* @family: Actual NFPROTO_* through which the function is invoked
* (helpful when match->family == NFPROTO_UNSPEC)
* @hotdrop: drop packet if we had inspection problems
+ * Network namespace obtainable using dev_net(in/out)
*/
struct xt_match_param {
const struct net_device *in, *out;
* struct xt_mtchk_param - parameters for match extensions'
* checkentry functions
*
+ * @net: network namespace through which the check was invoked
* @table: table the rule is tried to be inserted into
* @entryinfo: the family-specific rule data
- * (struct ipt_ip, ip6t_ip, ebt_entry)
+ * (struct ipt_ip, ip6t_ip, arpt_arp or (note) ebt_entry)
* @match: struct xt_match through which this function was invoked
* @matchinfo: per-match data
* @hook_mask: via which hooks the new rule is reachable
+ * Other fields as above.
*/
struct xt_mtchk_param {
struct net *net;
u_int8_t family;
};
-/* Match destructor parameters */
+/**
+ * struct xt_mdtor_param - match destructor parameters
+ * Fields as above.
+ */
struct xt_mtdtor_param {
struct net *net;
const struct xt_match *match;
/* Set this to THIS_MODULE if you are a module, otherwise NULL */
struct module *me;
- /* Free to use by each match */
- unsigned long data;
-
const char *table;
unsigned int matchsize;
#ifdef CONFIG_COMPAT
struct list_head list;
const char name[XT_FUNCTION_MAXNAMELEN-1];
+ u_int8_t revision;
/* Returns verdict. Argument order changed since 2.6.9, as this
must now handle non-linear skbs, using skb_copy_bits and
unsigned short proto;
unsigned short family;
- u_int8_t revision;
};
/* Furniture shopping... */
extern struct xt_match *xt_find_match(u8 af, const char *name, u8 revision);
extern struct xt_target *xt_find_target(u8 af, const char *name, u8 revision);
+extern struct xt_match *xt_request_find_match(u8 af, const char *name,
+ u8 revision);
extern struct xt_target *xt_request_find_target(u8 af, const char *name,
u8 revision);
extern int xt_find_revision(u8 af, const char *name, u8 revision,
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff