git.baikalelectronics.ru Git - kernel.git/commit

author	Patrick McHardy <kaber@trash.net>
	Sun, 5 Apr 2015 12:41:08 +0000 (14:41 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 8 Apr 2015 14:58:27 +0000 (16:58 +0200)
commit	442306e18704fb29b18788d3ded715890e0465f9
tree	153c791a6efb2c0eb7aca4baecb84cb76199b706	tree \| snapshot
parent	f8ba84d2c2a7a7935520aa1f13e6b3c4332183d2	commit \| diff

netfilter: nf_tables: add support for dynamic set updates

Add a new "dynset" expression for dynamic set updates.

A new set op ->update() is added which, for non existant elements,
invokes an initialization callback and inserts the new element.
For both new or existing elements the extenstion pointer is returned
to the caller to optionally perform timer updates or other actions.

Element removal is not supported so far, however that seems to be a
rather exotic need and can be added later on.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_tables.h		diff \| blob \| history
include/net/netfilter/nf_tables_core.h		diff \| blob \| history
include/uapi/linux/netfilter/nf_tables.h		diff \| blob \| history
net/netfilter/Makefile		diff \| blob \| history
net/netfilter/nf_tables_api.c		diff \| blob \| history
net/netfilter/nf_tables_core.c		diff \| blob \| history
net/netfilter/nft_dynset.c	[new file with mode: 0644]	blob
net/netfilter/nft_hash.c		diff \| blob \| history