diff options
| author | Patrick McHardy <kaber@trash.net> | 2006-03-20 17:59:06 -0800 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2006-03-20 17:59:06 -0800 |
| commit | 37f9f7334b86ffc3b8a1921842ae33cb9aa22ee3 (patch) | |
| tree | d207ae0a0f2eb37072dd4690de95b6cf170e4e04 /include | |
| parent | 6ea46c9c12da79ec6eead0cf4b3114143dd30bc1 (diff) | |
| download | linux-3.10-37f9f7334b86ffc3b8a1921842ae33cb9aa22ee3.tar.gz linux-3.10-37f9f7334b86ffc3b8a1921842ae33cb9aa22ee3.tar.bz2 linux-3.10-37f9f7334b86ffc3b8a1921842ae33cb9aa22ee3.zip | |
[NETFILTER]: xt_tables: add centralized error checking
Introduce new functions for common match/target checks (private data
size, valid hooks, valid tables and valid protocols) to get more consistent
error reporting and to avoid each module duplicating them.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/netfilter/x_tables.h | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 6500d4e59d4..b9c37e1e673 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h @@ -92,8 +92,6 @@ struct xt_match const char name[XT_FUNCTION_MAXNAMELEN-1]; - u_int8_t revision; - /* Return true or false: return FALSE and set *hotdrop = 1 to force immediate packet drop. */ /* Arguments changed since 2.6.9, as this must now handle @@ -120,6 +118,12 @@ struct xt_match /* Set this to THIS_MODULE if you are a module, otherwise NULL */ struct module *me; + + char *table; + unsigned int matchsize; + unsigned int hooks; + unsigned short proto; + u_int8_t revision; }; /* Registration hooks for targets. */ @@ -129,8 +133,6 @@ struct xt_target const char name[XT_FUNCTION_MAXNAMELEN-1]; - u_int8_t revision; - /* Returns verdict. Argument order changed since 2.6.9, as this must now handle non-linear skbs, using skb_copy_bits and skb_ip_make_writable. */ @@ -156,6 +158,12 @@ struct xt_target /* Set this to THIS_MODULE if you are a module, otherwise NULL */ struct module *me; + + char *table; + unsigned int targetsize; + unsigned int hooks; + unsigned short proto; + u_int8_t revision; }; /* Furniture shopping... */ @@ -207,6 +215,13 @@ extern void xt_unregister_target(int af, struct xt_target *target); extern int xt_register_match(int af, struct xt_match *target); extern void xt_unregister_match(int af, struct xt_match *target); +extern int xt_check_match(const struct xt_match *match, unsigned short family, + unsigned int size, const char *table, unsigned int hook, + unsigned short proto, int inv_proto); +extern int xt_check_target(const struct xt_target *target, unsigned short family, + unsigned int size, const char *table, unsigned int hook, + unsigned short proto, int inv_proto); + extern int xt_register_table(struct xt_table *table, struct xt_table_info *bootstrap, struct xt_table_info *newinfo); |