From 72b2b1dd77e8feb0b7c0b26dee58f2a1e2c9828c Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 24 Feb 2010 18:32:59 +0100 Subject: netfilter: xtables: replace XT_ENTRY_ITERATE macro The macro is replaced by a list.h-like foreach loop. This makes the code much more inspectable. Signed-off-by: Jan Engelhardt Signed-off-by: Patrick McHardy --- include/linux/netfilter/x_tables.h | 9 +++++++++ include/linux/netfilter_arp/arp_tables.h | 10 ++-------- include/linux/netfilter_ipv4/ip_tables.h | 11 ++--------- include/linux/netfilter_ipv6/ip6_tables.h | 10 ++-------- 4 files changed, 15 insertions(+), 25 deletions(-) (limited to 'include') diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index a18119fb88f0..9df3f5a8f9f7 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h @@ -139,6 +139,7 @@ struct xt_counters_info { __ret; \ }) +#ifndef __KERNEL__ /* fn returns 0 to continue iteration */ #define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ ({ \ @@ -163,6 +164,14 @@ struct xt_counters_info { #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) +#endif /* !__KERNEL__ */ + +/* pos is normally a struct ipt_entry/ip6t_entry/etc. */ +#define xt_entry_foreach(pos, ehead, esize) \ + for ((pos) = (typeof(pos))(ehead); \ + (pos) < (typeof(pos))((char *)(ehead) + (esize)); \ + (pos) = (typeof(pos))((char *)(pos) + (pos)->next_offset)) + #ifdef __KERNEL__ #include diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h index 0b33980611b2..e9948c0560f6 100644 --- a/include/linux/netfilter_arp/arp_tables.h +++ b/include/linux/netfilter_arp/arp_tables.h @@ -211,9 +211,11 @@ static __inline__ struct arpt_entry_target *arpt_get_target(struct arpt_entry *e return (void *)e + e->target_offset; } +#ifndef __KERNEL__ /* fn returns 0 to continue iteration */ #define ARPT_ENTRY_ITERATE(entries, size, fn, args...) \ XT_ENTRY_ITERATE(struct arpt_entry, entries, size, fn, ## args) +#endif /* * Main firewall chains definitions and global var's definitions. @@ -291,14 +293,6 @@ compat_arpt_get_target(struct compat_arpt_entry *e) #define COMPAT_ARPT_ALIGN(s) COMPAT_XT_ALIGN(s) -/* fn returns 0 to continue iteration */ -#define COMPAT_ARPT_ENTRY_ITERATE(entries, size, fn, args...) \ - XT_ENTRY_ITERATE(struct compat_arpt_entry, entries, size, fn, ## args) - -#define COMPAT_ARPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ - XT_ENTRY_ITERATE_CONTINUE(struct compat_arpt_entry, entries, size, n, \ - fn, ## args) - #endif /* CONFIG_COMPAT */ #endif /*__KERNEL__*/ #endif /* _ARPTABLES_H */ diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 364973b42133..5b20ae724b41 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h @@ -227,9 +227,11 @@ ipt_get_target(struct ipt_entry *e) #define IPT_MATCH_ITERATE(e, fn, args...) \ XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args) +#ifndef __KERNEL__ /* fn returns 0 to continue iteration */ #define IPT_ENTRY_ITERATE(entries, size, fn, args...) \ XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args) +#endif /* * Main firewall chains definitions and global var's definitions. @@ -317,15 +319,6 @@ compat_ipt_get_target(struct compat_ipt_entry *e) #define COMPAT_IPT_MATCH_ITERATE(e, fn, args...) \ XT_MATCH_ITERATE(struct compat_ipt_entry, e, fn, ## args) -/* fn returns 0 to continue iteration */ -#define COMPAT_IPT_ENTRY_ITERATE(entries, size, fn, args...) \ - XT_ENTRY_ITERATE(struct compat_ipt_entry, entries, size, fn, ## args) - -/* fn returns 0 to continue iteration */ -#define COMPAT_IPT_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ - XT_ENTRY_ITERATE_CONTINUE(struct compat_ipt_entry, entries, size, n, \ - fn, ## args) - #endif /* CONFIG_COMPAT */ #endif /*__KERNEL__*/ #endif /* _IPTABLES_H */ diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h index 8031eb486a10..8bb3f5ba5ff2 100644 --- a/include/linux/netfilter_ipv6/ip6_tables.h +++ b/include/linux/netfilter_ipv6/ip6_tables.h @@ -284,9 +284,11 @@ ip6t_get_target(struct ip6t_entry *e) #define IP6T_MATCH_ITERATE(e, fn, args...) \ XT_MATCH_ITERATE(struct ip6t_entry, e, fn, ## args) +#ifndef __KERNEL__ /* fn returns 0 to continue iteration */ #define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \ XT_ENTRY_ITERATE(struct ip6t_entry, entries, size, fn, ## args) +#endif /* * Main firewall chains definitions and global var's definitions. @@ -345,14 +347,6 @@ compat_ip6t_get_target(struct compat_ip6t_entry *e) #define COMPAT_IP6T_MATCH_ITERATE(e, fn, args...) \ XT_MATCH_ITERATE(struct compat_ip6t_entry, e, fn, ## args) -/* fn returns 0 to continue iteration */ -#define COMPAT_IP6T_ENTRY_ITERATE(entries, size, fn, args...) \ - XT_ENTRY_ITERATE(struct compat_ip6t_entry, entries, size, fn, ## args) - -#define COMPAT_IP6T_ENTRY_ITERATE_CONTINUE(entries, size, n, fn, args...) \ - XT_ENTRY_ITERATE_CONTINUE(struct compat_ip6t_entry, entries, size, n, \ - fn, ## args) - #endif /* CONFIG_COMPAT */ #endif /*__KERNEL__*/ #endif /* _IP6_TABLES_H */ -- cgit v1.2.3