Skip to content

Commit

Permalink
netfilter: xt_socket: make module available for INPUT chain
Browse files Browse the repository at this point in the history 
This should make it possible to test for the existence of local
sockets in the INPUT path.

References: http://marc.info/?l=netfilter-devel&m=125380481517129&w=2

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Balazs Scheidler <bazsi@balabit.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
  • Loading branch information
Jan Engelhardt authored and Patrick McHardy committed Oct 29, 2009
1 parent ed3f2e4 commit aa3c487
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions net/netfilter/xt_socket.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,8 @@ static struct xt_match socket_mt_reg[] __read_mostly = {
.revision = 0,
.family = NFPROTO_IPV4,
.match = socket_mt_v0,
.hooks = 1 << NF_INET_PRE_ROUTING,
.hooks = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_LOCAL_IN),
.me = THIS_MODULE,
},
{
Expand All @@ -201,7 +202,8 @@ static struct xt_match socket_mt_reg[] __read_mostly = {
.family = NFPROTO_IPV4,
.match = socket_mt_v1,
.matchsize = sizeof(struct xt_socket_mtinfo1),
.hooks = 1 << NF_INET_PRE_ROUTING,
.hooks = (1 << NF_INET_PRE_ROUTING) |
(1 << NF_INET_LOCAL_IN),
.me = THIS_MODULE,
},
};
Expand Down

0 comments on commit aa3c487

Please sign in to comment.