8d87005207
In fact all we want is per-netns set of rules, however doing that will unnecessary complicate routines such as ipt_hook()/ipt_do_table, so make full xt_table array per-netns. Every user stubbed with init_net for a while. Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
11 lines
165 B
C
11 lines
165 B
C
#ifndef __NETNS_X_TABLES_H
|
|
#define __NETNS_X_TABLES_H
|
|
|
|
#include <linux/list.h>
|
|
#include <linux/net.h>
|
|
|
|
struct netns_xt {
|
|
struct list_head tables[NPROTO];
|
|
};
|
|
#endif
|