tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

netfilter: rename ipt_recent to xt_recent

Like with other modules (such as ipt_state), ipt_recent.h is changed
to forward definitions to (IOW include) xt_recent.h, and xt_recent.c
is changed to use the new constant names.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>

authored by

Jan Engelhardt and committed by
Patrick McHardy e948b20a 76108cea

+69 -49
+1
include/linux/netfilter/Kbuild
··· 32 32 header-y += xt_pkttype.h 33 33 header-y += xt_rateest.h 34 34 header-y += xt_realm.h 35 + header-y += xt_recent.h 35 36 header-y += xt_sctp.h 36 37 header-y += xt_state.h 37 38 header-y += xt_statistic.h
+26
include/linux/netfilter/xt_recent.h
··· 1 + #ifndef _LINUX_NETFILTER_XT_RECENT_H 2 + #define _LINUX_NETFILTER_XT_RECENT_H 1 3 + 4 + enum { 5 + XT_RECENT_CHECK = 1 << 0, 6 + XT_RECENT_SET = 1 << 1, 7 + XT_RECENT_UPDATE = 1 << 2, 8 + XT_RECENT_REMOVE = 1 << 3, 9 + XT_RECENT_TTL = 1 << 4, 10 + 11 + XT_RECENT_SOURCE = 0, 12 + XT_RECENT_DEST = 1, 13 + 14 + XT_RECENT_NAME_LEN = 200, 15 + }; 16 + 17 + struct xt_recent_mtinfo { 18 + u_int32_t seconds; 19 + u_int32_t hit_count; 20 + u_int8_t check_set; 21 + u_int8_t invert; 22 + char name[XT_RECENT_NAME_LEN]; 23 + u_int8_t side; 24 + }; 25 + 26 + #endif /* _LINUX_NETFILTER_XT_RECENT_H */
+11 -17
include/linux/netfilter_ipv4/ipt_recent.h
··· 1 1 #ifndef _IPT_RECENT_H 2 2 #define _IPT_RECENT_H 3 3 4 - #define RECENT_NAME "ipt_recent" 5 - #define RECENT_VER "v0.3.1" 4 + #include <linux/netfilter/xt_recent.h> 6 5 7 - #define IPT_RECENT_CHECK 1 8 - #define IPT_RECENT_SET 2 9 - #define IPT_RECENT_UPDATE 4 10 - #define IPT_RECENT_REMOVE 8 11 - #define IPT_RECENT_TTL 16 6 + #define ipt_recent_info xt_recent_mtinfo 12 7 13 - #define IPT_RECENT_SOURCE 0 14 - #define IPT_RECENT_DEST 1 8 + enum { 9 + IPT_RECENT_CHECK = XT_RECENT_CHECK, 10 + IPT_RECENT_SET = XT_RECENT_SET, 11 + IPT_RECENT_UPDATE = XT_RECENT_UPDATE, 12 + IPT_RECENT_REMOVE = XT_RECENT_REMOVE, 13 + IPT_RECENT_TTL = XT_RECENT_TTL, 15 14 16 - #define IPT_RECENT_NAME_LEN 200 15 + IPT_RECENT_SOURCE = XT_RECENT_SOURCE, 16 + IPT_RECENT_DEST = XT_RECENT_DEST, 17 17 18 - struct ipt_recent_info { 19 - u_int32_t seconds; 20 - u_int32_t hit_count; 21 - u_int8_t check_set; 22 - u_int8_t invert; 23 - char name[IPT_RECENT_NAME_LEN]; 24 - u_int8_t side; 18 + IPT_RECENT_NAME_LEN = XT_RECENT_NAME_LEN, 25 19 }; 26 20 27 21 #endif /*_IPT_RECENT_H*/
-13
net/ipv4/netfilter/Kconfig
··· 57 57 To compile it as a module, choose M here. If unsure, say N. 58 58 59 59 # The matches. 60 - config IP_NF_MATCH_RECENT 61 - tristate '"recent" match support' 62 - depends on IP_NF_IPTABLES 63 - depends on NETFILTER_ADVANCED 64 - help 65 - This match is used for creating one or many lists of recently 66 - used addresses and then matching against that/those list(s). 67 - 68 - Short options are available by using 'iptables -m recent -h' 69 - Official Website: <http://snowman.net/projects/ipt_recent/> 70 - 71 - To compile it as a module, choose M here. If unsure, say N. 72 - 73 60 config IP_NF_MATCH_ECN 74 61 tristate '"ecn" match support' 75 62 depends on IP_NF_IPTABLES
-1
net/ipv4/netfilter/Makefile
··· 48 48 obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o 49 49 obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o 50 50 obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o 51 - obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent.o 52 51 obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o 53 52 54 53 # targets
+19 -18
net/ipv4/netfilter/ipt_recent.c net/netfilter/xt_recent.c
··· 27 27 #include <net/net_namespace.h> 28 28 29 29 #include <linux/netfilter/x_tables.h> 30 - #include <linux/netfilter_ipv4/ipt_recent.h> 30 + #include <linux/netfilter/xt_recent.h> 31 31 32 32 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); 33 33 MODULE_DESCRIPTION("Xtables: \"recently-seen\" host matching for IPv4"); 34 34 MODULE_LICENSE("GPL"); 35 + MODULE_ALIAS("ipt_recent"); 35 36 36 37 static unsigned int ip_list_tot = 100; 37 38 static unsigned int ip_pkt_list_tot = 20; ··· 65 64 66 65 struct recent_table { 67 66 struct list_head list; 68 - char name[IPT_RECENT_NAME_LEN]; 67 + char name[XT_RECENT_NAME_LEN]; 69 68 #ifdef CONFIG_PROC_FS 70 69 struct proc_dir_entry *proc; 71 70 #endif ··· 176 175 const void *matchinfo, int offset, unsigned int protoff, 177 176 bool *hotdrop) 178 177 { 179 - const struct ipt_recent_info *info = matchinfo; 178 + const struct xt_recent_mtinfo *info = matchinfo; 180 179 struct recent_table *t; 181 180 struct recent_entry *e; 182 181 __be32 addr; 183 182 u_int8_t ttl; 184 183 bool ret = info->invert; 185 184 186 - if (info->side == IPT_RECENT_DEST) 185 + if (info->side == XT_RECENT_DEST) 187 186 addr = ip_hdr(skb)->daddr; 188 187 else 189 188 addr = ip_hdr(skb)->saddr; ··· 196 195 spin_lock_bh(&recent_lock); 197 196 t = recent_table_lookup(info->name); 198 197 e = recent_entry_lookup(t, addr, 199 - info->check_set & IPT_RECENT_TTL ? ttl : 0); 198 + info->check_set & XT_RECENT_TTL ? ttl : 0); 200 199 if (e == NULL) { 201 - if (!(info->check_set & IPT_RECENT_SET)) 200 + if (!(info->check_set & XT_RECENT_SET)) 202 201 goto out; 203 202 e = recent_entry_init(t, addr, ttl); 204 203 if (e == NULL) ··· 207 206 goto out; 208 207 } 209 208 210 - if (info->check_set & IPT_RECENT_SET) 209 + if (info->check_set & XT_RECENT_SET) 211 210 ret = !ret; 212 - else if (info->check_set & IPT_RECENT_REMOVE) { 211 + else if (info->check_set & XT_RECENT_REMOVE) { 213 212 recent_entry_remove(t, e); 214 213 ret = !ret; 215 - } else if (info->check_set & (IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) { 214 + } else if (info->check_set & (XT_RECENT_CHECK | XT_RECENT_UPDATE)) { 216 215 unsigned long time = jiffies - info->seconds * HZ; 217 216 unsigned int i, hits = 0; 218 217 ··· 226 225 } 227 226 } 228 227 229 - if (info->check_set & IPT_RECENT_SET || 230 - (info->check_set & IPT_RECENT_UPDATE && ret)) { 228 + if (info->check_set & XT_RECENT_SET || 229 + (info->check_set & XT_RECENT_UPDATE && ret)) { 231 230 recent_entry_update(t, e); 232 231 e->ttl = ttl; 233 232 } ··· 241 240 const struct xt_match *match, void *matchinfo, 242 241 unsigned int hook_mask) 243 242 { 244 - const struct ipt_recent_info *info = matchinfo; 243 + const struct xt_recent_mtinfo *info = matchinfo; 245 244 struct recent_table *t; 246 245 unsigned i; 247 246 bool ret = false; 248 247 249 248 if (hweight8(info->check_set & 250 - (IPT_RECENT_SET | IPT_RECENT_REMOVE | 251 - IPT_RECENT_CHECK | IPT_RECENT_UPDATE)) != 1) 249 + (XT_RECENT_SET | XT_RECENT_REMOVE | 250 + XT_RECENT_CHECK | XT_RECENT_UPDATE)) != 1) 252 251 return false; 253 - if ((info->check_set & (IPT_RECENT_SET | IPT_RECENT_REMOVE)) && 252 + if ((info->check_set & (XT_RECENT_SET | XT_RECENT_REMOVE)) && 254 253 (info->seconds || info->hit_count)) 255 254 return false; 256 255 if (info->hit_count > ip_pkt_list_tot) 257 256 return false; 258 257 if (info->name[0] == '\0' || 259 - strnlen(info->name, IPT_RECENT_NAME_LEN) == IPT_RECENT_NAME_LEN) 258 + strnlen(info->name, XT_RECENT_NAME_LEN) == XT_RECENT_NAME_LEN) 260 259 return false; 261 260 262 261 mutex_lock(&recent_mutex); ··· 297 296 298 297 static void recent_mt_destroy(const struct xt_match *match, void *matchinfo) 299 298 { 300 - const struct ipt_recent_info *info = matchinfo; 299 + const struct xt_recent_mtinfo *info = matchinfo; 301 300 struct recent_table *t; 302 301 303 302 mutex_lock(&recent_mutex); ··· 462 461 .name = "recent", 463 462 .family = AF_INET, 464 463 .match = recent_mt, 465 - .matchsize = sizeof(struct ipt_recent_info), 464 + .matchsize = sizeof(struct xt_recent_mtinfo), 466 465 .checkentry = recent_mt_check, 467 466 .destroy = recent_mt_destroy, 468 467 .me = THIS_MODULE,
+11
net/netfilter/Kconfig
··· 732 732 If you want to compile it as a module, say M here and read 733 733 <file:Documentation/kbuild/modules.txt>. If unsure, say `N'. 734 734 735 + config NETFILTER_XT_MATCH_RECENT 736 + tristate '"recent" match support' 737 + depends on NETFILTER_XTABLES 738 + depends on NETFILTER_ADVANCED 739 + ---help--- 740 + This match is used for creating one or many lists of recently 741 + used addresses and then matching against that/those list(s). 742 + 743 + Short options are available by using 'iptables -m recent -h' 744 + Official Website: <http://snowman.net/projects/ipt_recent/> 745 + 735 746 config NETFILTER_XT_MATCH_SCTP 736 747 tristate '"sctp" protocol match support (EXPERIMENTAL)' 737 748 depends on NETFILTER_XTABLES && EXPERIMENTAL
+1
net/netfilter/Makefile
··· 76 76 obj-$(CONFIG_NETFILTER_XT_MATCH_QUOTA) += xt_quota.o 77 77 obj-$(CONFIG_NETFILTER_XT_MATCH_RATEEST) += xt_rateest.o 78 78 obj-$(CONFIG_NETFILTER_XT_MATCH_REALM) += xt_realm.o 79 + obj-$(CONFIG_NETFILTER_XT_MATCH_RECENT) += xt_recent.o 79 80 obj-$(CONFIG_NETFILTER_XT_MATCH_SCTP) += xt_sctp.o 80 81 obj-$(CONFIG_NETFILTER_XT_MATCH_STATE) += xt_state.o 81 82 obj-$(CONFIG_NETFILTER_XT_MATCH_STATISTIC) += xt_statistic.o