Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6

#define EBT_ALIGN(s) (((s) + (__alignof__(struct ebt_replace)-1)) & \

#define EBT_ALIGN(s) (((s) + (__alignof__(struct ebt_replace)-1)) & \

		     ~(__alignof__(struct ebt_replace)-1))

		     ~(__alignof__(struct ebt_replace)-1))

extern int ebt_register_table(struct ebt_table *table);

extern struct ebt_table *ebt_register_table(struct net *net,

					    struct ebt_table *table);

extern void ebt_unregister_table(struct ebt_table *table);

extern void ebt_unregister_table(struct ebt_table *table);

extern unsigned int ebt_do_table(unsigned int hook, struct sk_buff *skb,

extern unsigned int ebt_do_table(unsigned int hook, struct sk_buff *skb,

   const struct net_device *in, const struct net_device *out,

   const struct net_device *in, const struct net_device *out,

#ifndef _IPT_POLICY_H

#ifndef _IPT_POLICY_H

#define _IPT_POLICY_H

#define _IPT_POLICY_H

#include <linux/netfilter/xt_policy.h>

#define IPT_POLICY_MAX_ELEM		XT_POLICY_MAX_ELEM

#define IPT_POLICY_MAX_ELEM		XT_POLICY_MAX_ELEM

/* ipt_policy_flags */

/* ipt_policy_flags */

#ifndef _IP6T_POLICY_H

#ifndef _IP6T_POLICY_H

#define _IP6T_POLICY_H

#define _IP6T_POLICY_H

#include <linux/netfilter/xt_policy.h>

#define IP6T_POLICY_MAX_ELEM		XT_POLICY_MAX_ELEM

#define IP6T_POLICY_MAX_ELEM		XT_POLICY_MAX_ELEM

/* ip6t_policy_flags */

/* ip6t_policy_flags */

extern void nf_conntrack_hash_insert(struct nf_conn *ct);

extern void nf_conntrack_hash_insert(struct nf_conn *ct);

extern void nf_conntrack_flush(struct net *net);

extern void nf_conntrack_flush(struct net *net, u32 pid, int report);

extern bool nf_ct_get_tuplepr(const struct sk_buff *skb,

extern bool nf_ct_get_tuplepr(const struct sk_buff *skb,

			      unsigned int nhoff, u_int16_t l3num,

			      unsigned int nhoff, u_int16_t l3num,

	local_bh_enable();				\

	local_bh_enable();				\

} while (0)

} while (0)

#define MODULE_ALIAS_NFCT_HELPER(helper) \

        MODULE_ALIAS("nfct-helper-" helper)

#endif /* __KERNEL__ */

#endif /* __KERNEL__ */

#endif /* _NF_CONNTRACK_H */

#endif /* _NF_CONNTRACK_H */

	unsigned int events;

	unsigned int events;

};

};

/* This structure is passed to event handler */

struct nf_ct_event {

	struct nf_conn *ct;

	u32 pid;

	int report;

};

extern struct atomic_notifier_head nf_conntrack_chain;

extern struct atomic_notifier_head nf_conntrack_chain;

extern int nf_conntrack_register_notifier(struct notifier_block *nb);

extern int nf_conntrack_register_notifier(struct notifier_block *nb);

extern int nf_conntrack_unregister_notifier(struct notifier_block *nb);

extern int nf_conntrack_unregister_notifier(struct notifier_block *nb);

	local_bh_enable();

	local_bh_enable();

}

}

static inline void nf_conntrack_event(enum ip_conntrack_events event,

static inline void

				      struct nf_conn *ct)

nf_conntrack_event_report(enum ip_conntrack_events event,

			  struct nf_conn *ct,

			  u32 pid,

			  int report)

{

{

	struct nf_ct_event item = {

		.ct 	= ct,

		.pid	= pid,

		.report = report

	};

	if (nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))

	if (nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))

		atomic_notifier_call_chain(&nf_conntrack_chain, event, ct);

		atomic_notifier_call_chain(&nf_conntrack_chain, event, &item);

}

}

static inline void

nf_conntrack_event(enum ip_conntrack_events event, struct nf_conn *ct)

{

	nf_conntrack_event_report(event, ct, 0, 0);

}

struct nf_exp_event {

	struct nf_conntrack_expect *exp;

	u32 pid;

	int report;

};

extern struct atomic_notifier_head nf_ct_expect_chain;

extern struct atomic_notifier_head nf_ct_expect_chain;

extern int nf_ct_expect_register_notifier(struct notifier_block *nb);

extern int nf_ct_expect_register_notifier(struct notifier_block *nb);

extern int nf_ct_expect_unregister_notifier(struct notifier_block *nb);

extern int nf_ct_expect_unregister_notifier(struct notifier_block *nb);

static inline void

nf_ct_expect_event_report(enum ip_conntrack_expect_events event,

			  struct nf_conntrack_expect *exp,

			  u32 pid,

			  int report)

{

	struct nf_exp_event item = {

		.exp	= exp,

		.pid	= pid,

		.report = report

	};

	atomic_notifier_call_chain(&nf_ct_expect_chain, event, &item);

}

static inline void

static inline void

nf_ct_expect_event(enum ip_conntrack_expect_events event,

nf_ct_expect_event(enum ip_conntrack_expect_events event,

		   struct nf_conntrack_expect *exp)

		   struct nf_conntrack_expect *exp)

{

{

	atomic_notifier_call_chain(&nf_ct_expect_chain, event, exp);

	nf_ct_expect_event_report(event, exp, 0, 0);

}

}

extern int nf_conntrack_ecache_init(struct net *net);

extern int nf_conntrack_ecache_init(struct net *net);

					    struct nf_conn *ct) {}

					    struct nf_conn *ct) {}

static inline void nf_conntrack_event(enum ip_conntrack_events event,

static inline void nf_conntrack_event(enum ip_conntrack_events event,

				      struct nf_conn *ct) {}

				      struct nf_conn *ct) {}

static inline void nf_conntrack_event_report(enum ip_conntrack_events event,

					     struct nf_conn *ct,

					     u32 pid,

					     int report) {}

static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) {}

static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) {}

static inline void nf_ct_expect_event(enum ip_conntrack_expect_events event,

static inline void nf_ct_expect_event(enum ip_conntrack_expect_events event,

				      struct nf_conntrack_expect *exp) {}

				      struct nf_conntrack_expect *exp) {}

static inline void nf_ct_expect_event_report(enum ip_conntrack_expect_events e,

					     struct nf_conntrack_expect *exp,

 					     u32 pid,

 					     int report) {}

static inline void nf_ct_event_cache_flush(struct net *net) {}

static inline void nf_ct_event_cache_flush(struct net *net) {}

static inline int nf_conntrack_ecache_init(struct net *net)

static inline int nf_conntrack_ecache_init(struct net *net)