netfilter: add and use nf_ct_netns_get/put
authorFlorian Westphal <fw@strlen.de>
Tue, 15 Nov 2016 20:36:40 +0000 (21:36 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sun, 4 Dec 2016 20:16:50 +0000 (21:16 +0100)
commitecb2421b5ddf48e6e116fced7f74c985bb546138
tree0fdfc2639bead099d3e54c2d5731eb05e856f766
parenta379854d91b2cb0af07b0f62845449f4dacbd673
netfilter: add and use nf_ct_netns_get/put

currently aliased to try_module_get/_put.
Will be changed in next patch when we add functions to make use of ->net
argument to store usercount per l3proto tracker.

This is needed to avoid registering the conntrack hooks in all netns and
later only enable connection tracking in those that need conntrack.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
15 files changed:
include/net/netfilter/nf_conntrack.h
net/ipv4/netfilter/ipt_CLUSTERIP.c
net/ipv4/netfilter/ipt_SYNPROXY.c
net/ipv6/netfilter/ip6t_SYNPROXY.c
net/netfilter/nf_conntrack_proto.c
net/netfilter/nft_ct.c
net/netfilter/xt_CONNSECMARK.c
net/netfilter/xt_CT.c
net/netfilter/xt_connbytes.c
net/netfilter/xt_connlabel.c
net/netfilter/xt_connlimit.c
net/netfilter/xt_connmark.c
net/netfilter/xt_conntrack.c
net/netfilter/xt_helper.c
net/netfilter/xt_state.c