netfilter: ip6_tables: add ip6tables security table

This is a port of the IPv4 security table for IPv6. Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: James Morris <jmorris@namei.org> 2008-06-09 15:58:05 -0700
committer: David S. Miller <davem@davemloft.net> 2008-06-09 15:58:05 -0700
commit: 17e6e59f0a1d7188d783c15dc3ccebd95a0840cd (patch)
tree: aabe39d205166733003dcc22b95bc77714691de1 /include
parent: 560ee653b67074b805f1b661988a72a0e58811a5 (diff)
2 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv6.h b/include/linux/netfilter_ipv6.h
index 3475a65dae9..fd50988b83e 100644
--- a/include/linux/netfilter_ipv6.h
+++ b/include/linux/netfilter_ipv6.h
@@ -64,6 +64,7 @@ enum nf_ip6_hook_priorities {
 	NF_IP6_PRI_MANGLE = -150,
 	NF_IP6_PRI_NAT_DST = -100,
 	NF_IP6_PRI_FILTER = 0,
+	NF_IP6_PRI_SECURITY = 50,
 	NF_IP6_PRI_NAT_SRC = 100,
 	NF_IP6_PRI_SELINUX_LAST = 225,
 	NF_IP6_PRI_LAST = INT_MAX,
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index ac053be6c25..5bacd838e88 100644
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -35,6 +35,7 @@ struct netns_ipv6 {
 	struct xt_table		*ip6table_filter;
 	struct xt_table		*ip6table_mangle;
 	struct xt_table		*ip6table_raw;
+	struct xt_table		*ip6table_security;
 #endif
 	struct rt6_info         *ip6_null_entry;
 	struct rt6_statistics   *rt6_stats;
author	James Morris <jmorris@namei.org>	2008-06-09 15:58:05 -0700
committer	David S. Miller <davem@davemloft.net>	2008-06-09 15:58:05 -0700
commit	17e6e59f0a1d7188d783c15dc3ccebd95a0840cd (patch)
tree	aabe39d205166733003dcc22b95bc77714691de1 /include
parent	560ee653b67074b805f1b661988a72a0e58811a5 (diff)