]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4b9789c) | patch
net: sched: add ipset ematch
authorFlorian Westphal <fw@strlen.de>
Wed, 11 Jul 2012 10:56:57 +0000 (10:56 +0000)
committerDavid S. Miller <davem@davemloft.net>
Thu, 12 Jul 2012 14:54:46 +0000 (07:54 -0700)
commit45423e91ad097b81f27dc8c6349b160a055b0e6c
tree66d687daf267ae9143e3984b130b3aca6b4869c8tree | snapshot
parent4b9789c9ae0ef751c982a6f597c0a7c7e8cd25bccommit | diff
net: sched: add ipset ematch

Can be used to match packets against netfilter ip sets created via ipset(8).
skb->sk_iif is used as 'incoming interface', skb->dev is 'outgoing interface'.

Since ipset is usually called from netfilter, the ematch
initializes a fake xt_action_param, pulls the ip header into the
linear area and also sets skb->data to the IP header (otherwise
matching Layer 4 set types doesn't work).

Tested-by: Mr Dash Four <mr.dash.four@googlemail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/linux/pkt_cls.h diff | blob | history
net/sched/Kconfig diff | blob | history
net/sched/Makefile diff | blob | history
net/sched/em_ipset.c [new file with mode: 0644] blob
Linux Kernel Source Tree.