[NETFILTER]: ipt annotations

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Al Viro 2006-09-28 14:22:24 -07:00 committed by David S. Miller
parent a76b11dd25
commit 6a19d61472
12 changed files with 49 additions and 46 deletions

View file

@ -8,7 +8,7 @@
struct ipt_iprange {
/* Inclusive: network order. */
u_int32_t min_ip, max_ip;
__be32 min_ip, max_ip;
};
struct ipt_iprange_info

View file

@ -52,7 +52,7 @@ struct clusterip_config {
atomic_t entries; /* number of entries/rules
* referencing us */
u_int32_t clusterip; /* the IP address */
__be32 clusterip; /* the IP address */
u_int8_t clustermac[ETH_ALEN]; /* the MAC address */
struct net_device *dev; /* device */
u_int16_t num_total_nodes; /* total number of nodes */
@ -119,7 +119,7 @@ clusterip_config_entry_put(struct clusterip_config *c)
}
static struct clusterip_config *
__clusterip_config_find(u_int32_t clusterip)
__clusterip_config_find(__be32 clusterip)
{
struct list_head *pos;
@ -136,7 +136,7 @@ __clusterip_config_find(u_int32_t clusterip)
}
static inline struct clusterip_config *
clusterip_config_find_get(u_int32_t clusterip, int entry)
clusterip_config_find_get(__be32 clusterip, int entry)
{
struct clusterip_config *c;
@ -166,7 +166,7 @@ clusterip_config_init_nodelist(struct clusterip_config *c,
}
static struct clusterip_config *
clusterip_config_init(struct ipt_clusterip_tgt_info *i, u_int32_t ip,
clusterip_config_init(struct ipt_clusterip_tgt_info *i, __be32 ip,
struct net_device *dev)
{
struct clusterip_config *c;
@ -387,7 +387,7 @@ checkentry(const char *tablename,
return 0;
}
if (e->ip.dmsk.s_addr != 0xffffffff
if (e->ip.dmsk.s_addr != htonl(0xffffffff)
|| e->ip.dst.s_addr == 0) {
printk(KERN_ERR "CLUSTERIP: Please specify destination IP\n");
return 0;
@ -476,9 +476,9 @@ static struct ipt_target clusterip_tgt = {
/* hardcoded for 48bit ethernet and 32bit ipv4 addresses */
struct arp_payload {
u_int8_t src_hw[ETH_ALEN];
u_int32_t src_ip;
__be32 src_ip;
u_int8_t dst_hw[ETH_ALEN];
u_int32_t dst_ip;
__be32 dst_ip;
} __attribute__ ((packed));
#ifdef CLUSTERIP_DEBUG

View file

@ -28,7 +28,7 @@ static inline int
set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo)
{
struct iphdr *iph = (*pskb)->nh.iph;
u_int16_t oldtos;
__be16 oldtos;
if ((iph->tos & IPT_ECN_IP_MASK) != (einfo->ip_ect & IPT_ECN_IP_MASK)) {
if (!skb_make_writable(pskb, sizeof(struct iphdr)))
@ -37,7 +37,7 @@ set_ect_ip(struct sk_buff **pskb, const struct ipt_ECN_info *einfo)
oldtos = iph->tos;
iph->tos &= ~IPT_ECN_IP_MASK;
iph->tos |= (einfo->ip_ect & IPT_ECN_IP_MASK);
iph->check = nf_csum_update(oldtos ^ 0xFFFF, iph->tos,
iph->check = nf_csum_update(oldtos ^ htons(0xFFFF), iph->tos,
iph->check);
}
return 1;
@ -48,7 +48,7 @@ static inline int
set_ect_tcp(struct sk_buff **pskb, const struct ipt_ECN_info *einfo)
{
struct tcphdr _tcph, *tcph;
u_int16_t oldval;
__be16 oldval;
/* Not enought header? */
tcph = skb_header_pointer(*pskb, (*pskb)->nh.iph->ihl*4,
@ -66,15 +66,15 @@ set_ect_tcp(struct sk_buff **pskb, const struct ipt_ECN_info *einfo)
return 0;
tcph = (void *)(*pskb)->nh.iph + (*pskb)->nh.iph->ihl*4;
oldval = ((u_int16_t *)tcph)[6];
oldval = ((__be16 *)tcph)[6];
if (einfo->operation & IPT_ECN_OP_SET_ECE)
tcph->ece = einfo->proto.tcp.ece;
if (einfo->operation & IPT_ECN_OP_SET_CWR)
tcph->cwr = einfo->proto.tcp.cwr;
tcph->check = nf_proto_csum_update((*pskb),
oldval ^ 0xFFFF,
((u_int16_t *)tcph)[6],
oldval ^ htons(0xFFFF),
((__be16 *)tcph)[6],
tcph->check, 0);
return 1;
}

View file

@ -58,7 +58,7 @@ target(struct sk_buff **pskb,
{
struct ip_conntrack *ct;
enum ip_conntrack_info ctinfo;
u_int32_t new_ip, netmask;
__be32 new_ip, netmask;
const struct ip_nat_multi_range_compat *mr = targinfo;
struct ip_nat_range newrange;

View file

@ -104,8 +104,8 @@ static void send_reset(struct sk_buff *oldskb, int hook)
struct iphdr *iph = oldskb->nh.iph;
struct tcphdr _otcph, *oth, *tcph;
struct rtable *rt;
u_int16_t tmp_port;
u_int32_t tmp_addr;
__be16 tmp_port;
__be32 tmp_addr;
int needs_ack;
int hh_len;

View file

@ -135,7 +135,8 @@ same_target(struct sk_buff **pskb,
{
struct ip_conntrack *ct;
enum ip_conntrack_info ctinfo;
u_int32_t tmpip, aindex, new_ip;
u_int32_t tmpip, aindex;
__be32 new_ip;
const struct ipt_same_info *same = targinfo;
struct ip_nat_range newrange;
const struct ip_conntrack_tuple *t;

View file

@ -42,7 +42,8 @@ ipt_tcpmss_target(struct sk_buff **pskb,
const struct ipt_tcpmss_info *tcpmssinfo = targinfo;
struct tcphdr *tcph;
struct iphdr *iph;
u_int16_t tcplen, newtotlen, oldval, newmss;
u_int16_t tcplen, newmss;
__be16 newtotlen, oldval;
unsigned int i;
u_int8_t *opt;
@ -97,7 +98,7 @@ ipt_tcpmss_target(struct sk_buff **pskb,
opt[i+3] = (newmss & 0x00ff);
tcph->check = nf_proto_csum_update(*pskb,
htons(oldmss)^0xFFFF,
htons(oldmss)^htons(0xFFFF),
htons(newmss),
tcph->check, 0);
return IPT_CONTINUE;
@ -126,7 +127,7 @@ ipt_tcpmss_target(struct sk_buff **pskb,
memmove(opt + TCPOLEN_MSS, opt, tcplen - sizeof(struct tcphdr));
tcph->check = nf_proto_csum_update(*pskb,
htons(tcplen) ^ 0xFFFF,
htons(tcplen) ^ htons(0xFFFF),
htons(tcplen + TCPOLEN_MSS),
tcph->check, 1);
opt[0] = TCPOPT_MSS;
@ -134,18 +135,18 @@ ipt_tcpmss_target(struct sk_buff **pskb,
opt[2] = (newmss & 0xff00) >> 8;
opt[3] = (newmss & 0x00ff);
tcph->check = nf_proto_csum_update(*pskb, ~0, *((u_int32_t *)opt),
tcph->check = nf_proto_csum_update(*pskb, htonl(~0), *((__be32 *)opt),
tcph->check, 0);
oldval = ((u_int16_t *)tcph)[6];
oldval = ((__be16 *)tcph)[6];
tcph->doff += TCPOLEN_MSS/4;
tcph->check = nf_proto_csum_update(*pskb,
oldval ^ 0xFFFF,
((u_int16_t *)tcph)[6],
oldval ^ htons(0xFFFF),
((__be16 *)tcph)[6],
tcph->check, 0);
newtotlen = htons(ntohs(iph->tot_len) + TCPOLEN_MSS);
iph->check = nf_csum_update(iph->tot_len ^ 0xFFFF,
iph->check = nf_csum_update(iph->tot_len ^ htons(0xFFFF),
newtotlen, iph->check);
iph->tot_len = newtotlen;
return IPT_CONTINUE;

View file

@ -30,7 +30,7 @@ target(struct sk_buff **pskb,
{
const struct ipt_tos_target_info *tosinfo = targinfo;
struct iphdr *iph = (*pskb)->nh.iph;
u_int16_t oldtos;
__be16 oldtos;
if ((iph->tos & IPTOS_TOS_MASK) != tosinfo->tos) {
if (!skb_make_writable(pskb, sizeof(struct iphdr)))
@ -38,7 +38,7 @@ target(struct sk_buff **pskb,
iph = (*pskb)->nh.iph;
oldtos = iph->tos;
iph->tos = (iph->tos & IPTOS_PREC_MASK) | tosinfo->tos;
iph->check = nf_csum_update(oldtos ^ 0xFFFF, iph->tos,
iph->check = nf_csum_update(oldtos ^ htons(0xFFFF), iph->tos,
iph->check);
}
return IPT_CONTINUE;

View file

@ -54,8 +54,8 @@ ipt_ttl_target(struct sk_buff **pskb,
}
if (new_ttl != iph->ttl) {
iph->check = nf_csum_update(ntohs((iph->ttl << 8)) ^ 0xFFFF,
ntohs(new_ttl << 8),
iph->check = nf_csum_update(htons((iph->ttl << 8)) ^ htons(0xFFFF),
htons(new_ttl << 8),
iph->check);
iph->ttl = new_ttl;
}

View file

@ -50,11 +50,11 @@ static struct file_operations dl_file_ops;
/* hash table crap */
struct dsthash_dst {
u_int32_t src_ip;
u_int32_t dst_ip;
__be32 src_ip;
__be32 dst_ip;
/* ports have to be consecutive !!! */
u_int16_t src_port;
u_int16_t dst_port;
__be16 src_port;
__be16 dst_port;
};
struct dsthash_ent {
@ -106,8 +106,10 @@ static inline int dst_cmp(const struct dsthash_ent *ent, struct dsthash_dst *b)
static inline u_int32_t
hash_dst(const struct ipt_hashlimit_htable *ht, const struct dsthash_dst *dst)
{
return (jhash_3words(dst->dst_ip, (dst->dst_port<<16 | dst->src_port),
dst->src_ip, ht->rnd) % ht->cfg.size);
return (jhash_3words((__force u32)dst->dst_ip,
((__force u32)dst->dst_port<<16 |
(__force u32)dst->src_port),
(__force u32)dst->src_ip, ht->rnd) % ht->cfg.size);
}
static inline struct dsthash_ent *
@ -406,7 +408,7 @@ hashlimit_match(const struct sk_buff *skb,
dst.src_ip = skb->nh.iph->saddr;
if (hinfo->cfg.mode & IPT_HASHLIMIT_HASH_DPT
||hinfo->cfg.mode & IPT_HASHLIMIT_HASH_SPT) {
u_int16_t _ports[2], *ports;
__be16 _ports[2], *ports;
switch (skb->nh.iph->protocol) {
case IPPROTO_TCP:

View file

@ -50,11 +50,10 @@ MODULE_PARM_DESC(ip_list_perms, "permissions on /proc/net/ipt_recent/* files");
MODULE_PARM_DESC(ip_list_uid,"owner of /proc/net/ipt_recent/* files");
MODULE_PARM_DESC(ip_list_gid,"owning group of /proc/net/ipt_recent/* files");
struct recent_entry {
struct list_head list;
struct list_head lru_list;
u_int32_t addr;
__be32 addr;
u_int8_t ttl;
u_int8_t index;
u_int16_t nstamps;
@ -85,17 +84,17 @@ static struct file_operations recent_fops;
static u_int32_t hash_rnd;
static int hash_rnd_initted;
static unsigned int recent_entry_hash(u_int32_t addr)
static unsigned int recent_entry_hash(__be32 addr)
{
if (!hash_rnd_initted) {
get_random_bytes(&hash_rnd, 4);
hash_rnd_initted = 1;
}
return jhash_1word(addr, hash_rnd) & (ip_list_hash_size - 1);
return jhash_1word((__force u32)addr, hash_rnd) & (ip_list_hash_size - 1);
}
static struct recent_entry *
recent_entry_lookup(const struct recent_table *table, u_int32_t addr, u_int8_t ttl)
recent_entry_lookup(const struct recent_table *table, __be32 addr, u_int8_t ttl)
{
struct recent_entry *e;
unsigned int h;
@ -116,7 +115,7 @@ static void recent_entry_remove(struct recent_table *t, struct recent_entry *e)
}
static struct recent_entry *
recent_entry_init(struct recent_table *t, u_int32_t addr, u_int8_t ttl)
recent_entry_init(struct recent_table *t, __be32 addr, u_int8_t ttl)
{
struct recent_entry *e;
@ -178,7 +177,7 @@ ipt_recent_match(const struct sk_buff *skb,
const struct ipt_recent_info *info = matchinfo;
struct recent_table *t;
struct recent_entry *e;
u_int32_t addr;
__be32 addr;
u_int8_t ttl;
int ret = info->invert;
@ -406,7 +405,7 @@ static ssize_t recent_proc_write(struct file *file, const char __user *input,
struct recent_table *t = pde->data;
struct recent_entry *e;
char buf[sizeof("+255.255.255.255")], *c = buf;
u_int32_t addr;
__be32 addr;
int add;
if (size > sizeof(buf))

View file

@ -131,7 +131,7 @@ ipt_local_hook(unsigned int hook,
{
unsigned int ret;
u_int8_t tos;
u_int32_t saddr, daddr;
__be32 saddr, daddr;
unsigned long nfmark;
/* root is playing with raw sockets. */