/linux/net/netfilter/ |
H A D | nft_reject_netdev.c | 100 nft_reject_netdev_send_v4_unreach(nft_net(pkt), pkt->skb, in nft_reject_netdev_eval() 106 nft_reject_netdev_send_v4_tcp_reset(nft_net(pkt), pkt->skb, in nft_reject_netdev_eval() 111 nft_reject_netdev_send_v4_unreach(nft_net(pkt), pkt->skb, in nft_reject_netdev_eval() 121 nft_reject_netdev_send_v6_unreach(nft_net(pkt), pkt->skb, in nft_reject_netdev_eval() 127 nft_reject_netdev_send_v6_tcp_reset(nft_net(pkt), pkt->skb, in nft_reject_netdev_eval() 132 nft_reject_netdev_send_v6_unreach(nft_net(pkt), pkt->skb, in nft_reject_netdev_eval()
|
H A D | nf_tables_api.c | 214 struct nftables_pernet *nft_net; in __nft_set_trans_bind() local 221 nft_net = nft_pernet(net); in __nft_set_trans_bind() 222 list_for_each_entry_reverse(trans, &nft_net->commit_list, list) { in __nft_set_trans_bind() 249 struct nftables_pernet *nft_net; in __nft_chain_trans_bind() local 256 nft_net = nft_pernet(net); in __nft_chain_trans_bind() 257 list_for_each_entry_reverse(trans, &nft_net->commit_list, list) { in __nft_chain_trans_bind() 410 static bool nft_trans_collapse_set_elem(struct nftables_pernet *nft_net, in nft_trans_collapse_set_elem() argument 438 list_add_tail(&tail->nft_trans.list, &nft_net->commit_list); in nft_trans_collapse_set_elem() 448 list_add_tail(&new_trans->nft_trans.list, &nft_net->commit_list); in nft_trans_collapse_set_elem() 453 static bool nft_trans_try_collapse(struct nftables_pernet *nft_net, in nft_trans_try_collapse() argument [all …]
|
H A D | nf_tables_offload.c | 405 struct nftables_pernet *nft_net; in nft_indr_block_cleanup() local 411 nft_net = nft_pernet(net); in nft_indr_block_cleanup() 412 mutex_lock(&nft_net->commit_mutex); in nft_indr_block_cleanup() 416 mutex_unlock(&nft_net->commit_mutex); in nft_indr_block_cleanup() 512 struct nftables_pernet *nft_net = nft_pernet(net); in nft_flow_rule_offload_abort() local 515 list_for_each_entry_continue_reverse(trans, &nft_net->commit_list, list) { in nft_flow_rule_offload_abort() 561 struct nftables_pernet *nft_net = nft_pernet(net); in nft_flow_rule_offload_commit() local 566 list_for_each_entry(trans, &nft_net->commit_list, list) { in nft_flow_rule_offload_commit() 621 static struct nft_chain *__nft_offload_get_chain(const struct nftables_pernet *nft_net, in __nft_offload_get_chain() argument 629 list_for_each_entry(table, &nft_net->tables, list) { in __nft_offload_get_chain() [all …]
|
H A D | nft_reject_inet.c | 31 nf_send_reset(nft_net(pkt), nft_sk(pkt), in nft_reject_inet_eval() 44 nf_send_unreach6(nft_net(pkt), pkt->skb, in nft_reject_inet_eval() 48 nf_send_reset6(nft_net(pkt), nft_sk(pkt), in nft_reject_inet_eval() 52 nf_send_unreach6(nft_net(pkt), pkt->skb, in nft_reject_inet_eval()
|
H A D | nft_tproxy.c | 49 sk = nf_tproxy_get_sock_v4(nft_net(pkt), skb, iph->protocol, in nft_tproxy_eval_v4() 66 sk = nf_tproxy_handle_time_wait4(nft_net(pkt), skb, taddr, tport, sk); in nft_tproxy_eval_v4() 71 sk = nf_tproxy_get_sock_v4(nft_net(pkt), skb, iph->protocol, in nft_tproxy_eval_v4() 117 sk = nf_tproxy_get_sock_v6(nft_net(pkt), skb, thoff, l4proto, in nft_tproxy_eval_v6() 135 nft_net(pkt), in nft_tproxy_eval_v6() 143 sk = nf_tproxy_get_sock_v6(nft_net(pkt), skb, thoff, in nft_tproxy_eval_v6()
|
H A D | nft_chain_filter.c | 360 struct nftables_pernet *nft_net; in nf_tables_netdev_event() local 370 nft_net = nft_pernet(ctx.net); in nf_tables_netdev_event() 371 mutex_lock(&nft_net->commit_mutex); in nf_tables_netdev_event() 372 list_for_each_entry(table, &nft_net->tables, list) { in nf_tables_netdev_event() 392 mutex_unlock(&nft_net->commit_mutex); in nf_tables_netdev_event()
|
H A D | nf_dup_netdev.c | 47 dev = dev_get_by_index_rcu(nft_net(pkt), oif); in nf_fwd_netdev_egress() 62 dev = dev_get_by_index_rcu(nft_net(pkt), oif); in nf_dup_netdev_egress()
|
H A D | nf_tables_trace.c | 201 if (!nfnetlink_has_listeners(nft_net(pkt), NFNLGRP_NFTRACE)) in nft_trace_notify() 298 nfnetlink_send(skb, nft_net(pkt), 0, NFNLGRP_NFTRACE, 0, GFP_ATOMIC); in nft_trace_notify() 320 skb_get_hash_net(nft_net(pkt), skb), in nft_trace_init()
|
H A D | nft_socket.c | 92 sk = nf_sk_lookup_slow_v4(nft_net(pkt), skb, indev); in nft_socket_do_lookup() 96 sk = nf_sk_lookup_slow_v6(nft_net(pkt), skb, indev); in nft_socket_do_lookup() 116 if (sk && !net_eq(nft_net(pkt), sock_net(sk))) in nft_socket_eval()
|
H A D | nft_connlimit.c | 41 nft_pf(pkt), nft_net(pkt), &tuple)) { in nft_connlimit_do_eval() 46 if (nf_conncount_add(nft_net(pkt), priv->list, tuple_ptr, zone)) { in nft_connlimit_do_eval()
|
H A D | nft_set_hash.c | 321 struct nftables_pernet *nft_net; in nft_rhash_gc() local 333 nft_net = nft_pernet(net); in nft_rhash_gc() 334 gc_seq = READ_ONCE(nft_net->gc_seq); in nft_rhash_gc() 358 if (READ_ONCE(nft_net->gc_seq) != gc_seq) { in nft_rhash_gc()
|
H A D | nft_synproxy.c | 52 struct net *net = nft_net(pkt); in nft_synproxy_eval_v4() 83 struct net *net = nft_net(pkt); in nft_synproxy_eval_v6()
|
H A D | nft_meta.c | 137 if (!sk || !sk_fullsock(sk) || !net_eq(nft_net(pkt), sock_net(sk))) in nft_meta_get_eval_skugid() 170 if (!sk || !sk_fullsock(sk) || !net_eq(nft_net(pkt), sock_net(sk))) in nft_meta_get_eval_cgroup() 305 dev = sdif ? dev_get_by_index_rcu(nft_net(pkt), sdif) : NULL; in nft_meta_get_eval_sdifname()
|
H A D | nft_dynset.c | 166 struct nftables_pernet *nft_net = nft_pernet(ctx->net); in nft_dynset_init() local 173 lockdep_assert_held(&nft_net->commit_mutex); in nft_dynset_init()
|
H A D | nft_rt.c | 41 nf_route(nft_net(pkt), &dst, &fl, false, nft_pf(pkt)); in get_tcpmss()
|
H A D | nft_fwd_netdev.c | 144 dev = dev_get_by_index_rcu(nft_net(pkt), oif); in nft_fwd_neigh_eval()
|
/linux/net/bridge/netfilter/ |
H A D | nft_reject_bridge.c | 125 nft_reject_br_send_v4_unreach(nft_net(pkt), pkt->skb, in nft_reject_bridge_eval() 131 nft_reject_br_send_v4_tcp_reset(nft_net(pkt), pkt->skb, in nft_reject_bridge_eval() 136 nft_reject_br_send_v4_unreach(nft_net(pkt), pkt->skb, in nft_reject_bridge_eval() 146 nft_reject_br_send_v6_unreach(nft_net(pkt), pkt->skb, in nft_reject_bridge_eval() 152 nft_reject_br_send_v6_tcp_reset(nft_net(pkt), pkt->skb, in nft_reject_bridge_eval() 157 nft_reject_br_send_v6_unreach(nft_net(pkt), pkt->skb, in nft_reject_bridge_eval()
|
/linux/net/ipv6/netfilter/ |
H A D | nft_fib_ipv6.c | 67 .flowi6_uid = sock_net_uid(nft_net(pkt), NULL), in __nft_fib6_eval_type() 80 if (dev && nf_ipv6_chk_addr(nft_net(pkt), &fl6.daddr, dev, true)) in __nft_fib6_eval_type() 83 route_err = nf_ip6_route(nft_net(pkt), (struct dst_entry **)&rt, in __nft_fib6_eval_type() 167 .flowi6_uid = sock_net_uid(nft_net(pkt), NULL), in nft_fib6_eval() 196 rt = (void *)ip6_route_lookup(nft_net(pkt), &fl6, pkt->skb, in nft_fib6_eval()
|
H A D | nft_reject_ipv6.c | 27 nf_send_unreach6(nft_net(pkt), pkt->skb, priv->icmp_code, in nft_reject_ipv6_eval() 31 nf_send_reset6(nft_net(pkt), nft_sk(pkt), pkt->skb, in nft_reject_ipv6_eval()
|
H A D | nft_dup_ipv6.c | 28 nf_dup_ipv6(nft_net(pkt), pkt->skb, nft_hook(pkt), gw, oif); in nft_dup_ipv6_eval()
|
/linux/net/ipv4/netfilter/ |
H A D | nft_fib_ipv4.c | 53 *dst = inet_dev_addr_type(nft_net(pkt), dev, addr); in nft_fib4_eval_type() 68 .flowi4_uid = sock_net_uid(nft_net(pkt), NULL), in nft_fib4_eval() 127 if (fib_lookup(nft_net(pkt), &fl4, &res, FIB_LOOKUP_IGNORE_LINKSTATE)) in nft_fib4_eval()
|
H A D | nft_reject_ipv4.c | 30 nf_send_reset(nft_net(pkt), nft_sk(pkt), pkt->skb, in nft_reject_ipv4_eval()
|
H A D | nft_dup_ipv4.c | 30 nf_dup_ipv4(nft_net(pkt), pkt->skb, nft_hook(pkt), &gw, oif); in nft_dup_ipv4_eval()
|
/linux/include/net/netfilter/ |
H A D | nf_tables_ipv4.h | 72 __IP_INC_STATS(nft_net(pkt), IPSTATS_MIB_INTRUNCATEDPKTS); in nft_set_pktinfo_ipv4_ingress() 88 __IP_INC_STATS(nft_net(pkt), IPSTATS_MIB_INHDRERRORS); in nft_set_pktinfo_ipv4_ingress()
|
H A D | nf_tables_ipv6.h | 92 __IP6_INC_STATS(nft_net(pkt), idev, IPSTATS_MIB_INTRUNCATEDPKTS); in nft_set_pktinfo_ipv6_ingress() 109 __IP6_INC_STATS(nft_net(pkt), idev, IPSTATS_MIB_INHDRERRORS); in nft_set_pktinfo_ipv6_ingress()
|