On Thu, Feb 06, 2014 at 12:26:57AM +0100, Pablo Neira Ayuso wrote:
> On Wed, Feb 05, 2014 at 03:03:38PM +0000, Patrick McHardy wrote:
> > Currently the nft_reject module depends on symbols from ipv6. This is
> > wrong since no generic module should force IPv6 support to be loaded.
> > Split up the module into AF-specific and a generic part.
>
> Applied, thanks. I have included this chunk which was missing:
Oops, sorry.
>
> --- /dev/null
> +++ b/include/net/netfilter/nft_reject.h
> @@ -0,0 +1,18 @@
> +#ifndef _NFT_REJECT_H_
> +#define _NFT_REJECT_H_
> +
> +struct nft_reject {
> + enum nft_reject_types type:8;
> + u8 icmp_code;
> + u8 family;
Family is actually not needed anymore.
> +};
> +
> +extern const struct nla_policy nft_reject_policy[];
> +
> +int nft_reject_init(const struct nft_ctx *ctx,
> + const struct nft_expr *expr,
> + const struct nlattr * const tb[]);
> +
> +int nft_reject_dump(struct sk_buff *skb, const struct nft_expr *expr);
> +
> +#endif
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
