summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-11-16 11:52:38 +0000
committerDavid S. Miller <davem@davemloft.net>2010-11-17 10:54:34 -0800
commitda6836500414ae734cd9873c2d553db594f831e9 (patch)
tree1661f8ec37787e77e604a4f26574d48c57016ed4 /include
parent37d668004289d202f71dc5bfdadf6c18b34577a2 (diff)
netfilter: allow hooks to pass error code back up the stack
SELinux would like to pass certain fatal errors back up the stack. This patch implements the generic netfilter support for this functionality. Based-on-patch-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 03317c8d407..1893837b396 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -33,6 +33,8 @@
#define NF_QUEUE_NR(x) ((((x) << NF_VERDICT_BITS) & NF_VERDICT_QMASK) | NF_QUEUE)
+#define NF_DROP_ERR(x) (((-x) << NF_VERDICT_BITS) | NF_DROP)
+
/* only for userspace compatibility */
#ifndef __KERNEL__
/* Generic cache responses from hook functions.