]> err.no Git - linux-2.6/commit
[NETFILTER]: ipt_addrtype: limit address type checking to an interface
authorLaszlo Attila Toth <panther@balabit.hu>
Wed, 5 Dec 2007 07:30:18 +0000 (23:30 -0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 28 Jan 2008 22:55:56 +0000 (14:55 -0800)
commite2cf5ecbea861ff05105bbd40f4f0d7823d9e213
treef1563dbe6d1e3c06f63d966e43d5c777c912ca4a
parent0553811612a6178365f3b062c30234913b218a96
[NETFILTER]: ipt_addrtype: limit address type checking to an interface

Addrtype match has a new revision (1), which lets address type checking
limited to the interface the current packet belongs to. Either incoming
or outgoing interface can be used depending on the current hook. In the
FORWARD hook two maches should be used if both interfaces have to be checked.
The new structure is ipt_addrtype_info_v1.

Revision 0 lets older userspace programs use the match as earlier.
ipt_addrtype_info is used.

Signed-off-by: Laszlo Attila Toth <panther@balabit.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/linux/netfilter_ipv4/ipt_addrtype.h
net/ipv4/netfilter/ipt_addrtype.c