netfilter: xtables: move extension arguments into compound structure (2/6)

	bool *hotdrop;

};

/**

 * struct xt_mtchk_param - parameters for match extensions'

 * checkentry functions

 *

 * @table:	table the rule is tried to be inserted into

 * @entryinfo:	the family-specific rule data

 * 		(struct ipt_ip, ip6t_ip, ebt_entry)

 * @match:	struct xt_match through which this function was invoked

 * @matchinfo:	per-match data

 * @hook_mask:	via which hooks the new rule is reachable

 */

struct xt_mtchk_param {

	const char *table;

	const void *entryinfo;

	const struct xt_match *match;

	void *matchinfo;

	unsigned int hook_mask;

};

struct xt_match

{

	struct list_head list;

		      const struct xt_match_param *);

	/* Called when user tries to insert an entry of this type. */

	/* Should return true or false. */

	bool (*checkentry)(const char *tablename,

			   const void *ip,

			   const struct xt_match *match,

			   void *matchinfo,

			   unsigned int hook_mask);

	bool (*checkentry)(const struct xt_mtchk_param *);

	/* Called when entry of this type deleted. */

	void (*destroy)(const struct xt_match *match, void *matchinfo);

extern int xt_register_matches(struct xt_match *match, unsigned int n);

extern void xt_unregister_matches(struct xt_match *match, unsigned int n);

extern int xt_check_match(const struct xt_match *match, unsigned short family,

			  unsigned int size, const char *table, unsigned int hook,

			  unsigned short proto, int inv_proto,

			  const void *entry, void *matchinfo);

extern int xt_check_match(struct xt_mtchk_param *, u_int8_t family,

			  unsigned int size, u_int8_t proto, bool inv_proto);

extern int xt_check_target(const struct xt_target *target, unsigned short family,

			   unsigned int size, const char *table, unsigned int hook,

			   unsigned short proto, int inv_proto,

	return true;

}

static bool

ebt_802_3_mt_check(const char *table, const void *entry,

		   const struct xt_match *match, void *data,

		   unsigned int hook_mask)

static bool ebt_802_3_mt_check(const struct xt_mtchk_param *par)

{

	const struct ebt_802_3_info *info = data;

	const struct ebt_802_3_info *info = par->matchinfo;

	if (info->bitmask & ~EBT_802_3_MASK || info->invflags & ~EBT_802_3_MASK)

		return false;

	return true;

}

static bool

ebt_among_mt_check(const char *table, const void *entry,

		   const struct xt_match *match, void *data,

		   unsigned int hook_mask)

static bool ebt_among_mt_check(const struct xt_mtchk_param *par)

{

	const struct ebt_among_info *info = par->matchinfo;

	const struct ebt_entry_match *em =

		container_of(data, const struct ebt_entry_match, data);

	const struct ebt_among_info *info = data;

		container_of(par->matchinfo, const struct ebt_entry_match, data);

	int expected_length = sizeof(struct ebt_among_info);

	const struct ebt_mac_wormhash *wh_dst, *wh_src;

	int err;

	return true;

}

static bool

ebt_arp_mt_check(const char *table, const void *entry,

		 const struct xt_match *match, void *data,

		 unsigned int hook_mask)

static bool ebt_arp_mt_check(const struct xt_mtchk_param *par)

{

	const struct ebt_arp_info *info = data;

	const struct ebt_entry *e = entry;

	const struct ebt_arp_info *info = par->matchinfo;

	const struct ebt_entry *e = par->entryinfo;

	if ((e->ethproto != htons(ETH_P_ARP) &&

	   e->ethproto != htons(ETH_P_RARP)) ||

	return true;

}

static bool

ebt_ip_mt_check(const char *table, const void *entry,

		const struct xt_match *match, void *data,

		unsigned int hook_mask)

static bool ebt_ip_mt_check(const struct xt_mtchk_param *par)

{

	const struct ebt_ip_info *info = data;

	const struct ebt_entry *e = entry;

	const struct ebt_ip_info *info = par->matchinfo;

	const struct ebt_entry *e = par->entryinfo;

	if (e->ethproto != htons(ETH_P_IP) ||

	   e->invflags & EBT_IPROTO)