diff options
author | David Wilder <dwilder@us.ibm.com> | 2020-06-22 10:10:12 -0700 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-06-25 00:50:31 +0200 |
commit | cf4cbc610bfa29a88cd71ca638a890f8c565a22e (patch) | |
tree | 907d25be1845827ba84e8d4a9e9176e5be13dc13 /net/ipv4/netfilter/iptable_filter.c | |
parent | 1cbf90985f7448f1b0dd630e17ee1070f7d58665 (diff) | |
download | linux-cf4cbc610bfa29a88cd71ca638a890f8c565a22e.tar.gz |
netfilter: iptables: Add a .pre_exit hook in all iptable_foo.c.
Using new helpers ipt_unregister_table_pre_exit() and
ipt_unregister_table_exit().
Fixes: b9e69e127397 ("netfilter: xtables: don't hook tables by default")
Signed-off-by: David Wilder <dwilder@us.ibm.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv4/netfilter/iptable_filter.c')
-rw-r--r-- | net/ipv4/netfilter/iptable_filter.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/net/ipv4/netfilter/iptable_filter.c b/net/ipv4/netfilter/iptable_filter.c index 9d54b4017e50e6..8f7bc1ee745328 100644 --- a/net/ipv4/netfilter/iptable_filter.c +++ b/net/ipv4/netfilter/iptable_filter.c @@ -72,16 +72,24 @@ static int __net_init iptable_filter_net_init(struct net *net) return 0; } +static void __net_exit iptable_filter_net_pre_exit(struct net *net) +{ + if (net->ipv4.iptable_filter) + ipt_unregister_table_pre_exit(net, net->ipv4.iptable_filter, + filter_ops); +} + static void __net_exit iptable_filter_net_exit(struct net *net) { if (!net->ipv4.iptable_filter) return; - ipt_unregister_table(net, net->ipv4.iptable_filter, filter_ops); + ipt_unregister_table_exit(net, net->ipv4.iptable_filter); net->ipv4.iptable_filter = NULL; } static struct pernet_operations iptable_filter_net_ops = { .init = iptable_filter_net_init, + .pre_exit = iptable_filter_net_pre_exit, .exit = iptable_filter_net_exit, }; |