| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080721170321.GA13486@martell.zuzino.mipt.ru>
Date: Mon, 21 Jul 2008 21:03:21 +0400
From: Alexey Dobriyan <adobriyan@...il.com>
To: Jan Engelhardt <jengelh@...ozas.de>
Cc: kaber@...sh.net, netdev@...r.kernel.org,
netfilter-devel@...r.kernel.org, xemul@...nvz.org, den@...nvz.org,
ebiederm@...ssion.com, dlezcano@...ibm.com, benjamin.thery@...l.net
Subject: Re: [PATCH] arptables in netns for real
On Mon, Jul 21, 2008 at 06:47:22PM +0200, Jan Engelhardt wrote:
> On Monday 2008-07-21 18:29, Alexey Dobriyan wrote:
> >- int (*okfn)(struct sk_buff *))
> >+static unsigned int arpt_in_hook(unsigned int hook,
> >+ struct sk_buff *skb,
> >+ const struct net_device *in,
> >+ const struct net_device *out,
> >+ int (*okfn)(struct sk_buff *))
> > {
> >- return arpt_do_table(skb, hook, in, out, init_net.ipv4.arptable_filter);
> >+ return arpt_do_table(skb, hook, in, out,
> >+ dev_net(in)->ipv4.arptable_filter);
> >+}
>
> What I dislike with this netns stuff is that you need to touch
> the ->ipv4. structure if you want to add new tables and there is
> no more way to dynamically add tables from 3rd party modules unless
> the admin loading them is fine with having them register against
> &init_net only.
Not exactly sure, if it's sufficient for you, you can use
net_assign_generic() infrastructure from module and not touch "struct net"
at all.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists