git.baikalelectronics.ru Git - kernel.git/commit

author	Patrick McHardy <kaber@trash.net>
	Sat, 11 Apr 2015 09:46:40 +0000 (10:46 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 13 Apr 2015 18:12:31 +0000 (20:12 +0200)
commit	da16c6522266d92923066c4739ce6812740a9eb8
tree	c9080e0cc8e06e85c42cd5948b7bce4de9cf35b8	tree \| snapshot
parent	8b267e23f5ae89bef2e3d2ebbd702f51043e0cd5	commit \| diff

netfilter: nf_tables: mark stateful expressions

Add a flag to mark stateful expressions.

This is used for dynamic expression instanstiation to limit the usable
expressions. Strictly speaking only the dynset expression can not be
used in order to avoid recursion, but since dynamically instantiating
non-stateful expressions will simply create an identical copy, which
behaves no differently than the original, this limits to expressions
where it actually makes sense to dynamically instantiate them.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_tables.h		diff \| blob \| history
net/netfilter/nft_counter.c		diff \| blob \| history
net/netfilter/nft_limit.c		diff \| blob \| history