On Mon, Sep 12, 2011 at 10:38:39AM +0200, Pablo Neira Ayuso wrote:
> > +/* Single range specification. */
> > +struct nf_nat_range {
> > + /* Set to OR of flags above. */
> > + unsigned int flags;
> > +
> > + /* Inclusive: network order. */
> > + __be32 min_ip, max_ip;
> > +
> > + /* Inclusive: network order */
> > + union nf_conntrack_man_proto min, max;
>
> Better replace union nf_conntrack_man_proto by __be16, we don't break
> binary compatibility and we don't need to export the whole tuple
> definitions.
Hm, I just noticed that this will not work that easy.
git grep shows several NAT protocol helpers that rely on
nf_conntrack_man_proto under net/ipv4/netfilter/, we need to change
those as well to use the new definition of nf_nat_range.
I think I prefer the change that I'm proposing that exporting the
whole nf_conntrack_tuple.h header file.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
