[EBTABLES]: Trivial changes and cleanups.

ffbd6a98 · Bart De Schuymer · David S. Miller · b7461116 · ffbd6a98 · ffbd6a98
Commit ffbd6a98 authored Mar 02, 2003 by Bart De Schuymer Committed by David S. Miller Mar 02, 2003
19 changed files
--- a/include/linux/netfilter_bridge/ebt_ip.h
+++ b/include/linux/netfilter_bridge/ebt_ip.h
@@ -25,7 +25,7 @@
 EBT_IP_SPORT | EBT_IP_DPORT )
 #define EBT_IP_MATCH "ip"

-// the same values are used for the invflags
+/* the same values are used for the invflags */
 struct ebt_ip_info
 {
 	uint32_t saddr;

--- a/include/linux/netfilter_bridge/ebt_log.h
+++ b/include/linux/netfilter_bridge/ebt_log.h
 #ifndef __LINUX_BRIDGE_EBT_LOG_H
 #define __LINUX_BRIDGE_EBT_LOG_H

-#define EBT_LOG_IP 0x01 // if the frame is made by ip, log the ip information
+#define EBT_LOG_IP 0x01 /* if the frame is made by ip, log the ip information */
 #define EBT_LOG_ARP 0x02
 #define EBT_LOG_MASK (EBT_LOG_IP | EBT_LOG_ARP)
 #define EBT_LOG_PREFIX_SIZE 30

--- a/include/linux/netfilter_bridge/ebt_mark_t.h
+++ b/include/linux/netfilter_bridge/ebt_mark_t.h
@@ -4,7 +4,7 @@
 struct ebt_mark_t_info
 {
 	unsigned long mark;
-	// EBT_ACCEPT, EBT_DROP or EBT_CONTINUE or EBT_RETURN
+	/* EBT_ACCEPT, EBT_DROP, EBT_CONTINUE or EBT_RETURN */
 	int target;
 };
 #define EBT_MARK_TARGET "mark"

--- a/include/linux/netfilter_bridge/ebt_nat.h
+++ b/include/linux/netfilter_bridge/ebt_nat.h
@@ -4,7 +4,7 @@
 struct ebt_nat_info
 {
 	unsigned char mac[ETH_ALEN];
-	// EBT_ACCEPT, EBT_DROP, EBT_CONTINUE or EBT_RETURN
+	/* EBT_ACCEPT, EBT_DROP, EBT_CONTINUE or EBT_RETURN */
 	int target;
 };
 #define EBT_SNAT_TARGET "snat"

--- a/include/linux/netfilter_bridge/ebt_redirect.h
+++ b/include/linux/netfilter_bridge/ebt_redirect.h
@@ -3,7 +3,7 @@

 struct ebt_redirect_info
 {
-	// EBT_ACCEPT, EBT_DROP or EBT_CONTINUE or EBT_RETURN
+	/* EBT_ACCEPT, EBT_DROP, EBT_CONTINUE or EBT_RETURN */
 	int target;
 };
 #define EBT_REDIRECT_TARGET "redirect"

--- a/include/linux/netfilter_bridge/ebtables.h
+++ b/include/linux/netfilter_bridge/ebtables.h
@@ -2,7 +2,7 @@
 *  ebtables
 *
 *	Authors:
- *	Bart De Schuymer		<bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer		<bdschuym@pandora.be>
 *
 *  ebtables.c,v 2.0, April, 2002
 *
@@ -20,7 +20,7 @@
 #define EBT_CHAIN_MAXNAMELEN EBT_TABLE_MAXNAMELEN
 #define EBT_FUNCTION_MAXNAMELEN EBT_TABLE_MAXNAMELEN

-// verdicts >0 are "branches"
+/* verdicts >0 are "branches" */
 #define EBT_ACCEPT   -1
 #define EBT_DROP     -2
 #define EBT_CONTINUE -3
@@ -34,33 +34,34 @@ struct ebt_counter
 };

 struct ebt_entries {
-	// this field is always set to zero
-	// See EBT_ENTRY_OR_ENTRIES.
-	// Must be same size as ebt_entry.bitmask
+	/* this field is always set to zero
+	 * See EBT_ENTRY_OR_ENTRIES.
+	 * Must be same size as ebt_entry.bitmask */
 	unsigned int distinguisher;
-	// the chain name
+	/* the chain name */
 	char name[EBT_CHAIN_MAXNAMELEN];
-	// counter offset for this chain
+	/* counter offset for this chain */
 	unsigned int counter_offset;
-	// one standard (accept, drop, return) per hook
+	/* one standard (accept, drop, return) per hook */
 	int policy;
-	// nr. of entries
+	/* nr. of entries */
 	unsigned int nentries;
-	// entry list
+	/* entry list */
 	char data[0];
 };

-// used for the bitmask of struct ebt_entry
+/* used for the bitmask of struct ebt_entry */

-// This is a hack to make a difference between an ebt_entry struct and an
-// ebt_entries struct when traversing the entries from start to end.
-// Using this simplifies the code alot, while still being able to use
-// ebt_entries.
-// Contrary, iptables doesn't use something like ebt_entries and therefore uses
-// different techniques for naming the policy and such. So, iptables doesn't
-// need a hack like this.
+/* This is a hack to make a difference between an ebt_entry struct and an
+ * ebt_entries struct when traversing the entries from start to end.
+ * Using this simplifies the code alot, while still being able to use
+ * ebt_entries.
+ * Contrary, iptables doesn't use something like ebt_entries and therefore uses
+ * different techniques for naming the policy and such. So, iptables doesn't
+ * need a hack like this.
+ */
 #define EBT_ENTRY_OR_ENTRIES 0x01
-// these are the normal masks
+/* these are the normal masks */
 #define EBT_NOPROTO 0x02
 #define EBT_802_3 0x04
 #define EBT_SOURCEMAC 0x08
@@ -84,7 +85,7 @@ struct ebt_entry_match
 		char name[EBT_FUNCTION_MAXNAMELEN];
 		struct ebt_match *match;
 	} u;
-	// size of data
+	/* size of data */
 	unsigned int match_size;
 	unsigned char data[0];
 };
@@ -95,7 +96,7 @@ struct ebt_entry_watcher
 		char name[EBT_FUNCTION_MAXNAMELEN];
 		struct ebt_watcher *watcher;
 	} u;
-	// size of data
+	/* size of data */
 	unsigned int watcher_size;
 	unsigned char data[0];
 };
@@ -106,7 +107,7 @@ struct ebt_entry_target
 		char name[EBT_FUNCTION_MAXNAMELEN];
 		struct ebt_target *target;
 	} u;
-	// size of data
+	/* size of data */
 	unsigned int target_size;
 	unsigned char data[0];
 };
@@ -118,29 +119,29 @@ struct ebt_standard_target
 	int verdict;
 };

-// one entry
+/* one entry */
 struct ebt_entry {
-	// this needs to be the first field
+	/* this needs to be the first field */
 	unsigned int bitmask;
 	unsigned int invflags;
 	uint16_t ethproto;
-	// the physical in-dev
+	/* the physical in-dev */
 	char in[IFNAMSIZ];
-	// the logical in-dev
+	/* the logical in-dev */
 	char logical_in[IFNAMSIZ];
-	// the physical out-dev
+	/* the physical out-dev */
 	char out[IFNAMSIZ];
-	// the logical out-dev
+	/* the logical out-dev */
 	char logical_out[IFNAMSIZ];
 	unsigned char sourcemac[ETH_ALEN];
 	unsigned char sourcemsk[ETH_ALEN];
 	unsigned char destmac[ETH_ALEN];
 	unsigned char destmsk[ETH_ALEN];
-	// sizeof ebt_entry + matches
+	/* sizeof ebt_entry + matches */
 	unsigned int watchers_offset;
-	// sizeof ebt_entry + matches + watchers
+	/* sizeof ebt_entry + matches + watchers */
 	unsigned int target_offset;
-	// sizeof ebt_entry + matches + watchers + target
+	/* sizeof ebt_entry + matches + watchers + target */
 	unsigned int next_offset;
 	unsigned char elems[0];
 };
@@ -149,20 +150,20 @@ struct ebt_replace
 {
 	char name[EBT_TABLE_MAXNAMELEN];
 	unsigned int valid_hooks;
-	// nr of rules in the table
+	/* nr of rules in the table */
 	unsigned int nentries;
-	// total size of the entries
+	/* total size of the entries */
 	unsigned int entries_size;
-	// start of the chains
+	/* start of the chains */
 	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
-	// nr of counters userspace expects back
+	/* nr of counters userspace expects back */
 	unsigned int num_counters;
-	// where the kernel will put the old counters
+	/* where the kernel will put the old counters */
 	struct ebt_counter *counters;
 	char *entries;
 };

-// [gs]etsockopt numbers
+/* {g,s}etsockopt numbers */
 #define EBT_BASE_CTL            128

 #define EBT_SO_SET_ENTRIES      (EBT_BASE_CTL)
@@ -177,7 +178,7 @@ struct ebt_replace

 #ifdef __KERNEL__

-// return values for match() functions
+/* return values for match() functions */
 #define EBT_MATCH 0
 #define EBT_NOMATCH 1

@@ -185,11 +186,11 @@ struct ebt_match
 {
 	struct list_head list;
 	const char name[EBT_FUNCTION_MAXNAMELEN];
-	// 0 == it matches
+	/* 0 == it matches */
 	int (*match)(const struct sk_buff *skb, const struct net_device *in,
 	   const struct net_device *out, const void *matchdata,
 	   unsigned int datalen);
-	// 0 == let it in
+	/* 0 == let it in */
 	int (*check)(const char *tablename, unsigned int hookmask,
 	   const struct ebt_entry *e, void *matchdata, unsigned int datalen);
 	void (*destroy)(void *matchdata, unsigned int datalen);
@@ -203,7 +204,7 @@ struct ebt_watcher
 	void (*watcher)(const struct sk_buff *skb, const struct net_device *in,
 	   const struct net_device *out, const void *watcherdata,
 	   unsigned int datalen);
-	// 0 == let it in
+	/* 0 == let it in */
 	int (*check)(const char *tablename, unsigned int hookmask,
 	   const struct ebt_entry *e, void *watcherdata, unsigned int datalen);
 	void (*destroy)(void *watcherdata, unsigned int datalen);
@@ -214,33 +215,33 @@ struct ebt_target
 {
 	struct list_head list;
 	const char name[EBT_FUNCTION_MAXNAMELEN];
-	// returns one of the standard verdicts
+	/* returns one of the standard verdicts */
 	int (*target)(struct sk_buff **pskb, unsigned int hooknr,
 	   const struct net_device *in, const struct net_device *out,
 	   const void *targetdata, unsigned int datalen);
-	// 0 == let it in
+	/* 0 == let it in */
 	int (*check)(const char *tablename, unsigned int hookmask,
 	   const struct ebt_entry *e, void *targetdata, unsigned int datalen);
 	void (*destroy)(void *targetdata, unsigned int datalen);
 	struct module *me;
 };

-// used for jumping from and into user defined chains (udc)
+/* used for jumping from and into user defined chains (udc) */
 struct ebt_chainstack
 {
-	struct ebt_entries *chaininfo; // pointer to chain data
-	struct ebt_entry *e; // pointer to entry data
-	unsigned int n; // n'th entry
+	struct ebt_entries *chaininfo; /* pointer to chain data */
+	struct ebt_entry *e; /* pointer to entry data */
+	unsigned int n; /* n'th entry */
 };

 struct ebt_table_info
 {
-	// total size of the entries
+	/* total size of the entries */
 	unsigned int entries_size;
 	unsigned int nentries;
-	// pointers to the start of the chains
+	/* pointers to the start of the chains */
 	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
-	// room to maintain the stack used for jumping from and into udc
+	/* room to maintain the stack used for jumping from and into udc */
 	struct ebt_chainstack **chainstack;
 	char *entries;
 	struct ebt_counter counters[0] ____cacheline_aligned;
@@ -253,11 +254,11 @@ struct ebt_table
 	struct ebt_replace *table;
 	unsigned int valid_hooks;
 	rwlock_t lock;
-	// e.g. could be the table explicitly only allows certain
-	// matches, targets, ... 0 == let it in
+	/* e.g. could be the table explicitly only allows certain
+	 * matches, targets, ... 0 == let it in */
 	int (*check)(const struct ebt_table_info *info,
 	   unsigned int valid_hooks);
-	// the data used by the kernel
+	/* the data used by the kernel */
 	struct ebt_table_info *private;
 };

@@ -273,20 +274,20 @@ extern unsigned int ebt_do_table(unsigned int hook, struct sk_buff **pskb,
   const struct net_device *in, const struct net_device *out,
   struct ebt_table *table);

-   // Used in the kernel match() functions
+/* Used in the kernel match() functions */
 #define FWINV(bool,invflg) ((bool) ^ !!(info->invflags & invflg))
-// True if the hook mask denotes that the rule is in a base chain,
-// used in the check() functions
+/* True if the hook mask denotes that the rule is in a base chain,
+ * used in the check() functions */
 #define BASE_CHAIN (hookmask & (1 << NF_BR_NUMHOOKS))
-// Clear the bit in the hook mask that tells if the rule is on a base chain
+/* Clear the bit in the hook mask that tells if the rule is on a base chain */
 #define CLEAR_BASE_CHAIN_BIT (hookmask &= ~(1 << NF_BR_NUMHOOKS))
-// True if the target is not a standard target
+/* True if the target is not a standard target */
 #define INVALID_TARGET (info->target < -NUM_STANDARD_TARGETS || info->target >= 0)

 #endif /* __KERNEL__ */

-// blatently stolen from ip_tables.h
-// fn returns 0 to continue iteration
+/* blatently stolen from ip_tables.h
+ * fn returns 0 to continue iteration */
 #define EBT_MATCH_ITERATE(e, fn, args...)                   \
 ({                                                          \
 	unsigned int __i;                                   \

--- a/net/bridge/netfilter/ebt_arp.c
+++ b/net/bridge/netfilter/ebt_arp.c
@@ -2,7 +2,7 @@
 *  ebt_arp
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *	Tim Gardner <timg@tpi.com>
 *
 *  April, 2002
@@ -37,10 +37,10 @@ static int ebt_filter_arp(const struct sk_buff *skb, const struct net_device *in
 		uint32_t dst;
 		uint32_t src;

-		// Make sure the packet is long enough.
+		/* Make sure the packet is long enough */
 		if ((((*skb).nh.raw) + arp_len) > (*skb).tail)
 			return EBT_NOMATCH;
-		// IPv4 addresses are always 4 bytes.
+		/* IPv4 addresses are always 4 bytes */
 		if (((*skb).nh.arph)->ar_pln != sizeof(uint32_t))
 			return EBT_NOMATCH;

@@ -82,8 +82,10 @@ static int ebt_arp_check(const char *tablename, unsigned int hookmask,

 static struct ebt_match filter_arp =
 {
-	{NULL, NULL}, EBT_ARP_MATCH, ebt_filter_arp, ebt_arp_check, NULL,
-	THIS_MODULE
+	.name		= EBT_ARP_MATCH,
+	.match		= ebt_filter_arp,
+	.check		= ebt_arp_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_dnat.c
+++ b/net/bridge/netfilter/ebt_dnat.c
@@ -2,7 +2,7 @@
 *  ebt_dnat
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  June, 2002
 *
@@ -45,8 +45,10 @@ static int ebt_target_dnat_check(const char *tablename, unsigned int hookmask,

 static struct ebt_target dnat =
 {
-	{NULL, NULL}, EBT_DNAT_TARGET, ebt_target_dnat, ebt_target_dnat_check,
-	NULL, THIS_MODULE
+	.name		= EBT_DNAT_TARGET,
+	.target		= ebt_target_dnat,
+	.check		= ebt_target_dnat_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_ip.c
+++ b/net/bridge/netfilter/ebt_ip.c
@@ -2,7 +2,7 @@
 *  ebt_ip
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  April, 2002
 *
@@ -86,7 +86,7 @@ static int ebt_ip_check(const char *tablename, unsigned int hookmask,
 	if (info->bitmask & ~EBT_IP_MASK || info->invflags & ~EBT_IP_MASK)
 		return -EINVAL;
 	if (info->bitmask & (EBT_IP_DPORT | EBT_IP_SPORT)) {
-		if (!info->bitmask & EBT_IPROTO)
+		if (!(info->bitmask & EBT_IPROTO))
 			return -EINVAL;
 		if (info->protocol != IPPROTO_TCP &&
 		    info->protocol != IPPROTO_UDP)
@@ -101,8 +101,10 @@ static int ebt_ip_check(const char *tablename, unsigned int hookmask,

 static struct ebt_match filter_ip =
 {
-	{NULL, NULL}, EBT_IP_MATCH, ebt_filter_ip, ebt_ip_check, NULL,
-	THIS_MODULE
+	.name		= EBT_IP_MATCH,
+	.match		= ebt_filter_ip,
+	.check		= ebt_ip_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_log.c
+++ b/net/bridge/netfilter/ebt_log.c
@@ -2,7 +2,7 @@
 *  ebt_log
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  April, 2002
 *
@@ -80,8 +80,10 @@ static void ebt_log(const struct sk_buff *skb, const struct net_device *in,

 static struct ebt_watcher log =
 {
-	{NULL, NULL}, EBT_LOG_WATCHER, ebt_log, ebt_log_check, NULL,
-	THIS_MODULE
+	.name		= EBT_LOG_WATCHER,
+	.watcher	= ebt_log,
+	.check		= ebt_log_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_mark.c
+++ b/net/bridge/netfilter/ebt_mark.c
@@ -2,15 +2,16 @@
 *  ebt_mark
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  July, 2002
 *
 */

-// The mark target can be used in any chain
-// I believe adding a mangle table just for marking is total overkill
-// Marking a frame doesn't really change anything in the frame anyway
+/* The mark target can be used in any chain,
+ * I believe adding a mangle table just for marking is total overkill.
+ * Marking a frame doesn't really change anything in the frame anyway.
+ */

 #include <linux/netfilter_bridge/ebtables.h>
 #include <linux/netfilter_bridge/ebt_mark_t.h>
@@ -46,8 +47,10 @@ static int ebt_target_mark_check(const char *tablename, unsigned int hookmask,

 static struct ebt_target mark_target =
 {
-	{NULL, NULL}, EBT_MARK_TARGET, ebt_target_mark,
-	ebt_target_mark_check, NULL, THIS_MODULE
+	.name		= EBT_MARK_TARGET,
+	.target		= ebt_target_mark,
+	.check		= ebt_target_mark_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_mark_m.c
+++ b/net/bridge/netfilter/ebt_mark_m.c
@@ -2,7 +2,7 @@
 *  ebt_mark_m
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  July, 2002
 *
@@ -41,8 +41,10 @@ static int ebt_mark_check(const char *tablename, unsigned int hookmask,

 static struct ebt_match filter_mark =
 {
-	{NULL, NULL}, EBT_MARK_MATCH, ebt_filter_mark, ebt_mark_check, NULL,
-	THIS_MODULE
+	.name		= EBT_MARK_MATCH,
+	.match		= ebt_filter_mark,
+	.check		= ebt_mark_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_redirect.c
+++ b/net/bridge/netfilter/ebt_redirect.c
@@ -2,7 +2,7 @@
 *  ebt_redirect
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  April, 2002
 *
@@ -51,8 +51,10 @@ static int ebt_target_redirect_check(const char *tablename, unsigned int hookmas

 static struct ebt_target redirect_target =
 {
-	{NULL, NULL}, EBT_REDIRECT_TARGET, ebt_target_redirect,
-	ebt_target_redirect_check, NULL, THIS_MODULE
+	.name		= EBT_REDIRECT_TARGET,
+	.target		= ebt_target_redirect,
+	.check		= ebt_target_redirect_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_snat.c
+++ b/net/bridge/netfilter/ebt_snat.c
@@ -2,7 +2,7 @@
 *  ebt_snat
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  June, 2002
 *
@@ -44,8 +44,10 @@ static int ebt_target_snat_check(const char *tablename, unsigned int hookmask,

 static struct ebt_target snat =
 {
-	{NULL, NULL}, EBT_SNAT_TARGET, ebt_target_snat, ebt_target_snat_check,
-	NULL, THIS_MODULE
+	.name		= EBT_SNAT_TARGET,
+	.target		= ebt_target_snat,
+	.check		= ebt_target_snat_check,
+	.me		= THIS_MODULE,
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebt_vlan.c
+++ b/net/bridge/netfilter/ebt_vlan.c
 /*
 * Description: EBTables 802.1Q match extension kernelspace module.
 * Authors: Nick Fedchik <nick@fedchik.org.ua>
- *          Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *          Bart De Schuymer <bdschuym@pandora.be>
 *    
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -226,12 +226,10 @@ ebt_check_vlan(const char *tablename,
 }

 static struct ebt_match filter_vlan = {
-	{NULL, NULL},
-	EBT_VLAN_MATCH,
-	ebt_filter_vlan,
-	ebt_check_vlan,
-	NULL,
-	THIS_MODULE
+	.name		= EBT_VLAN_MATCH,
+	.match		= ebt_filter_vlan,
+	.check		= ebt_check_vlan,
+	.me		= THIS_MODULE,
 };

 /*

--- a/net/bridge/netfilter/ebtable_broute.c
+++ b/net/bridge/netfilter/ebtable_broute.c
@@ -2,7 +2,7 @@
 *  ebtable_broute
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  April, 2002
 *
@@ -16,8 +16,9 @@
 #include <linux/if_bridge.h>
 #include <linux/brlock.h>

-// EBT_ACCEPT means the frame will be bridged
-// EBT_DROP means the frame will be routed
+/* EBT_ACCEPT means the frame will be bridged
+ * EBT_DROP means the frame will be routed
+ */
 static struct ebt_entries initial_chain = {
 	.name		= "BROUTING",
 	.policy		= EBT_ACCEPT,
@@ -31,7 +32,7 @@ static struct ebt_replace initial_table =
 	.hook_entry	= {
 		[NF_BR_BROUTING]	= &initial_chain,
 	},
-	.entries	= (char *)&initial_chain
+	.entries	= (char *)&initial_chain,
 };

 static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
@@ -57,8 +58,8 @@ static int ebt_broute(struct sk_buff **pskb)
 	ret = ebt_do_table(NF_BR_BROUTING, pskb, (*pskb)->dev, NULL,
 	   &broute_table);
 	if (ret == NF_DROP)
-		return 1; // route it
-	return 0; // bridge it
+		return 1; /* route it */
+	return 0; /* bridge it */
 }

 static int __init init(void)
@@ -69,7 +70,7 @@ static int __init init(void)
 	if (ret < 0)
 		return ret;
 	br_write_lock_bh(BR_NETPROTO_LOCK);
-	// see br_input.c
+	/* see br_input.c */
 	br_should_route_hook = ebt_broute;
 	br_write_unlock_bh(BR_NETPROTO_LOCK);
 	return ret;

--- a/net/bridge/netfilter/ebtable_filter.c
+++ b/net/bridge/netfilter/ebtable_filter.c
@@ -2,7 +2,7 @@
 *  ebtable_filter
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  April, 2002
 *
@@ -27,7 +27,7 @@ static struct ebt_entries initial_chains[] =
 	{
 		.name	= "OUTPUT",
 		.policy	= EBT_ACCEPT,
-	}
+	},
 };

 static struct ebt_replace initial_table =
@@ -40,7 +40,7 @@ static struct ebt_replace initial_table =
 		[NF_BR_FORWARD]		= &initial_chains[1],
 		[NF_BR_LOCAL_OUT]	= &initial_chains[2],
 	},
-	.entries	= (char *)initial_chains
+	.entries	= (char *)initial_chains,
 };

 static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
@@ -77,14 +77,14 @@ static struct nf_hook_ops ebt_ops_filter[] = {
 		.hook		= ebt_hook,
 		.pf		= PF_BRIDGE,
 		.hooknum	= NF_BR_FORWARD,
-		.priority	= NF_BR_PRI_FILTER_BRIDGED
+		.priority	= NF_BR_PRI_FILTER_BRIDGED,
 	},
 	{
 		.hook		= ebt_hook,
 		.pf		= PF_BRIDGE,
 		.hooknum	= NF_BR_LOCAL_OUT,
-		.priority	= NF_BR_PRI_FILTER_OTHER
-	}
+		.priority	= NF_BR_PRI_FILTER_OTHER,
+	},
 };

 static int __init init(void)

--- a/net/bridge/netfilter/ebtable_nat.c
+++ b/net/bridge/netfilter/ebtable_nat.c
@@ -2,7 +2,7 @@
 *  ebtable_nat
 *
 *	Authors:
- *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  April, 2002
 *
@@ -39,7 +39,7 @@ static struct ebt_replace initial_table =
 		[NF_BR_LOCAL_OUT]	= &initial_chains[1],
 		[NF_BR_POST_ROUTING]	= &initial_chains[2],
 	},
-	.entries	= (char *)initial_chains
+	.entries	= (char *)initial_chains,
 };

 static int check(const struct ebt_table_info *info, unsigned int valid_hooks)
@@ -77,19 +77,19 @@ static struct nf_hook_ops ebt_ops_nat[] = {
 		.hook		= ebt_nat_dst,
 		.pf		= PF_BRIDGE,
 		.hooknum	= NF_BR_LOCAL_OUT,
-		.priority	= NF_BR_PRI_NAT_DST_OTHER
+		.priority	= NF_BR_PRI_NAT_DST_OTHER,
 	},
 	{
 		.hook		= ebt_nat_src,
 		.pf		= PF_BRIDGE,
 		.hooknum	= NF_BR_POST_ROUTING,
-		.priority	= NF_BR_PRI_NAT_SRC
+		.priority	= NF_BR_PRI_NAT_SRC,
 	},
 	{
 		.hook		= ebt_nat_dst,
 		.pf		= PF_BRIDGE,
 		.hooknum	= NF_BR_PRE_ROUTING,
-		.priority	= NF_BR_PRI_NAT_DST_BRIDGED
+		.priority	= NF_BR_PRI_NAT_DST_BRIDGED,
 	},
 };


--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -365,7 +365,7 @@ ebt_check_match(struct ebt_entry_match *m, struct ebt_entry *e,
 	m->u.match = match;
 	if (!try_module_get(match->me)) {
 		up(&ebt_mutex);
-		return -EINVAL;
+		return -ENOENT;
 	}
 	up(&ebt_mutex);
 	if (match->check &&
@@ -394,7 +394,7 @@ ebt_check_watcher(struct ebt_entry_watcher *w, struct ebt_entry *e,
 	w->u.watcher = watcher;
 	if (!try_module_get(watcher->me)) {
 		up(&ebt_mutex);
-		return -EINVAL;
+		return -ENOENT;
 	}
 	up(&ebt_mutex);
 	if (watcher->check &&
@@ -634,6 +634,7 @@ ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo,
 		goto cleanup_watchers;
 	if (!try_module_get(target->me)) {
 		up(&ebt_mutex);
+		ret = -ENOENT;
 		goto cleanup_watchers;
 	}
 	up(&ebt_mutex);