diff options
author | Patrick McHardy <kaber@trash.net> | 2006-03-20 18:01:14 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2006-03-20 18:01:14 -0800 |
commit | 1d5cd90976fa0d1cc21554b9d43f5c517323ebfc (patch) | |
tree | 3eb43557a1d23c71ea41b91e4ee001ac43b8ba21 /net/ipv4/netfilter/ipt_esp.c | |
parent | 3cdc7c953eb1e1e1d1b82adbd140bf3451c165b1 (diff) |
[NETFILTER]: Convert ip_tables matches/targets to centralized error checking
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/netfilter/ipt_esp.c')
-rw-r--r-- | net/ipv4/netfilter/ipt_esp.c | 23 |
1 files changed, 6 insertions, 17 deletions
diff --git a/net/ipv4/netfilter/ipt_esp.c b/net/ipv4/netfilter/ipt_esp.c index 9de191a8162..984fa4862ce 100644 --- a/net/ipv4/netfilter/ipt_esp.c +++ b/net/ipv4/netfilter/ipt_esp.c @@ -77,32 +77,21 @@ checkentry(const char *tablename, unsigned int hook_mask) { const struct ipt_esp *espinfo = matchinfo; - const struct ipt_ip *ip = ip_void; - /* Must specify proto == ESP, and no unknown invflags */ - if (ip->proto != IPPROTO_ESP || (ip->invflags & IPT_INV_PROTO)) { - duprintf("ipt_esp: Protocol %u != %u\n", ip->proto, - IPPROTO_ESP); - return 0; - } - if (matchinfosize != IPT_ALIGN(sizeof(struct ipt_esp))) { - duprintf("ipt_esp: matchsize %u != %u\n", - matchinfosize, IPT_ALIGN(sizeof(struct ipt_esp))); - return 0; - } + /* Must specify no unknown invflags */ if (espinfo->invflags & ~IPT_ESP_INV_MASK) { - duprintf("ipt_esp: unknown flags %X\n", - espinfo->invflags); + duprintf("ipt_esp: unknown flags %X\n", espinfo->invflags); return 0; } - return 1; } static struct ipt_match esp_match = { .name = "esp", - .match = &match, - .checkentry = &checkentry, + .match = match, + .matchsize = sizeof(struct ipt_esp), + .proto = IPPROTO_ESP, + .checkentry = checkentry, .me = THIS_MODULE, }; |