netfilter: nf_tables: add "inet" table for IPv4/IPv6

This patch adds a new table family and a new filter chain that you can use to attach IPv4 and IPv6 rules. This should help to simplify rule-set maintainance in dual-stack setups. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Patrick McHardy <kaber@trash.net> 2014-01-03 12:16:16 +0000
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-01-07 23:57:25 +0100
commit: 1d49144c0aaa61be4e3ccbef9cc5c40b0ec5f2fe (patch)
tree: 1711f39fb9f9ba1fed9bcb9afcf55499b0cef3b6 /include/net/netfilter
parent: 115a60b173af0170e0db26b9a3fd6a911fba70a3 (diff)
2 files changed, 4 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables_ipv4.h b/include/net/netfilter/nf_tables_ipv4.h
index 1be1c2c197ee..f7b3a669aad3 100644
--- a/include/net/netfilter/nf_tables_ipv4.h
+++ b/include/net/netfilter/nf_tables_ipv4.h
@@ -20,4 +20,6 @@ nft_set_pktinfo_ipv4(struct nft_pktinfo *pkt,
 	pkt->xt.fragoff = ntohs(ip->frag_off) & IP_OFFSET;
 }
 
+extern struct nft_af_info nft_af_ipv4;
+
 #endif
diff --git a/include/net/netfilter/nf_tables_ipv6.h b/include/net/netfilter/nf_tables_ipv6.h
index 4a9b88a65963..3d8ae489be0d 100644
--- a/include/net/netfilter/nf_tables_ipv6.h
+++ b/include/net/netfilter/nf_tables_ipv6.h
@@ -27,4 +27,6 @@ nft_set_pktinfo_ipv6(struct nft_pktinfo *pkt,
 	return 0;
 }
 
+extern struct nft_af_info nft_af_ipv6;
+
 #endif
author	Patrick McHardy <kaber@trash.net>	2014-01-03 12:16:16 +0000
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-01-07 23:57:25 +0100
commit	1d49144c0aaa61be4e3ccbef9cc5c40b0ec5f2fe (patch)
tree	1711f39fb9f9ba1fed9bcb9afcf55499b0cef3b6 /include/net/netfilter
parent	115a60b173af0170e0db26b9a3fd6a911fba70a3 (diff)