Patrick McHardy írta:
Laszlo Attila Toth wrote:
+static int match(const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const struct xt_match *match,
+ const void *matchinfo,
+ int offset,
+ unsigned int protoff,
+ int *hotdrop)
+{
+ const struct xt_ifgroup_info *info = matchinfo;
+
+ return ((in->ifgroup & info->mask) == info->group) ^ info->invert;
The input interface is only valid in PREROUTING, INPUT and FORWARD.
Why don't you support output-interface matching?
It has no specific reason. I'll make it with the other changes you
wrote. I'll send the iptables patch at the same time.
--
Attila
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
