search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove random garbage diff.
[linux-2.6/linux-mips.git] / net / ipv4 / netfilter / ipt_state.c
blob94f6bbfa5e087162ed77d204281a2114ced77e6d
1 /* Kernel module to match connection tracking information.
2 * GPL (C) 1999 Rusty Russell (rusty@rustcorp.com.au).
3 */
4 #include <linux/module.h>
5 #include <linux/skbuff.h>
6 #include <linux/netfilter_ipv4/ip_conntrack.h>
7 #include <linux/netfilter_ipv4/ip_tables.h>
8 #include <linux/netfilter_ipv4/ipt_state.h>
9
10 static int
11 match(const struct sk_buff *skb,
12 const struct net_device *in,
13 const struct net_device *out,
14 const void *matchinfo,
15 int offset,
16 const void *hdr,
17 u_int16_t datalen,
18 int *hotdrop)
19 {
20 const struct ipt_state_info *sinfo = matchinfo;
21 enum ip_conntrack_info ctinfo;
22 unsigned int statebit;
23
24 if (!ip_conntrack_get((struct sk_buff *)skb, &ctinfo))
25 statebit = IPT_STATE_INVALID;
26 else
27 statebit = IPT_STATE_BIT(ctinfo);
28
29 return (sinfo->statemask & statebit);
30 }
31
32 static int check(const char *tablename,
33 const struct ipt_ip *ip,
34 void *matchinfo,
35 unsigned int matchsize,
36 unsigned int hook_mask)
37 {
38 if (matchsize != IPT_ALIGN(sizeof(struct ipt_state_info)))
39 return 0;
40
41 return 1;
42 }
43
44 static struct ipt_match state_match
45 = { { NULL, NULL }, "state", &match, &check, NULL, THIS_MODULE };
46
47 static int __init init(void)
48 {
49 /* NULL if ip_conntrack not a module */
50 if (ip_conntrack_module)
51 __MOD_INC_USE_COUNT(ip_conntrack_module);
52 return ipt_register_match(&state_match);
53 }
54
55 static void __exit fini(void)
56 {
57 ipt_unregister_match(&state_match);
58 if (ip_conntrack_module)
59 __MOD_DEC_USE_COUNT(ip_conntrack_module);
60 }
61
62 module_init(init);
63 module_exit(fini);
Mirror of the linux-mips.org kernel tree