summaryrefslogtreecommitdiff
path: root/include/net
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2014-02-05 19:03:39 +0400
committerPablo Neira Ayuso <pablo@netfilter.org>2014-02-06 12:44:18 +0400
commit05513e9e33dbded8124567466a444d32173eecc6 (patch)
tree175aafe01f1fe4914577ce67c8fd32ad8e0440a0 /include/net
parentcc4723ca316742891954efa346298e7c747c0d17 (diff)
downloadlinux-05513e9e33dbded8124567466a444d32173eecc6.tar.xz
netfilter: nf_tables: add reject module for NFPROTO_INET
Add a reject module for NFPROTO_INET. It does nothing but dispatch to the AF-specific modules based on the hook family. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netfilter/nft_reject.h8
1 files changed, 8 insertions, 0 deletions
diff --git a/include/net/netfilter/nft_reject.h b/include/net/netfilter/nft_reject.h
index ecda75945e77..36b0da2d55bb 100644
--- a/include/net/netfilter/nft_reject.h
+++ b/include/net/netfilter/nft_reject.h
@@ -14,4 +14,12 @@ int nft_reject_init(const struct nft_ctx *ctx,
int nft_reject_dump(struct sk_buff *skb, const struct nft_expr *expr);
+void nft_reject_ipv4_eval(const struct nft_expr *expr,
+ struct nft_data data[NFT_REG_MAX + 1],
+ const struct nft_pktinfo *pkt);
+
+void nft_reject_ipv6_eval(const struct nft_expr *expr,
+ struct nft_data data[NFT_REG_MAX + 1],
+ const struct nft_pktinfo *pkt);
+
#endif