summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2009-07-05 18:26:37 +0200
committerJan Engelhardt <jengelh@medozas.de>2010-05-11 18:23:43 +0200
commitde74c16996287250f0d947663127f80c6beebd3c (patch)
treec7e77e254c5812c8561516dd668eaec732a89a0d /include
parentef53d702c3614fb919e8a8291033e3dbccfd1aea (diff)
netfilter: xtables: combine struct xt_match_param and xt_target_param
The structures carried - besides match/target - almost the same data. It is possible to combine them, as extensions are evaluated serially, and so, the callers end up a little smaller. text data bss filename -15318 740 104 net/ipv4/netfilter/ip_tables.o +15286 740 104 net/ipv4/netfilter/ip_tables.o -15333 540 152 net/ipv6/netfilter/ip6_tables.o +15269 540 152 net/ipv6/netfilter/ip6_tables.o Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter/x_tables.h42
1 files changed, 17 insertions, 25 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index eeb4884c30b..5efa3757d08 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -182,13 +182,17 @@ struct xt_counters_info {
#include <linux/netdevice.h>
+#define xt_match_param xt_action_param
+#define xt_target_param xt_action_param
/**
- * struct xt_match_param - parameters for match extensions' match functions
+ * struct xt_action_param - parameters for matches/targets
*
+ * @match: the match extension
+ * @target: the target extension
+ * @matchinfo: per-match data
+ * @targetinfo: per-target data
* @in: input netdevice
* @out: output netdevice
- * @match: struct xt_match through which this function was invoked
- * @matchinfo: per-match data
* @fragoff: packet is a fragment, this is the data offset
* @thoff: position of transport header relative to skb->data
* @hook: hook number given packet came from
@@ -197,10 +201,15 @@ struct xt_counters_info {
* @hotdrop: drop packet if we had inspection problems
* Network namespace obtainable using dev_net(in/out)
*/
-struct xt_match_param {
+struct xt_action_param {
+ union {
+ const struct xt_match *match;
+ const struct xt_target *target;
+ };
+ union {
+ const void *matchinfo, *targinfo;
+ };
const struct net_device *in, *out;
- const struct xt_match *match;
- const void *matchinfo;
int fragoff;
unsigned int thoff;
unsigned int hooknum;
@@ -243,23 +252,6 @@ struct xt_mtdtor_param {
};
/**
- * struct xt_target_param - parameters for target extensions' target functions
- *
- * @hooknum: hook through which this target was invoked
- * @target: struct xt_target through which this function was invoked
- * @targinfo: per-target data
- *
- * Other fields see above.
- */
-struct xt_target_param {
- const struct net_device *in, *out;
- const struct xt_target *target;
- const void *targinfo;
- unsigned int hooknum;
- u_int8_t family;
-};
-
-/**
* struct xt_tgchk_param - parameters for target extensions'
* checkentry functions
*
@@ -298,7 +290,7 @@ struct xt_match {
non-linear skb, using skb_header_pointer and
skb_ip_make_writable. */
bool (*match)(const struct sk_buff *skb,
- const struct xt_match_param *);
+ const struct xt_action_param *);
/* Called when user tries to insert an entry of this type. */
int (*checkentry)(const struct xt_mtchk_param *);
@@ -335,7 +327,7 @@ struct xt_target {
must now handle non-linear skbs, using skb_copy_bits and
skb_ip_make_writable. */
unsigned int (*target)(struct sk_buff *skb,
- const struct xt_target_param *);
+ const struct xt_action_param *);
/* Called when user tries to insert an entry of this type:
hook_mask is a bitmask of hooks from which it can be