netfilter: nf_tables: add netdev table to filter from ingress
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 26 May 2015 16:41:40 +0000 (18:41 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 26 May 2015 16:41:23 +0000 (18:41 +0200)
commited6c4136f1571bd6ab362afc3410905a8a69ca42
tree4b8e910c631dce906891caf07a6ab88ec7e12c4f
parentebddf1a8d78aa3436353fae75c4396e50cb2d6cf
netfilter: nf_tables: add netdev table to filter from ingress

This allows us to create netdev tables that contain ingress chains. Use
skb_header_pointer() as we may see shared sk_buffs at this stage.

This change provides access to the existing nf_tables features from the ingress
hook.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/netns/nftables.h
net/netfilter/Kconfig
net/netfilter/Makefile
net/netfilter/nf_tables_netdev.c [new file with mode: 0644]