netfilter: nfacct: per network namespace support
authorAndreas Schultz <aschultz@tpip.net>
Wed, 5 Aug 2015 15:51:45 +0000 (17:51 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 7 Aug 2015 09:50:56 +0000 (11:50 +0200)
commit3499abb249bb5ed9d21031944bc3059ec4aa2909
treea9aa2226572e58808719670ba93e0192953db302
parentd2168e849ebf617b2b7feae44c0c0baf739cb610
netfilter: nfacct: per network namespace support

- Move the nfnl_acct_list into the network namespace, initialize
  and destroy it per namespace
- Keep track of refcnt on nfacct objects, the old logic does not
  longer work with a per namespace list
- Adjust xt_nfacct to pass the namespace when registring objects

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/linux/netfilter/nfnetlink_acct.h
include/net/net_namespace.h
net/netfilter/nfnetlink_acct.c
net/netfilter/xt_nfacct.c