Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 37f9f7334b86ffc3b8a1921842ae33cb9aa22ee3^! / . / include / linux / netfilter / x_tables.h
commit37f9f7334b86ffc3b8a1921842ae33cb9aa22ee3[log] [tgz]
authorPatrick McHardy <kaber@trash.net>Mon Mar 20 17:59:06 2006 -0800
committerDavid S. Miller <davem@davemloft.net>Mon Mar 20 17:59:06 2006 -0800
treed207ae0a0f2eb37072dd4690de95b6cf170e4e04
parent6ea46c9c12da79ec6eead0cf4b3114143dd30bc1 [diff] [blame]
[NETFILTER]: xt_tables: add centralized error checking

Introduce new functions for common match/target checks (private data
size, valid hooks, valid tables and valid protocols) to get more consistent
error reporting and to avoid each module duplicating them.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 6500d4e..b9c37e1 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h

@@ -92,8 +92,6 @@
 
 	const char name[XT_FUNCTION_MAXNAMELEN-1];
 
-	u_int8_t revision;
-
 	/* Return true or false: return FALSE and set *hotdrop = 1 to
            force immediate packet drop. */
 	/* Arguments changed since 2.6.9, as this must now handle
@@ -120,6 +118,12 @@
 
 	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
 	struct module *me;
+
+	char *table;
+	unsigned int matchsize;
+	unsigned int hooks;
+	unsigned short proto;
+	u_int8_t revision;
 };
 
 /* Registration hooks for targets. */
@@ -129,8 +133,6 @@
 
 	const char name[XT_FUNCTION_MAXNAMELEN-1];
 
-	u_int8_t revision;
-
 	/* Returns verdict. Argument order changed since 2.6.9, as this
 	   must now handle non-linear skbs, using skb_copy_bits and
 	   skb_ip_make_writable. */
@@ -156,6 +158,12 @@
 
 	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
 	struct module *me;
+
+	char *table;
+	unsigned int targetsize;
+	unsigned int hooks;
+	unsigned short proto;
+	u_int8_t revision;
 };
 
 /* Furniture shopping... */
@@ -207,6 +215,13 @@
 extern int xt_register_match(int af, struct xt_match *target);
 extern void xt_unregister_match(int af, struct xt_match *target);
 
+extern int xt_check_match(const struct xt_match *match, unsigned short family,
+			  unsigned int size, const char *table, unsigned int hook,
+			  unsigned short proto, int inv_proto);
+extern int xt_check_target(const struct xt_target *target, unsigned short family,
+			   unsigned int size, const char *table, unsigned int hook,
+			   unsigned short proto, int inv_proto);
+
 extern int xt_register_table(struct xt_table *table,
 			     struct xt_table_info *bootstrap,
 			     struct xt_table_info *newinfo);