#include <linux/netfilter/xt_quota.h>
struct xt_quota_priv {
- uint64_t quota;
+ spinlock_t lock;
+ uint64_t quota;
};
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_quota");
MODULE_ALIAS("ip6t_quota");
-static DEFINE_SPINLOCK(quota_lock);
-
static bool
-quota_mt(const struct sk_buff *skb, const struct xt_match_param *par)
+quota_mt(const struct sk_buff *skb, struct xt_action_param *par)
{
struct xt_quota_info *q = (void *)par->matchinfo;
struct xt_quota_priv *priv = q->master;
bool ret = q->flags & XT_QUOTA_INVERT;
- spin_lock_bh("a_lock);
+ spin_lock_bh(&priv->lock);
if (priv->quota >= skb->len) {
priv->quota -= skb->len;
ret = !ret;
/* we do not allow even small packets from now on */
priv->quota = 0;
}
- /* Copy quota back to matchinfo so that iptables can display it */
- q->quota = priv->quota;
- spin_unlock_bh("a_lock);
+ spin_unlock_bh(&priv->lock);
return ret;
}
-static bool quota_mt_check(const struct xt_mtchk_param *par)
+static int quota_mt_check(const struct xt_mtchk_param *par)
{
struct xt_quota_info *q = par->matchinfo;
if (q->flags & ~XT_QUOTA_MASK)
- return false;
+ return -EINVAL;
q->master = kmalloc(sizeof(*q->master), GFP_KERNEL);
if (q->master == NULL)
- return false;
+ return -ENOMEM;
+ spin_lock_init(&q->master->lock);
q->master->quota = q->quota;
- return true;
+ return 0;
}
static void quota_mt_destroy(const struct xt_mtdtor_param *par)
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff