[NETFILTER]: ip6_tables: per-netns IPv6 FILTER, MANGLE, RAW
Now it's possible to list and manipulate per-netns ip6tables rules. Filtering decisions are based on init_net's table so far. P.S.: remove init_net check in inet6_create() to see the effect Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Alexey Dobriyan
committed by
David S. Miller
David S. Miller
parent
336b517fdc
commit
8280aa6182
@ -31,5 +31,10 @@ struct netns_ipv6 {
|
||||
struct ipv6_devconf *devconf_all;
|
||||
struct ipv6_devconf *devconf_dflt;
|
||||
struct netns_frags frags;
|
||||
#ifdef CONFIG_NETFILTER
|
||||
struct xt_table *ip6table_filter;
|
||||
struct xt_table *ip6table_mangle;
|
||||
struct xt_table *ip6table_raw;
|
||||
#endif
|
||||
};
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user