netfilter: nft_quota: add depleted flag for objects

Notify on depleted quota objects. The NFT_QUOTA_F_DEPLETED flag indicates we have reached overquota. Add pointer to table from nft_object, so we can use it when sending the depletion notification to userspace. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2016-11-28 00:05:56 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2016-12-07 13:22:12 +0100
commit: 1896531710abcd9a961a17d0c5c6a9f537d479b6 (patch)
tree: 8b8f03d79699e607ab0dfa3e9abf0a9e5404e477 /include/net
parent: 2599e98934c5ad166ad184b3682e38aadcb63fb3 (diff)
download: linux-1896531710abcd9a961a17d0c5c6a9f537d479b6.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 339e374c28b5..ce6fb6e83b32 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -940,6 +940,7 @@ int nft_verdict_dump(struct sk_buff *skb, int type,
  *	struct nft_object - nf_tables stateful object
  *
  *	@list: table stateful object list node
+ *	@table: table this object belongs to
  *	@type: pointer to object type
  *	@data: pointer to object data
  *	@name: name of this stateful object
@@ -950,6 +951,7 @@ int nft_verdict_dump(struct sk_buff *skb, int type,
 struct nft_object {
 	struct list_head		list;
 	char				name[NFT_OBJ_MAXNAMELEN];
+	struct nft_table		*table;
 	u32				genmask:2,
 					use:30;
 	/* runtime data below here */
author	Pablo Neira Ayuso <pablo@netfilter.org>	2016-11-28 00:05:56 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2016-12-07 13:22:12 +0100
commit	1896531710abcd9a961a17d0c5c6a9f537d479b6 (patch)
tree	8b8f03d79699e607ab0dfa3e9abf0a9e5404e477 /include/net
parent	2599e98934c5ad166ad184b3682e38aadcb63fb3 (diff)
download	linux-1896531710abcd9a961a17d0c5c6a9f537d479b6.tar.gz