netfilter: conntrack: use a single expectation table for all namespaces

We already include netns address in the hash and compare the netns pointers during lookup, so even if namespaces have overlapping addresses entries will be spread across the expectation table. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2016-05-06 00:51:49 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2016-05-06 11:50:01 +0200
commit: 0a93aaedc46af2c5feecfb1066d98bfb491ec0b8 (patch)
tree: 66c730e6537deccb35773c294ed0462aa2ebda72 /include/net/netfilter
parent: netfilter: conntrack: make netns address part of expect hash (diff)
download: linux-dev-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.tar.xz
linux-dev-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h
index dce56f09ac9a..5ed33ea4718e 100644
--- a/include/net/netfilter/nf_conntrack_expect.h
+++ b/include/net/netfilter/nf_conntrack_expect.h
@@ -10,6 +10,7 @@
 
 extern unsigned int nf_ct_expect_hsize;
 extern unsigned int nf_ct_expect_max;
+extern struct hlist_head *nf_ct_expect_hash;
 
 struct nf_conntrack_expect {
 	/* Conntrack expectation list member */
author	Florian Westphal <fw@strlen.de>	2016-05-06 00:51:49 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2016-05-06 11:50:01 +0200
commit	0a93aaedc46af2c5feecfb1066d98bfb491ec0b8 (patch)
tree	66c730e6537deccb35773c294ed0462aa2ebda72 /include/net/netfilter
parent	netfilter: conntrack: make netns address part of expect hash (diff)
download	linux-dev-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.tar.xz linux-dev-0a93aaedc46af2c5feecfb1066d98bfb491ec0b8.zip