diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2009-07-05 18:26:37 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2010-05-11 18:23:43 +0200 |
commit | de74c16996287250f0d947663127f80c6beebd3c (patch) | |
tree | c7e77e254c5812c8561516dd668eaec732a89a0d /include | |
parent | ef53d702c3614fb919e8a8291033e3dbccfd1aea (diff) |
netfilter: xtables: combine struct xt_match_param and xt_target_param
The structures carried - besides match/target - almost the same data.
It is possible to combine them, as extensions are evaluated serially,
and so, the callers end up a little smaller.
text data bss filename
-15318 740 104 net/ipv4/netfilter/ip_tables.o
+15286 740 104 net/ipv4/netfilter/ip_tables.o
-15333 540 152 net/ipv6/netfilter/ip6_tables.o
+15269 540 152 net/ipv6/netfilter/ip6_tables.o
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/x_tables.h | 42 |
1 files changed, 17 insertions, 25 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index eeb4884c30b..5efa3757d08 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h @@ -182,13 +182,17 @@ struct xt_counters_info { #include <linux/netdevice.h> +#define xt_match_param xt_action_param +#define xt_target_param xt_action_param /** - * struct xt_match_param - parameters for match extensions' match functions + * struct xt_action_param - parameters for matches/targets * + * @match: the match extension + * @target: the target extension + * @matchinfo: per-match data + * @targetinfo: per-target data * @in: input netdevice * @out: output netdevice - * @match: struct xt_match through which this function was invoked - * @matchinfo: per-match data * @fragoff: packet is a fragment, this is the data offset * @thoff: position of transport header relative to skb->data * @hook: hook number given packet came from @@ -197,10 +201,15 @@ struct xt_counters_info { * @hotdrop: drop packet if we had inspection problems * Network namespace obtainable using dev_net(in/out) */ -struct xt_match_param { +struct xt_action_param { + union { + const struct xt_match *match; + const struct xt_target *target; + }; + union { + const void *matchinfo, *targinfo; + }; const struct net_device *in, *out; - const struct xt_match *match; - const void *matchinfo; int fragoff; unsigned int thoff; unsigned int hooknum; @@ -243,23 +252,6 @@ struct xt_mtdtor_param { }; /** - * struct xt_target_param - parameters for target extensions' target functions - * - * @hooknum: hook through which this target was invoked - * @target: struct xt_target through which this function was invoked - * @targinfo: per-target data - * - * Other fields see above. - */ -struct xt_target_param { - const struct net_device *in, *out; - const struct xt_target *target; - const void *targinfo; - unsigned int hooknum; - u_int8_t family; -}; - -/** * struct xt_tgchk_param - parameters for target extensions' * checkentry functions * @@ -298,7 +290,7 @@ struct xt_match { non-linear skb, using skb_header_pointer and skb_ip_make_writable. */ bool (*match)(const struct sk_buff *skb, - const struct xt_match_param *); + const struct xt_action_param *); /* Called when user tries to insert an entry of this type. */ int (*checkentry)(const struct xt_mtchk_param *); @@ -335,7 +327,7 @@ struct xt_target { must now handle non-linear skbs, using skb_copy_bits and skb_ip_make_writable. */ unsigned int (*target)(struct sk_buff *skb, - const struct xt_target_param *); + const struct xt_action_param *); /* Called when user tries to insert an entry of this type: hook_mask is a bitmask of hooks from which it can be |