提交 ccb79bdc 编写于 作者: J Jan Engelhardt 提交者: David S. Miller

[NETFILTER]: x_tables: switch xt_match->checkentry to bool

Switch the return type of match functions to boolean
Signed-off-by: NJan Engelhardt <jengelh@gmx.de>
Signed-off-by: NPatrick McHardy <kaber@trash.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 1d93a9cb
...@@ -152,11 +152,11 @@ struct xt_match ...@@ -152,11 +152,11 @@ struct xt_match
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
/* Should return true or false. */ /* Should return true or false. */
int (*checkentry)(const char *tablename, bool (*checkentry)(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, void *matchinfo,
unsigned int hook_mask); unsigned int hook_mask);
/* Called when entry of this type deleted. */ /* Called when entry of this type deleted. */
void (*destroy)(const struct xt_match *match, void *matchinfo); void (*destroy)(const struct xt_match *match, void *matchinfo);
......
...@@ -152,20 +152,20 @@ ip_packet_match(const struct iphdr *ip, ...@@ -152,20 +152,20 @@ ip_packet_match(const struct iphdr *ip,
return 1; return 1;
} }
static inline int static inline bool
ip_checkentry(const struct ipt_ip *ip) ip_checkentry(const struct ipt_ip *ip)
{ {
if (ip->flags & ~IPT_F_MASK) { if (ip->flags & ~IPT_F_MASK) {
duprintf("Unknown flag bits set: %08X\n", duprintf("Unknown flag bits set: %08X\n",
ip->flags & ~IPT_F_MASK); ip->flags & ~IPT_F_MASK);
return 0; return false;
} }
if (ip->invflags & ~IPT_INV_MASK) { if (ip->invflags & ~IPT_INV_MASK) {
duprintf("Unknown invflag bits set: %08X\n", duprintf("Unknown invflag bits set: %08X\n",
ip->invflags & ~IPT_INV_MASK); ip->invflags & ~IPT_INV_MASK);
return 0; return false;
} }
return 1; return true;
} }
static unsigned int static unsigned int
...@@ -2149,7 +2149,7 @@ icmp_match(const struct sk_buff *skb, ...@@ -2149,7 +2149,7 @@ icmp_match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
icmp_checkentry(const char *tablename, icmp_checkentry(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
......
...@@ -70,7 +70,7 @@ match(const struct sk_buff *skb, ...@@ -70,7 +70,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip_void, const void *ip_void,
const struct xt_match *match, const struct xt_match *match,
...@@ -82,9 +82,9 @@ checkentry(const char *tablename, ...@@ -82,9 +82,9 @@ checkentry(const char *tablename,
/* Must specify no unknown invflags */ /* Must specify no unknown invflags */
if (ahinfo->invflags & ~IPT_AH_INV_MASK) { if (ahinfo->invflags & ~IPT_AH_INV_MASK) {
duprintf("ipt_ah: unknown flags %X\n", ahinfo->invflags); duprintf("ipt_ah: unknown flags %X\n", ahinfo->invflags);
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match ah_match = { static struct xt_match ah_match = {
......
...@@ -87,27 +87,27 @@ static bool match(const struct sk_buff *skb, ...@@ -87,27 +87,27 @@ static bool match(const struct sk_buff *skb,
return true; return true;
} }
static int checkentry(const char *tablename, const void *ip_void, static bool checkentry(const char *tablename, const void *ip_void,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, unsigned int hook_mask) void *matchinfo, unsigned int hook_mask)
{ {
const struct ipt_ecn_info *info = matchinfo; const struct ipt_ecn_info *info = matchinfo;
const struct ipt_ip *ip = ip_void; const struct ipt_ip *ip = ip_void;
if (info->operation & IPT_ECN_OP_MATCH_MASK) if (info->operation & IPT_ECN_OP_MATCH_MASK)
return 0; return false;
if (info->invert & IPT_ECN_OP_MATCH_MASK) if (info->invert & IPT_ECN_OP_MATCH_MASK)
return 0; return false;
if (info->operation & (IPT_ECN_OP_MATCH_ECE|IPT_ECN_OP_MATCH_CWR) if (info->operation & (IPT_ECN_OP_MATCH_ECE|IPT_ECN_OP_MATCH_CWR)
&& ip->proto != IPPROTO_TCP) { && ip->proto != IPPROTO_TCP) {
printk(KERN_WARNING "ipt_ecn: can't match TCP bits in rule for" printk(KERN_WARNING "ipt_ecn: can't match TCP bits in rule for"
" non-tcp packets\n"); " non-tcp packets\n");
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match ecn_match = { static struct xt_match ecn_match = {
......
...@@ -51,7 +51,7 @@ match(const struct sk_buff *skb, ...@@ -51,7 +51,7 @@ match(const struct sk_buff *skb,
return true; return true;
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -63,9 +63,9 @@ checkentry(const char *tablename, ...@@ -63,9 +63,9 @@ checkentry(const char *tablename,
if (info->match & (IPT_OWNER_PID|IPT_OWNER_SID|IPT_OWNER_COMM)) { if (info->match & (IPT_OWNER_PID|IPT_OWNER_SID|IPT_OWNER_COMM)) {
printk("ipt_owner: pid, sid and command matching " printk("ipt_owner: pid, sid and command matching "
"not supported anymore\n"); "not supported anymore\n");
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match owner_match = { static struct xt_match owner_match = {
......
...@@ -235,7 +235,7 @@ ipt_recent_match(const struct sk_buff *skb, ...@@ -235,7 +235,7 @@ ipt_recent_match(const struct sk_buff *skb,
return ret; return ret;
} }
static int static bool
ipt_recent_checkentry(const char *tablename, const void *ip, ipt_recent_checkentry(const char *tablename, const void *ip,
const struct xt_match *match, void *matchinfo, const struct xt_match *match, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
...@@ -243,24 +243,24 @@ ipt_recent_checkentry(const char *tablename, const void *ip, ...@@ -243,24 +243,24 @@ ipt_recent_checkentry(const char *tablename, const void *ip,
const struct ipt_recent_info *info = matchinfo; const struct ipt_recent_info *info = matchinfo;
struct recent_table *t; struct recent_table *t;
unsigned i; unsigned i;
int ret = 0; bool ret = false;
if (hweight8(info->check_set & if (hweight8(info->check_set &
(IPT_RECENT_SET | IPT_RECENT_REMOVE | (IPT_RECENT_SET | IPT_RECENT_REMOVE |
IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) != 1) IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) != 1)
return 0; return false;
if ((info->check_set & (IPT_RECENT_SET | IPT_RECENT_REMOVE)) && if ((info->check_set & (IPT_RECENT_SET | IPT_RECENT_REMOVE)) &&
(info->seconds || info->hit_count)) (info->seconds || info->hit_count))
return 0; return false;
if (info->name[0] == '\0' || if (info->name[0] == '\0' ||
strnlen(info->name, IPT_RECENT_NAME_LEN) == IPT_RECENT_NAME_LEN) strnlen(info->name, IPT_RECENT_NAME_LEN) == IPT_RECENT_NAME_LEN)
return 0; return false;
mutex_lock(&recent_mutex); mutex_lock(&recent_mutex);
t = recent_table_lookup(info->name); t = recent_table_lookup(info->name);
if (t != NULL) { if (t != NULL) {
t->refcnt++; t->refcnt++;
ret = 1; ret = true;
goto out; goto out;
} }
...@@ -287,7 +287,7 @@ ipt_recent_checkentry(const char *tablename, const void *ip, ...@@ -287,7 +287,7 @@ ipt_recent_checkentry(const char *tablename, const void *ip,
spin_lock_bh(&recent_lock); spin_lock_bh(&recent_lock);
list_add_tail(&t->list, &tables); list_add_tail(&t->list, &tables);
spin_unlock_bh(&recent_lock); spin_unlock_bh(&recent_lock);
ret = 1; ret = true;
out: out:
mutex_unlock(&recent_mutex); mutex_unlock(&recent_mutex);
return ret; return ret;
......
...@@ -188,20 +188,20 @@ ip6_packet_match(const struct sk_buff *skb, ...@@ -188,20 +188,20 @@ ip6_packet_match(const struct sk_buff *skb,
} }
/* should be ip6 safe */ /* should be ip6 safe */
static inline int static inline bool
ip6_checkentry(const struct ip6t_ip6 *ipv6) ip6_checkentry(const struct ip6t_ip6 *ipv6)
{ {
if (ipv6->flags & ~IP6T_F_MASK) { if (ipv6->flags & ~IP6T_F_MASK) {
duprintf("Unknown flag bits set: %08X\n", duprintf("Unknown flag bits set: %08X\n",
ipv6->flags & ~IP6T_F_MASK); ipv6->flags & ~IP6T_F_MASK);
return 0; return false;
} }
if (ipv6->invflags & ~IP6T_INV_MASK) { if (ipv6->invflags & ~IP6T_INV_MASK) {
duprintf("Unknown invflag bits set: %08X\n", duprintf("Unknown invflag bits set: %08X\n",
ipv6->invflags & ~IP6T_INV_MASK); ipv6->invflags & ~IP6T_INV_MASK);
return 0; return false;
} }
return 1; return true;
} }
static unsigned int static unsigned int
...@@ -1282,10 +1282,10 @@ void ip6t_unregister_table(struct xt_table *table) ...@@ -1282,10 +1282,10 @@ void ip6t_unregister_table(struct xt_table *table)
} }
/* Returns 1 if the type and code is matched by the range, 0 otherwise */ /* Returns 1 if the type and code is matched by the range, 0 otherwise */
static inline int static inline bool
icmp6_type_code_match(u_int8_t test_type, u_int8_t min_code, u_int8_t max_code, icmp6_type_code_match(u_int8_t test_type, u_int8_t min_code, u_int8_t max_code,
u_int8_t type, u_int8_t code, u_int8_t type, u_int8_t code,
int invert) bool invert)
{ {
return (type == test_type && code >= min_code && code <= max_code) return (type == test_type && code >= min_code && code <= max_code)
^ invert; ^ invert;
...@@ -1325,7 +1325,7 @@ icmp6_match(const struct sk_buff *skb, ...@@ -1325,7 +1325,7 @@ icmp6_match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
icmp6_checkentry(const char *tablename, icmp6_checkentry(const char *tablename,
const void *entry, const void *entry,
const struct xt_match *match, const struct xt_match *match,
......
...@@ -103,7 +103,7 @@ match(const struct sk_buff *skb, ...@@ -103,7 +103,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *entry, const void *entry,
const struct xt_match *match, const struct xt_match *match,
...@@ -114,9 +114,9 @@ checkentry(const char *tablename, ...@@ -114,9 +114,9 @@ checkentry(const char *tablename,
if (ahinfo->invflags & ~IP6T_AH_INV_MASK) { if (ahinfo->invflags & ~IP6T_AH_INV_MASK) {
DEBUGP("ip6t_ah: unknown flags %X\n", ahinfo->invflags); DEBUGP("ip6t_ah: unknown flags %X\n", ahinfo->invflags);
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match ah_match = { static struct xt_match ah_match = {
......
...@@ -120,7 +120,7 @@ match(const struct sk_buff *skb, ...@@ -120,7 +120,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -131,9 +131,9 @@ checkentry(const char *tablename, ...@@ -131,9 +131,9 @@ checkentry(const char *tablename,
if (fraginfo->invflags & ~IP6T_FRAG_INV_MASK) { if (fraginfo->invflags & ~IP6T_FRAG_INV_MASK) {
DEBUGP("ip6t_frag: unknown flags %X\n", fraginfo->invflags); DEBUGP("ip6t_frag: unknown flags %X\n", fraginfo->invflags);
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match frag_match = { static struct xt_match frag_match = {
......
...@@ -174,7 +174,7 @@ match(const struct sk_buff *skb, ...@@ -174,7 +174,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *entry, const void *entry,
const struct xt_match *match, const struct xt_match *match,
...@@ -185,9 +185,9 @@ checkentry(const char *tablename, ...@@ -185,9 +185,9 @@ checkentry(const char *tablename,
if (optsinfo->invflags & ~IP6T_OPTS_INV_MASK) { if (optsinfo->invflags & ~IP6T_OPTS_INV_MASK) {
DEBUGP("ip6t_opts: unknown flags %X\n", optsinfo->invflags); DEBUGP("ip6t_opts: unknown flags %X\n", optsinfo->invflags);
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match opts_match[] = { static struct xt_match opts_match[] = {
......
...@@ -124,7 +124,7 @@ ipv6header_match(const struct sk_buff *skb, ...@@ -124,7 +124,7 @@ ipv6header_match(const struct sk_buff *skb,
} }
} }
static int static bool
ipv6header_checkentry(const char *tablename, ipv6header_checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -136,9 +136,9 @@ ipv6header_checkentry(const char *tablename, ...@@ -136,9 +136,9 @@ ipv6header_checkentry(const char *tablename,
/* invflags is 0 or 0xff in hard mode */ /* invflags is 0 or 0xff in hard mode */
if ((!info->modeflag) && info->invflags != 0x00 && if ((!info->modeflag) && info->invflags != 0x00 &&
info->invflags != 0xFF) info->invflags != 0xFF)
return 0; return false;
return 1; return true;
} }
static struct xt_match ip6t_ipv6header_match = { static struct xt_match ip6t_ipv6header_match = {
......
...@@ -75,7 +75,7 @@ match(const struct sk_buff *skb, ...@@ -75,7 +75,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
mh_checkentry(const char *tablename, mh_checkentry(const char *tablename,
const void *entry, const void *entry,
const struct xt_match *match, const struct xt_match *match,
......
...@@ -53,7 +53,7 @@ match(const struct sk_buff *skb, ...@@ -53,7 +53,7 @@ match(const struct sk_buff *skb,
return true; return true;
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -65,9 +65,9 @@ checkentry(const char *tablename, ...@@ -65,9 +65,9 @@ checkentry(const char *tablename,
if (info->match & (IP6T_OWNER_PID | IP6T_OWNER_SID)) { if (info->match & (IP6T_OWNER_PID | IP6T_OWNER_SID)) {
printk("ipt_owner: pid and sid matching " printk("ipt_owner: pid and sid matching "
"not supported anymore\n"); "not supported anymore\n");
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match owner_match = { static struct xt_match owner_match = {
......
...@@ -198,7 +198,7 @@ match(const struct sk_buff *skb, ...@@ -198,7 +198,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *entry, const void *entry,
const struct xt_match *match, const struct xt_match *match,
...@@ -209,17 +209,17 @@ checkentry(const char *tablename, ...@@ -209,17 +209,17 @@ checkentry(const char *tablename,
if (rtinfo->invflags & ~IP6T_RT_INV_MASK) { if (rtinfo->invflags & ~IP6T_RT_INV_MASK) {
DEBUGP("ip6t_rt: unknown flags %X\n", rtinfo->invflags); DEBUGP("ip6t_rt: unknown flags %X\n", rtinfo->invflags);
return 0; return false;
} }
if ((rtinfo->flags & (IP6T_RT_RES | IP6T_RT_FST_MASK)) && if ((rtinfo->flags & (IP6T_RT_RES | IP6T_RT_FST_MASK)) &&
(!(rtinfo->flags & IP6T_RT_TYP) || (!(rtinfo->flags & IP6T_RT_TYP) ||
(rtinfo->rt_type != 0) || (rtinfo->rt_type != 0) ||
(rtinfo->invflags & IP6T_RT_INV_TYP))) { (rtinfo->invflags & IP6T_RT_INV_TYP))) {
DEBUGP("`--rt-type 0' required before `--rt-0-*'"); DEBUGP("`--rt-type 0' required before `--rt-0-*'");
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match rt_match = { static struct xt_match rt_match = {
......
...@@ -95,31 +95,31 @@ match(const struct sk_buff *skb, ...@@ -95,31 +95,31 @@ match(const struct sk_buff *skb,
return (what >= sinfo->count.from); return (what >= sinfo->count.from);
} }
static int check(const char *tablename, static bool check(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
{ {
const struct xt_connbytes_info *sinfo = matchinfo; const struct xt_connbytes_info *sinfo = matchinfo;
if (sinfo->what != XT_CONNBYTES_PKTS && if (sinfo->what != XT_CONNBYTES_PKTS &&
sinfo->what != XT_CONNBYTES_BYTES && sinfo->what != XT_CONNBYTES_BYTES &&
sinfo->what != XT_CONNBYTES_AVGPKT) sinfo->what != XT_CONNBYTES_AVGPKT)
return 0; return false;
if (sinfo->direction != XT_CONNBYTES_DIR_ORIGINAL && if (sinfo->direction != XT_CONNBYTES_DIR_ORIGINAL &&
sinfo->direction != XT_CONNBYTES_DIR_REPLY && sinfo->direction != XT_CONNBYTES_DIR_REPLY &&
sinfo->direction != XT_CONNBYTES_DIR_BOTH) sinfo->direction != XT_CONNBYTES_DIR_BOTH)
return 0; return false;
if (nf_ct_l3proto_try_module_get(match->family) < 0) { if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for " printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family); "proto=%d\n", match->family);
return 0; return false;
} }
return 1; return true;
} }
static void static void
......
...@@ -51,7 +51,7 @@ match(const struct sk_buff *skb, ...@@ -51,7 +51,7 @@ match(const struct sk_buff *skb,
return (((ct->mark) & info->mask) == info->mark) ^ info->invert; return (((ct->mark) & info->mask) == info->mark) ^ info->invert;
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -62,14 +62,14 @@ checkentry(const char *tablename, ...@@ -62,14 +62,14 @@ checkentry(const char *tablename,
if (cm->mark > 0xffffffff || cm->mask > 0xffffffff) { if (cm->mark > 0xffffffff || cm->mask > 0xffffffff) {
printk(KERN_WARNING "connmark: only support 32bit mark\n"); printk(KERN_WARNING "connmark: only support 32bit mark\n");
return 0; return false;
} }
if (nf_ct_l3proto_try_module_get(match->family) < 0) { if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for " printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family); "proto=%d\n", match->family);
return 0; return false;
} }
return 1; return true;
} }
static void static void
......
...@@ -114,7 +114,7 @@ match(const struct sk_buff *skb, ...@@ -114,7 +114,7 @@ match(const struct sk_buff *skb,
return true; return true;
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -124,9 +124,9 @@ checkentry(const char *tablename, ...@@ -124,9 +124,9 @@ checkentry(const char *tablename,
if (nf_ct_l3proto_try_module_get(match->family) < 0) { if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for " printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family); "proto=%d\n", match->family);
return 0; return false;
} }
return 1; return true;
} }
static void destroy(const struct xt_match *match, void *matchinfo) static void destroy(const struct xt_match *match, void *matchinfo)
......
...@@ -126,7 +126,7 @@ match(const struct sk_buff *skb, ...@@ -126,7 +126,7 @@ match(const struct sk_buff *skb,
XT_DCCP_OPTION, info->flags, info->invflags); XT_DCCP_OPTION, info->flags, info->invflags);
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *inf, const void *inf,
const struct xt_match *match, const struct xt_match *match,
......
...@@ -52,20 +52,20 @@ static bool match6(const struct sk_buff *skb, ...@@ -52,20 +52,20 @@ static bool match6(const struct sk_buff *skb,
return (dscp == info->dscp) ^ !!info->invert; return (dscp == info->dscp) ^ !!info->invert;
} }
static int checkentry(const char *tablename, static bool checkentry(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
{ {
const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp; const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp;
if (dscp > XT_DSCP_MAX) { if (dscp > XT_DSCP_MAX) {
printk(KERN_ERR "xt_dscp: dscp %x out of range\n", dscp); printk(KERN_ERR "xt_dscp: dscp %x out of range\n", dscp);
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match xt_dscp_match[] = { static struct xt_match xt_dscp_match[] = {
......
...@@ -74,7 +74,7 @@ match(const struct sk_buff *skb, ...@@ -74,7 +74,7 @@ match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip_void, const void *ip_void,
const struct xt_match *match, const struct xt_match *match,
...@@ -85,10 +85,10 @@ checkentry(const char *tablename, ...@@ -85,10 +85,10 @@ checkentry(const char *tablename,
if (espinfo->invflags & ~XT_ESP_INV_MASK) { if (espinfo->invflags & ~XT_ESP_INV_MASK) {
duprintf("xt_esp: unknown flags %X\n", espinfo->invflags); duprintf("xt_esp: unknown flags %X\n", espinfo->invflags);
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match xt_esp_match[] = { static struct xt_match xt_esp_match[] = {
......
...@@ -492,7 +492,7 @@ hashlimit_match(const struct sk_buff *skb, ...@@ -492,7 +492,7 @@ hashlimit_match(const struct sk_buff *skb,
return false; return false;
} }
static int static bool
hashlimit_checkentry(const char *tablename, hashlimit_checkentry(const char *tablename,
const void *inf, const void *inf,
const struct xt_match *match, const struct xt_match *match,
...@@ -506,20 +506,20 @@ hashlimit_checkentry(const char *tablename, ...@@ -506,20 +506,20 @@ hashlimit_checkentry(const char *tablename,
user2credits(r->cfg.avg * r->cfg.burst) < user2credits(r->cfg.avg)) { user2credits(r->cfg.avg * r->cfg.burst) < user2credits(r->cfg.avg)) {
printk(KERN_ERR "xt_hashlimit: overflow, try lower: %u/%u\n", printk(KERN_ERR "xt_hashlimit: overflow, try lower: %u/%u\n",
r->cfg.avg, r->cfg.burst); r->cfg.avg, r->cfg.burst);
return 0; return false;
} }
if (r->cfg.mode == 0 || if (r->cfg.mode == 0 ||
r->cfg.mode > (XT_HASHLIMIT_HASH_DPT | r->cfg.mode > (XT_HASHLIMIT_HASH_DPT |
XT_HASHLIMIT_HASH_DIP | XT_HASHLIMIT_HASH_DIP |
XT_HASHLIMIT_HASH_SIP | XT_HASHLIMIT_HASH_SIP |
XT_HASHLIMIT_HASH_SPT)) XT_HASHLIMIT_HASH_SPT))
return 0; return false;
if (!r->cfg.gc_interval) if (!r->cfg.gc_interval)
return 0; return false;
if (!r->cfg.expire) if (!r->cfg.expire)
return 0; return false;
if (r->name[sizeof(r->name) - 1] != '\0') if (r->name[sizeof(r->name) - 1] != '\0')
return 0; return false;
/* This is the best we've got: We cannot release and re-grab lock, /* This is the best we've got: We cannot release and re-grab lock,
* since checkentry() is called before x_tables.c grabs xt_mutex. * since checkentry() is called before x_tables.c grabs xt_mutex.
...@@ -531,13 +531,13 @@ hashlimit_checkentry(const char *tablename, ...@@ -531,13 +531,13 @@ hashlimit_checkentry(const char *tablename,
r->hinfo = htable_find_get(r->name, match->family); r->hinfo = htable_find_get(r->name, match->family);
if (!r->hinfo && htable_create(r, match->family) != 0) { if (!r->hinfo && htable_create(r, match->family) != 0) {
mutex_unlock(&hlimit_mutex); mutex_unlock(&hlimit_mutex);
return 0; return false;
} }
mutex_unlock(&hlimit_mutex); mutex_unlock(&hlimit_mutex);
/* Ugly hack: For SMP, we only want to use one set */ /* Ugly hack: For SMP, we only want to use one set */
r->u.master = r; r->u.master = r;
return 1; return true;
} }
static void static void
......
...@@ -76,21 +76,21 @@ match(const struct sk_buff *skb, ...@@ -76,21 +76,21 @@ match(const struct sk_buff *skb,
return ret; return ret;
} }
static int check(const char *tablename, static bool check(const char *tablename,
const void *inf, const void *inf,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
{ {
struct xt_helper_info *info = matchinfo; struct xt_helper_info *info = matchinfo;
if (nf_ct_l3proto_try_module_get(match->family) < 0) { if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for " printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family); "proto=%d\n", match->family);
return 0; return false;
} }
info->name[29] = '\0'; info->name[29] = '\0';
return 1; return true;
} }
static void static void
......
...@@ -98,7 +98,7 @@ user2credits(u_int32_t user) ...@@ -98,7 +98,7 @@ user2credits(u_int32_t user)
return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE; return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE;
} }
static int static bool
ipt_limit_checkentry(const char *tablename, ipt_limit_checkentry(const char *tablename,
const void *inf, const void *inf,
const struct xt_match *match, const struct xt_match *match,
...@@ -112,7 +112,7 @@ ipt_limit_checkentry(const char *tablename, ...@@ -112,7 +112,7 @@ ipt_limit_checkentry(const char *tablename,
|| user2credits(r->avg * r->burst) < user2credits(r->avg)) { || user2credits(r->avg * r->burst) < user2credits(r->avg)) {
printk("Overflow in xt_limit, try lower: %u/%u\n", printk("Overflow in xt_limit, try lower: %u/%u\n",
r->avg, r->burst); r->avg, r->burst);
return 0; return false;
} }
/* For SMP, we only want to use one set of counters. */ /* For SMP, we only want to use one set of counters. */
...@@ -125,7 +125,7 @@ ipt_limit_checkentry(const char *tablename, ...@@ -125,7 +125,7 @@ ipt_limit_checkentry(const char *tablename,
r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */ r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */
r->cost = user2credits(r->avg); r->cost = user2credits(r->avg);
} }
return 1; return true;
} }
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT
......
...@@ -34,7 +34,7 @@ match(const struct sk_buff *skb, ...@@ -34,7 +34,7 @@ match(const struct sk_buff *skb,
return ((skb->mark & info->mask) == info->mark) ^ info->invert; return ((skb->mark & info->mask) == info->mark) ^ info->invert;
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *entry, const void *entry,
const struct xt_match *match, const struct xt_match *match,
...@@ -45,9 +45,9 @@ checkentry(const char *tablename, ...@@ -45,9 +45,9 @@ checkentry(const char *tablename,
if (minfo->mark > 0xffffffff || minfo->mask > 0xffffffff) { if (minfo->mark > 0xffffffff || minfo->mask > 0xffffffff) {
printk(KERN_WARNING "mark: only supports 32bit mark\n"); printk(KERN_WARNING "mark: only supports 32bit mark\n");
return 0; return false;
} }
return 1; return true;
} }
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT
......
...@@ -154,7 +154,7 @@ match_v1(const struct sk_buff *skb, ...@@ -154,7 +154,7 @@ match_v1(const struct sk_buff *skb,
return ports_match_v1(multiinfo, ntohs(pptr[0]), ntohs(pptr[1])); return ports_match_v1(multiinfo, ntohs(pptr[0]), ntohs(pptr[1]));
} }
static inline int static inline bool
check(u_int16_t proto, check(u_int16_t proto,
u_int8_t ip_invflags, u_int8_t ip_invflags,
u_int8_t match_flags, u_int8_t match_flags,
...@@ -172,7 +172,7 @@ check(u_int16_t proto, ...@@ -172,7 +172,7 @@ check(u_int16_t proto,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
...@@ -186,7 +186,7 @@ checkentry(const char *tablename, ...@@ -186,7 +186,7 @@ checkentry(const char *tablename,
multiinfo->count); multiinfo->count);
} }
static int static bool
checkentry_v1(const char *tablename, checkentry_v1(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
...@@ -200,7 +200,7 @@ checkentry_v1(const char *tablename, ...@@ -200,7 +200,7 @@ checkentry_v1(const char *tablename,
multiinfo->count); multiinfo->count);
} }
static int static bool
checkentry6(const char *tablename, checkentry6(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
...@@ -214,7 +214,7 @@ checkentry6(const char *tablename, ...@@ -214,7 +214,7 @@ checkentry6(const char *tablename,
multiinfo->count); multiinfo->count);
} }
static int static bool
checkentry6_v1(const char *tablename, checkentry6_v1(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
......
...@@ -99,7 +99,7 @@ match(const struct sk_buff *skb, ...@@ -99,7 +99,7 @@ match(const struct sk_buff *skb,
return ret ^ !(info->invert & XT_PHYSDEV_OP_OUT); return ret ^ !(info->invert & XT_PHYSDEV_OP_OUT);
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
...@@ -110,7 +110,7 @@ checkentry(const char *tablename, ...@@ -110,7 +110,7 @@ checkentry(const char *tablename,
if (!(info->bitmask & XT_PHYSDEV_OP_MASK) || if (!(info->bitmask & XT_PHYSDEV_OP_MASK) ||
info->bitmask & ~XT_PHYSDEV_OP_MASK) info->bitmask & ~XT_PHYSDEV_OP_MASK)
return 0; return false;
if (info->bitmask & XT_PHYSDEV_OP_OUT && if (info->bitmask & XT_PHYSDEV_OP_OUT &&
(!(info->bitmask & XT_PHYSDEV_OP_BRIDGED) || (!(info->bitmask & XT_PHYSDEV_OP_BRIDGED) ||
info->invert & XT_PHYSDEV_OP_BRIDGED) && info->invert & XT_PHYSDEV_OP_BRIDGED) &&
...@@ -120,9 +120,9 @@ checkentry(const char *tablename, ...@@ -120,9 +120,9 @@ checkentry(const char *tablename,
"OUTPUT, FORWARD and POSTROUTING chains for non-bridged " "OUTPUT, FORWARD and POSTROUTING chains for non-bridged "
"traffic is not supported anymore.\n"); "traffic is not supported anymore.\n");
if (hook_mask & (1 << NF_IP_LOCAL_OUT)) if (hook_mask & (1 << NF_IP_LOCAL_OUT))
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match xt_physdev_match[] = { static struct xt_match xt_physdev_match[] = {
......
...@@ -133,35 +133,35 @@ static bool match(const struct sk_buff *skb, ...@@ -133,35 +133,35 @@ static bool match(const struct sk_buff *skb,
return ret; return ret;
} }
static int checkentry(const char *tablename, const void *ip_void, static bool checkentry(const char *tablename, const void *ip_void,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, unsigned int hook_mask) void *matchinfo, unsigned int hook_mask)
{ {
struct xt_policy_info *info = matchinfo; struct xt_policy_info *info = matchinfo;
if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) { if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) {
printk(KERN_ERR "xt_policy: neither incoming nor " printk(KERN_ERR "xt_policy: neither incoming nor "
"outgoing policy selected\n"); "outgoing policy selected\n");
return 0; return false;
} }
/* hook values are equal for IPv4 and IPv6 */ /* hook values are equal for IPv4 and IPv6 */
if (hook_mask & (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_LOCAL_IN) if (hook_mask & (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_LOCAL_IN)
&& info->flags & XT_POLICY_MATCH_OUT) { && info->flags & XT_POLICY_MATCH_OUT) {
printk(KERN_ERR "xt_policy: output policy not valid in " printk(KERN_ERR "xt_policy: output policy not valid in "
"PRE_ROUTING and INPUT\n"); "PRE_ROUTING and INPUT\n");
return 0; return false;
} }
if (hook_mask & (1 << NF_IP_POST_ROUTING | 1 << NF_IP_LOCAL_OUT) if (hook_mask & (1 << NF_IP_POST_ROUTING | 1 << NF_IP_LOCAL_OUT)
&& info->flags & XT_POLICY_MATCH_IN) { && info->flags & XT_POLICY_MATCH_IN) {
printk(KERN_ERR "xt_policy: input policy not valid in " printk(KERN_ERR "xt_policy: input policy not valid in "
"POST_ROUTING and OUTPUT\n"); "POST_ROUTING and OUTPUT\n");
return 0; return false;
} }
if (info->len > XT_POLICY_MAX_ELEM) { if (info->len > XT_POLICY_MAX_ELEM) {
printk(KERN_ERR "xt_policy: too many policy elements\n"); printk(KERN_ERR "xt_policy: too many policy elements\n");
return 0; return false;
} }
return 1; return true;
} }
static struct xt_match xt_policy_match[] = { static struct xt_match xt_policy_match[] = {
......
...@@ -38,7 +38,7 @@ match(const struct sk_buff *skb, ...@@ -38,7 +38,7 @@ match(const struct sk_buff *skb,
return ret; return ret;
} }
static int static bool
checkentry(const char *tablename, const void *entry, checkentry(const char *tablename, const void *entry,
const struct xt_match *match, void *matchinfo, const struct xt_match *match, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
...@@ -46,10 +46,10 @@ checkentry(const char *tablename, const void *entry, ...@@ -46,10 +46,10 @@ checkentry(const char *tablename, const void *entry,
struct xt_quota_info *q = (struct xt_quota_info *)matchinfo; struct xt_quota_info *q = (struct xt_quota_info *)matchinfo;
if (q->flags & ~XT_QUOTA_MASK) if (q->flags & ~XT_QUOTA_MASK)
return 0; return false;
/* For SMP, we only want to use one set of counters. */ /* For SMP, we only want to use one set of counters. */
q->master = q; q->master = q;
return 1; return true;
} }
static struct xt_match xt_quota_match[] = { static struct xt_match xt_quota_match[] = {
......
...@@ -158,7 +158,7 @@ match(const struct sk_buff *skb, ...@@ -158,7 +158,7 @@ match(const struct sk_buff *skb,
XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); XT_SCTP_CHUNK_TYPES, info->flags, info->invflags);
} }
static int static bool
checkentry(const char *tablename, checkentry(const char *tablename,
const void *inf, const void *inf,
const struct xt_match *match, const struct xt_match *match,
......
...@@ -44,18 +44,18 @@ match(const struct sk_buff *skb, ...@@ -44,18 +44,18 @@ match(const struct sk_buff *skb,
return (sinfo->statemask & statebit); return (sinfo->statemask & statebit);
} }
static int check(const char *tablename, static bool check(const char *tablename,
const void *inf, const void *inf,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
{ {
if (nf_ct_l3proto_try_module_get(match->family) < 0) { if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for " printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", match->family); "proto=%d\n", match->family);
return 0; return false;
} }
return 1; return true;
} }
static void static void
......
...@@ -52,7 +52,7 @@ match(const struct sk_buff *skb, ...@@ -52,7 +52,7 @@ match(const struct sk_buff *skb,
return ret; return ret;
} }
static int static bool
checkentry(const char *tablename, const void *entry, checkentry(const char *tablename, const void *entry,
const struct xt_match *match, void *matchinfo, const struct xt_match *match, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
...@@ -61,9 +61,9 @@ checkentry(const char *tablename, const void *entry, ...@@ -61,9 +61,9 @@ checkentry(const char *tablename, const void *entry,
if (info->mode > XT_STATISTIC_MODE_MAX || if (info->mode > XT_STATISTIC_MODE_MAX ||
info->flags & ~XT_STATISTIC_MASK) info->flags & ~XT_STATISTIC_MASK)
return 0; return false;
info->master = info; info->master = info;
return 1; return true;
} }
static struct xt_match xt_statistic_match[] = { static struct xt_match xt_statistic_match[] = {
......
...@@ -42,30 +42,30 @@ static bool match(const struct sk_buff *skb, ...@@ -42,30 +42,30 @@ static bool match(const struct sk_buff *skb,
#define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m) #define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m)
static int checkentry(const char *tablename, static bool checkentry(const char *tablename,
const void *ip, const void *ip,
const struct xt_match *match, const struct xt_match *match,
void *matchinfo, void *matchinfo,
unsigned int hook_mask) unsigned int hook_mask)
{ {
struct xt_string_info *conf = matchinfo; struct xt_string_info *conf = matchinfo;
struct ts_config *ts_conf; struct ts_config *ts_conf;
/* Damn, can't handle this case properly with iptables... */ /* Damn, can't handle this case properly with iptables... */
if (conf->from_offset > conf->to_offset) if (conf->from_offset > conf->to_offset)
return 0; return false;
if (conf->algo[XT_STRING_MAX_ALGO_NAME_SIZE - 1] != '\0') if (conf->algo[XT_STRING_MAX_ALGO_NAME_SIZE - 1] != '\0')
return 0; return false;
if (conf->patlen > XT_STRING_MAX_PATTERN_SIZE) if (conf->patlen > XT_STRING_MAX_PATTERN_SIZE)
return 0; return false;
ts_conf = textsearch_prepare(conf->algo, conf->pattern, conf->patlen, ts_conf = textsearch_prepare(conf->algo, conf->pattern, conf->patlen,
GFP_KERNEL, TS_AUTOLOAD); GFP_KERNEL, TS_AUTOLOAD);
if (IS_ERR(ts_conf)) if (IS_ERR(ts_conf))
return 0; return false;
conf->config = ts_conf; conf->config = ts_conf;
return 1; return true;
} }
static void destroy(const struct xt_match *match, void *matchinfo) static void destroy(const struct xt_match *match, void *matchinfo)
......
...@@ -133,7 +133,7 @@ tcp_match(const struct sk_buff *skb, ...@@ -133,7 +133,7 @@ tcp_match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
tcp_checkentry(const char *tablename, tcp_checkentry(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
...@@ -181,7 +181,7 @@ udp_match(const struct sk_buff *skb, ...@@ -181,7 +181,7 @@ udp_match(const struct sk_buff *skb,
} }
/* Called when user tries to insert an entry of this type. */ /* Called when user tries to insert an entry of this type. */
static int static bool
udp_checkentry(const char *tablename, udp_checkentry(const char *tablename,
const void *info, const void *info,
const struct xt_match *match, const struct xt_match *match,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册