diff options
author | Alexey Dobriyan <adobriyan@sw.ru> | 2008-01-31 04:02:44 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-01-31 19:27:36 -0800 |
commit | 44d34e721e2c81ccdfb13cf34996309247ae2981 (patch) | |
tree | fec2063c8573700fd01cb6c11875769751744603 /include/linux | |
parent | 8d870052079d255917ec4f8431f5ec102707b7af (diff) | |
download | linux-3.10-44d34e721e2c81ccdfb13cf34996309247ae2981.tar.gz linux-3.10-44d34e721e2c81ccdfb13cf34996309247ae2981.tar.bz2 linux-3.10-44d34e721e2c81ccdfb13cf34996309247ae2981.zip |
[NETFILTER]: x_tables: return new table from {arp,ip,ip6}t_register_table()
Typical table module registers xt_table structure (i.e. packet_filter)
and link it to list during it. We can't use one template for it because
corresponding list_head will become corrupted. We also can't unregister
with template because it wasn't changed at all and thus doesn't know in
which list it is.
So, we duplicate template at the very first step of table registration.
Table modules will save it for use during unregistration time and actual
filtering.
Do it at once to not screw bisection.
P.S.: renaming i.e. packet_filter => __packet_filter is temporary until
full netnsization of table modules is done.
Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/netfilter_arp/arp_tables.h | 4 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ip_tables.h | 5 | ||||
-rw-r--r-- | include/linux/netfilter_ipv6/ip6_tables.h | 4 |
3 files changed, 7 insertions, 6 deletions
diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h index 53dd4df27aa..f35486b3a7c 100644 --- a/include/linux/netfilter_arp/arp_tables.h +++ b/include/linux/netfilter_arp/arp_tables.h @@ -271,8 +271,8 @@ struct arpt_error xt_register_target(tgt); }) #define arpt_unregister_target(tgt) xt_unregister_target(tgt) -extern int arpt_register_table(struct arpt_table *table, - const struct arpt_replace *repl); +extern struct arpt_table *arpt_register_table(struct arpt_table *table, + const struct arpt_replace *repl); extern void arpt_unregister_table(struct arpt_table *table); extern unsigned int arpt_do_table(struct sk_buff *skb, unsigned int hook, diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 45fcad91e67..bfc889f9027 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h @@ -244,8 +244,9 @@ ipt_get_target(struct ipt_entry *e) #include <linux/init.h> extern void ipt_init(void) __init; -extern int ipt_register_table(struct xt_table *table, - const struct ipt_replace *repl); +extern struct xt_table *ipt_register_table(struct net *net, + struct xt_table *table, + const struct ipt_replace *repl); extern void ipt_unregister_table(struct xt_table *table); /* Standard entry. */ diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h index 110801d699e..f716c750624 100644 --- a/include/linux/netfilter_ipv6/ip6_tables.h +++ b/include/linux/netfilter_ipv6/ip6_tables.h @@ -305,8 +305,8 @@ ip6t_get_target(struct ip6t_entry *e) #include <linux/init.h> extern void ip6t_init(void) __init; -extern int ip6t_register_table(struct xt_table *table, - const struct ip6t_replace *repl); +extern struct xt_table *ip6t_register_table(struct xt_table *table, + const struct ip6t_replace *repl); extern void ip6t_unregister_table(struct xt_table *table); extern unsigned int ip6t_do_table(struct sk_buff *skb, unsigned int hook, |