projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ddcfa71) | patch
netfilter: add inet ingress support
authorPablo Neira Ayuso <pablo@netfilter.org>
Wed, 7 Oct 2020 23:14:47 +0000 (01:14 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sun, 11 Oct 2020 23:57:34 +0000 (01:57 +0200)
commit60a3815da702fd9e4759945f26cce5c47d3967ad
tree24e82983b0beedc92c51921f49f13089bfb20ae2tree | snapshot
parentddcfa710d40b39e3134d318e5fe07ba672288054commit | diff
netfilter: add inet ingress support

This patch adds the NF_INET_INGRESS pseudohook for the NFPROTO_INET
family. This is a mapping this new hook to the existing NFPROTO_NETDEV
and NF_NETDEV_INGRESS hook. The hook does not guarantee that packets are
inet only, users must filter out non-ip traffic explicitly.

This infrastructure makes it easier to support this new hook in nf_tables.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/uapi/linux/netfilter.h diff | blob | history
net/netfilter/core.c diff | blob | history