diff options
| author | Patrick McHardy <kaber@trash.net> | 2015-04-10 21:27:39 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-04-13 11:17:31 -0400 |
| commit | 7d7402642eaf385aef0772eff5a35e34fc4995d7 (patch) | |
| tree | 340e51ce8070314a423634a21a3dc31fe3e6b0c9 /include/net | |
| parent | d0a11fc3dc4ab4c717642c9c15c8ad1cbc00d2ec (diff) | |
netfilter: nf_tables: variable sized set element keys / data
This patch changes sets to support variable sized set element keys / data
up to 64 bytes each by using variable sized set extensions. This allows
to use concatenations with bigger data items suchs as IPv6 addresses.
As a side effect, small keys/data now don't require the full 16 bytes
of struct nft_data anymore but just the space they need.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/netfilter/nf_tables.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 160577bf0f0a..cb42da1011ef 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h | |||
| @@ -158,7 +158,10 @@ struct nft_userdata { | |||
| 158 | * @priv: element private data and extensions | 158 | * @priv: element private data and extensions |
| 159 | */ | 159 | */ |
| 160 | struct nft_set_elem { | 160 | struct nft_set_elem { |
| 161 | struct nft_data key; | 161 | union { |
| 162 | u32 buf[NFT_DATA_VALUE_MAXLEN / sizeof(u32)]; | ||
| 163 | struct nft_data val; | ||
| 164 | } key; | ||
| 162 | void *priv; | 165 | void *priv; |
| 163 | }; | 166 | }; |
| 164 | 167 | ||