Skip to content

L
linux
Commit 897dde23 authored by Art Haas's avatar Art Haas Committed by David S. Miller
Browse files
Options

[BRIDGE]: C99 patches for net/bridge/netfilter.

parent c069d58e
Hide whitespace changes
Inline Side-by-side
Showing with 104 additions and 34 deletions
net/bridge/netfilter/ebtable_broute.c
View file @ 897dde23
...@@ -18,13 +18,20 @@ ...@@ -18,13 +18,20 @@
// EBT_ACCEPT means the frame will be bridged // EBT_ACCEPT means the frame will be bridged
// EBT_DROP means the frame will be routed // EBT_DROP means the frame will be routed
static struct ebt_entries initial_chain = static struct ebt_entries initial_chain = {
{0, "BROUTING", 0, EBT_ACCEPT, 0}; .name = "BROUTING",
.policy = EBT_ACCEPT,
};
static struct ebt_replace initial_table = static struct ebt_replace initial_table =
{ {
"broute", 1 << NF_BR_BROUTING, 0, sizeof(struct ebt_entries), .name = "broute",
{ [NF_BR_BROUTING]&initial_chain}, 0, NULL, (char *)&initial_chain .valid_hooks = 1 << NF_BR_BROUTING,
.entries_size = sizeof(struct ebt_entries),
.hook_entry = {
[NF_BR_BROUTING] = &initial_chain,
},
.entries = (char *)&initial_chain
}; };
static int check(const struct ebt_table_info *info, unsigned int valid_hooks) static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
...@@ -36,8 +43,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks) ...@@ -36,8 +43,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
static struct ebt_table broute_table = static struct ebt_table broute_table =
{ {
{NULL, NULL}, "broute", &initial_table, 1 << NF_BR_BROUTING, .name = "broute",
RW_LOCK_UNLOCKED, check, NULL .table = &initial_table,
.valid_hooks = 1 << NF_BR_BROUTING,
.lock = RW_LOCK_UNLOCKED,
.check = check,
}; };
static int ebt_broute(struct sk_buff **pskb) static int ebt_broute(struct sk_buff **pskb)
......
net/bridge/netfilter/ebtable_filter.c
View file @ 897dde23
...@@ -16,16 +16,31 @@ ...@@ -16,16 +16,31 @@
static struct ebt_entries initial_chains[] = static struct ebt_entries initial_chains[] =
{ {
{0, "INPUT", 0, EBT_ACCEPT, 0}, {
{0, "FORWARD", 0, EBT_ACCEPT, 0}, .name = "INPUT",
{0, "OUTPUT", 0, EBT_ACCEPT, 0} .policy = EBT_ACCEPT,
},
{
.name = "FORWARD",
.policy = EBT_ACCEPT,
},
{
.name = "OUTPUT",
.policy = EBT_ACCEPT,
}
}; };
static struct ebt_replace initial_table = static struct ebt_replace initial_table =
{ {
"filter", FILTER_VALID_HOOKS, 0, 3 * sizeof(struct ebt_entries), .name = "filter",
{ [NF_BR_LOCAL_IN]&initial_chains[0], [NF_BR_FORWARD]&initial_chains[1], .valid_hooks = FILTER_VALID_HOOKS,
[NF_BR_LOCAL_OUT]&initial_chains[2] }, 0, NULL, (char *)initial_chains .entries_size = 3 * sizeof(struct ebt_entries),
.hook_entry = {
[NF_BR_LOCAL_IN] = &initial_chains[0],
[NF_BR_FORWARD] = &initial_chains[1],
[NF_BR_LOCAL_OUT] = &initial_chains[2],
},
.entries = (char *)initial_chains
}; };
static int check(const struct ebt_table_info *info, unsigned int valid_hooks) static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
...@@ -37,8 +52,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks) ...@@ -37,8 +52,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
static struct ebt_table frame_filter = static struct ebt_table frame_filter =
{ {
{NULL, NULL}, "filter", &initial_table, FILTER_VALID_HOOKS, .name = "filter",
RW_LOCK_UNLOCKED, check, NULL .table = &initial_table,
.valid_hooks = FILTER_VALID_HOOKS,
.lock = RW_LOCK_UNLOCKED,
.check = check,
}; };
static unsigned int static unsigned int
...@@ -49,12 +67,24 @@ ebt_hook (unsigned int hook, struct sk_buff **pskb, const struct net_device *in, ...@@ -49,12 +67,24 @@ ebt_hook (unsigned int hook, struct sk_buff **pskb, const struct net_device *in,
} }
static struct nf_hook_ops ebt_ops_filter[] = { static struct nf_hook_ops ebt_ops_filter[] = {
{ { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_LOCAL_IN, {
NF_BR_PRI_FILTER_BRIDGED}, .hook = ebt_hook,
{ { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_FORWARD, .pf = PF_BRIDGE,
NF_BR_PRI_FILTER_BRIDGED}, .hooknum = NF_BR_LOCAL_IN,
{ { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_LOCAL_OUT, .priority = NF_BR_PRI_FILTER_BRIDGED,
NF_BR_PRI_FILTER_OTHER} },
{
.hook = ebt_hook,
.pf = PF_BRIDGE,
.hooknum = NF_BR_FORWARD,
.priority = NF_BR_PRI_FILTER_BRIDGED
},
{
.hook = ebt_hook,
.pf = PF_BRIDGE,
.hooknum = NF_BR_LOCAL_OUT,
.priority = NF_BR_PRI_FILTER_OTHER
}
}; };
static int __init init(void) static int __init init(void)
......
net/bridge/netfilter/ebtable_nat.c
View file @ 897dde23
...@@ -15,16 +15,31 @@ ...@@ -15,16 +15,31 @@
static struct ebt_entries initial_chains[] = static struct ebt_entries initial_chains[] =
{ {
{0, "PREROUTING", 0, EBT_ACCEPT, 0}, {
{0, "OUTPUT", 0, EBT_ACCEPT, 0}, .name = "PREROUTING",
{0, "POSTROUTING", 0, EBT_ACCEPT, 0} .policy = EBT_ACCEPT,
},
{
.name = "OUTPUT",
.policy = EBT_ACCEPT,
},
{
.name = "POSTROUTING",
.policy = EBT_ACCEPT,
}
}; };
static struct ebt_replace initial_table = static struct ebt_replace initial_table =
{ {
"nat", NAT_VALID_HOOKS, 0, 3 * sizeof(struct ebt_entries), .name = "nat",
{ [NF_BR_PRE_ROUTING]&initial_chains[0], [NF_BR_LOCAL_OUT]&initial_chains[1], .valid_hooks = NAT_VALID_HOOKS,
[NF_BR_POST_ROUTING]&initial_chains[2] }, 0, NULL, (char *)initial_chains .entries_size = 3 * sizeof(struct ebt_entries),
.hook_entry = {
[NF_BR_PRE_ROUTING] = &initial_chains[0],
[NF_BR_LOCAL_OUT] = &initial_chains[1],
[NF_BR_POST_ROUTING] = &initial_chains[2],
},
.entries = (char *)initial_chains
}; };
static int check(const struct ebt_table_info *info, unsigned int valid_hooks) static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
...@@ -36,8 +51,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks) ...@@ -36,8 +51,11 @@ static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
static struct ebt_table frame_nat = static struct ebt_table frame_nat =
{ {
{NULL, NULL}, "nat", &initial_table, NAT_VALID_HOOKS, .name = "nat",
RW_LOCK_UNLOCKED, check, NULL .table = &initial_table,
.valid_hooks = NAT_VALID_HOOKS,
.lock = RW_LOCK_UNLOCKED,
.check = check,
}; };
static unsigned int static unsigned int
...@@ -55,12 +73,24 @@ ebt_nat_src(unsigned int hook, struct sk_buff **pskb, const struct net_device *i ...@@ -55,12 +73,24 @@ ebt_nat_src(unsigned int hook, struct sk_buff **pskb, const struct net_device *i
} }
static struct nf_hook_ops ebt_ops_nat[] = { static struct nf_hook_ops ebt_ops_nat[] = {
{ { NULL, NULL }, ebt_nat_dst, PF_BRIDGE, NF_BR_LOCAL_OUT, {
NF_BR_PRI_NAT_DST_OTHER}, .hook = ebt_nat_dst,
{ { NULL, NULL }, ebt_nat_src, PF_BRIDGE, NF_BR_POST_ROUTING, .pf = PF_BRIDGE,
NF_BR_PRI_NAT_SRC}, .hooknum = NF_BR_LOCAL_OUT,
{ { NULL, NULL }, ebt_nat_dst, PF_BRIDGE, NF_BR_PRE_ROUTING, .priority = NF_BR_PRI_NAT_DST_OTHER
NF_BR_PRI_NAT_DST_BRIDGED}, },
{
.hook = ebt_nat_src,
.pf = PF_BRIDGE,
.hooknum = NF_BR_POST_ROUTING,
.priority = NF_BR_PRI_NAT_SRC
},
{
.hook = ebt_nat_dst,
.pf = PF_BRIDGE,
.hooknum = NF_BR_PRE_ROUTING,
.priority = NF_BR_PRI_NAT_DST_BRIDGED
},
}; };
static int __init init(void) static int __init init(void)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7