net:netfilter: use IS_ENABLED
Use IS_ENABLED(CONFIG_FOO) instead of defined(CONFIG_FOO) || defined (CONFIG_FOO_MODULE) Signed-off-by: Igor Maravić <igorm@etf.rs> Signed-off-by: David S. Miller <davem@davemloft.net>hifive-unleashed-5.1
parent
29c3626238
commit
c0cd115667
|
@ -229,7 +229,7 @@ int skb_make_writable(struct sk_buff *skb, unsigned int writable_len)
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL(skb_make_writable);
|
EXPORT_SYMBOL(skb_make_writable);
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
/* This does not belong here, but locally generated errors need it if connection
|
/* This does not belong here, but locally generated errors need it if connection
|
||||||
tracking in use: without this, connection may not be in hash table, and hence
|
tracking in use: without this, connection may not be in hash table, and hence
|
||||||
manufactured ICMP or RST packets will not be associated with it. */
|
manufactured ICMP or RST packets will not be associated with it. */
|
||||||
|
|
|
@ -109,7 +109,7 @@ ip_set_get_ip4_port(const struct sk_buff *skb, bool src,
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(ip_set_get_ip4_port);
|
EXPORT_SYMBOL_GPL(ip_set_get_ip4_port);
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
bool
|
bool
|
||||||
ip_set_get_ip6_port(const struct sk_buff *skb, bool src,
|
ip_set_get_ip6_port(const struct sk_buff *skb, bool src,
|
||||||
__be16 *port, u8 *proto)
|
__be16 *port, u8 *proto)
|
||||||
|
|
|
@ -541,7 +541,7 @@ ip_vs_nat_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
|
||||||
* Avoid duplicate tuple in reply direction for NAT traffic
|
* Avoid duplicate tuple in reply direction for NAT traffic
|
||||||
* to local address when connection is sync-ed
|
* to local address when connection is sync-ed
|
||||||
*/
|
*/
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
||||||
enum ip_conntrack_info ctinfo;
|
enum ip_conntrack_info ctinfo;
|
||||||
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
||||||
|
@ -658,7 +658,7 @@ ip_vs_nat_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
|
||||||
* Avoid duplicate tuple in reply direction for NAT traffic
|
* Avoid duplicate tuple in reply direction for NAT traffic
|
||||||
* to local address when connection is sync-ed
|
* to local address when connection is sync-ed
|
||||||
*/
|
*/
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
||||||
enum ip_conntrack_info ctinfo;
|
enum ip_conntrack_info ctinfo;
|
||||||
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
||||||
|
@ -1173,7 +1173,7 @@ ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
|
||||||
* Avoid duplicate tuple in reply direction for NAT traffic
|
* Avoid duplicate tuple in reply direction for NAT traffic
|
||||||
* to local address when connection is sync-ed
|
* to local address when connection is sync-ed
|
||||||
*/
|
*/
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
||||||
enum ip_conntrack_info ctinfo;
|
enum ip_conntrack_info ctinfo;
|
||||||
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
||||||
|
@ -1293,7 +1293,7 @@ ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
|
||||||
* Avoid duplicate tuple in reply direction for NAT traffic
|
* Avoid duplicate tuple in reply direction for NAT traffic
|
||||||
* to local address when connection is sync-ed
|
* to local address when connection is sync-ed
|
||||||
*/
|
*/
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
if (cp->flags & IP_VS_CONN_F_SYNC && local) {
|
||||||
enum ip_conntrack_info ctinfo;
|
enum ip_conntrack_info ctinfo;
|
||||||
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
struct nf_conn *ct = ct = nf_ct_get(skb, &ctinfo);
|
||||||
|
|
|
@ -1087,7 +1087,7 @@ static struct nf_ct_ext_type nf_ct_zone_extend __read_mostly = {
|
||||||
};
|
};
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
|
|
||||||
#include <linux/netfilter/nfnetlink.h>
|
#include <linux/netfilter/nfnetlink.h>
|
||||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||||
|
|
|
@ -743,8 +743,7 @@ static int callforward_do_filter(const union nf_inet_addr *src,
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#if defined(CONFIG_NF_CONNTRACK_IPV6) || \
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK_IPV6)
|
||||||
defined(CONFIG_NF_CONNTRACK_IPV6_MODULE)
|
|
||||||
case AF_INET6: {
|
case AF_INET6: {
|
||||||
struct flowi6 fl1, fl2;
|
struct flowi6 fl1, fl2;
|
||||||
struct rt6_info *rt1, *rt2;
|
struct rt6_info *rt1, *rt2;
|
||||||
|
|
|
@ -629,7 +629,7 @@ static int dccp_print_conntrack(struct seq_file *s, struct nf_conn *ct)
|
||||||
return seq_printf(s, "%s ", dccp_state_names[ct->proto.dccp.state]);
|
return seq_printf(s, "%s ", dccp_state_names[ct->proto.dccp.state]);
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
static int dccp_to_nlattr(struct sk_buff *skb, struct nlattr *nla,
|
static int dccp_to_nlattr(struct sk_buff *skb, struct nlattr *nla,
|
||||||
struct nf_conn *ct)
|
struct nf_conn *ct)
|
||||||
{
|
{
|
||||||
|
@ -770,7 +770,7 @@ static struct nf_conntrack_l4proto dccp_proto4 __read_mostly = {
|
||||||
.error = dccp_error,
|
.error = dccp_error,
|
||||||
.print_tuple = dccp_print_tuple,
|
.print_tuple = dccp_print_tuple,
|
||||||
.print_conntrack = dccp_print_conntrack,
|
.print_conntrack = dccp_print_conntrack,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.to_nlattr = dccp_to_nlattr,
|
.to_nlattr = dccp_to_nlattr,
|
||||||
.nlattr_size = dccp_nlattr_size,
|
.nlattr_size = dccp_nlattr_size,
|
||||||
.from_nlattr = nlattr_to_dccp,
|
.from_nlattr = nlattr_to_dccp,
|
||||||
|
@ -792,7 +792,7 @@ static struct nf_conntrack_l4proto dccp_proto6 __read_mostly = {
|
||||||
.error = dccp_error,
|
.error = dccp_error,
|
||||||
.print_tuple = dccp_print_tuple,
|
.print_tuple = dccp_print_tuple,
|
||||||
.print_conntrack = dccp_print_conntrack,
|
.print_conntrack = dccp_print_conntrack,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.to_nlattr = dccp_to_nlattr,
|
.to_nlattr = dccp_to_nlattr,
|
||||||
.nlattr_size = dccp_nlattr_size,
|
.nlattr_size = dccp_nlattr_size,
|
||||||
.from_nlattr = nlattr_to_dccp,
|
.from_nlattr = nlattr_to_dccp,
|
||||||
|
|
|
@ -291,7 +291,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_gre4 __read_mostly = {
|
||||||
.new = gre_new,
|
.new = gre_new,
|
||||||
.destroy = gre_destroy,
|
.destroy = gre_destroy,
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
||||||
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
||||||
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
||||||
|
|
|
@ -461,7 +461,7 @@ static bool sctp_new(struct nf_conn *ct, const struct sk_buff *skb,
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
|
|
||||||
#include <linux/netfilter/nfnetlink.h>
|
#include <linux/netfilter/nfnetlink.h>
|
||||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||||
|
@ -666,7 +666,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
|
||||||
.packet = sctp_packet,
|
.packet = sctp_packet,
|
||||||
.new = sctp_new,
|
.new = sctp_new,
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.to_nlattr = sctp_to_nlattr,
|
.to_nlattr = sctp_to_nlattr,
|
||||||
.nlattr_size = sctp_nlattr_size,
|
.nlattr_size = sctp_nlattr_size,
|
||||||
.from_nlattr = nlattr_to_sctp,
|
.from_nlattr = nlattr_to_sctp,
|
||||||
|
@ -696,7 +696,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
|
||||||
.packet = sctp_packet,
|
.packet = sctp_packet,
|
||||||
.new = sctp_new,
|
.new = sctp_new,
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.to_nlattr = sctp_to_nlattr,
|
.to_nlattr = sctp_to_nlattr,
|
||||||
.nlattr_size = sctp_nlattr_size,
|
.nlattr_size = sctp_nlattr_size,
|
||||||
.from_nlattr = nlattr_to_sctp,
|
.from_nlattr = nlattr_to_sctp,
|
||||||
|
|
|
@ -1126,7 +1126,7 @@ static bool tcp_new(struct nf_conn *ct, const struct sk_buff *skb,
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
|
|
||||||
#include <linux/netfilter/nfnetlink.h>
|
#include <linux/netfilter/nfnetlink.h>
|
||||||
#include <linux/netfilter/nfnetlink_conntrack.h>
|
#include <linux/netfilter/nfnetlink_conntrack.h>
|
||||||
|
@ -1447,7 +1447,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4 __read_mostly =
|
||||||
.packet = tcp_packet,
|
.packet = tcp_packet,
|
||||||
.new = tcp_new,
|
.new = tcp_new,
|
||||||
.error = tcp_error,
|
.error = tcp_error,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.to_nlattr = tcp_to_nlattr,
|
.to_nlattr = tcp_to_nlattr,
|
||||||
.nlattr_size = tcp_nlattr_size,
|
.nlattr_size = tcp_nlattr_size,
|
||||||
.from_nlattr = nlattr_to_tcp,
|
.from_nlattr = nlattr_to_tcp,
|
||||||
|
@ -1479,7 +1479,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6 __read_mostly =
|
||||||
.packet = tcp_packet,
|
.packet = tcp_packet,
|
||||||
.new = tcp_new,
|
.new = tcp_new,
|
||||||
.error = tcp_error,
|
.error = tcp_error,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.to_nlattr = tcp_to_nlattr,
|
.to_nlattr = tcp_to_nlattr,
|
||||||
.nlattr_size = tcp_nlattr_size,
|
.nlattr_size = tcp_nlattr_size,
|
||||||
.from_nlattr = nlattr_to_tcp,
|
.from_nlattr = nlattr_to_tcp,
|
||||||
|
|
|
@ -188,7 +188,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 __read_mostly =
|
||||||
.packet = udp_packet,
|
.packet = udp_packet,
|
||||||
.new = udp_new,
|
.new = udp_new,
|
||||||
.error = udp_error,
|
.error = udp_error,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
||||||
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
||||||
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
||||||
|
@ -216,7 +216,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 __read_mostly =
|
||||||
.packet = udp_packet,
|
.packet = udp_packet,
|
||||||
.new = udp_new,
|
.new = udp_new,
|
||||||
.error = udp_error,
|
.error = udp_error,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
||||||
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
||||||
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
||||||
|
|
|
@ -174,7 +174,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_udplite4 __read_mostly =
|
||||||
.packet = udplite_packet,
|
.packet = udplite_packet,
|
||||||
.new = udplite_new,
|
.new = udplite_new,
|
||||||
.error = udplite_error,
|
.error = udplite_error,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
||||||
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
||||||
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
||||||
|
@ -198,7 +198,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_udplite6 __read_mostly =
|
||||||
.packet = udplite_packet,
|
.packet = udplite_packet,
|
||||||
.new = udplite_new,
|
.new = udplite_new,
|
||||||
.error = udplite_error,
|
.error = udplite_error,
|
||||||
#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
|
||||||
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
.tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
|
||||||
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
.nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
|
||||||
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
.nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
|
||||||
|
|
|
@ -49,7 +49,7 @@ static u32 hash_v4(const struct sk_buff *skb)
|
||||||
return jhash_2words((__force u32)ipaddr, iph->protocol, jhash_initval);
|
return jhash_2words((__force u32)ipaddr, iph->protocol, jhash_initval);
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
static u32 hash_v6(const struct sk_buff *skb)
|
static u32 hash_v6(const struct sk_buff *skb)
|
||||||
{
|
{
|
||||||
const struct ipv6hdr *ip6h = ipv6_hdr(skb);
|
const struct ipv6hdr *ip6h = ipv6_hdr(skb);
|
||||||
|
@ -74,7 +74,7 @@ nfqueue_tg_v1(struct sk_buff *skb, const struct xt_action_param *par)
|
||||||
if (par->family == NFPROTO_IPV4)
|
if (par->family == NFPROTO_IPV4)
|
||||||
queue = (((u64) hash_v4(skb) * info->queues_total) >>
|
queue = (((u64) hash_v4(skb) * info->queues_total) >>
|
||||||
32) + queue;
|
32) + queue;
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
else if (par->family == NFPROTO_IPV6)
|
else if (par->family == NFPROTO_IPV6)
|
||||||
queue = (((u64) hash_v6(skb) * info->queues_total) >>
|
queue = (((u64) hash_v6(skb) * info->queues_total) >>
|
||||||
32) + queue;
|
32) + queue;
|
||||||
|
|
|
@ -198,7 +198,7 @@ tcpmss_tg4(struct sk_buff *skb, const struct xt_action_param *par)
|
||||||
return XT_CONTINUE;
|
return XT_CONTINUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
static unsigned int
|
static unsigned int
|
||||||
tcpmss_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
tcpmss_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||||
{
|
{
|
||||||
|
@ -260,7 +260,7 @@ static int tcpmss_tg4_check(const struct xt_tgchk_param *par)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
static int tcpmss_tg6_check(const struct xt_tgchk_param *par)
|
static int tcpmss_tg6_check(const struct xt_tgchk_param *par)
|
||||||
{
|
{
|
||||||
const struct xt_tcpmss_info *info = par->targinfo;
|
const struct xt_tcpmss_info *info = par->targinfo;
|
||||||
|
@ -293,7 +293,7 @@ static struct xt_target tcpmss_tg_reg[] __read_mostly = {
|
||||||
.proto = IPPROTO_TCP,
|
.proto = IPPROTO_TCP,
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
},
|
},
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
{
|
{
|
||||||
.family = NFPROTO_IPV6,
|
.family = NFPROTO_IPV6,
|
||||||
.name = "TCPMSS",
|
.name = "TCPMSS",
|
||||||
|
|
|
@ -80,7 +80,7 @@ tcpoptstrip_tg4(struct sk_buff *skb, const struct xt_action_param *par)
|
||||||
sizeof(struct iphdr) + sizeof(struct tcphdr));
|
sizeof(struct iphdr) + sizeof(struct tcphdr));
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_MANGLE) || defined(CONFIG_IP6_NF_MANGLE_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_MANGLE)
|
||||||
static unsigned int
|
static unsigned int
|
||||||
tcpoptstrip_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
tcpoptstrip_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||||
{
|
{
|
||||||
|
@ -109,7 +109,7 @@ static struct xt_target tcpoptstrip_tg_reg[] __read_mostly = {
|
||||||
.targetsize = sizeof(struct xt_tcpoptstrip_target_info),
|
.targetsize = sizeof(struct xt_tcpoptstrip_target_info),
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
},
|
},
|
||||||
#if defined(CONFIG_IP6_NF_MANGLE) || defined(CONFIG_IP6_NF_MANGLE_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_MANGLE)
|
||||||
{
|
{
|
||||||
.name = "TCPOPTSTRIP",
|
.name = "TCPOPTSTRIP",
|
||||||
.family = NFPROTO_IPV6,
|
.family = NFPROTO_IPV6,
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
#include <linux/netfilter/xt_TEE.h>
|
#include <linux/netfilter/xt_TEE.h>
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
# define WITH_CONNTRACK 1
|
# define WITH_CONNTRACK 1
|
||||||
# include <net/netfilter/nf_conntrack.h>
|
# include <net/netfilter/nf_conntrack.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
|
|
||||||
#include <net/netfilter/ipv4/nf_defrag_ipv4.h>
|
#include <net/netfilter/ipv4/nf_defrag_ipv4.h>
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
#define XT_TPROXY_HAVE_IPV6 1
|
#define XT_TPROXY_HAVE_IPV6 1
|
||||||
#include <net/if_inet6.h>
|
#include <net/if_inet6.h>
|
||||||
#include <net/addrconf.h>
|
#include <net/addrconf.h>
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
#include <linux/ip.h>
|
#include <linux/ip.h>
|
||||||
#include <net/route.h>
|
#include <net/route.h>
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
#include <net/ipv6.h>
|
#include <net/ipv6.h>
|
||||||
#include <net/ip6_route.h>
|
#include <net/ip6_route.h>
|
||||||
#include <net/ip6_fib.h>
|
#include <net/ip6_fib.h>
|
||||||
|
@ -31,7 +31,7 @@ MODULE_DESCRIPTION("Xtables: address type match");
|
||||||
MODULE_ALIAS("ipt_addrtype");
|
MODULE_ALIAS("ipt_addrtype");
|
||||||
MODULE_ALIAS("ip6t_addrtype");
|
MODULE_ALIAS("ip6t_addrtype");
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
static u32 match_lookup_rt6(struct net *net, const struct net_device *dev,
|
static u32 match_lookup_rt6(struct net *net, const struct net_device *dev,
|
||||||
const struct in6_addr *addr)
|
const struct in6_addr *addr)
|
||||||
{
|
{
|
||||||
|
@ -149,7 +149,7 @@ addrtype_mt_v1(const struct sk_buff *skb, struct xt_action_param *par)
|
||||||
else if (info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT)
|
else if (info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT)
|
||||||
dev = par->out;
|
dev = par->out;
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
if (par->family == NFPROTO_IPV6)
|
if (par->family == NFPROTO_IPV6)
|
||||||
return addrtype_mt6(net, dev, skb, info);
|
return addrtype_mt6(net, dev, skb, info);
|
||||||
#endif
|
#endif
|
||||||
|
@ -190,7 +190,7 @@ static int addrtype_mt_checkentry_v1(const struct xt_mtchk_param *par)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
if (par->family == NFPROTO_IPV6) {
|
if (par->family == NFPROTO_IPV6) {
|
||||||
if ((info->source | info->dest) & XT_ADDRTYPE_BLACKHOLE) {
|
if ((info->source | info->dest) & XT_ADDRTYPE_BLACKHOLE) {
|
||||||
pr_err("ipv6 BLACKHOLE matching not supported\n");
|
pr_err("ipv6 BLACKHOLE matching not supported\n");
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
#include <linux/mm.h>
|
#include <linux/mm.h>
|
||||||
#include <linux/in.h>
|
#include <linux/in.h>
|
||||||
#include <linux/ip.h>
|
#include <linux/ip.h>
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
#include <linux/ipv6.h>
|
#include <linux/ipv6.h>
|
||||||
#include <net/ipv6.h>
|
#include <net/ipv6.h>
|
||||||
#endif
|
#endif
|
||||||
|
@ -64,7 +64,7 @@ struct dsthash_dst {
|
||||||
__be32 src;
|
__be32 src;
|
||||||
__be32 dst;
|
__be32 dst;
|
||||||
} ip;
|
} ip;
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
struct {
|
struct {
|
||||||
__be32 src[4];
|
__be32 src[4];
|
||||||
__be32 dst[4];
|
__be32 dst[4];
|
||||||
|
@ -413,7 +413,7 @@ static inline __be32 maskl(__be32 a, unsigned int l)
|
||||||
return l ? htonl(ntohl(a) & ~0 << (32 - l)) : 0;
|
return l ? htonl(ntohl(a) & ~0 << (32 - l)) : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
static void hashlimit_ipv6_mask(__be32 *i, unsigned int p)
|
static void hashlimit_ipv6_mask(__be32 *i, unsigned int p)
|
||||||
{
|
{
|
||||||
switch (p) {
|
switch (p) {
|
||||||
|
@ -464,7 +464,7 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
|
||||||
return 0;
|
return 0;
|
||||||
nexthdr = ip_hdr(skb)->protocol;
|
nexthdr = ip_hdr(skb)->protocol;
|
||||||
break;
|
break;
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
case NFPROTO_IPV6:
|
case NFPROTO_IPV6:
|
||||||
if (hinfo->cfg.mode & XT_HASHLIMIT_HASH_DIP) {
|
if (hinfo->cfg.mode & XT_HASHLIMIT_HASH_DIP) {
|
||||||
memcpy(&dst->ip6.dst, &ipv6_hdr(skb)->daddr,
|
memcpy(&dst->ip6.dst, &ipv6_hdr(skb)->daddr,
|
||||||
|
@ -616,7 +616,7 @@ static struct xt_match hashlimit_mt_reg[] __read_mostly = {
|
||||||
.destroy = hashlimit_mt_destroy,
|
.destroy = hashlimit_mt_destroy,
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
},
|
},
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
{
|
{
|
||||||
.name = "hashlimit",
|
.name = "hashlimit",
|
||||||
.revision = 1,
|
.revision = 1,
|
||||||
|
@ -693,7 +693,7 @@ static int dl_seq_real_show(struct dsthash_ent *ent, u_int8_t family,
|
||||||
ent->rateinfo.credit, ent->rateinfo.credit_cap,
|
ent->rateinfo.credit, ent->rateinfo.credit_cap,
|
||||||
ent->rateinfo.cost);
|
ent->rateinfo.cost);
|
||||||
break;
|
break;
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
case NFPROTO_IPV6:
|
case NFPROTO_IPV6:
|
||||||
res = seq_printf(s, "%ld %pI6:%u->%pI6:%u %u %u %u\n",
|
res = seq_printf(s, "%ld %pI6:%u->%pI6:%u %u %u %u\n",
|
||||||
(long)(ent->expires - jiffies)/HZ,
|
(long)(ent->expires - jiffies)/HZ,
|
||||||
|
@ -761,7 +761,7 @@ static int __net_init hashlimit_proc_net_init(struct net *net)
|
||||||
hashlimit_net->ipt_hashlimit = proc_mkdir("ipt_hashlimit", net->proc_net);
|
hashlimit_net->ipt_hashlimit = proc_mkdir("ipt_hashlimit", net->proc_net);
|
||||||
if (!hashlimit_net->ipt_hashlimit)
|
if (!hashlimit_net->ipt_hashlimit)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
hashlimit_net->ip6t_hashlimit = proc_mkdir("ip6t_hashlimit", net->proc_net);
|
hashlimit_net->ip6t_hashlimit = proc_mkdir("ip6t_hashlimit", net->proc_net);
|
||||||
if (!hashlimit_net->ip6t_hashlimit) {
|
if (!hashlimit_net->ip6t_hashlimit) {
|
||||||
proc_net_remove(net, "ipt_hashlimit");
|
proc_net_remove(net, "ipt_hashlimit");
|
||||||
|
@ -774,7 +774,7 @@ static int __net_init hashlimit_proc_net_init(struct net *net)
|
||||||
static void __net_exit hashlimit_proc_net_exit(struct net *net)
|
static void __net_exit hashlimit_proc_net_exit(struct net *net)
|
||||||
{
|
{
|
||||||
proc_net_remove(net, "ipt_hashlimit");
|
proc_net_remove(net, "ipt_hashlimit");
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
proc_net_remove(net, "ip6t_hashlimit");
|
proc_net_remove(net, "ip6t_hashlimit");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
#include <net/netfilter/nf_tproxy_core.h>
|
#include <net/netfilter/nf_tproxy_core.h>
|
||||||
#include <net/netfilter/ipv4/nf_defrag_ipv4.h>
|
#include <net/netfilter/ipv4/nf_defrag_ipv4.h>
|
||||||
|
|
||||||
#if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
|
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
|
||||||
#define XT_SOCKET_HAVE_IPV6 1
|
#define XT_SOCKET_HAVE_IPV6 1
|
||||||
#include <linux/netfilter_ipv6/ip6_tables.h>
|
#include <linux/netfilter_ipv6/ip6_tables.h>
|
||||||
#include <net/netfilter/ipv6/nf_defrag_ipv6.h>
|
#include <net/netfilter/ipv6/nf_defrag_ipv6.h>
|
||||||
|
@ -30,7 +30,7 @@
|
||||||
|
|
||||||
#include <linux/netfilter/xt_socket.h>
|
#include <linux/netfilter/xt_socket.h>
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
||||||
#define XT_SOCKET_HAVE_CONNTRACK 1
|
#define XT_SOCKET_HAVE_CONNTRACK 1
|
||||||
#include <net/netfilter/nf_conntrack.h>
|
#include <net/netfilter/nf_conntrack.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
Loading…
Reference in New Issue