]> err.no Git - linux-2.6/commit
[NETFILTER]: ip_tables: per-netns FILTER, MANGLE, RAW
authorAlexey Dobriyan <adobriyan@sw.ru>
Thu, 31 Jan 2008 12:03:23 +0000 (04:03 -0800)
committerDavid S. Miller <davem@davemloft.net>
Fri, 1 Feb 2008 03:27:38 +0000 (19:27 -0800)
commit9335f047fe61587ec82ff12fbb1220bcfdd32006
tree7200b38dfecbc1a7c21f39a62c88f4e154de2777
parent34bd137ba744c2e3a320ff50ac64ae51556cdfae
[NETFILTER]: ip_tables: per-netns FILTER, MANGLE, RAW

Now, iptables show and configure different set of rules in different
netnss'. Filtering decisions are still made by consulting only
init_net's set.

Changes are identical except naming so no splitting.

P.S.: one need to remove init_net checks in nf_sockopt.c and inet_create()
      to see the effect.

Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/netns/ipv4.h
net/ipv4/netfilter/iptable_filter.c
net/ipv4/netfilter/iptable_mangle.c
net/ipv4/netfilter/iptable_raw.c