netfilter: ipset: use NFPROTO_ constants

ipset is actually using NFPROTO values rather than AF (xt_set passes that along). Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: ipset: use NFPROTO_ constants
ipset is actually using NFPROTO values rather than AF (xt_set passes that along). Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Jan Engelhardt · Pablo Neira Ayuso
1 parent ae5d33723e
Showing 14 changed files with 64 additions and 61 deletions Side-by-side Diff
include/linux/netfilter/ipset/ip_set.h
net/netfilter/ipset/ip_set_bitmap_ip.c
net/netfilter/ipset/ip_set_bitmap_ipmac.c
net/netfilter/ipset/ip_set_bitmap_port.c
net/netfilter/ipset/ip_set_core.c
net/netfilter/ipset/ip_set_getport.c
net/netfilter/ipset/ip_set_hash_ip.c
net/netfilter/ipset/ip_set_hash_ipport.c
net/netfilter/ipset/ip_set_hash_ipportip.c
net/netfilter/ipset/ip_set_hash_ipportnet.c
net/netfilter/ipset/ip_set_hash_net.c
net/netfilter/ipset/ip_set_hash_netiface.c
net/netfilter/ipset/ip_set_hash_netport.c
net/netfilter/ipset/ip_set_list_set.c
@@ -288,7 +288,10 @@
 	u8 features;
 	/* Set type dimension */
 	u8 dimension;
-	/* Supported family: may be AF_UNSPEC for both AF_INET/AF_INET6 */
+	/*
+	 * Supported family: may be NFPROTO_UNSPEC for both
+	 * NFPROTO_IPV4/NFPROTO_IPV6.
+	 */
 	u8 family;
 	/* Type revisions */
 	u8 revision_min, revision_max;
@@ -442,7 +442,7 @@
 	map->timeout = IPSET_NO_TIMEOUT;
  
 	set->data = map;
-	set->family = AF_INET;
+	set->family = NFPROTO_IPV4;
  
 	return true;
 }
@@ -550,7 +550,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP,
 	.dimension	= IPSET_DIM_ONE,
-	.family		= AF_INET,
+	.family		= NFPROTO_IPV4,
 	.revision_min	= 0,
 	.revision_max	= 0,
 	.create		= bitmap_ip_create,
@@ -543,7 +543,7 @@
 	map->timeout = IPSET_NO_TIMEOUT;
  
 	set->data = map;
-	set->family = AF_INET;
+	set->family = NFPROTO_IPV4;
  
 	return true;
 }
@@ -623,7 +623,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP | IPSET_TYPE_MAC,
 	.dimension	= IPSET_DIM_TWO,
-	.family		= AF_INET,
+	.family		= NFPROTO_IPV4,
 	.revision_min	= 0,
 	.revision_max	= 0,
 	.create		= bitmap_ipmac_create,
@@ -422,7 +422,7 @@
 	map->timeout = IPSET_NO_TIMEOUT;
  
 	set->data = map;
-	set->family = AF_UNSPEC;
+	set->family = NFPROTO_UNSPEC;
  
 	return true;
 }
@@ -483,7 +483,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_PORT,
 	.dimension	= IPSET_DIM_ONE,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.revision_max	= 0,
 	.create		= bitmap_port_create,
@@ -69,7 +69,7 @@
  
 	list_for_each_entry_rcu(type, &ip_set_type_list, list)
 		if (STREQ(type->name, name) &&
-		    (type->family == family || type->family == AF_UNSPEC) &&
+		    (type->family == family || type->family == NFPROTO_UNSPEC) &&
 		    revision >= type->revision_min &&
 		    revision <= type->revision_max)
 			return type;
@@ -149,7 +149,7 @@
 	rcu_read_lock();
 	list_for_each_entry_rcu(type, &ip_set_type_list, list)
 		if (STREQ(type->name, name) &&
-		    (type->family == family || type->family == AF_UNSPEC)) {
+		    (type->family == family || type->family == NFPROTO_UNSPEC)) {
 			found = true;
 			if (type->revision_min < *min)
 				*min = type->revision_min;
@@ -164,8 +164,8 @@
 		__find_set_type_minmax(name, family, min, max, true);
 }
  
-#define family_name(f)	((f) == AF_INET ? "inet" : \
-			 (f) == AF_INET6 ? "inet6" : "any")
+#define family_name(f)	((f) == NFPROTO_IPV4 ? "inet" : \
+			 (f) == NFPROTO_IPV6 ? "inet6" : "any")
  
 /* Register a set type structure. The type is identified by
  * the unique triple of name, family and revision.
@@ -354,7 +354,7 @@
 	pr_debug("set %s, index %u\n", set->name, index);
  
 	if (opt->dim < set->type->dimension ||
-	    !(opt->family == set->family || set->family == AF_UNSPEC))
+	    !(opt->family == set->family || set->family == NFPROTO_UNSPEC))
 		return 0;
  
 	read_lock_bh(&set->lock);
@@ -387,7 +387,7 @@
 	pr_debug("set %s, index %u\n", set->name, index);
  
 	if (opt->dim < set->type->dimension ||
-	    !(opt->family == set->family || set->family == AF_UNSPEC))
+	    !(opt->family == set->family || set->family == NFPROTO_UNSPEC))
 		return 0;
  
 	write_lock_bh(&set->lock);
@@ -410,7 +410,7 @@
 	pr_debug("set %s, index %u\n", set->name, index);
  
 	if (opt->dim < set->type->dimension ||
-	    !(opt->family == set->family || set->family == AF_UNSPEC))
+	    !(opt->family == set->family || set->family == NFPROTO_UNSPEC))
 		return 0;
  
 	write_lock_bh(&set->lock);
@@ -575,7 +575,7 @@
 		return NULL;
  
 	nfmsg = nlmsg_data(nlh);
-	nfmsg->nfgen_family = AF_INET;
+	nfmsg->nfgen_family = NFPROTO_IPV4;
 	nfmsg->version = NFNETLINK_V0;
 	nfmsg->res_id = 0;
  
@@ -136,10 +136,10 @@
 	u8 proto;
  
 	switch (pf) {
-	case AF_INET:
+	case NFPROTO_IPV4:
 		ret = ip_set_get_ip4_port(skb, src, port, &proto);
 		break;
-	case AF_INET6:
+	case NFPROTO_IPV6:
 		ret = ip_set_get_ip6_port(skb, src, port, &proto);
 		break;
 	default:
@@ -366,11 +366,11 @@
 	u8 netmask, hbits;
 	struct ip_set_hash *h;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
-	netmask = set->family == AF_INET ? 32 : 128;
+	netmask = set->family == NFPROTO_IPV4 ? 32 : 128;
 	pr_debug("Create set %s with family %s\n",
-		 set->name, set->family == AF_INET ? "inet" : "inet6");
+		 set->name, set->family == NFPROTO_IPV4 ? "inet" : "inet6");
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_MAXELEM) ||
@@ -389,8 +389,8 @@
 	if (tb[IPSET_ATTR_NETMASK]) {
 		netmask = nla_get_u8(tb[IPSET_ATTR_NETMASK]);
  
-		if ((set->family == AF_INET && netmask > 32) ||
-		    (set->family == AF_INET6 && netmask > 128) ||
+		if ((set->family == NFPROTO_IPV4 && netmask > 32) ||
+		    (set->family == NFPROTO_IPV6 && netmask > 128) ||
 		    netmask == 0)
 			return -IPSET_ERR_INVALID_NETMASK;
 	}
  
  
@@ -419,15 +419,15 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ip4_tvariant : &hash_ip6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_ip4_gc_init(set);
 		else
 			hash_ip6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ip4_variant : &hash_ip6_variant;
 	}
  
@@ -443,7 +443,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP,
 	.dimension	= IPSET_DIM_ONE,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.revision_max	= 0,
 	.create		= hash_ip_create,
@@ -450,7 +450,7 @@
 	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
 	u8 hbits;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
  
  
@@ -490,15 +490,15 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ipport4_tvariant : &hash_ipport6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_ipport4_gc_init(set);
 		else
 			hash_ipport6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ipport4_variant : &hash_ipport6_variant;
 	}
  
@@ -514,7 +514,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP | IPSET_TYPE_PORT,
 	.dimension	= IPSET_DIM_TWO,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.revision_max	= 1,	/* SCTP and UDPLITE support added */
 	.create		= hash_ipport_create,
@@ -468,7 +468,7 @@
 	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
 	u8 hbits;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
  
  
@@ -508,15 +508,15 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ipportip4_tvariant : &hash_ipportip6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_ipportip4_gc_init(set);
 		else
 			hash_ipportip6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ipportip4_variant : &hash_ipportip6_variant;
 	}
  
@@ -532,7 +532,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2,
 	.dimension	= IPSET_DIM_THREE,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.revision_max	= 1,	/* SCTP and UDPLITE support added */
 	.create		= hash_ipportip_create,
@@ -554,7 +554,7 @@
 	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
 	u8 hbits;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
@@ -573,7 +573,7 @@
  
 	h = kzalloc(sizeof(*h)
 		    + sizeof(struct ip_set_hash_nets)
-		      * (set->family == AF_INET ? 32 : 128), GFP_KERNEL);
+		      * (set->family == NFPROTO_IPV4 ? 32 : 128), GFP_KERNEL);
 	if (!h)
 		return -ENOMEM;
  
  
  
@@ -596,16 +596,16 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ipportnet4_tvariant
 			: &hash_ipportnet6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_ipportnet4_gc_init(set);
 		else
 			hash_ipportnet6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_ipportnet4_variant : &hash_ipportnet6_variant;
 	}
  
@@ -621,7 +621,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2,
 	.dimension	= IPSET_DIM_THREE,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	/*		  1	   SCTP and UDPLITE support added */
 	.revision_max	= 2,	/* Range as input support for IPv4 added */
@@ -406,7 +406,7 @@
 	struct ip_set_hash *h;
 	u8 hbits;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
@@ -425,7 +425,7 @@
  
 	h = kzalloc(sizeof(*h)
 		    + sizeof(struct ip_set_hash_nets)
-		      * (set->family == AF_INET ? 32 : 128), GFP_KERNEL);
+		      * (set->family == NFPROTO_IPV4 ? 32 : 128), GFP_KERNEL);
 	if (!h)
 		return -ENOMEM;
  
  
  
@@ -448,15 +448,15 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_net4_tvariant : &hash_net6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_net4_gc_init(set);
 		else
 			hash_net6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_net4_variant : &hash_net6_variant;
 	}
  
@@ -472,7 +472,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP,
 	.dimension	= IPSET_DIM_ONE,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.revision_max	= 1,	/* Range as input support for IPv4 added */
 	.create		= hash_net_create,
@@ -678,7 +678,7 @@
 	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
 	u8 hbits;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
@@ -697,7 +697,7 @@
  
 	h = kzalloc(sizeof(*h)
 		    + sizeof(struct ip_set_hash_nets)
-		      * (set->family == AF_INET ? 32 : 128), GFP_KERNEL);
+		      * (set->family == NFPROTO_IPV4 ? 32 : 128), GFP_KERNEL);
 	if (!h)
 		return -ENOMEM;
  
  
  
@@ -722,15 +722,15 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_netiface4_tvariant : &hash_netiface6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_netiface4_gc_init(set);
 		else
 			hash_netiface6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_netiface4_variant : &hash_netiface6_variant;
 	}
  
@@ -746,7 +746,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP | IPSET_TYPE_IFACE,
 	.dimension	= IPSET_DIM_TWO,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.create		= hash_netiface_create,
 	.create_policy	= {
@@ -507,7 +507,7 @@
 	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
 	u8 hbits;
  
-	if (!(set->family == AF_INET || set->family == AF_INET6))
+	if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6))
 		return -IPSET_ERR_INVALID_FAMILY;
  
 	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) ||
@@ -526,7 +526,7 @@
  
 	h = kzalloc(sizeof(*h)
 		    + sizeof(struct ip_set_hash_nets)
-		      * (set->family == AF_INET ? 32 : 128), GFP_KERNEL);
+		      * (set->family == NFPROTO_IPV4 ? 32 : 128), GFP_KERNEL);
 	if (!h)
 		return -ENOMEM;
  
  
  
@@ -549,15 +549,15 @@
 	if (tb[IPSET_ATTR_TIMEOUT]) {
 		h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
  
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_netport4_tvariant : &hash_netport6_tvariant;
  
-		if (set->family == AF_INET)
+		if (set->family == NFPROTO_IPV4)
 			hash_netport4_gc_init(set);
 		else
 			hash_netport6_gc_init(set);
 	} else {
-		set->variant = set->family == AF_INET
+		set->variant = set->family == NFPROTO_IPV4
 			? &hash_netport4_variant : &hash_netport6_variant;
 	}
  
@@ -573,7 +573,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_IP | IPSET_TYPE_PORT,
 	.dimension	= IPSET_DIM_TWO,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	/*		  1	   SCTP and UDPLITE support added */
 	.revision_max	= 2,	/* Range as input support for IPv4 added */
@@ -575,7 +575,7 @@
 	.protocol	= IPSET_PROTOCOL,
 	.features	= IPSET_TYPE_NAME | IPSET_DUMP_LAST,
 	.dimension	= IPSET_DIM_ONE,
-	.family		= AF_UNSPEC,
+	.family		= NFPROTO_UNSPEC,
 	.revision_min	= 0,
 	.revision_max	= 0,
 	.create		= list_set_create,
...	...	@@ -288,7 +288,10 @@
288	288	u8 features;
289	289	/* Set type dimension */
290	290	u8 dimension;
291		- /* Supported family: may be AF_UNSPEC for both AF_INET/AF_INET6 */
	291	+ /*
	292	+ * Supported family: may be NFPROTO_UNSPEC for both
	293	+ * NFPROTO_IPV4/NFPROTO_IPV6.
	294	+ */
292	295	u8 family;
293	296	/* Type revisions */
294	297	u8 revision_min, revision_max;
...	...	@@ -442,7 +442,7 @@
442	442	map->timeout = IPSET_NO_TIMEOUT;
443	443
444	444	set->data = map;
445		- set->family = AF_INET;
	445	+ set->family = NFPROTO_IPV4;
446	446
447	447	return true;
448	448	}
...	...	@@ -550,7 +550,7 @@
550	550	.protocol = IPSET_PROTOCOL,
551	551	.features = IPSET_TYPE_IP,
552	552	.dimension = IPSET_DIM_ONE,
553		- .family = AF_INET,
	553	+ .family = NFPROTO_IPV4,
554	554	.revision_min = 0,
555	555	.revision_max = 0,
556	556	.create = bitmap_ip_create,
...	...	@@ -543,7 +543,7 @@
543	543	map->timeout = IPSET_NO_TIMEOUT;
544	544
545	545	set->data = map;
546		- set->family = AF_INET;
	546	+ set->family = NFPROTO_IPV4;
547	547
548	548	return true;
549	549	}
...	...	@@ -623,7 +623,7 @@
623	623	.protocol = IPSET_PROTOCOL,
624	624	.features = IPSET_TYPE_IP \| IPSET_TYPE_MAC,
625	625	.dimension = IPSET_DIM_TWO,
626		- .family = AF_INET,
	626	+ .family = NFPROTO_IPV4,
627	627	.revision_min = 0,
628	628	.revision_max = 0,
629	629	.create = bitmap_ipmac_create,
...	...	@@ -422,7 +422,7 @@
422	422	map->timeout = IPSET_NO_TIMEOUT;
423	423
424	424	set->data = map;
425		- set->family = AF_UNSPEC;
	425	+ set->family = NFPROTO_UNSPEC;
426	426
427	427	return true;
428	428	}
...	...	@@ -483,7 +483,7 @@
483	483	.protocol = IPSET_PROTOCOL,
484	484	.features = IPSET_TYPE_PORT,
485	485	.dimension = IPSET_DIM_ONE,
486		- .family = AF_UNSPEC,
	486	+ .family = NFPROTO_UNSPEC,
487	487	.revision_min = 0,
488	488	.revision_max = 0,
489	489	.create = bitmap_port_create,
...	...	@@ -69,7 +69,7 @@
69	69
70	70	list_for_each_entry_rcu(type, &ip_set_type_list, list)
71	71	if (STREQ(type->name, name) &&
72		- (type->family == family \|\| type->family == AF_UNSPEC) &&
	72	+ (type->family == family \|\| type->family == NFPROTO_UNSPEC) &&
73	73	revision >= type->revision_min &&
74	74	revision <= type->revision_max)
75	75	return type;
...	...	@@ -149,7 +149,7 @@
149	149	rcu_read_lock();
150	150	list_for_each_entry_rcu(type, &ip_set_type_list, list)
151	151	if (STREQ(type->name, name) &&
152		- (type->family == family \|\| type->family == AF_UNSPEC)) {
	152	+ (type->family == family \|\| type->family == NFPROTO_UNSPEC)) {
153	153	found = true;
154	154	if (type->revision_min < *min)
155	155	*min = type->revision_min;
...	...	@@ -164,8 +164,8 @@
164	164	__find_set_type_minmax(name, family, min, max, true);
165	165	}
166	166
167		-#define family_name(f) ((f) == AF_INET ? "inet" : \
168		- (f) == AF_INET6 ? "inet6" : "any")
	167	+#define family_name(f) ((f) == NFPROTO_IPV4 ? "inet" : \
	168	+ (f) == NFPROTO_IPV6 ? "inet6" : "any")
169	169
170	170	/* Register a set type structure. The type is identified by
171	171	* the unique triple of name, family and revision.
...	...	@@ -354,7 +354,7 @@
354	354	pr_debug("set %s, index %u\n", set->name, index);
355	355
356	356	if (opt->dim < set->type->dimension \|\|
357		- !(opt->family == set->family \|\| set->family == AF_UNSPEC))
	357	+ !(opt->family == set->family \|\| set->family == NFPROTO_UNSPEC))
358	358	return 0;
359	359
360	360	read_lock_bh(&set->lock);
...	...	@@ -387,7 +387,7 @@
387	387	pr_debug("set %s, index %u\n", set->name, index);
388	388
389	389	if (opt->dim < set->type->dimension \|\|
390		- !(opt->family == set->family \|\| set->family == AF_UNSPEC))
	390	+ !(opt->family == set->family \|\| set->family == NFPROTO_UNSPEC))
391	391	return 0;
392	392
393	393	write_lock_bh(&set->lock);
...	...	@@ -410,7 +410,7 @@
410	410	pr_debug("set %s, index %u\n", set->name, index);
411	411
412	412	if (opt->dim < set->type->dimension \|\|
413		- !(opt->family == set->family \|\| set->family == AF_UNSPEC))
	413	+ !(opt->family == set->family \|\| set->family == NFPROTO_UNSPEC))
414	414	return 0;
415	415
416	416	write_lock_bh(&set->lock);
...	...	@@ -575,7 +575,7 @@
575	575	return NULL;
576	576
577	577	nfmsg = nlmsg_data(nlh);
578		- nfmsg->nfgen_family = AF_INET;
	578	+ nfmsg->nfgen_family = NFPROTO_IPV4;
579	579	nfmsg->version = NFNETLINK_V0;
580	580	nfmsg->res_id = 0;
581	581
...	...	@@ -136,10 +136,10 @@
136	136	u8 proto;
137	137
138	138	switch (pf) {
139		- case AF_INET:
	139	+ case NFPROTO_IPV4:
140	140	ret = ip_set_get_ip4_port(skb, src, port, &proto);
141	141	break;
142		- case AF_INET6:
	142	+ case NFPROTO_IPV6:
143	143	ret = ip_set_get_ip6_port(skb, src, port, &proto);
144	144	break;
145	145	default:
...	...	@@ -366,11 +366,11 @@
366	366	u8 netmask, hbits;
367	367	struct ip_set_hash *h;
368	368
369		- if (!(set->family == AF_INET \|\| set->family == AF_INET6))
	369	+ if (!(set->family == NFPROTO_IPV4 \|\| set->family == NFPROTO_IPV6))
370	370	return -IPSET_ERR_INVALID_FAMILY;
371		- netmask = set->family == AF_INET ? 32 : 128;
	371	+ netmask = set->family == NFPROTO_IPV4 ? 32 : 128;
372	372	pr_debug("Create set %s with family %s\n",
373		- set->name, set->family == AF_INET ? "inet" : "inet6");
	373	+ set->name, set->family == NFPROTO_IPV4 ? "inet" : "inet6");
374	374
375	375	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) \|\|
376	376	!ip_set_optattr_netorder(tb, IPSET_ATTR_MAXELEM) \|\|
...	...	@@ -389,8 +389,8 @@
389	389	if (tb[IPSET_ATTR_NETMASK]) {
390	390	netmask = nla_get_u8(tb[IPSET_ATTR_NETMASK]);
391	391
392		- if ((set->family == AF_INET && netmask > 32) \|\|
393		- (set->family == AF_INET6 && netmask > 128) \|\|
	392	+ if ((set->family == NFPROTO_IPV4 && netmask > 32) \|\|
	393	+ (set->family == NFPROTO_IPV6 && netmask > 128) \|\|
394	394	netmask == 0)
395	395	return -IPSET_ERR_INVALID_NETMASK;
396	396	}
397	397
398	398
...	...	@@ -419,15 +419,15 @@
419	419	if (tb[IPSET_ATTR_TIMEOUT]) {
420	420	h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
421	421
422		- set->variant = set->family == AF_INET
	422	+ set->variant = set->family == NFPROTO_IPV4
423	423	? &hash_ip4_tvariant : &hash_ip6_tvariant;
424	424
425		- if (set->family == AF_INET)
	425	+ if (set->family == NFPROTO_IPV4)
426	426	hash_ip4_gc_init(set);
427	427	else
428	428	hash_ip6_gc_init(set);
429	429	} else {
430		- set->variant = set->family == AF_INET
	430	+ set->variant = set->family == NFPROTO_IPV4
431	431	? &hash_ip4_variant : &hash_ip6_variant;
432	432	}
433	433
...	...	@@ -443,7 +443,7 @@
443	443	.protocol = IPSET_PROTOCOL,
444	444	.features = IPSET_TYPE_IP,
445	445	.dimension = IPSET_DIM_ONE,
446		- .family = AF_UNSPEC,
	446	+ .family = NFPROTO_UNSPEC,
447	447	.revision_min = 0,
448	448	.revision_max = 0,
449	449	.create = hash_ip_create,
...	...	@@ -450,7 +450,7 @@
450	450	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
451	451	u8 hbits;
452	452
453		- if (!(set->family == AF_INET \|\| set->family == AF_INET6))
	453	+ if (!(set->family == NFPROTO_IPV4 \|\| set->family == NFPROTO_IPV6))
454	454	return -IPSET_ERR_INVALID_FAMILY;
455	455
456	456	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) \|\|
457	457
458	458
...	...	@@ -490,15 +490,15 @@
490	490	if (tb[IPSET_ATTR_TIMEOUT]) {
491	491	h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
492	492
493		- set->variant = set->family == AF_INET
	493	+ set->variant = set->family == NFPROTO_IPV4
494	494	? &hash_ipport4_tvariant : &hash_ipport6_tvariant;
495	495
496		- if (set->family == AF_INET)
	496	+ if (set->family == NFPROTO_IPV4)
497	497	hash_ipport4_gc_init(set);
498	498	else
499	499	hash_ipport6_gc_init(set);
500	500	} else {
501		- set->variant = set->family == AF_INET
	501	+ set->variant = set->family == NFPROTO_IPV4
502	502	? &hash_ipport4_variant : &hash_ipport6_variant;
503	503	}
504	504
...	...	@@ -514,7 +514,7 @@
514	514	.protocol = IPSET_PROTOCOL,
515	515	.features = IPSET_TYPE_IP \| IPSET_TYPE_PORT,
516	516	.dimension = IPSET_DIM_TWO,
517		- .family = AF_UNSPEC,
	517	+ .family = NFPROTO_UNSPEC,
518	518	.revision_min = 0,
519	519	.revision_max = 1, /* SCTP and UDPLITE support added */
520	520	.create = hash_ipport_create,
...	...	@@ -468,7 +468,7 @@
468	468	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
469	469	u8 hbits;
470	470
471		- if (!(set->family == AF_INET \|\| set->family == AF_INET6))
	471	+ if (!(set->family == NFPROTO_IPV4 \|\| set->family == NFPROTO_IPV6))
472	472	return -IPSET_ERR_INVALID_FAMILY;
473	473
474	474	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) \|\|
475	475
476	476
...	...	@@ -508,15 +508,15 @@
508	508	if (tb[IPSET_ATTR_TIMEOUT]) {
509	509	h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
510	510
511		- set->variant = set->family == AF_INET
	511	+ set->variant = set->family == NFPROTO_IPV4
512	512	? &hash_ipportip4_tvariant : &hash_ipportip6_tvariant;
513	513
514		- if (set->family == AF_INET)
	514	+ if (set->family == NFPROTO_IPV4)
515	515	hash_ipportip4_gc_init(set);
516	516	else
517	517	hash_ipportip6_gc_init(set);
518	518	} else {
519		- set->variant = set->family == AF_INET
	519	+ set->variant = set->family == NFPROTO_IPV4
520	520	? &hash_ipportip4_variant : &hash_ipportip6_variant;
521	521	}
522	522
...	...	@@ -532,7 +532,7 @@
532	532	.protocol = IPSET_PROTOCOL,
533	533	.features = IPSET_TYPE_IP \| IPSET_TYPE_PORT \| IPSET_TYPE_IP2,
534	534	.dimension = IPSET_DIM_THREE,
535		- .family = AF_UNSPEC,
	535	+ .family = NFPROTO_UNSPEC,
536	536	.revision_min = 0,
537	537	.revision_max = 1, /* SCTP and UDPLITE support added */
538	538	.create = hash_ipportip_create,
...	...	@@ -554,7 +554,7 @@
554	554	u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM;
555	555	u8 hbits;
556	556
557		- if (!(set->family == AF_INET \|\| set->family == AF_INET6))
	557	+ if (!(set->family == NFPROTO_IPV4 \|\| set->family == NFPROTO_IPV6))
558	558	return -IPSET_ERR_INVALID_FAMILY;
559	559
560	560	if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) \|\|
...	...	@@ -573,7 +573,7 @@
573	573
574	574	h = kzalloc(sizeof(*h)
575	575	+ sizeof(struct ip_set_hash_nets)
576		- * (set->family == AF_INET ? 32 : 128), GFP_KERNEL);
	576	+ * (set->family == NFPROTO_IPV4 ? 32 : 128), GFP_KERNEL);
577	577	if (!h)
578	578	return -ENOMEM;
579	579
580	580
581	581
...	...	@@ -596,16 +596,16 @@
596	596	if (tb[IPSET_ATTR_TIMEOUT]) {
597	597	h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
598	598
599		- set->variant = set->family == AF_INET
	599	+ set->variant = set->family == NFPROTO_IPV4
600	600	? &hash_ipportnet4_tvariant
601	601	: &hash_ipportnet6_tvariant;
602	602
603		- if (set->family == AF_INET)
	603	+ if (set->family == NFPROTO_IPV4)
604	604	hash_ipportnet4_gc_init(set);
605	605	else
606	606	hash_ipportnet6_gc_init(set);
607	607	} else {
608		- set->variant = set->family == AF_INET
	608	+ set->variant = set->family == NFPROTO_IPV4
609	609	? &hash_ipportnet4_variant : &hash_ipportnet6_variant;
610	610	}
611	611
...	...	@@ -621,7 +621,7 @@
621	621	.protocol = IPSET_PROTOCOL,
622	622	.features = IPSET_TYPE_IP \| IPSET_TYPE_PORT \| IPSET_TYPE_IP2,
623	623	.dimension = IPSET_DIM_THREE,
624		- .family = AF_UNSPEC,
	624	+ .family = NFPROTO_UNSPEC,
625	625	.revision_min = 0,
626	626	/* 1 SCTP and UDPLITE support added */
627	627	.revision_max = 2, /* Range as input support for IPv4 added */