mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
[NETFILTER]: x_tables: per-netns xt_tables
In fact all we want is per-netns set of rules, however doing that will unnecessary complicate routines such as ipt_hook()/ipt_do_table, so make full xt_table array per-netns. Every user stubbed with init_net for a while. Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Alexey Dobriyan
David S. Miller
parent
a98da11d88
commit
8d87005207
7 changed files with 60 additions and 30 deletions
10
include/net/netns/x_tables.h
Normal file
10
include/net/netns/x_tables.h
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
#ifndef __NETNS_X_TABLES_H
|
||||
#define __NETNS_X_TABLES_H
|
||||
|
||||
#include <linux/list.h>
|
||||
#include <linux/net.h>
|
||||
|
||||
struct netns_xt {
|
||||
struct list_head tables[NPROTO];
|
||||
};
|
||||
#endif
|
||||
Loading…
Add table
Add a link
Reference in a new issue