO));
}
-static bool nft_ipv4_is_same(const void *data_a,
- const void *data_b)
+static bool nft_ipv4_is_same(const struct iptables_command_state *a,
+ const struct iptables_command_state *b)
{
- const struct iptables_command_state *a = data_a;
- const struct iptables_command_state *b = data_b;
-
if (a->fw.ip.src.s_addr != b->fw.ip.src.s_addr
|| a->fw.ip.dst.s_addr != b->fw.ip.dst.s_addr
|| a->fw.ip.smsk.s_addr != b->fw.ip.smsk.s_addr
@@ -135,10 +132,8 @@ static void get_frag(struct nft_xt_ctx *ctx, struct nftnl_expr *e, bool *inv)
}
static void nft_ipv4_parse_meta(struct nft_xt_ctx *ctx, struct nftnl_expr *e,
- void *data)
+ struct iptables_command_state *cs)
{
- struct iptables_command_state *cs = data;
-
switch (ctx->meta.key) {
case NFT_META_L4PROTO:
cs->fw.ip.proto = nftnl_expr_get_u8(e, NFTNL_EXPR_CMP_DATA);
@@ -160,9 +155,9 @@ static void parse_mask_ipv4(struct nft_xt_ctx *ctx, struct in_addr *mask)
}
static void nft_ipv4_parse_payload(struct nft_xt_ctx *ctx,
- struct nftnl_expr *e, void *data)
+ struct nftnl_expr *e,
+ struct iptables_command_state *cs)
{
- struct iptables_command_state *cs = data;
struct in_addr addr;
uint8_t proto;
bool inv;
@@ -250,10 +245,9 @@ static void nft_ipv4_print_rule(struct nft_handle *h, struct nftnl_rule *r,
nft_clear_iptables_command_state(&cs);
}
-static void nft_ipv4_save_rule(const void *data, unsigned int format)
+static void nft_ipv4_save_rule(const struct iptables_command_state *cs,
+ unsigned int format)
{
- const struct iptables_command_state *cs = data;
-
save_ipv4_addr('s', &cs->fw.ip.src, &cs->fw.ip.smsk,
cs->fw.ip.invflags & IPT_INV_SRCIP);
save_ipv4_addr('d', &cs->fw.ip.dst, &cs->fw.ip.dmsk,
@@ -296,9 +290,9 @@ static void xlate_ipv4_addr(const char *selector, const struct in_addr *addr,
}
}
-static int nft_ipv4_xlate(const void *data, struct xt_xlate *xl)
+static int nft_ipv4_xlate(const struct iptables_command_state *cs,
+ struct xt_xlate *xl)
{
- const struct iptables_command_state *cs = data;
const char *comment;
int ret;