971502d77f
Replace NF_HOOK() based invocation of the netfilter hooks with a private copy of nf_hook_slow(). This copy has one difference: it can return the rx handler value expected by the stack, i.e. RX_HANDLER_CONSUMED or RX_HANDLER_PASS. This is needed by the next patch to invoke the ebtables "broute" table via the standard netfilter hooks rather than the custom "br_should_route_hook" indirection that is used now. When the skb is to be "brouted", we must return RX_HANDLER_PASS from the bridge rx input handler, but there is no way to indicate this via NF_HOOK(), unless perhaps by some hack such as exposing bridge_cb in the netfilter core or a percpu flag. text data bss dec filename 3369 56 0 3425 net/bridge/br_input.o.before 3458 40 0 3498 net/bridge/br_input.o.after This allows removal of the "br_should_route_hook" in the next patch. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: David S. Miller <davem@davemloft.net> Acked-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
21 lines
509 B
C
21 lines
509 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _NF_INTERNALS_H
|
|
#define _NF_INTERNALS_H
|
|
|
|
#include <linux/list.h>
|
|
#include <linux/skbuff.h>
|
|
#include <linux/netdevice.h>
|
|
|
|
/* nf_queue.c */
|
|
void nf_queue_nf_hook_drop(struct net *net);
|
|
|
|
/* nf_log.c */
|
|
int __init netfilter_log_init(void);
|
|
|
|
/* core.c */
|
|
void nf_hook_entries_delete_raw(struct nf_hook_entries __rcu **pp,
|
|
const struct nf_hook_ops *reg);
|
|
int nf_hook_entries_insert_raw(struct nf_hook_entries __rcu **pp,
|
|
const struct nf_hook_ops *reg);
|
|
#endif
|