mirror of
https://github.com/adulau/aha.git
synced 2024-12-29 12:16:20 +00:00
netfilter: xtables: switch hook PFs to nfproto
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
This commit is contained in:
parent
57750a22ed
commit
24c232d8e9
11 changed files with 36 additions and 36 deletions
|
@ -77,21 +77,21 @@ static struct nf_hook_ops ebt_ops_filter[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ebt_in_hook,
|
.hook = ebt_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_BRIDGE,
|
.pf = NFPROTO_BRIDGE,
|
||||||
.hooknum = NF_BR_LOCAL_IN,
|
.hooknum = NF_BR_LOCAL_IN,
|
||||||
.priority = NF_BR_PRI_FILTER_BRIDGED,
|
.priority = NF_BR_PRI_FILTER_BRIDGED,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ebt_in_hook,
|
.hook = ebt_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_BRIDGE,
|
.pf = NFPROTO_BRIDGE,
|
||||||
.hooknum = NF_BR_FORWARD,
|
.hooknum = NF_BR_FORWARD,
|
||||||
.priority = NF_BR_PRI_FILTER_BRIDGED,
|
.priority = NF_BR_PRI_FILTER_BRIDGED,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ebt_out_hook,
|
.hook = ebt_out_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_BRIDGE,
|
.pf = NFPROTO_BRIDGE,
|
||||||
.hooknum = NF_BR_LOCAL_OUT,
|
.hooknum = NF_BR_LOCAL_OUT,
|
||||||
.priority = NF_BR_PRI_FILTER_OTHER,
|
.priority = NF_BR_PRI_FILTER_OTHER,
|
||||||
},
|
},
|
||||||
|
|
|
@ -77,21 +77,21 @@ static struct nf_hook_ops ebt_ops_nat[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ebt_nat_out,
|
.hook = ebt_nat_out,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_BRIDGE,
|
.pf = NFPROTO_BRIDGE,
|
||||||
.hooknum = NF_BR_LOCAL_OUT,
|
.hooknum = NF_BR_LOCAL_OUT,
|
||||||
.priority = NF_BR_PRI_NAT_DST_OTHER,
|
.priority = NF_BR_PRI_NAT_DST_OTHER,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ebt_nat_out,
|
.hook = ebt_nat_out,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_BRIDGE,
|
.pf = NFPROTO_BRIDGE,
|
||||||
.hooknum = NF_BR_POST_ROUTING,
|
.hooknum = NF_BR_POST_ROUTING,
|
||||||
.priority = NF_BR_PRI_NAT_SRC,
|
.priority = NF_BR_PRI_NAT_SRC,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ebt_nat_in,
|
.hook = ebt_nat_in,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_BRIDGE,
|
.pf = NFPROTO_BRIDGE,
|
||||||
.hooknum = NF_BR_PRE_ROUTING,
|
.hooknum = NF_BR_PRE_ROUTING,
|
||||||
.priority = NF_BR_PRI_NAT_DST_BRIDGED,
|
.priority = NF_BR_PRI_NAT_DST_BRIDGED,
|
||||||
},
|
},
|
||||||
|
|
|
@ -102,21 +102,21 @@ static struct nf_hook_ops ipt_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ipt_local_in_hook,
|
.hook = ipt_local_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP_PRI_FILTER,
|
.priority = NF_IP_PRI_FILTER,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_hook,
|
.hook = ipt_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_FORWARD,
|
.hooknum = NF_INET_FORWARD,
|
||||||
.priority = NF_IP_PRI_FILTER,
|
.priority = NF_IP_PRI_FILTER,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_local_out_hook,
|
.hook = ipt_local_out_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP_PRI_FILTER,
|
.priority = NF_IP_PRI_FILTER,
|
||||||
},
|
},
|
||||||
|
|
|
@ -162,35 +162,35 @@ static struct nf_hook_ops ipt_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ipt_pre_routing_hook,
|
.hook = ipt_pre_routing_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_PRE_ROUTING,
|
.hooknum = NF_INET_PRE_ROUTING,
|
||||||
.priority = NF_IP_PRI_MANGLE,
|
.priority = NF_IP_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_local_in_hook,
|
.hook = ipt_local_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP_PRI_MANGLE,
|
.priority = NF_IP_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_forward_hook,
|
.hook = ipt_forward_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_FORWARD,
|
.hooknum = NF_INET_FORWARD,
|
||||||
.priority = NF_IP_PRI_MANGLE,
|
.priority = NF_IP_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_local_hook,
|
.hook = ipt_local_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP_PRI_MANGLE,
|
.priority = NF_IP_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_post_routing_hook,
|
.hook = ipt_post_routing_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_POST_ROUTING,
|
.hooknum = NF_INET_POST_ROUTING,
|
||||||
.priority = NF_IP_PRI_MANGLE,
|
.priority = NF_IP_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
|
|
|
@ -74,14 +74,14 @@ ipt_local_hook(unsigned int hook,
|
||||||
static struct nf_hook_ops ipt_ops[] __read_mostly = {
|
static struct nf_hook_ops ipt_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ipt_hook,
|
.hook = ipt_hook,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_PRE_ROUTING,
|
.hooknum = NF_INET_PRE_ROUTING,
|
||||||
.priority = NF_IP_PRI_RAW,
|
.priority = NF_IP_PRI_RAW,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_local_hook,
|
.hook = ipt_local_hook,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP_PRI_RAW,
|
.priority = NF_IP_PRI_RAW,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
|
|
|
@ -105,21 +105,21 @@ static struct nf_hook_ops ipt_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ipt_local_in_hook,
|
.hook = ipt_local_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP_PRI_SECURITY,
|
.priority = NF_IP_PRI_SECURITY,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_forward_hook,
|
.hook = ipt_forward_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_FORWARD,
|
.hooknum = NF_INET_FORWARD,
|
||||||
.priority = NF_IP_PRI_SECURITY,
|
.priority = NF_IP_PRI_SECURITY,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ipt_local_out_hook,
|
.hook = ipt_local_out_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP_PRI_SECURITY,
|
.priority = NF_IP_PRI_SECURITY,
|
||||||
},
|
},
|
||||||
|
|
|
@ -251,7 +251,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = nf_nat_in,
|
.hook = nf_nat_in,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_PRE_ROUTING,
|
.hooknum = NF_INET_PRE_ROUTING,
|
||||||
.priority = NF_IP_PRI_NAT_DST,
|
.priority = NF_IP_PRI_NAT_DST,
|
||||||
},
|
},
|
||||||
|
@ -259,7 +259,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = nf_nat_out,
|
.hook = nf_nat_out,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_POST_ROUTING,
|
.hooknum = NF_INET_POST_ROUTING,
|
||||||
.priority = NF_IP_PRI_NAT_SRC,
|
.priority = NF_IP_PRI_NAT_SRC,
|
||||||
},
|
},
|
||||||
|
@ -267,7 +267,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = nf_nat_local_fn,
|
.hook = nf_nat_local_fn,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP_PRI_NAT_DST,
|
.priority = NF_IP_PRI_NAT_DST,
|
||||||
},
|
},
|
||||||
|
@ -275,7 +275,7 @@ static struct nf_hook_ops nf_nat_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = nf_nat_fn,
|
.hook = nf_nat_fn,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET,
|
.pf = NFPROTO_IPV4,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP_PRI_NAT_SRC,
|
.priority = NF_IP_PRI_NAT_SRC,
|
||||||
},
|
},
|
||||||
|
|
|
@ -95,21 +95,21 @@ static struct nf_hook_ops ip6t_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ip6t_in_hook,
|
.hook = ip6t_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP6_PRI_FILTER,
|
.priority = NF_IP6_PRI_FILTER,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_in_hook,
|
.hook = ip6t_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_FORWARD,
|
.hooknum = NF_INET_FORWARD,
|
||||||
.priority = NF_IP6_PRI_FILTER,
|
.priority = NF_IP6_PRI_FILTER,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_local_out_hook,
|
.hook = ip6t_local_out_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP6_PRI_FILTER,
|
.priority = NF_IP6_PRI_FILTER,
|
||||||
},
|
},
|
||||||
|
|
|
@ -136,35 +136,35 @@ static struct nf_hook_ops ip6t_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ip6t_in_hook,
|
.hook = ip6t_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_PRE_ROUTING,
|
.hooknum = NF_INET_PRE_ROUTING,
|
||||||
.priority = NF_IP6_PRI_MANGLE,
|
.priority = NF_IP6_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_in_hook,
|
.hook = ip6t_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP6_PRI_MANGLE,
|
.priority = NF_IP6_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_in_hook,
|
.hook = ip6t_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_FORWARD,
|
.hooknum = NF_INET_FORWARD,
|
||||||
.priority = NF_IP6_PRI_MANGLE,
|
.priority = NF_IP6_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_local_out_hook,
|
.hook = ip6t_local_out_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP6_PRI_MANGLE,
|
.priority = NF_IP6_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_post_routing_hook,
|
.hook = ip6t_post_routing_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_POST_ROUTING,
|
.hooknum = NF_INET_POST_ROUTING,
|
||||||
.priority = NF_IP6_PRI_MANGLE,
|
.priority = NF_IP6_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
|
|
|
@ -68,14 +68,14 @@ ip6t_local_out_hook(unsigned int hook,
|
||||||
static struct nf_hook_ops ip6t_ops[] __read_mostly = {
|
static struct nf_hook_ops ip6t_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ip6t_pre_routing_hook,
|
.hook = ip6t_pre_routing_hook,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_PRE_ROUTING,
|
.hooknum = NF_INET_PRE_ROUTING,
|
||||||
.priority = NF_IP6_PRI_FIRST,
|
.priority = NF_IP6_PRI_FIRST,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_local_out_hook,
|
.hook = ip6t_local_out_hook,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP6_PRI_FIRST,
|
.priority = NF_IP6_PRI_FIRST,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
|
|
|
@ -101,21 +101,21 @@ static struct nf_hook_ops ip6t_ops[] __read_mostly = {
|
||||||
{
|
{
|
||||||
.hook = ip6t_local_in_hook,
|
.hook = ip6t_local_in_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
.priority = NF_IP6_PRI_SECURITY,
|
.priority = NF_IP6_PRI_SECURITY,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_forward_hook,
|
.hook = ip6t_forward_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_FORWARD,
|
.hooknum = NF_INET_FORWARD,
|
||||||
.priority = NF_IP6_PRI_SECURITY,
|
.priority = NF_IP6_PRI_SECURITY,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_local_out_hook,
|
.hook = ip6t_local_out_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = NFPROTO_IPV6,
|
||||||
.hooknum = NF_INET_LOCAL_OUT,
|
.hooknum = NF_INET_LOCAL_OUT,
|
||||||
.priority = NF_IP6_PRI_SECURITY,
|
.priority = NF_IP6_PRI_SECURITY,
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue