projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 02c7b25) | patch
netfilter: nf_tables: enable conntrack if NAT chain is registered
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 27 Mar 2018 09:53:08 +0000 (11:53 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 30 Mar 2018 09:29:19 +0000 (11:29 +0200)
commit43a605f2f722b6e08addedae8545b490fca252c4
treeec3310d2587f35c25d59d79ad4d1460ecc710d75tree | snapshot
parent02c7b25e5f54321b9063e18d4f52cce07f8e081dcommit | diff
netfilter: nf_tables: enable conntrack if NAT chain is registered

Register conntrack hooks if the user adds NAT chains. Users get confused
with the existing behaviour since they will see no packets hitting this
chain until they add the first rule that refers to conntrack.

This patch adds new ->init() and ->free() indirections to chain types
that can be used by NAT chains to invoke the conntrack dependency.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/netfilter/nf_tables.h diff | blob | history
net/ipv4/netfilter/nft_chain_nat_ipv4.c diff | blob | history
net/ipv6/netfilter/nft_chain_nat_ipv6.c diff | blob | history
net/netfilter/nf_tables_api.c diff | blob | history
Domain: System / Kernel;