Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> Extracted from the xtables TEE target. This creates two new modules for IPv4
> and IPv6 that are shared between the TEE target and the new nf_tables dup
> expressions.
> diff --git a/net/ipv4/netfilter/nf_dup_ipv4.c b/net/ipv4/netfilter/nf_dup_ipv4.c
> new file mode 100644
> index 0000000..feba24a
> --- /dev/null
> +++ b/net/ipv4/netfilter/nf_dup_ipv4.c
> +unsigned int nf_dup_ipv4(struct sk_buff *skb, unsigned int hooknum,
> + const struct in_addr *gw, int oif)
> +{
> + struct iphdr *iph;
> +
> + if (__this_cpu_read(nf_skb_duplicated))
> + return XT_CONTINUE;
Nit: seems function doesn't need to return anything.
So the use of XT_* outisde xt core can be avoided.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
