git://ftp.safe.ca
/
safe
/
jmp
/
linux-2.6
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
netfilter: xtables: constify args in compat copying functions
[safe/jmp/linux-2.6]
/
net
/
netfilter
/
xt_NOTRACK.c
diff --git
a/net/netfilter/xt_NOTRACK.c
b/net/netfilter/xt_NOTRACK.c
index
fec1aef
..
e7a0a54
100644
(file)
--- a/
net/netfilter/xt_NOTRACK.c
+++ b/
net/netfilter/xt_NOTRACK.c
@@
-7,60
+7,47
@@
#include <linux/netfilter/x_tables.h>
#include <net/netfilter/nf_conntrack.h>
#include <linux/netfilter/x_tables.h>
#include <net/netfilter/nf_conntrack.h>
+MODULE_DESCRIPTION("Xtables: Disabling connection tracking for packets");
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_NOTRACK");
MODULE_ALIAS("ip6t_NOTRACK");
static unsigned int
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_NOTRACK");
MODULE_ALIAS("ip6t_NOTRACK");
static unsigned int
-target(struct sk_buff **pskb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+notrack_tg(struct sk_buff *skb, const struct xt_target_param *par)
{
/* Previously seen (loopback)? Ignore. */
{
/* Previously seen (loopback)? Ignore. */
- if (
(*pskb)
->nfct != NULL)
+ if (
skb
->nfct != NULL)
return XT_CONTINUE;
/* Attach fake conntrack entry.
If there is a real ct entry correspondig to this packet,
it'll hang aroun till timing out. We don't deal with it
for performance reasons. JK */
return XT_CONTINUE;
/* Attach fake conntrack entry.
If there is a real ct entry correspondig to this packet,
it'll hang aroun till timing out. We don't deal with it
for performance reasons. JK */
-
(*pskb)
->nfct = &nf_conntrack_untracked.ct_general;
-
(*pskb)
->nfctinfo = IP_CT_NEW;
- nf_conntrack_get(
(*pskb)
->nfct);
+
skb
->nfct = &nf_conntrack_untracked.ct_general;
+
skb
->nfctinfo = IP_CT_NEW;
+ nf_conntrack_get(
skb
->nfct);
return XT_CONTINUE;
}
return XT_CONTINUE;
}
-static struct xt_target xt_notrack_target[] __read_mostly = {
- {
- .name = "NOTRACK",
- .family = AF_INET,
- .target = target,
- .table = "raw",
- .me = THIS_MODULE,
- },
- {
- .name = "NOTRACK",
- .family = AF_INET6,
- .target = target,
- .table = "raw",
- .me = THIS_MODULE,
- },
+static struct xt_target notrack_tg_reg __read_mostly = {
+ .name = "NOTRACK",
+ .revision = 0,
+ .family = NFPROTO_UNSPEC,
+ .target = notrack_tg,
+ .table = "raw",
+ .me = THIS_MODULE,
};
};
-static int __init
xt_notrack
_init(void)
+static int __init
notrack_tg
_init(void)
{
{
- return xt_register_targets(xt_notrack_target,
- ARRAY_SIZE(xt_notrack_target));
+ return xt_register_target(¬rack_tg_reg);
}
}
-static void __exit
xt_notrack_fini
(void)
+static void __exit
notrack_tg_exit
(void)
{
{
- xt_unregister_target
s(xt_notrack_target, ARRAY_SIZE(xt_notrack_target)
);
+ xt_unregister_target
(¬rack_tg_reg
);
}
}
-module_init(
xt_notrack
_init);
-module_exit(
xt_notrack_fini
);
+module_init(
notrack_tg
_init);
+module_exit(
notrack_tg_exit
);