From e2a2c72277b49ac611809b3978365ab3010e1597 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 18 Sep 2013 14:13:47 +0200 Subject: nft: consolidate nft_rule_find for ARP, IPv4 and IPv6 This patch kills nft_arp_rule_find, which is almost a copy and paste of the original nft_rule_find function. Refactor this function to move specific protocol parts to the corresponding nft-{ipv4,ipv6,arp}.c files. Signed-off-by: Pablo Neira Ayuso --- iptables/nft-shared.h | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'iptables/nft-shared.h') diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index 80f2bc6f..3d1f433f 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -54,6 +54,8 @@ struct nft_family_ops { void (*post_parse)(int command, struct iptables_command_state *cs, struct xtables_args *args); void (*parse_target)(struct xtables_target *t, void *data); + bool (*rule_find)(struct nft_family_ops *ops, struct nft_rule *r, + void *data); }; void add_meta(struct nft_rule *r, uint32_t key); @@ -117,6 +119,12 @@ void save_firewall_details(const struct iptables_command_state *cs, struct nft_family_ops *nft_family_ops_lookup(int family); +struct nft_handle; +bool nft_ipv46_rule_find(struct nft_family_ops *ops, struct nft_rule *r, + struct iptables_command_state *cs); + +bool compare_targets(struct xtables_target *tg1, struct xtables_target *tg2); + struct addr_mask { union { struct in_addr *v4; -- cgit v1.2.3