#include <linux/netfilter.h>
#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_core.h>
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27)
#include <net/netfilter/nf_conntrack_extend.h>
#include <net/netfilter/nf_conntrack_acct.h>
-#endif
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_layer7.h>
#include <linux/ctype.h>
static int total_acct_packets(struct nf_conn *ct)
{
-#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 26)
- BUG_ON(ct == NULL);
- return (ct->counters[IP_CT_DIR_ORIGINAL].packets + ct->counters[IP_CT_DIR_REPLY].packets);
-#else
struct nf_conn_counter *acct;
BUG_ON(ct == NULL);
if (!acct)
return 0;
return (atomic64_read(&acct[IP_CT_DIR_ORIGINAL].packets) + atomic64_read(&acct[IP_CT_DIR_REPLY].packets));
-#endif
}
#ifdef CONFIG_IP_NF_MATCH_LAYER7_DEBUG
return count;
}
-static bool
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 35)
-match(const struct sk_buff *skbin, struct xt_action_param *par)
-#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 28)
-match(const struct sk_buff *skbin, const struct xt_match_param *par)
-#else
-match(const struct sk_buff *skbin,
- const struct net_device *in,
- const struct net_device *out,
- const struct xt_match *match,
- const void *matchinfo,
- int offset,
- unsigned int protoff,
- bool *hotdrop)
-#endif
+static bool match(const struct sk_buff *skbin, struct xt_action_param *par)
{
/* sidestep const without getting a compiler warning... */
struct sk_buff * skb = (struct sk_buff *)skbin;
- const struct xt_layer7_info * info =
- #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 28)
- par->matchinfo;
- #else
- matchinfo;
- #endif
+ const struct xt_layer7_info * info = par->matchinfo;
enum ip_conntrack_info master_ctinfo, ctinfo;
struct nf_conn *master_conntrack, *conntrack;
}
// load nf_conntrack_ipv4
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 35)
-static int
-#else
-static bool
-#endif
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 28)
-check(const struct xt_mtchk_param *par)
+static int check(const struct xt_mtchk_param *par)
{
if (nf_ct_l3proto_try_module_get(par->match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%d\n", par->match->family);
-#else
-check(const char *tablename, const void *inf,
- const struct xt_match *match, void *matchinfo,
- unsigned int hook_mask)
-{
- if (nf_ct_l3proto_try_module_get(match->family) < 0) {
- printk(KERN_WARNING "can't load conntrack support for "
- "proto=%d\n", match->family);
-#endif
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 35)
return -EINVAL;
}
return 0;
-#else
- return 0;
- }
- return 1;
-#endif
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 28)
- static void destroy(const struct xt_mtdtor_param *par)
- {
- nf_ct_l3proto_module_put(par->match->family);
- }
-#else
- static void destroy(const struct xt_match *match, void *matchinfo)
- {
- nf_ct_l3proto_module_put(match->family);
- }
-#endif
+static void destroy(const struct xt_mtdtor_param *par)
+{
+ nf_ct_l3proto_module_put(par->match->family);
+}
static struct xt_match xt_layer7_match[] __read_mostly = {
{
projects / people / ms / linux.git / commitdiff
