netfilter: nf_tables: add NFT_CHAIN_BINDING
This new chain flag specifies that:
* the kernel dynamically allocates the chain name, if no chain name
is specified.
* If the immediate expression that refers to this chain is removed,
then this bound chain (and its content) is destroyed.
Signed-off-by: 
Pablo Neira Ayuso <pablo@netfilter.org>
Showing
- include/net/netfilter/nf_tables.h 12 additions, 1 deletioninclude/net/netfilter/nf_tables.h
- include/uapi/linux/netfilter/nf_tables.h 1 addition, 0 deletionsinclude/uapi/linux/netfilter/nf_tables.h
- net/netfilter/nf_tables_api.c 74 additions, 12 deletionsnet/netfilter/nf_tables_api.c
- net/netfilter/nft_immediate.c 51 additions, 0 deletionsnet/netfilter/nft_immediate.c
Loading
Please register or sign in to comment