mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-08-24 09:50:04 +00:00
e639f7ab07
Only needed when meta nftrace rule(s) were added. The assumption is that no such rules are active, so the call to nft_trace_init is "never" needed. When nftrace rules are active, we always call the nft_trace_* functions, but will only send netlink messages when all of the following are true: - traceinfo structure was initialised - skb->nf_trace == 1 - at least one subscriber to trace group. Adding an extra conditional (static_branch ... && skb->nf_trace) nft_trace_init( ..) Is possible but results in a larger nft_do_chain footprint. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
39 lines
986 B
C
39 lines
986 B
C
#ifndef _NFT_META_H_
|
|
#define _NFT_META_H_
|
|
|
|
struct nft_meta {
|
|
enum nft_meta_keys key:8;
|
|
union {
|
|
enum nft_registers dreg:8;
|
|
enum nft_registers sreg:8;
|
|
};
|
|
};
|
|
|
|
extern const struct nla_policy nft_meta_policy[];
|
|
|
|
int nft_meta_get_init(const struct nft_ctx *ctx,
|
|
const struct nft_expr *expr,
|
|
const struct nlattr * const tb[]);
|
|
|
|
int nft_meta_set_init(const struct nft_ctx *ctx,
|
|
const struct nft_expr *expr,
|
|
const struct nlattr * const tb[]);
|
|
|
|
int nft_meta_get_dump(struct sk_buff *skb,
|
|
const struct nft_expr *expr);
|
|
|
|
int nft_meta_set_dump(struct sk_buff *skb,
|
|
const struct nft_expr *expr);
|
|
|
|
void nft_meta_get_eval(const struct nft_expr *expr,
|
|
struct nft_regs *regs,
|
|
const struct nft_pktinfo *pkt);
|
|
|
|
void nft_meta_set_eval(const struct nft_expr *expr,
|
|
struct nft_regs *regs,
|
|
const struct nft_pktinfo *pkt);
|
|
|
|
void nft_meta_set_destroy(const struct nft_ctx *ctx,
|
|
const struct nft_expr *expr);
|
|
|
|
#endif
|