commit 1e419cd9953f59d06d7b88d0e2911a68a0044f33
author Al Viro <viro@zeniv.linux.org.uk> Thu Nov 30 19:28:48 2006 -0800
committer David S. Miller <davem@sunset.davemloft.net> Sat Dec 02 21:32:05 2006 -0800
tree 12ffc09cb978ec1c40a4e3c96307df6b3567f160
parent df07a81e939a0176b125bc83cf22dbb5e380ae9f

[EBTABLES]: Split ebt_replace into user and kernel variants, annotate.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/netfilter_bridge/ebtables.h

diff --git a/include/linux/netfilter_bridge/ebtables.h b/include/linux/netfilter_bridge/ebtables.h
index 8777526..94e0a7d 100644
--- a/include/linux/netfilter_bridge/ebtables.h
+++ b/include/linux/netfilter_bridge/ebtables.h
@@ -46,6 +46,23 @@
 	/* total size of the entries */
 	unsigned int entries_size;
 	/* start of the chains */
+	struct ebt_entries __user *hook_entry[NF_BR_NUMHOOKS];
+	/* nr of counters userspace expects back */
+	unsigned int num_counters;
+	/* where the kernel will put the old counters */
+	struct ebt_counter __user *counters;
+	char __user *entries;
+};
+
+struct ebt_replace_kernel
+{
+	char name[EBT_TABLE_MAXNAMELEN];
+	unsigned int valid_hooks;
+	/* nr of rules in the table */
+	unsigned int nentries;
+	/* total size of the entries */
+	unsigned int entries_size;
+	/* start of the chains */
 	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
 	/* nr of counters userspace expects back */
 	unsigned int num_counters;
@@ -255,7 +272,7 @@
 {
 	struct list_head list;
 	char name[EBT_TABLE_MAXNAMELEN];
-	struct ebt_replace *table;
+	struct ebt_replace_kernel *table;
 	unsigned int valid_hooks;
 	rwlock_t lock;
 	/* e.g. could be the table explicitly only allows certain