diff options
| author | Patrick McHardy <kaber@trash.net> | 2006-03-20 18:01:58 -0800 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2006-03-20 18:01:58 -0800 |
| commit | 5d04bff096180f032de8b9b12153a8a1b4009b8d (patch) | |
| tree | 58aa8a8177b6d07cbce8b0c0bedeb23ecbde74d8 /net/netfilter/xt_mac.c | |
| parent | 7f9397138e297904bf1c717651183e785a01ff13 (diff) | |
[NETFILTER]: Convert x_tables matches/targets to centralized error checking
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/xt_mac.c')
| -rw-r--r-- | net/netfilter/xt_mac.c | 33 |
1 files changed, 8 insertions, 25 deletions
diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c index 0461dcb5fc7a..e20772616f55 100644 --- a/net/netfilter/xt_mac.c +++ b/net/netfilter/xt_mac.c @@ -42,37 +42,20 @@ match(const struct sk_buff *skb, ^ info->invert)); } -static int -ipt_mac_checkentry(const char *tablename, - const void *inf, - void *matchinfo, - unsigned int matchsize, - unsigned int hook_mask) -{ - /* FORWARD isn't always valid, but it's nice to be able to do --RR */ - if (hook_mask - & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) - | (1 << NF_IP_FORWARD))) { - printk("xt_mac: only valid for PRE_ROUTING, LOCAL_IN or FORWARD.\n"); - return 0; - } - - if (matchsize != XT_ALIGN(sizeof(struct xt_mac_info))) - return 0; - - return 1; -} - static struct xt_match mac_match = { .name = "mac", - .match = &match, - .checkentry = &ipt_mac_checkentry, + .match = match, + .matchsize = sizeof(struct xt_mac_info), + .hooks = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) | + (1 << NF_IP_FORWARD), .me = THIS_MODULE, }; static struct xt_match mac6_match = { .name = "mac", - .match = &match, - .checkentry = &ipt_mac_checkentry, + .match = match, + .matchsize = sizeof(struct xt_mac_info), + .hooks = (1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) | + (1 << NF_IP_FORWARD), .me = THIS_MODULE, }; |