mirror of
https://github.com/torvalds/linux
synced 2024-10-01 17:00:41 +00:00
a4aeafa28c
This changes how ip(6)table nat passes the ruleset/table to the evaluation loop. At the moment, it will fetch the table from struct net. This change stores the table in the hook_ops 'priv' argument instead. This requires to duplicate the hook_ops for each netns, so they can store the (per-net) xt_table structure. The dupliated nat hook_ops get stored in net_generic data area. They are free'd in the namespace exit path. This is a pre-requisite to remove the xt_table/ruleset pointers from struct net. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |
||
---|---|---|
.. | ||
arp_tables.c | ||
arpt_mangle.c | ||
arptable_filter.c | ||
ip_tables.c | ||
ipt_ah.c | ||
ipt_CLUSTERIP.c | ||
ipt_ECN.c | ||
ipt_REJECT.c | ||
ipt_rpfilter.c | ||
ipt_SYNPROXY.c | ||
iptable_filter.c | ||
iptable_mangle.c | ||
iptable_nat.c | ||
iptable_raw.c | ||
iptable_security.c | ||
Kconfig | ||
Makefile | ||
nf_defrag_ipv4.c | ||
nf_dup_ipv4.c | ||
nf_flow_table_ipv4.c | ||
nf_nat_h323.c | ||
nf_nat_pptp.c | ||
nf_nat_snmp_basic.asn1 | ||
nf_nat_snmp_basic_main.c | ||
nf_reject_ipv4.c | ||
nf_socket_ipv4.c | ||
nf_tproxy_ipv4.c | ||
nft_dup_ipv4.c | ||
nft_fib_ipv4.c | ||
nft_reject_ipv4.c |