diff options
author | Pablo Neira Ayuso | 2017-12-09 15:40:25 +0100 |
---|---|---|
committer | Pablo Neira Ayuso | 2018-01-08 18:01:21 +0100 |
commit | c974a3a36468d1947c96f0c694c8a1b2e7810043 (patch) | |
tree | b9863347372efa54208216cd1d33ce7ad7ccd4e7 /include/net | |
parent | 12355d3670dac0dde5aae3deefb59f8cc0a9ed2a (diff) |
netfilter: nf_tables: remove multihook chains and families
Since NFPROTO_INET is handled from the core, we don't need to maintain
extra infrastructure in nf_tables to handle the double hook
registration, one for IPv4 and another for IPv6.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netfilter/nf_tables.h | 9 |
1 files changed, 1 insertions, 8 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 169b562df226..a3560fd55f99 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -902,8 +902,6 @@ struct nft_stats { struct u64_stats_sync syncp; }; -#define NFT_HOOK_OPS_MAX 2 - /** * struct nft_base_chain - nf_tables base chain * @@ -915,7 +913,7 @@ struct nft_stats { * @dev_name: device name that this base chain is attached to (if any) */ struct nft_base_chain { - struct nf_hook_ops ops[NFT_HOOK_OPS_MAX]; + struct nf_hook_ops ops; const struct nf_chain_type *type; u8 policy; u8 flags; @@ -976,8 +974,6 @@ enum nft_af_flags { * @owner: module owner * @tables: used internally * @flags: family flags - * @nops: number of hook ops in this family - * @hook_ops_init: initialization function for chain hook ops * @hooks: hookfn overrides for packet validation */ struct nft_af_info { @@ -987,9 +983,6 @@ struct nft_af_info { struct module *owner; struct list_head tables; u32 flags; - unsigned int nops; - void (*hook_ops_init)(struct nf_hook_ops *, - unsigned int); nf_hookfn *hooks[NF_MAX_HOOKS]; }; |