userns: don't leak root user
[wrt350n-kernel.git] / net / netfilter / xt_comment.c
blob64bcdb0fe1e6797d7687fda7dc481478f377164d
1 /*
2 * Implements a dummy match to allow attaching comments to rules
4 * 2003-05-13 Brad Fisher (brad@info-link.net)
5 */
7 #include <linux/module.h>
8 #include <linux/skbuff.h>
9 #include <linux/netfilter/x_tables.h>
10 #include <linux/netfilter/xt_comment.h>
12 MODULE_AUTHOR("Brad Fisher <brad@info-link.net>");
13 MODULE_DESCRIPTION("iptables comment match module");
14 MODULE_LICENSE("GPL");
15 MODULE_ALIAS("ipt_comment");
16 MODULE_ALIAS("ip6t_comment");
18 static bool
19 match(const struct sk_buff *skb,
20 const struct net_device *in,
21 const struct net_device *out,
22 const struct xt_match *match,
23 const void *matchinfo,
24 int offset,
25 unsigned int protooff,
26 bool *hotdrop)
28 /* We always match */
29 return true;
32 static struct xt_match xt_comment_match[] __read_mostly = {
34 .name = "comment",
35 .family = AF_INET,
36 .match = match,
37 .matchsize = sizeof(struct xt_comment_info),
38 .me = THIS_MODULE
41 .name = "comment",
42 .family = AF_INET6,
43 .match = match,
44 .matchsize = sizeof(struct xt_comment_info),
45 .me = THIS_MODULE
49 static int __init xt_comment_init(void)
51 return xt_register_matches(xt_comment_match,
52 ARRAY_SIZE(xt_comment_match));
55 static void __exit xt_comment_fini(void)
57 xt_unregister_matches(xt_comment_match, ARRAY_SIZE(xt_comment_match));
60 module_init(xt_comment_init);
61 module_exit(xt_comment_fini);