aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4/netfilter/iptable_nat.c
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2021-04-21 09:51:02 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2021-04-26 03:20:46 +0200
commit20a9df33594fe643f9cf46375a9243e3ab8ed3a6 (patch)
tree0dbfa5b8ff65e103877f3f21c203e36c58f62ccb /net/ipv4/netfilter/iptable_nat.c
parent1ef4d6d1af2d0c0c7c9b391365a3894bea291e34 (diff)
downloadlinux-20a9df33594fe643f9cf46375a9243e3ab8ed3a6.tar.gz
netfilter: iptables: unregister the tables by name
xtables stores the xt_table structs in the struct net. This isn't needed anymore, the structures could be passed via the netfilter hook 'private' pointer to the hook functions, which would allow us to remove those pointers from struct net. As a first step, reduce the number of accesses to the net->ipv4.ip6table_{raw,filter,...} pointers. This allows the tables to get unregistered by name instead of having to pass the raw address. The xt_table structure cane looked up by name+address family instead. This patch is useless as-is (the backends still have the raw pointer address), but it lowers the bar to remove those. It also allows to put the 'was table registered in the first place' check into ip_tables.c rather than have it in each table sub module. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv4/netfilter/iptable_nat.c')
-rw-r--r--net/ipv4/netfilter/iptable_nat.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/net/ipv4/netfilter/iptable_nat.c b/net/ipv4/netfilter/iptable_nat.c
index a89c1b9f94c28e..16bf3009642e84 100644
--- a/net/ipv4/netfilter/iptable_nat.c
+++ b/net/ipv4/netfilter/iptable_nat.c
@@ -105,7 +105,7 @@ static int __net_init iptable_nat_table_init(struct net *net)
ret = ipt_nat_register_lookups(net);
if (ret < 0) {
- ipt_unregister_table_exit(net, net->ipv4.nat_table);
+ ipt_unregister_table_exit(net, "nat");
net->ipv4.nat_table = NULL;
}
@@ -121,9 +121,7 @@ static void __net_exit iptable_nat_net_pre_exit(struct net *net)
static void __net_exit iptable_nat_net_exit(struct net *net)
{
- if (!net->ipv4.nat_table)
- return;
- ipt_unregister_table_exit(net, net->ipv4.nat_table);
+ ipt_unregister_table_exit(net, "nat");
net->ipv4.nat_table = NULL;
}