netfilter: change Ebtables function signatures to match Xtables's

 * The 4 lsb are more than enough to store the verdict. */

#define EBT_VERDICT_BITS 0x0000000F

struct xt_match;

struct xt_target;

struct ebt_counter

{

	uint64_t pcnt;

	struct list_head list;

	const char name[EBT_FUNCTION_MAXNAMELEN];

	bool (*match)(const struct sk_buff *skb, const struct net_device *in,

	   const struct net_device *out, const void *matchdata,

	   unsigned int datalen);

	bool (*check)(const char *tablename, unsigned int hookmask,

	   const struct ebt_entry *e, void *matchdata, unsigned int datalen);

	void (*destroy)(void *matchdata, unsigned int datalen);

		const struct net_device *out, const struct xt_match *match,

		const void *matchinfo, int offset, unsigned int protoff,

		bool *hotdrop);

	bool (*checkentry)(const char *table, const void *entry,

		const struct xt_match *match, void *matchinfo,

		unsigned int hook_mask);

	void (*destroy)(const struct xt_match *match, void *matchinfo);

	unsigned int matchsize;

	u_int8_t revision;

	u_int8_t family;

{

	struct list_head list;

	const char name[EBT_FUNCTION_MAXNAMELEN];

	unsigned int (*watcher)(const struct sk_buff *skb, unsigned int hooknr,

	unsigned int (*target)(struct sk_buff *skb,

		const struct net_device *in, const struct net_device *out,

	   const void *watcherdata, unsigned int datalen);

	bool (*check)(const char *tablename, unsigned int hookmask,

	   const struct ebt_entry *e, void *watcherdata, unsigned int datalen);

	void (*destroy)(void *watcherdata, unsigned int datalen);

		unsigned int hook_num, const struct xt_target *target,

		const void *targinfo);

	bool (*checkentry)(const char *table, const void *entry,

		const struct xt_target *target, void *targinfo,

		unsigned int hook_mask);

	void (*destroy)(const struct xt_target *target, void *targinfo);

	unsigned int targetsize;

	u_int8_t revision;

	u_int8_t family;

	struct list_head list;

	const char name[EBT_FUNCTION_MAXNAMELEN];

	/* returns one of the standard EBT_* verdicts */

	unsigned int (*target)(struct sk_buff *skb, unsigned int hooknr,

	unsigned int (*target)(struct sk_buff *skb,

		const struct net_device *in, const struct net_device *out,

	   const void *targetdata, unsigned int datalen);

	bool (*check)(const char *tablename, unsigned int hookmask,

	   const struct ebt_entry *e, void *targetdata, unsigned int datalen);

	void (*destroy)(void *targetdata, unsigned int datalen);

		unsigned int hook_num, const struct xt_target *target,

		const void *targinfo);

	bool (*checkentry)(const char *table, const void *entry,

		const struct xt_target *target, void *targinfo,

		unsigned int hook_mask);

	void (*destroy)(const struct xt_target *target, void *targinfo);

	unsigned int targetsize;

	u_int8_t revision;

	u_int8_t family;

#include <linux/netfilter_bridge/ebtables.h>

#include <linux/netfilter_bridge/ebt_802_3.h>

static bool ebt_filter_802_3(const struct sk_buff *skb,

   const struct net_device *in,

   const struct net_device *out, const void *data, unsigned int datalen)

static bool

ebt_802_3_mt(const struct sk_buff *skb, const struct net_device *in,

	     const struct net_device *out, const struct xt_match *match,

	     const void *data, int offset, unsigned int protoff, bool *hotdrop)

{

	const struct ebt_802_3_info *info = data;

	const struct ebt_802_3_hdr *hdr = ebt_802_3_hdr(skb);

	return true;

}

static struct ebt_match filter_802_3;

static bool ebt_802_3_check(const char *tablename, unsigned int hookmask,

   const struct ebt_entry *e, void *data, unsigned int datalen)

static bool

ebt_802_3_mt_check(const char *table, const void *entry,

		   const struct xt_match *match, void *data,

		   unsigned int hook_mask)

{

	const struct ebt_802_3_info *info = data;

	.name		= EBT_802_3_MATCH,

	.revision	= 0,

	.family		= NFPROTO_BRIDGE,

	.match		= ebt_filter_802_3,

	.check		= ebt_802_3_check,

	.match		= ebt_802_3_mt,

	.checkentry	= ebt_802_3_mt_check,

	.matchsize	= XT_ALIGN(sizeof(struct ebt_802_3_info)),

	.me		= THIS_MODULE,

};

	return 0;

}

static bool ebt_filter_among(const struct sk_buff *skb,

			     const struct net_device *in,

			     const struct net_device *out, const void *data,

			     unsigned int datalen)

static bool

ebt_among_mt(const struct sk_buff *skb, const struct net_device *in,

	     const struct net_device *out, const struct xt_match *match,

	     const void *data, int offset, unsigned int protoff, bool *hotdrop)

{

	const struct ebt_among_info *info = data;

	const char *dmac, *smac;

}

static bool

ebt_among_check(const char *tablename, unsigned int hookmask,

		const struct ebt_entry *e, void *data,

		unsigned int datalen)

ebt_among_mt_check(const char *table, const void *entry,

		   const struct xt_match *match, void *data,

		   unsigned int hook_mask)

{

	const struct ebt_entry_match *em =

		container_of(data, const struct ebt_entry_match, data);

	.name		= EBT_AMONG_MATCH,

	.revision	= 0,

	.family		= NFPROTO_BRIDGE,

	.match		= ebt_filter_among,

	.check		= ebt_among_check,

	.match		= ebt_among_mt,

	.checkentry	= ebt_among_mt_check,

	.matchsize	= -1, /* special case */

	.me		= THIS_MODULE,

};

#include <linux/netfilter_bridge/ebtables.h>

#include <linux/netfilter_bridge/ebt_arp.h>

static bool ebt_filter_arp(const struct sk_buff *skb,

   const struct net_device *in,

   const struct net_device *out, const void *data, unsigned int datalen)

static bool

ebt_arp_mt(const struct sk_buff *skb, const struct net_device *in,

	   const struct net_device *out, const struct xt_match *match,

	   const void *data, int offset, unsigned int protoff, bool *hotdrop)

{

	const struct ebt_arp_info *info = data;

	const struct arphdr *ah;

	return true;

}

static bool ebt_arp_check(const char *tablename, unsigned int hookmask,

   const struct ebt_entry *e, void *data, unsigned int datalen)

static bool

ebt_arp_mt_check(const char *table, const void *entry,

		 const struct xt_match *match, void *data,

		 unsigned int hook_mask)

{

	const struct ebt_arp_info *info = data;

	const struct ebt_entry *e = entry;

	if ((e->ethproto != htons(ETH_P_ARP) &&

	   e->ethproto != htons(ETH_P_RARP)) ||

	.name		= EBT_ARP_MATCH,

	.revision	= 0,

	.family		= NFPROTO_BRIDGE,

	.match		= ebt_filter_arp,

	.check		= ebt_arp_check,

	.match		= ebt_arp_mt,

	.checkentry	= ebt_arp_mt_check,

	.matchsize	= XT_ALIGN(sizeof(struct ebt_arp_info)),

	.me		= THIS_MODULE,

};

#include <linux/netfilter_bridge/ebtables.h>

#include <linux/netfilter_bridge/ebt_arpreply.h>

static unsigned int ebt_target_reply(struct sk_buff *skb, unsigned int hooknr,

   const struct net_device *in, const struct net_device *out,

   const void *data, unsigned int datalen)

static unsigned int

ebt_arpreply_tg(struct sk_buff *skb, const struct net_device *in,

		const struct net_device *out, unsigned int hook_nr,

		const struct xt_target *target, const void *data)

{

	struct ebt_arpreply_info *info = (void *)data;

	const __be32 *siptr, *diptr;

	return info->target;

}

static bool ebt_target_reply_check(const char *tablename, unsigned int hookmask,

   const struct ebt_entry *e, void *data, unsigned int datalen)

static bool

ebt_arpreply_tg_check(const char *tablename, const void *entry,

		      const struct xt_target *target, void *data,

		      unsigned int hookmask)

{

	const struct ebt_arpreply_info *info = data;

	const struct ebt_entry *e = entry;

	if (BASE_CHAIN && info->target == EBT_RETURN)

		return false;

	.name		= EBT_ARPREPLY_TARGET,

	.revision	= 0,

	.family		= NFPROTO_BRIDGE,

	.target		= ebt_target_reply,

	.check		= ebt_target_reply_check,

	.target		= ebt_arpreply_tg,

	.checkentry	= ebt_arpreply_tg_check,

	.targetsize	= XT_ALIGN(sizeof(struct ebt_arpreply_info)),

	.me		= THIS_MODULE,

};