[NETFILTER]: Use in-kernel IPSEC structures in iptables ah (by Patrick McHardy).

eeb76312 · Harald Welte · David S. Miller · 3e0a552d · eeb76312
Commit eeb76312 authored Aug 02, 2003 by Harald Welte Committed by David S. Miller Aug 02, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 5 deletions

net/ipv4/netfilter/ipt_ah.c net/ipv4/netfilter/ipt_ah.c +2 -5

No files found.
--- a/net/ipv4/netfilter/ipt_ah.c
+++ b/net/ipv4/netfilter/ipt_ah.c
 /* Kernel module to match AH parameters. */
 #include <linux/module.h>
 #include <linux/skbuff.h>
+#include <linux/ip.h>

 #include <linux/netfilter_ipv4/ipt_ah.h>
 #include <linux/netfilter_ipv4/ip_tables.h>
@@ -13,10 +14,6 @@ MODULE_LICENSE("GPL");
 #define duprintf(format, args...)
 #endif

-struct ahhdr {
-	__u32   spi;
-};
-
 /* Returns 1 if the spi is matched by the range, 0 otherwise */
 static inline int
 spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, int invert)
@@ -37,7 +34,7 @@ match(const struct sk_buff *skb,
      int offset,
      int *hotdrop)
 {
-	struct ahhdr ah;
+	struct ip_auth_hdr ah;
 	const struct ipt_ah *ahinfo = matchinfo;

 	/* Must not be a fragment. */