netfilter: nf_tables: complete net namespace support

Register family per netnamespace to ensure that sets are only visible in its approapriate namespace. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-10-10 17:28:33 -0400
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-10-14 12:00:59 -0400
commit: 99633ab29b2131b68089a6c7f60458390860e044 (patch)
tree: eb7e2ecd9ed875ed4d3a050b95ed3d77bbde762b /include/net/netns
parent: eb31628e37a0a4e01fffd79dcc7f815d2357f53a (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/include/net/netns/nftables.h b/include/net/netns/nftables.h
new file mode 100644
index 000000000000..a98b1c5d9913
--- /dev/null
+++ b/include/net/netns/nftables.h
@@ -0,0 +1,15 @@
+#ifndef _NETNS_NFTABLES_H_
+#define _NETNS_NFTABLES_H_
+#include <linux/list.h>
+struct nft_af_info;
+struct netns_nftables {
+        struct list_head        af_info;
+        struct nft_af_info      *ipv4;
+        struct nft_af_info      *ipv6;
+        struct nft_af_info      *bridge;
+};
+#endif
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-10-10 17:28:33 -0400
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-10-14 12:00:59 -0400
commit	99633ab29b2131b68089a6c7f60458390860e044 (patch)
tree	eb7e2ecd9ed875ed4d3a050b95ed3d77bbde762b /include/net/netns
parent	eb31628e37a0a4e01fffd79dcc7f815d2357f53a (diff)

diff --git a/include/net/netns/nftables.h b/include/net/netns/nftables.h new file mode 100644 index 000000000000..a98b1c5d9913 --- /dev/null +++ b/include/net/netns/nftables.h
@@ -0,0 +1,15 @@
	1	#ifndef _NETNS_NFTABLES_H_
	2	#define _NETNS_NFTABLES_H_
	3
	4	#include <linux/list.h>
	5
	6	struct nft_af_info;
	7
	8	struct netns_nftables {
	9	struct list_head af_info;
	10	struct nft_af_info *ipv4;
	11	struct nft_af_info *ipv6;
	12	struct nft_af_info *bridge;
	13	};
	14
	15	#endif