diff options
| author | Alexey Dobriyan <adobriyan@gmail.com> | 2008-10-08 05:35:01 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 05:35:01 -0400 |
| commit | 1339dd91719f3e841b113ddaccd30fd87b9d2332 (patch) | |
| tree | 7b56845e2a55ce142a1e35dab7878132f75fc83d /net/ipv6 | |
| parent | 48dc7865aa3db9404aedc8677d9daf8f8f469ab0 (diff) | |
netfilter: netns: ip6table_raw in netns for real
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/netfilter/ip6table_raw.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/net/ipv6/netfilter/ip6table_raw.c b/net/ipv6/netfilter/ip6table_raw.c index 92b91077ac29..109fab6f831a 100644 --- a/net/ipv6/netfilter/ip6table_raw.c +++ b/net/ipv6/netfilter/ip6table_raw.c | |||
| @@ -45,25 +45,37 @@ static struct xt_table packet_raw = { | |||
| 45 | 45 | ||
| 46 | /* The work comes in here from netfilter.c. */ | 46 | /* The work comes in here from netfilter.c. */ |
| 47 | static unsigned int | 47 | static unsigned int |
| 48 | ip6t_hook(unsigned int hook, | 48 | ip6t_pre_routing_hook(unsigned int hook, |
| 49 | struct sk_buff *skb, | 49 | struct sk_buff *skb, |
| 50 | const struct net_device *in, | 50 | const struct net_device *in, |
| 51 | const struct net_device *out, | 51 | const struct net_device *out, |
| 52 | int (*okfn)(struct sk_buff *)) | 52 | int (*okfn)(struct sk_buff *)) |
| 53 | { | 53 | { |
| 54 | return ip6t_do_table(skb, hook, in, out, init_net.ipv6.ip6table_raw); | 54 | return ip6t_do_table(skb, hook, in, out, |
| 55 | dev_net(in)->ipv6.ip6table_raw); | ||
| 56 | } | ||
| 57 | |||
| 58 | static unsigned int | ||
| 59 | ip6t_local_out_hook(unsigned int hook, | ||
| 60 | struct sk_buff *skb, | ||
| 61 | const struct net_device *in, | ||
| 62 | const struct net_device *out, | ||
| 63 | int (*okfn)(struct sk_buff *)) | ||
| 64 | { | ||
| 65 | return ip6t_do_table(skb, hook, in, out, | ||
| 66 | dev_net(out)->ipv6.ip6table_raw); | ||
| 55 | } | 67 | } |
| 56 | 68 | ||
| 57 | static struct nf_hook_ops ip6t_ops[] __read_mostly = { | 69 | static struct nf_hook_ops ip6t_ops[] __read_mostly = { |
| 58 | { | 70 | { |
| 59 | .hook = ip6t_hook, | 71 | .hook = ip6t_pre_routing_hook, |
| 60 | .pf = PF_INET6, | 72 | .pf = PF_INET6, |
| 61 | .hooknum = NF_INET_PRE_ROUTING, | 73 | .hooknum = NF_INET_PRE_ROUTING, |
| 62 | .priority = NF_IP6_PRI_FIRST, | 74 | .priority = NF_IP6_PRI_FIRST, |
| 63 | .owner = THIS_MODULE, | 75 | .owner = THIS_MODULE, |
| 64 | }, | 76 | }, |
| 65 | { | 77 | { |
| 66 | .hook = ip6t_hook, | 78 | .hook = ip6t_local_out_hook, |
| 67 | .pf = PF_INET6, | 79 | .pf = PF_INET6, |
| 68 | .hooknum = NF_INET_LOCAL_OUT, | 80 | .hooknum = NF_INET_LOCAL_OUT, |
| 69 | .priority = NF_IP6_PRI_FIRST, | 81 | .priority = NF_IP6_PRI_FIRST, |