diff options
author | Florian Westphal <fw@strlen.de> | 2016-05-06 00:51:49 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-05-06 11:50:01 +0200 |
commit | 0a93aaedc46af2c5feecfb1066d98bfb491ec0b8 (patch) | |
tree | 66c730e6537deccb35773c294ed0462aa2ebda72 /include/net | |
parent | a9a083c3878f28e9d368f6dfb1a79a6f04ad8123 (diff) | |
download | linux-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.tar.gz linux-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.tar.bz2 linux-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.zip |
netfilter: conntrack: use a single expectation table for all namespaces
We already include netns address in the hash and compare the netns pointers
during lookup, so even if namespaces have overlapping addresses entries
will be spread across the expectation table.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netfilter/nf_conntrack_expect.h | 1 | ||||
-rw-r--r-- | include/net/netns/conntrack.h | 1 |
2 files changed, 1 insertions, 1 deletions
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h index dce56f09ac9a..5ed33ea4718e 100644 --- a/include/net/netfilter/nf_conntrack_expect.h +++ b/include/net/netfilter/nf_conntrack_expect.h @@ -10,6 +10,7 @@ extern unsigned int nf_ct_expect_hsize; extern unsigned int nf_ct_expect_max; +extern struct hlist_head *nf_ct_expect_hash; struct nf_conntrack_expect { /* Conntrack expectation list member */ diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index 251c435ee330..2811ddcc1a3d 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h @@ -94,7 +94,6 @@ struct netns_ct { int sysctl_checksum; struct kmem_cache *nf_conntrack_cachep; - struct hlist_head *expect_hash; struct ct_pcpu __percpu *pcpu_lists; struct ip_conntrack_stat __percpu *stat; struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; |