static bool xtnu_match_run(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, const struct xt_match *cm, const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop) #endif #if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 27) { struct xtnu_match *nm = xtcompat_numatch(cm); bool lo_drop = false, lo_ret; struct xt_match_param local_par = { .in = in, .out = out, .match = cm, .matchinfo = matchinfo, .fragoff = offset, .thoff = protoff, .hotdrop = &lo_drop, .family = NFPROTO_UNSPEC, /* don't have that info */ }; if (nm == NULL || nm->match == NULL) return false; lo_ret = nm->match(skb, &local_par); *hotdrop = lo_drop; return lo_ret; }
static int xt_compat_match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, const struct xt_match *match, const void* matchinfo, int offset, unsigned int protoff, int *hotdrop) { bool ret; struct xt_compat_match *m = xtcompat_numatch(match); // prepare parameters // execute struct xt_action_param par; par.in = in; par.out = out; par.match = match; par.matchinfo = matchinfo; par.fragoff = offset; par.thoff = protoff; par.hotdrop = false; par.family = NFPROTO_UNSPEC; ret = m->match(skb, &par); if (ret) return 0; return -1; }
static bool xtnu_match_check(const struct xt_mtchk_param *par) { struct xtnu_match *nm = xtcompat_numatch(par->match); if (nm == NULL) return false; if (nm->checkentry == NULL) return true; return nm->checkentry(par) == 0 ? true : false; }
static void xtnu_match_destroy(const struct xt_match *cm, void *matchinfo) #endif #if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 27) { struct xtnu_match *nm = xtcompat_numatch(cm); struct xt_mtdtor_param local_par = { .match = cm, .matchinfo = matchinfo, .family = NFPROTO_UNSPEC, }; if (nm != NULL && nm->destroy != NULL) nm->destroy(&local_par); }
static void xt_compat_destroy(const struct xt_match* match, void *matchinfo, unsigned int matchinfosize) { struct xt_compat_match *m = xtcompat_numatch(match); struct xt_mtdtor_param par; par.match = match; par.matchinfo = matchinfo; par.family = NFPROTO_UNSPEC; // call wrapped method return m->destroy(&par); }
static int xt_compat_checkentry(const char* tablename, const void* ip, const struct xt_match* match, void *matchinfo, unsigned int matchinfosize, unsigned int hook_mask) { struct xt_compat_match *m = xtcompat_numatch(match); struct xt_mtchk_param par; par.table = tablename; par.entryinfo = NULL; par.match = match; par.matchinfo = matchinfo; par.hook_mask = hook_mask; par.family = NFPROTO_UNSPEC; // call wrapped method return m->checkentry(&par) == 0; }
static bool xtnu_match_check(const char *table, const void *entry, const struct xt_match *cm, void *matchinfo, unsigned int hook_mask) #endif #if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 27) { struct xtnu_match *nm = xtcompat_numatch(cm); struct xt_mtchk_param local_par = { .table = table, .entryinfo = entry, .match = cm, .matchinfo = matchinfo, .hook_mask = hook_mask, .family = NFPROTO_UNSPEC, }; if (nm == NULL) return false; if (nm->checkentry == NULL) return true; return nm->checkentry(&local_par); }
static bool xtnu_match_run(const struct sk_buff *skb, const struct xt_match_param *par) { struct xtnu_match *nm = xtcompat_numatch(par->match); struct xt_action_param local_par; bool ret; local_par.in = par->in; local_par.out = par->out; local_par.match = par->match; local_par.matchinfo = par->matchinfo; local_par.fragoff = par->fragoff; local_par.thoff = par->thoff; local_par.hotdrop = false; local_par.family = par->family; if (nm == NULL || nm->match == NULL) return false; ret = nm->match(skb, &local_par); *par->hotdrop = local_par.hotdrop; return ret; }