>+ case XT_ROUTE_SRC_EXISTS:
>+ fl.nl_u.ip4_u.daddr = iph->saddr;
>+ ret = fib_lookup(dev_net(in), &fl, &res);
>+ if (ret == 0 && res.prefixlen != 0) {
>+ fib_res_put(&res);
>+ return true ^ info->invert;
>+ }
>+ case XT_ROUTE_SRC_EQ:
>+ fl.nl_u.ip4_u.daddr = iph->saddr;
>+ ret = fib_lookup(dev_net(in), &fl, &res);
>+ if (ret == 0 && res.prefixlen == info->prefixlen) {
>+ fib_res_put(&res);
>+ return true;
>+ }
>+ break;
Should not these be true ^ info->invert too?
I would probably combine mode and invert, to save a byte.
>+static bool
>+route_mt6(const struct sk_buff *skb, const struct net_device *in,
>+ const struct net_device *out, const struct xt_match *match,
>+ const void *matchinfo, int offset, unsigned int protoff,
>+ bool *hotdrop)
>+{
>+ return 1;
>+}
If you do not support IPv6, do not write a function for it ;-)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
