Hi Pablo,
2017-03-21 22:48 GMT+08:00 Liping Zhang <zlpnobody@xxxxxxxxx>:
> 2017-03-21 18:33 GMT+08:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
>>> +struct nfnl_cthelper {
>>> + struct list_head list;
>>> + struct nf_conntrack_helper *helper;
>>> +};
>>> +
>>> +static LIST_HEAD(nfnl_cthelper_list);
>>
>> We need a field possible_net_t so we can store what netns this helper
>> belongs to, thus in case of flush command, we just remove the helpers
>> that this netns owns.
After I have a closer look, I find that we do not support netns for the
nfct_helper currently. So this possible_net_t field is not necessary for
the time being.
I have a quick glance look, supporting netns for helper need a lot works
to do. We need to both change the nfnetlink_cthelper, nf_conntrack_help
and so on.
But if you think it's worth to support netns for cthelper, I can finish it in my
spare time:)
>
> Yes, good point, I will send v2.
>
> Thanks Pablo.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
