diff options
author | David S. Miller <davem@davemloft.net> | 2015-04-03 20:32:56 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2015-04-04 12:31:38 -0400 |
commit | 238e54c9cb9385a1ba99e92801f3615a2fb398b6 (patch) | |
tree | 4efeb9b5c92f87028a6d321c7088b9d1e270360a /net/ipv4/netfilter/iptable_security.c | |
parent | netfilter: Use nf_hook_state in nf_queue_entry. (diff) | |
download | linux-dev-238e54c9cb9385a1ba99e92801f3615a2fb398b6.tar.xz linux-dev-238e54c9cb9385a1ba99e92801f3615a2fb398b6.zip |
netfilter: Make nf_hookfn use nf_hook_state.
Pass the nf_hook_state all the way down into the hook
functions themselves.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/netfilter/iptable_security.c')
-rw-r--r-- | net/ipv4/netfilter/iptable_security.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/net/ipv4/netfilter/iptable_security.c b/net/ipv4/netfilter/iptable_security.c index c86647ed2078..d9ad60a57413 100644 --- a/net/ipv4/netfilter/iptable_security.c +++ b/net/ipv4/netfilter/iptable_security.c @@ -38,9 +38,7 @@ static const struct xt_table security_table = { static unsigned int iptable_security_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, - const struct net_device *in, - const struct net_device *out, - int (*okfn)(struct sk_buff *)) + const struct nf_hook_state *state) { const struct net *net; @@ -50,8 +48,8 @@ iptable_security_hook(const struct nf_hook_ops *ops, struct sk_buff *skb, /* Somebody is playing with raw sockets. */ return NF_ACCEPT; - net = dev_net((in != NULL) ? in : out); - return ipt_do_table(skb, ops->hooknum, in, out, + net = dev_net(state->in ? state->in : state->out); + return ipt_do_table(skb, ops->hooknum, state->in, state->out, net->ipv4.iptable_security); } |