[NETFILTER]: x_tables: switch xt_match->match to bool

	/* Arguments changed since 2.6.9, as this must now handle

	   non-linear skb, using skb_header_pointer and

	   skb_ip_make_writable. */

	int (*match)(const struct sk_buff *skb,

	bool (*match)(const struct sk_buff *skb,

		      const struct net_device *in,

		      const struct net_device *out,

		      const struct xt_match *match,

}

static inline

int do_match(struct ipt_entry_match *m,

bool do_match(struct ipt_entry_match *m,

	      const struct sk_buff *skb,

	      const struct net_device *in,

	      const struct net_device *out,

	/* Stop iteration if it doesn't match */

	if (!m->u.kernel.match->match(skb, in, out, m->u.kernel.match, m->data,

				      offset, ip_hdrlen(skb), hotdrop))

		return 1;

		return true;

	else

		return 0;

		return false;

}

static inline struct ipt_entry *

}

/* Returns 1 if the type and code is matched by the range, 0 otherwise */

static inline int

static inline bool

icmp_type_code_match(u_int8_t test_type, u_int8_t min_code, u_int8_t max_code,

		     u_int8_t type, u_int8_t code,

		     int invert)

		     bool invert)

{

	return ((test_type == 0xFF) || (type == test_type && code >= min_code && code <= max_code))

		^ invert;

}

static int

static bool

icmp_match(const struct sk_buff *skb,

	   const struct net_device *in,

	   const struct net_device *out,

	/* Must not be a fragment. */

	if (offset)

		return 0;

		return false;

	ic = skb_header_pointer(skb, protoff, sizeof(_icmph), &_icmph);

	if (ic == NULL) {

		 */

		duprintf("Dropping evil ICMP tinygram.\n");

		*hotdrop = true;

		return 0;

		return false;

	}

	return icmp_type_code_match(icmpinfo->type,

MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");

MODULE_DESCRIPTION("iptables addrtype match");

static inline int match_type(__be32 addr, u_int16_t mask)

static inline bool match_type(__be32 addr, u_int16_t mask)

{

	return !!(mask & (1 << inet_addr_type(addr)));

}

static int match(const struct sk_buff *skb,

static bool match(const struct sk_buff *skb,

		  const struct net_device *in, const struct net_device *out,

		  const struct xt_match *match, const void *matchinfo,

		  int offset, unsigned int protoff, bool *hotdrop)

{

	const struct ipt_addrtype_info *info = matchinfo;

	const struct iphdr *iph = ip_hdr(skb);

	int ret = 1;

	bool ret = true;

	if (info->source)

		ret &= match_type(iph->saddr, info->source)^info->invert_source;

#endif

/* Returns 1 if the spi is matched by the range, 0 otherwise */

static inline int

spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, int invert)

static inline bool

spi_match(u_int32_t min, u_int32_t max, u_int32_t spi, bool invert)

{

	int r=0;

	bool r;

	duprintf("ah spi_match:%c 0x%x <= 0x%x <= 0x%x",invert? '!':' ',

		min,spi,max);

	r=(spi >= min && spi <= max) ^ invert;

	return r;

}

static int

static bool

match(const struct sk_buff *skb,

      const struct net_device *in,

      const struct net_device *out,

	/* Must not be a fragment. */

	if (offset)

		return 0;

		return false;

	ah = skb_header_pointer(skb, protoff,

				sizeof(_ahdr), &_ahdr);

MODULE_DESCRIPTION("iptables ECN matching module");

MODULE_LICENSE("GPL");

static inline int match_ip(const struct sk_buff *skb,

static inline bool match_ip(const struct sk_buff *skb,

			    const struct ipt_ecn_info *einfo)

{

	return (ip_hdr(skb)->tos & IPT_ECN_IP_MASK) == einfo->ip_ect;

}

static inline int match_tcp(const struct sk_buff *skb,

static inline bool match_tcp(const struct sk_buff *skb,

			     const struct ipt_ecn_info *einfo,

			     bool *hotdrop)

{

	th = skb_header_pointer(skb, ip_hdrlen(skb), sizeof(_tcph), &_tcph);

	if (th == NULL) {

		*hotdrop = false;

		return 0;

		return false;

	}

	if (einfo->operation & IPT_ECN_OP_MATCH_ECE) {

		if (einfo->invert & IPT_ECN_OP_MATCH_ECE) {

			if (th->ece == 1)

				return 0;

				return false;

		} else {

			if (th->ece == 0)

				return 0;

				return false;

		}

	}

	if (einfo->operation & IPT_ECN_OP_MATCH_CWR) {

		if (einfo->invert & IPT_ECN_OP_MATCH_CWR) {

			if (th->cwr == 1)

				return 0;

				return false;

		} else {

			if (th->cwr == 0)

				return 0;

				return false;

		}

	}

	return 1;

	return true;

}

static int match(const struct sk_buff *skb,

static bool match(const struct sk_buff *skb,

		  const struct net_device *in, const struct net_device *out,

		  const struct xt_match *match, const void *matchinfo,

		  int offset, unsigned int protoff, bool *hotdrop)

	if (info->operation & IPT_ECN_OP_MATCH_IP)

		if (!match_ip(skb, info))

			return 0;

			return false;

	if (info->operation & (IPT_ECN_OP_MATCH_ECE|IPT_ECN_OP_MATCH_CWR)) {

		if (ip_hdr(skb)->protocol != IPPROTO_TCP)

			return 0;

			return false;

		if (!match_tcp(skb, info, hotdrop))

			return 0;

			return false;

	}

	return 1;

	return true;

}

static int checkentry(const char *tablename, const void *ip_void,