From: Jan Engelhardt <jengelh@inai.de>
Date: Fri, 6 Sep 2019 08:02:57 +0000 (+0200)
Subject: xt_PROTO: style fixes
X-Git-Tag: v3.4~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=358991306ca4f86a89f881a61e7af03765b6842c;p=thirdparty%2Fxtables-addons.git

xt_PROTO: style fixes
---

diff --git a/extensions/libxt_PROTO.c b/extensions/libxt_PROTO.c
index 9d98e50..e312eaa 100644
--- a/extensions/libxt_PROTO.c
+++ b/extensions/libxt_PROTO.c
@@ -60,36 +60,28 @@ static void PROTO_check(struct xt_fcheck_call *cb)
 
 static void PROTO_save(const void *ip, const struct xt_entry_target *target)
 {
-	const struct xt_PROTO_info *info = 
-		(struct xt_PROTO_info *) target->data;
+	const struct xt_PROTO_info *info = (void *)target->data;
 
-	if(info->mode & (1 << XT_PROTO_SET)){
+	if (info->mode & (1 << XT_PROTO_SET))
 		printf(" --proto-set %u", info->proto);
-	} 
-	if(info->mode & (1 << XT_PROTO_STOP_AT_FRAG)){
+	if (info->mode & (1 << XT_PROTO_STOP_AT_FRAG))
 		printf(" --stop-at-frag");
-	} 
-	if(info->mode & (1 << XT_PROTO_STOP_AT_AUTH)){
+	if (info->mode & (1 << XT_PROTO_STOP_AT_AUTH))
 		printf(" --stop-at-auth");
-	} 
 }
 
 static void PROTO_print(const void *ip, const struct xt_entry_target *target,
                      int numeric)
 {
-	const struct xt_PROTO_info *info =
-		(struct xt_PROTO_info *) target->data;
+	const struct xt_PROTO_info *info = (void *)target->data;
 
 	printf(" PROTO ");
-	if(info->mode & (1 << XT_PROTO_SET)){
+	if (info->mode & (1 << XT_PROTO_SET))
 		printf("set to %u", info->proto);
-	} 
-	if(info->mode & (1 << XT_PROTO_STOP_AT_FRAG)){
+	if (info->mode & (1 << XT_PROTO_STOP_AT_FRAG))
 		printf(" stop-at-frag");
-	} 
-	if(info->mode & (1 << XT_PROTO_STOP_AT_AUTH)){
+	if (info->mode & (1 << XT_PROTO_STOP_AT_AUTH))
 		printf(" stop-at-auth");
-	} 
 }
 
 static struct xtables_target proto_tg_reg = {
diff --git a/extensions/libxt_PROTO.man b/extensions/libxt_PROTO.man
index 6dc9185..4b0747f 100644
--- a/extensions/libxt_PROTO.man
+++ b/extensions/libxt_PROTO.man
@@ -20,11 +20,11 @@ For IPv6 packets, the scenario can be more complex due to the introduction of
 the extension headers mechanism. By default, the PROTO target will scan the IPv6
 packet, finding the last extension header and modify its \fBNext-header\fP field.
 Normally, the following headers will be seen as an extension header:
-\fINEXTHDR_HOP\fP, 
+\fINEXTHDR_HOP\fP,
 \fINEXTHDR_ROUTING\fP,
 \fINEXTHDR_FRAGMENT\fP,
 \fINEXTHDR_AUTH\fP,
 \fINEXTHDR_DEST\fP.
 .PP
 For fragmented packets, only the first fragment is processed and other fragments
-are not touched. 
+are not touched.
diff --git a/extensions/xt_PROTO.c b/extensions/xt_PROTO.c
index 93b29ba..2dbd6c4 100644
--- a/extensions/xt_PROTO.c
+++ b/extensions/xt_PROTO.c
@@ -12,8 +12,6 @@
 #include <linux/ipv6.h>
 #include <net/ipv6.h>
 #include <net/checksum.h>
-
-
 #include <linux/netfilter/x_tables.h>
 #include "xt_PROTO.h"
 
@@ -32,14 +30,12 @@ proto_tg(struct sk_buff *skb, const struct xt_action_param *par)
 		return NF_DROP;
 
 	iph = ip_hdr(skb);
-
 	new_proto = iph->protocol;
-	if(info->mode & (1 << XT_PROTO_SET)){
+	if (info->mode & (1 << XT_PROTO_SET))
 		new_proto = info->proto;
-	}
 	if (new_proto != iph->protocol) {
 		csum_replace2(&iph->check, htons(iph->protocol & 0xff),
-					   htons(new_proto & 0xff));
+		              htons(new_proto & 0xff));
 		iph->protocol = new_proto;
 	}
 
@@ -51,7 +47,7 @@ proto_tg6(struct sk_buff *skb, const struct xt_action_param *par)
 {
 	struct ipv6hdr *ip6h;
 	const struct xt_PROTO_info *info = par->targinfo;
-	u8 *nexthdr; 
+	u8 *nexthdr;
 	unsigned int hdr_offset;
 	__be16 *fp;
 
@@ -60,60 +56,49 @@ proto_tg6(struct sk_buff *skb, const struct xt_action_param *par)
 
 	ip6h = ipv6_hdr(skb);
 	nexthdr = &ip6h->nexthdr;
-
 	hdr_offset = sizeof(struct ipv6hdr);
 
-	for(;;){
+	for (;;) {
 		struct ipv6_opt_hdr _opthdr, *opthp;
 		unsigned int hdrlen;
 		unsigned short _frag_off;
-		if ((!ipv6_ext_hdr(*nexthdr)) || *nexthdr == NEXTHDR_NONE) {
+		if (!ipv6_ext_hdr(*nexthdr) || *nexthdr == NEXTHDR_NONE)
 			break;
-		}
 		opthp = skb_header_pointer(skb, skb_network_offset(skb) + hdr_offset, sizeof(_opthdr), &_opthdr);
-		if(!opthp){
+		if (!opthp)
 			return NF_DROP;
-		}
-		if(*nexthdr == NEXTHDR_FRAGMENT){
-			if(info->mode & (1 << XT_PROTO_STOP_AT_FRAG)){
+		if (*nexthdr == NEXTHDR_FRAGMENT) {
+			if (info->mode & (1 << XT_PROTO_STOP_AT_FRAG))
 				break;
-			}
-			fp = skb_header_pointer(skb,
-						skb_network_offset(skb) + hdr_offset + 
-							offsetof(struct frag_hdr,
-							       frag_off),
-						sizeof(_frag_off),
-						&_frag_off);
+			fp = skb_header_pointer(skb, skb_network_offset(skb) +
+			     hdr_offset + offsetof(struct frag_hdr, frag_off),
+			     sizeof(_frag_off), &_frag_off);
 			if (!fp)
 				return NF_DROP;
 			_frag_off = ntohs(*fp) & ~0x7;
-			if(_frag_off){ // if the packet is not the first fragment
-				if ((!ipv6_ext_hdr(opthp->nexthdr)) || opthp->nexthdr == NEXTHDR_NONE || 
-					((info->mode & (1 << XT_PROTO_STOP_AT_AUTH)) && opthp->nexthdr == NEXTHDR_AUTH)
-				) {
-					nexthdr = &((struct ipv6_opt_hdr*)(skb_network_header(skb) + hdr_offset))->nexthdr;
+			if (_frag_off) { // if the packet is not the first fragment
+				if (!ipv6_ext_hdr(opthp->nexthdr) || opthp->nexthdr == NEXTHDR_NONE ||
+				    (info->mode & (1 << XT_PROTO_STOP_AT_AUTH) && opthp->nexthdr == NEXTHDR_AUTH)) {
+					nexthdr = &((struct ipv6_opt_hdr *)(skb_network_header(skb) + hdr_offset))->nexthdr;
 					break;
-				}else{
+				} else {
 					return XT_CONTINUE;
 				}
 			}
 			hdrlen = 8;
-		}else if(*nexthdr == NEXTHDR_AUTH){
-			if(info->mode & (1 << XT_PROTO_STOP_AT_AUTH)){
+		} else if(*nexthdr == NEXTHDR_AUTH) {
+			if (info->mode & (1 << XT_PROTO_STOP_AT_AUTH))
 				break;
-			}
 			hdrlen = (opthp->hdrlen + 2) << 2;
-		}else{
+		} else {
 			hdrlen = ipv6_optlen(opthp);
 		}
-		nexthdr = &((struct ipv6_opt_hdr*)(skb_network_header(skb) + hdr_offset))->nexthdr;
+		nexthdr = &((struct ipv6_opt_hdr *)(skb_network_header(skb) + hdr_offset))->nexthdr;
 		hdr_offset += hdrlen;
 	}
 	
-	if(info->mode & (1 << XT_PROTO_SET)){
+	if (info->mode & (1 << XT_PROTO_SET))
 		*nexthdr = info->proto;
-	}
-
 	return XT_CONTINUE;
 }
 
@@ -121,12 +106,12 @@ static int proto_tg_check(const struct xt_tgchk_param *par)
 {
 	const struct xt_PROTO_info *info = par->targinfo;
 
-	if ((info->mode & (1 << XT_PROTO_SET)) == 0){
+	if ((info->mode & (1 << XT_PROTO_SET)) == 0) {
 		pr_info_ratelimited("Did not specify any proto to set\n");
 		return -EINVAL;
 	}
-	if ((par->family != NFPROTO_IPV6) && ((info->mode & ((1 << XT_PROTO_STOP_AT_FRAG) | (1 << XT_PROTO_STOP_AT_AUTH))) != 0)){
-		pr_info_ratelimited("Must not specify stop-at-frag and stop-at-auth on non-ipv6 targets\n"); 
+	if (par->family != NFPROTO_IPV6 && (info->mode & ((1 << XT_PROTO_STOP_AT_FRAG) | (1 << XT_PROTO_STOP_AT_AUTH))) != 0) {
+		pr_info_ratelimited("Must not specify stop-at-frag and stop-at-auth on non-ipv6 targets\n");
 		return -EPROTOTYPE;
 	}
 	return 0;
@@ -169,4 +154,3 @@ module_init(proto_tg_init);
 module_exit(proto_tg_exit);
 MODULE_ALIAS("ipt_PROTO");
 MODULE_ALIAS("ip6t_PROTO");
-