On Wed, Feb 05, 2014 at 03:03:39PM +0000, Patrick McHardy wrote: > Add a reject module for NFPROTO_INET. It does nothing but dispatch > to the AF-specific modules based on the hook family. And also applied, including this chunk: diff --git a/include/net/netfilter/nft_reject.h b/include/net/netfilter/nft_reject.h index 6ade783..72a18c0 100644 --- a/include/net/netfilter/nft_reject.h +++ b/include/net/netfilter/nft_reject.h @@ -15,4 +15,12 @@ int nft_reject_init(const struct nft_ctx *ctx, int nft_reject_dump(struct sk_buff *skb, const struct nft_expr *expr); +void nft_reject_ipv4_eval(const struct nft_expr *expr, + struct nft_data data[NFT_REG_MAX + 1], + const struct nft_pktinfo *pkt); + +void nft_reject_ipv6_eval(const struct nft_expr *expr, + struct nft_data data[NFT_REG_MAX + 1], + const struct nft_pktinfo *pkt); + #endif thanks Patrick! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
