summaryrefslogtreecommitdiffstats
path: root/include/net/protocol.h
diff options
context:
space:
mode:
authorDenis V. Lunev <den@openvz.org>2008-03-24 23:33:00 +0100
committerDavid S. Miller <davem@davemloft.net>2008-03-24 23:33:00 +0100
commitf145049a06f470d0489f47cb83ff3ccb2a0de622 (patch)
tree2d25f9af4c1e599763f01f9338ed8bf0517ddac1 /include/net/protocol.h
parent[NETNS]: Process netfilter hooks in initial namespace only. (diff)
downloadlinux-f145049a06f470d0489f47cb83ff3ccb2a0de622.tar.xz
linux-f145049a06f470d0489f47cb83ff3ccb2a0de622.zip
[NETNS]: Drop packets in the non-initial namespace on the per/protocol basis.
IP layer now can handle multiple namespaces normally. So, process such packets normally and drop them only if the transport layer is not aware about namespaces. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/protocol.h')
-rw-r--r--include/net/protocol.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/include/net/protocol.h b/include/net/protocol.h
index ad8c584233a6..8d024d7cb741 100644
--- a/include/net/protocol.h
+++ b/include/net/protocol.h
@@ -39,7 +39,8 @@ struct net_protocol {
int (*gso_send_check)(struct sk_buff *skb);
struct sk_buff *(*gso_segment)(struct sk_buff *skb,
int features);
- int no_policy;
+ unsigned int no_policy:1,
+ netns_ok:1;
};
#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)