leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
22db3cbcf9
linux/include/net/netfilter
History
Eric W. Biederman 0c4b51f005 netfilter: Pass net into okfn 
This is immediately motivated by the bridge code that chains functions that
call into netfilter.  Without passing net into the okfns the bridge code would
need to guess about the best expression for the network namespace to process
packets in.

As net is frequently one of the first things computed in continuation functions
after netfilter has done it's job passing in the desired network namespace is in
many cases a code simplification.

To support this change the function dst_output_okfn is introduced to
simplify passing dst_output as an okfn.  For the moment dst_output_okfn
just silently drops the struct net.

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-09-17 17:18:37 -07:00
..
ipv4 netfilter: factor out packet duplication for IPv4/IPv6 2015-08-07 11:49:49 +02:00
ipv6 netfilter: factor out packet duplication for IPv4/IPv6 2015-08-07 11:49:49 +02:00
br_netfilter.h netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
nf_conntrack_acct.h
nf_conntrack_core.h netfilter: nf_conntrack: push zone object into functions 2015-08-11 12:29:01 +02:00
nf_conntrack_ecache.h
nf_conntrack_expect.h netfilter: nf_conntrack: push zone object into functions 2015-08-11 12:29:01 +02:00
nf_conntrack_extend.h
nf_conntrack_helper.h
nf_conntrack_l3proto.h netfilter: Convert print_tuple functions to return void 2014-11-05 14:10:33 -05:00
nf_conntrack_l4proto.h netfilter: Convert print_tuple functions to return void 2014-11-05 14:10:33 -05:00
nf_conntrack_labels.h netfilter: connlabels: Export setting connlabel length 2015-08-27 11:40:43 -07:00
nf_conntrack_seqadj.h
nf_conntrack_synproxy.h
nf_conntrack_timeout.h
nf_conntrack_timestamp.h
nf_conntrack_tuple.h
nf_conntrack_zones.h netfilter: nf_conntrack: make nf_ct_zone_dflt built-in 2015-09-02 16:32:56 -07:00
nf_conntrack.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2015-09-05 21:57:42 -07:00
nf_log.h netfilter: restore rule tracing via nfnetlink_log 2015-03-19 11:14:48 +01:00
nf_nat_core.h
nf_nat_helper.h
nf_nat_l3proto.h netfilter: Pass nf_hook_state through nf_nat_ipv6_{in,out,fn,local_fn}(). 2015-04-04 12:48:08 -04:00
nf_nat_l4proto.h
nf_nat_redirect.h netfilter: combine IPv4 and IPv6 nf_nat_redirect code in one module 2014-11-27 13:08:42 +01:00
nf_nat.h netfilter: fix compilation of masquerading without IP_NF_TARGET_MASQUERADE 2014-09-11 17:02:45 +02:00
nf_queue.h netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook 2015-06-23 06:23:23 -07:00
nf_tables_bridge.h netfilter: nf_tables_bridge: export nft_reject_ip*hdr_validate functions 2014-11-27 12:58:05 +01:00
nf_tables_core.h netfilter: nf_tables: add support for dynamic set updates 2015-04-08 16:58:27 +02:00
nf_tables_ipv4.h netfilter: Pass nf_hook_state through nft_set_pktinfo*(). 2015-04-04 12:54:27 -04:00
nf_tables_ipv6.h netfilter: Pass nf_hook_state through nft_set_pktinfo*(). 2015-04-04 12:54:27 -04:00
nf_tables.h netfilter: nf_tables: Use 32 bit addressing register from nft_type_to_reg() 2015-08-19 21:21:41 +02:00
nfnetlink_log.h
nfnetlink_queue.h
nft_dup.h netfilter: nf_tables: add nft_dup expression 2015-08-07 11:49:49 +02:00
nft_masq.h netfilter: nf_tables: restrict nat/masq expressions to nat chain type 2014-10-13 20:42:00 +02:00
nft_meta.h netfilter: nf_tables: get rid of NFT_REG_VERDICT usage 2015-04-13 17:17:07 +02:00
nft_redir.h netfilter: nf_tables: add new expression nft_redir 2014-10-27 22:49:39 +01:00
nft_reject.h netfilter: nft_reject: introduce icmp code abstraction for inet and bridge 2014-10-02 18:29:57 +02:00
xt_rateest.h