/net/netfilter/ |
D | nf_tables_core.c | 173 struct nft_rule *const *rules; member 206 struct nft_rule *const *rules; in nft_do_chain() local 220 rules = rcu_dereference(chain->rules_gen_1); in nft_do_chain() 222 rules = rcu_dereference(chain->rules_gen_0); in nft_do_chain() 225 rule = *rules; in nft_do_chain() 227 for (; *rules ; rules++) { in nft_do_chain() 228 rule = *rules; in nft_do_chain() 271 jumpstack[stackptr].rules = rules + 1; in nft_do_chain() 287 rules = jumpstack[stackptr].rules; in nft_do_chain()
|
D | nft_set_pipapo.c | 362 int pipapo_refill(unsigned long *map, int len, int rules, unsigned long *dst, in pipapo_refill() argument 375 if (unlikely(i >= rules)) { in pipapo_refill() 460 b = pipapo_refill(res_map, f->bsize, f->rules, fill_map, f->mt, in nft_pipapo_lookup() 563 b = pipapo_refill(res_map, f->bsize, f->rules, fill_map, f->mt, in pipapo_get() 621 static int pipapo_resize(struct nft_pipapo_field *f, int old_rules, int rules) in pipapo_resize() argument 628 new_bucket_size = DIV_ROUND_UP(rules, BITS_PER_LONG); in pipapo_resize() 666 new_mt = kvmalloc(rules * sizeof(*new_mt), GFP_KERNEL); in pipapo_resize() 672 memcpy(new_mt, f->mt, min(old_rules, rules) * sizeof(*new_mt)); in pipapo_resize() 673 if (rules > old_rules) { in pipapo_resize() 675 (rules - old_rules) * sizeof(*new_mt)); in pipapo_resize() [all …]
|
D | nft_set_pipapo.h | 123 unsigned long rules; member 187 int pipapo_refill(unsigned long *map, int len, int rules, unsigned long *dst, 262 unsigned long rules; in pipapo_estimate_size() local 271 rules = ilog2(desc->field_len[i] * BITS_PER_BYTE) * 2; in pipapo_estimate_size() 272 entry_size += rules * in pipapo_estimate_size() 275 entry_size += rules * sizeof(union nft_pipapo_map_bucket); in pipapo_estimate_size()
|
D | nft_immediate.c | 115 list_for_each_entry(rule, &chain->rules, list) in nft_immediate_activate() 138 list_for_each_entry(rule, &chain->rules, list) in nft_immediate_chain_deactivate() 219 list_for_each_entry_safe(rule, n, &chain->rules, list) { in nft_immediate_destroy()
|
D | nf_tables_api.c | 552 list_for_each_entry(rule, &ctx->chain->rules, list) { in nft_delrule_by_chain() 2221 struct nft_rule **rules; in nf_tables_addchain() local 2275 INIT_LIST_HEAD(&chain->rules); in nf_tables_addchain() 2305 rules = nf_tables_chain_alloc_rules(chain, 0); in nf_tables_addchain() 2306 if (!rules) { in nf_tables_addchain() 2311 *rules = NULL; in nf_tables_addchain() 2312 rcu_assign_pointer(chain->rules_gen_0, rules); in nf_tables_addchain() 2313 rcu_assign_pointer(chain->rules_gen_1, rules); in nf_tables_addchain() 2658 list_for_each_entry(rule, &chain->rules, list) { in nf_tables_delchain() 2979 list_for_each_entry_rcu(rule, &chain->rules, list) { in __nft_rule_lookup() [all …]
|
D | Kconfig | 725 The target allows you to create rules in the "mangle" table which alter 841 It also adds the "TOS" target, which allows you to create rules in 869 The target allows you to create rules in the "raw" and "mangle" tables 919 This option adds a `LOG' target, which allows you to create rules in 1044 For it to work you will have to configure certain iptables rules 1057 the tables, chains, rules.
|
D | nf_tables_offload.c | 302 list_for_each_entry(rule, &chain->rules, list) { in nft_flow_offload_unbind()
|
D | nft_set_pipapo_avx2.c | 1064 b = pipapo_refill(map, bsize, f->rules, fill, f->mt, last); in nft_pipapo_avx2_lookup_slow()
|
/net/ceph/crush/ |
D | crush.c | 122 if (map->rules) { in crush_destroy() 125 crush_destroy_rule(map->rules[b]); in crush_destroy() 126 kfree(map->rules); in crush_destroy()
|
D | mapper.c | 47 if (map->rules[i] && in crush_find_rule() 48 map->rules[i]->mask.ruleset == ruleset && in crush_find_rule() 49 map->rules[i]->mask.type == type && in crush_find_rule() 50 map->rules[i]->mask.min_size <= size && in crush_find_rule() 51 map->rules[i]->mask.max_size >= size) in crush_find_rule() 936 rule = map->rules[ruleno]; in crush_do_rule()
|
/net/bridge/netfilter/ |
D | Kconfig | 61 The ebtables broute table is used to define rules that decide between 71 The ebtables filter table is used to define frame filtering rules at 80 The ebtables nat table is used to define rules that alter the MAC 100 MAC/IP address pairs can be matched, f.e. for anti-spoofing rules.
|
/net/ipv4/netfilter/ |
D | Kconfig | 180 rules for simple packet filtering at local input, forwarding and 345 rules for simple ARP packet filtering at local input and 346 local output. On a bridge, you can also specify filtering rules
|
/net/core/ |
D | fib_rules.c | 1193 static void attach_rules(struct list_head *rules, struct net_device *dev) in attach_rules() argument 1197 list_for_each_entry(rule, rules, list) { in attach_rules() 1207 static void detach_rules(struct list_head *rules, struct net_device *dev) in detach_rules() argument 1211 list_for_each_entry(rule, rules, list) { in detach_rules()
|
/net/openvswitch/ |
D | Kconfig | 31 translate it into packet processing rules.
|
/net/bridge/ |
D | Kconfig | 28 take this into account when setting up your firewall rules.
|
/net/ceph/ |
D | osdmap.c | 454 c->rules = kcalloc(c->max_rules, sizeof(*c->rules), GFP_NOFS); in crush_decode() 455 if (c->rules == NULL) in crush_decode() 550 dout("rule vec is %p\n", c->rules); in crush_decode() 559 c->rules[i] = NULL; in crush_decode() 574 c->rules[i] = r; in crush_decode()
|
/net/ipv6/netfilter/ |
D | Kconfig | 196 rules for simple packet filtering at local input, forwarding and
|
/net/wireless/ |
D | nl80211.c | 12418 rule = &rdev->coalesce->rules[i]; in nl80211_send_coalesce_rules() 12494 rule = &coalesce->rules[i]; in cfg80211_rdev_free_coalesce() 12499 kfree(coalesce->rules); in cfg80211_rdev_free_coalesce() 12620 new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]), in nl80211_set_coalesce() 12622 if (!new_coalesce.rules) in nl80211_set_coalesce() 12631 &new_coalesce.rules[i]); in nl80211_set_coalesce() 12653 tmp_rule = &new_coalesce.rules[i]; in nl80211_set_coalesce() 12658 kfree(new_coalesce.rules); in nl80211_set_coalesce()
|