[12/13] [NETFILTER]: xt_realm: enable for IPv6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dunno why xt_realm was not registered for AF_INET6 before. iproute2 
does not seem to display IPv6 realms - leaves me wondering.

===
commit 05ec5f1b7e9d1497dd4738210df137722038d6b5
Author: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Date:   Thu Jan 31 23:36:04 2008 +0100

    [NETFILTER]: xt_realm: enable for IPv6
    
    Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
---
 net/netfilter/xt_realm.c |   38 ++++++++++++++++++++++++++++----------
 1 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/net/netfilter/xt_realm.c b/net/netfilter/xt_realm.c
index 7df1627..f18b6e9 100644
--- a/net/netfilter/xt_realm.c
+++ b/net/netfilter/xt_realm.c
@@ -20,6 +20,7 @@ MODULE_AUTHOR("Sampsa Ranta <sampsa@xxxxxxxxxxx>");
 MODULE_LICENSE("GPL");
 MODULE_DESCRIPTION("Xtables: Routing realm match");
 MODULE_ALIAS("ipt_realm");
+MODULE_ALIAS("ip6t_realm");
 
 static bool
 realm_mt(const struct sk_buff *skb, const struct net_device *in,
@@ -33,24 +34,41 @@ realm_mt(const struct sk_buff *skb, const struct net_device *in,
 	return (info->id == (dst->tclassid & info->mask)) ^ info->invert;
 }
 
-static struct xt_match realm_mt_reg __read_mostly = {
-	.name		= "realm",
-	.match		= realm_mt,
-	.matchsize	= sizeof(struct xt_realm_info),
-	.hooks		= (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) |
-			  (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN),
-	.family		= AF_INET,
-	.me		= THIS_MODULE
+static struct xt_match realm_mt_reg[] __read_mostly = {
+	{
+		.name      = "realm",
+		.revision  = 0,
+		.family    = AF_INET,
+		.match     = realm_mt,
+		.matchsize = sizeof(struct xt_realm_info),
+		.hooks     = (1 << NF_INET_LOCAL_IN) |
+		             (1 << NF_INET_FORWARD) |
+		             (1 << NF_INET_LOCAL_OUT) |
+		             (1 << NF_INET_POST_ROUTING),
+		.me        = THIS_MODULE,
+	},
+	{
+		.name      = "realm",
+		.revision  = 0,
+		.family    = AF_INET6,
+		.match     = realm_mt,
+		.matchsize = sizeof(struct xt_realm_info),
+		.hooks     = (1 << NF_INET_LOCAL_IN) |
+		             (1 << NF_INET_FORWARD) |
+		             (1 << NF_INET_LOCAL_OUT) |
+		             (1 << NF_INET_POST_ROUTING),
+		.me        = THIS_MODULE,
+	},
 };
 
 static int __init realm_mt_init(void)
 {
-	return xt_register_match(&realm_mt_reg);
+	return xt_register_matches(realm_mt_reg, ARRAY_SIZE(realm_mt_reg));
 }
 
 static void __exit realm_mt_exit(void)
 {
-	xt_unregister_match(&realm_mt_reg);
+	xt_unregister_matches(realm_mt_reg, ARRAY_SIZE(realm_mt_reg));
 }
 
 module_init(realm_mt_init);
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux