Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@xxxxxxxxxxxxxxx>
---
include/xtables.h.in | 3 +++
iptables/nft-xt-ext.c | 13 +++++++++++++
2 files changed, 16 insertions(+)
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 592aae9..0f02470 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -403,6 +403,9 @@ extern "C" {
#endif
extern const char *xtables_modprobe_program;
+
+extern struct xtables_match *xtables_pending_matches;
+extern struct xtables_target *xtables_pending_targets;
extern struct xtables_match *xtables_matches;
extern struct xtables_target *xtables_targets;
diff --git a/iptables/nft-xt-ext.c b/iptables/nft-xt-ext.c
index ffc53f0..2ce8b70 100644
--- a/iptables/nft-xt-ext.c
+++ b/iptables/nft-xt-ext.c
@@ -138,12 +138,25 @@ static struct nft_trans_instruction nft_ipt_xt_match = {
int nft_xt_ext_into_translation_tree(struct nft_trans_instruction_tree *tree)
{
+ struct xtables_target *t;
+ struct xtables_match *m;
+
if (tree == NULL)
return -1;
nft_trans_add_instruction(tree, &nft_ipt_xt_target);
nft_trans_add_instruction(tree, &nft_ipt_xt_match);
+ for (t = xtables_pending_targets; t; t = t->next) {
+ if (t->register_nft_instructions != NULL)
+ t->register_nft_instructions(tree);
+ }
+
+ for (m = xtables_pending_matches; m; m = m->next) {
+ if (m->register_nft_instructions != NULL)
+ m->register_nft_instructions(tree);
+ }
+
return 0;
}
--
1.8.3.2
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
