netfilter: xtables: merge xt_MARK into xt_mark

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Two arguments for combining the two:
- xt_mark is pretty useless without xt_MARK
- the actual code is so small anyway that the kmod metadata and the module
in its loaded state totally outweighs the combined actual code size.

i586-before:
-rw-r--r-- 1 jengelh users 3821 Feb 10 01:01 xt_MARK.ko
-rw-r--r-- 1 jengelh users 2592 Feb 10 00:04 xt_MARK.o
-rw-r--r-- 1 jengelh users 3274 Feb 10 01:01 xt_mark.ko
-rw-r--r-- 1 jengelh users 2108 Feb 10 00:05 xt_mark.o
text data bss dec hex filename
354 264 0 618 26a xt_MARK.o
223 176 0 399 18f xt_mark.o
And the runtime size is like 14 KB.

i586-after:
-rw-r--r-- 1 jengelh users 3264 Feb 18 17:28 xt_mark.o

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>

authored by

Jan Engelhardt and committed by

Patrick McHardy 16 years ago 28b94988 44c58731

+70 -82

6 changed files

expand all

include

linux

netfilter

xt_MARK.h

xt_mark.h

net

netfilter

Kconfig

Makefile

xt_MARK.c

xt_mark.c

+1 -5

include/linux/netfilter/xt_MARK.h

··· 1 1 #ifndef _XT_MARK_H_target 2 2 #define _XT_MARK_H_target 3 3 4 - #include <linux/types.h> 5 - 6 - struct xt_mark_tginfo2 { 7 - __u32 mark, mask; 8 - }; 4 + #include <linux/netfilter/xt_mark.h> 9 5 10 6 #endif /*_XT_MARK_H_target */

include/linux/netfilter/xt_mark.h

··· 3 3 4 4 #include <linux/types.h> 5 5 6 + struct xt_mark_tginfo2 { 7 + __u32 mark, mask; 8 + }; 9 + 6 10 struct xt_mark_mtinfo1 { 7 11 __u32 mark, mask; 8 12 __u8 invert;

+29 -17

net/netfilter/Kconfig

··· 314 314 315 315 if NETFILTER_XTABLES 316 316 317 + comment "Xtables combined modules" 318 + 319 + config NETFILTER_XT_MARK 320 + tristate 'nfmark target and match support' 321 + default m if NETFILTER_ADVANCED=n 322 + ---help--- 323 + This option adds the "MARK" target and "mark" match. 324 + 325 + Netfilter mark matching allows you to match packets based on the 326 + "nfmark" value in the packet. 327 + The target allows you to create rules in the "mangle" table which alter 328 + the netfilter mark (nfmark) field associated with the packet. 329 + 330 + Prior to routing, the nfmark can influence the routing method (see 331 + "Use netfilter MARK value as routing key") and can also be used by 332 + other subsystems to change their behavior. 333 + 317 334 # alphabetically ordered list of targets 318 335 319 336 comment "Xtables targets" ··· 442 425 443 426 config NETFILTER_XT_TARGET_MARK 444 427 tristate '"MARK" target support' 445 - default m if NETFILTER_ADVANCED=n 446 - help 447 - This option adds a `MARK' target, which allows you to create rules 448 - in the `mangle' table which alter the netfilter mark (nfmark) field 449 - associated with the packet prior to routing. This can change 450 - the routing method (see `Use netfilter MARK value as routing 451 - key') and can also be used by other subsystems to change their 452 - behavior. 453 - 454 - To compile it as a module, choose M here. If unsure, say N. 428 + depends on NETFILTER_ADVANCED 429 + select NETFILTER_XT_MARK 430 + ---help--- 431 + This is a backwards-compat option for the user's convenience 432 + (e.g. when running oldconfig). It selects 433 + CONFIG_NETFILTER_XT_MARK (combined mark/MARK module). 455 434 456 435 config NETFILTER_XT_TARGET_NFLOG 457 436 tristate '"NFLOG" target support' ··· 752 739 753 740 config NETFILTER_XT_MATCH_MARK 754 741 tristate '"mark" match support' 755 - default m if NETFILTER_ADVANCED=n 756 - help 757 - Netfilter mark matching allows you to match packets based on the 758 - `nfmark' value in the packet. This can be set by the MARK target 759 - (see below). 760 - 761 - To compile it as a module, choose M here. If unsure, say N. 742 + depends on NETFILTER_ADVANCED 743 + select NETFILTER_XT_MARK 744 + ---help--- 745 + This is a backwards-compat option for the user's convenience 746 + (e.g. when running oldconfig). It selects 747 + CONFIG_NETFILTER_XT_MARK (combined mark/MARK module). 762 748 763 749 config NETFILTER_XT_MATCH_MULTIPORT 764 750 tristate '"multiport" Multiple port match support'

+3 -2

net/netfilter/Makefile

··· 40 40 # generic X tables 41 41 obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o 42 42 43 + # combos 44 + obj-$(CONFIG_NETFILTER_XT_MARK) += xt_mark.o 45 + 43 46 # targets 44 47 obj-$(CONFIG_NETFILTER_XT_TARGET_CLASSIFY) += xt_CLASSIFY.o 45 48 obj-$(CONFIG_NETFILTER_XT_TARGET_CONNMARK) += xt_CONNMARK.o ··· 51 48 obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o 52 49 obj-$(CONFIG_NETFILTER_XT_TARGET_HL) += xt_HL.o 53 50 obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o 54 - obj-$(CONFIG_NETFILTER_XT_TARGET_MARK) += xt_MARK.o 55 51 obj-$(CONFIG_NETFILTER_XT_TARGET_NFLOG) += xt_NFLOG.o 56 52 obj-$(CONFIG_NETFILTER_XT_TARGET_NFQUEUE) += xt_NFQUEUE.o 57 53 obj-$(CONFIG_NETFILTER_XT_TARGET_NOTRACK) += xt_NOTRACK.o ··· 78 76 obj-$(CONFIG_NETFILTER_XT_MATCH_LENGTH) += xt_length.o 79 77 obj-$(CONFIG_NETFILTER_XT_MATCH_LIMIT) += xt_limit.o 80 78 obj-$(CONFIG_NETFILTER_XT_MATCH_MAC) += xt_mac.o 81 - obj-$(CONFIG_NETFILTER_XT_MATCH_MARK) += xt_mark.o 82 79 obj-$(CONFIG_NETFILTER_XT_MATCH_MULTIPORT) += xt_multiport.o 83 80 obj-$(CONFIG_NETFILTER_XT_MATCH_OSF) += xt_osf.o 84 81 obj-$(CONFIG_NETFILTER_XT_MATCH_OWNER) += xt_owner.o

-56

net/netfilter/xt_MARK.c

··· 1 - /* 2 - * xt_MARK - Netfilter module to modify the NFMARK field of an skb 3 - * 4 - * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> 5 - * Copyright © CC Computer Consultants GmbH, 2007 - 2008 6 - * Jan Engelhardt <jengelh@computergmbh.de> 7 - * 8 - * This program is free software; you can redistribute it and/or modify 9 - * it under the terms of the GNU General Public License version 2 as 10 - * published by the Free Software Foundation. 11 - */ 12 - 13 - #include <linux/module.h> 14 - #include <linux/skbuff.h> 15 - #include <linux/ip.h> 16 - #include <net/checksum.h> 17 - 18 - #include <linux/netfilter/x_tables.h> 19 - #include <linux/netfilter/xt_MARK.h> 20 - 21 - MODULE_LICENSE("GPL"); 22 - MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); 23 - MODULE_DESCRIPTION("Xtables: packet mark modification"); 24 - MODULE_ALIAS("ipt_MARK"); 25 - MODULE_ALIAS("ip6t_MARK"); 26 - 27 - static unsigned int 28 - mark_tg(struct sk_buff *skb, const struct xt_target_param *par) 29 - { 30 - const struct xt_mark_tginfo2 *info = par->targinfo; 31 - 32 - skb->mark = (skb->mark & ~info->mask) ^ info->mark; 33 - return XT_CONTINUE; 34 - } 35 - 36 - static struct xt_target mark_tg_reg __read_mostly = { 37 - .name = "MARK", 38 - .revision = 2, 39 - .family = NFPROTO_UNSPEC, 40 - .target = mark_tg, 41 - .targetsize = sizeof(struct xt_mark_tginfo2), 42 - .me = THIS_MODULE, 43 - }; 44 - 45 - static int __init mark_tg_init(void) 46 - { 47 - return xt_register_target(&mark_tg_reg); 48 - } 49 - 50 - static void __exit mark_tg_exit(void) 51 - { 52 - xt_unregister_target(&mark_tg_reg); 53 - } 54 - 55 - module_init(mark_tg_init); 56 - module_exit(mark_tg_exit);

+33 -2

net/netfilter/xt_mark.c

··· 18 18 19 19 MODULE_LICENSE("GPL"); 20 20 MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); 21 - MODULE_DESCRIPTION("Xtables: packet mark match"); 21 + MODULE_DESCRIPTION("Xtables: packet mark operations"); 22 22 MODULE_ALIAS("ipt_mark"); 23 23 MODULE_ALIAS("ip6t_mark"); 24 + MODULE_ALIAS("ipt_MARK"); 25 + MODULE_ALIAS("ip6t_MARK"); 26 + 27 + static unsigned int 28 + mark_tg(struct sk_buff *skb, const struct xt_target_param *par) 29 + { 30 + const struct xt_mark_tginfo2 *info = par->targinfo; 31 + 32 + skb->mark = (skb->mark & ~info->mask) ^ info->mark; 33 + return XT_CONTINUE; 34 + } 24 35 25 36 static bool 26 37 mark_mt(const struct sk_buff *skb, const struct xt_match_param *par) ··· 40 29 41 30 return ((skb->mark & info->mask) == info->mark) ^ info->invert; 42 31 } 32 + 33 + static struct xt_target mark_tg_reg __read_mostly = { 34 + .name = "MARK", 35 + .revision = 2, 36 + .family = NFPROTO_UNSPEC, 37 + .target = mark_tg, 38 + .targetsize = sizeof(struct xt_mark_tginfo2), 39 + .me = THIS_MODULE, 40 + }; 43 41 44 42 static struct xt_match mark_mt_reg __read_mostly = { 45 43 .name = "mark", ··· 61 41 62 42 static int __init mark_mt_init(void) 63 43 { 64 - return xt_register_match(&mark_mt_reg); 44 + int ret; 45 + 46 + ret = xt_register_target(&mark_tg_reg); 47 + if (ret < 0) 48 + return ret; 49 + ret = xt_register_match(&mark_mt_reg); 50 + if (ret < 0) { 51 + xt_unregister_target(&mark_tg_reg); 52 + return ret; 53 + } 54 + return 0; 65 55 } 66 56 67 57 static void __exit mark_mt_exit(void) 68 58 { 69 59 xt_unregister_match(&mark_mt_reg); 60 + xt_unregister_target(&mark_tg_reg); 70 61 } 71 62 72 63 module_init(mark_mt_init);