diff options
| author | Dmitry Torokhov <dmitry.torokhov@gmail.com> | 2022-01-15 12:09:44 -0800 |
|---|---|---|
| committer | Dmitry Torokhov <dmitry.torokhov@gmail.com> | 2022-01-15 12:09:44 -0800 |
| commit | 762f99f4f3cb41a775b5157dd761217beba65873 (patch) | |
| tree | 2e93410a577dfff1202ea5b0d109460b97650e58 /include/linux/netfilter | |
| parent | cf73ed894ee939d6706d65e0cd186e4a64e3af6d (diff) | |
| parent | b6e43dddaea3dbfa93327f986beb3ec5e8157c4c (diff) | |
| download | cachepc-linux-762f99f4f3cb41a775b5157dd761217beba65873.tar.gz cachepc-linux-762f99f4f3cb41a775b5157dd761217beba65873.zip | |
Merge branch 'next' into for-linus
Prepare input updates for 5.17 merge window.
Diffstat (limited to 'include/linux/netfilter')
| -rw-r--r-- | include/linux/netfilter/ipset/ip_set.h | 3 | ||||
| -rw-r--r-- | include/linux/netfilter/nf_conntrack_common.h | 1 | ||||
| -rw-r--r-- | include/linux/netfilter/nfnetlink.h | 1 | ||||
| -rw-r--r-- | include/linux/netfilter/x_tables.h | 8 |
4 files changed, 9 insertions, 4 deletions
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h index 10279c4830ac..ada1296c87d5 100644 --- a/include/linux/netfilter/ipset/ip_set.h +++ b/include/linux/netfilter/ipset/ip_set.h @@ -196,6 +196,9 @@ struct ip_set_region { u32 elements; /* Number of elements vs timeout */ }; +/* Max range where every element is added/deleted in one step */ +#define IPSET_MAX_RANGE (1<<20) + /* The max revision number supported by any set type + 1 */ #define IPSET_REVISION_MAX 9 diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h index 0c7d8d1e945d..700ea077ce2d 100644 --- a/include/linux/netfilter/nf_conntrack_common.h +++ b/include/linux/netfilter/nf_conntrack_common.h @@ -18,6 +18,7 @@ struct ip_conntrack_stat { unsigned int expect_create; unsigned int expect_delete; unsigned int search_restart; + unsigned int chaintoolong; }; #define NFCT_INFOMASK 7UL diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h index 515ce53aa20d..241e005f290a 100644 --- a/include/linux/netfilter/nfnetlink.h +++ b/include/linux/netfilter/nfnetlink.h @@ -11,6 +11,7 @@ struct nfnl_info { struct net *net; struct sock *sk; const struct nlmsghdr *nlh; + const struct nfgenmsg *nfmsg; struct netlink_ext_ack *extack; }; diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 07c6ad8f2a02..5897f3dbaf7c 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h @@ -36,8 +36,8 @@ struct xt_action_param { const void *matchinfo, *targinfo; }; const struct nf_hook_state *state; - int fragoff; unsigned int thoff; + u16 fragoff; bool hotdrop; }; @@ -238,9 +238,6 @@ struct xt_table { u_int8_t af; /* address/protocol family */ int priority; /* hook order */ - /* called when table is needed in the given netns */ - int (*table_init)(struct net *net); - /* A unique name... */ const char name[XT_TABLE_MAXNAMELEN]; }; @@ -452,6 +449,9 @@ xt_get_per_cpu_counter(struct xt_counters *cnt, unsigned int cpu) struct nf_hook_ops *xt_hook_ops_alloc(const struct xt_table *, nf_hookfn *); +int xt_register_template(const struct xt_table *t, int(*table_init)(struct net *net)); +void xt_unregister_template(const struct xt_table *t); + #ifdef CONFIG_NETFILTER_XTABLES_COMPAT #include <net/compat.h> |