git.baikalelectronics.ru Git - kernel.git/commit

author	Alexey Dobriyan <adobriyan@sw.ru>
	Thu, 31 Jan 2008 12:03:23 +0000 (04:03 -0800)
committer	David S. Miller <davem@davemloft.net>
	Fri, 1 Feb 2008 03:27:38 +0000 (19:27 -0800)
commit	ba2f251536961dded5a776fafb2ad27120d65136
tree	7200b38dfecbc1a7c21f39a62c88f4e154de2777	tree \| snapshot
parent	3722d9fe78323e8c32b1044f040de5f0e097495c	commit \| diff

[NETFILTER]: ip_tables: per-netns FILTER, MANGLE, RAW

Now, iptables show and configure different set of rules in different
netnss'. Filtering decisions are still made by consulting only
init_net's set.

Changes are identical except naming so no splitting.

P.S.: one need to remove init_net checks in nf_sockopt.c and inet_create()
to see the effect.

Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/netns/ipv4.h		diff \| blob \| history
net/ipv4/netfilter/iptable_filter.c		diff \| blob \| history
net/ipv4/netfilter/iptable_mangle.c		diff \| blob \| history
net/ipv4/netfilter/iptable_raw.c		diff \| blob \| history