Home
last modified time | relevance | path

Searched refs:rules (Results 1 – 18 of 18) sorted by relevance

/net/netfilter/
Dnf_tables_core.c173 struct nft_rule *const *rules; member
206 struct nft_rule *const *rules; in nft_do_chain() local
220 rules = rcu_dereference(chain->rules_gen_1); in nft_do_chain()
222 rules = rcu_dereference(chain->rules_gen_0); in nft_do_chain()
225 rule = *rules; in nft_do_chain()
227 for (; *rules ; rules++) { in nft_do_chain()
228 rule = *rules; in nft_do_chain()
271 jumpstack[stackptr].rules = rules + 1; in nft_do_chain()
287 rules = jumpstack[stackptr].rules; in nft_do_chain()
Dnft_set_pipapo.c362 int pipapo_refill(unsigned long *map, int len, int rules, unsigned long *dst, in pipapo_refill() argument
375 if (unlikely(i >= rules)) { in pipapo_refill()
460 b = pipapo_refill(res_map, f->bsize, f->rules, fill_map, f->mt, in nft_pipapo_lookup()
563 b = pipapo_refill(res_map, f->bsize, f->rules, fill_map, f->mt, in pipapo_get()
621 static int pipapo_resize(struct nft_pipapo_field *f, int old_rules, int rules) in pipapo_resize() argument
628 new_bucket_size = DIV_ROUND_UP(rules, BITS_PER_LONG); in pipapo_resize()
666 new_mt = kvmalloc(rules * sizeof(*new_mt), GFP_KERNEL); in pipapo_resize()
672 memcpy(new_mt, f->mt, min(old_rules, rules) * sizeof(*new_mt)); in pipapo_resize()
673 if (rules > old_rules) { in pipapo_resize()
675 (rules - old_rules) * sizeof(*new_mt)); in pipapo_resize()
[all …]
Dnft_set_pipapo.h123 unsigned long rules; member
187 int pipapo_refill(unsigned long *map, int len, int rules, unsigned long *dst,
262 unsigned long rules; in pipapo_estimate_size() local
271 rules = ilog2(desc->field_len[i] * BITS_PER_BYTE) * 2; in pipapo_estimate_size()
272 entry_size += rules * in pipapo_estimate_size()
275 entry_size += rules * sizeof(union nft_pipapo_map_bucket); in pipapo_estimate_size()
Dnft_immediate.c115 list_for_each_entry(rule, &chain->rules, list) in nft_immediate_activate()
138 list_for_each_entry(rule, &chain->rules, list) in nft_immediate_chain_deactivate()
219 list_for_each_entry_safe(rule, n, &chain->rules, list) { in nft_immediate_destroy()
Dnf_tables_api.c552 list_for_each_entry(rule, &ctx->chain->rules, list) { in nft_delrule_by_chain()
2221 struct nft_rule **rules; in nf_tables_addchain() local
2275 INIT_LIST_HEAD(&chain->rules); in nf_tables_addchain()
2305 rules = nf_tables_chain_alloc_rules(chain, 0); in nf_tables_addchain()
2306 if (!rules) { in nf_tables_addchain()
2311 *rules = NULL; in nf_tables_addchain()
2312 rcu_assign_pointer(chain->rules_gen_0, rules); in nf_tables_addchain()
2313 rcu_assign_pointer(chain->rules_gen_1, rules); in nf_tables_addchain()
2658 list_for_each_entry(rule, &chain->rules, list) { in nf_tables_delchain()
2979 list_for_each_entry_rcu(rule, &chain->rules, list) { in __nft_rule_lookup()
[all …]
DKconfig725 The target allows you to create rules in the "mangle" table which alter
841 It also adds the "TOS" target, which allows you to create rules in
869 The target allows you to create rules in the "raw" and "mangle" tables
919 This option adds a `LOG' target, which allows you to create rules in
1044 For it to work you will have to configure certain iptables rules
1057 the tables, chains, rules.
Dnf_tables_offload.c302 list_for_each_entry(rule, &chain->rules, list) { in nft_flow_offload_unbind()
Dnft_set_pipapo_avx2.c1064 b = pipapo_refill(map, bsize, f->rules, fill, f->mt, last); in nft_pipapo_avx2_lookup_slow()
/net/ceph/crush/
Dcrush.c122 if (map->rules) { in crush_destroy()
125 crush_destroy_rule(map->rules[b]); in crush_destroy()
126 kfree(map->rules); in crush_destroy()
Dmapper.c47 if (map->rules[i] && in crush_find_rule()
48 map->rules[i]->mask.ruleset == ruleset && in crush_find_rule()
49 map->rules[i]->mask.type == type && in crush_find_rule()
50 map->rules[i]->mask.min_size <= size && in crush_find_rule()
51 map->rules[i]->mask.max_size >= size) in crush_find_rule()
936 rule = map->rules[ruleno]; in crush_do_rule()
/net/bridge/netfilter/
DKconfig61 The ebtables broute table is used to define rules that decide between
71 The ebtables filter table is used to define frame filtering rules at
80 The ebtables nat table is used to define rules that alter the MAC
100 MAC/IP address pairs can be matched, f.e. for anti-spoofing rules.
/net/ipv4/netfilter/
DKconfig180 rules for simple packet filtering at local input, forwarding and
345 rules for simple ARP packet filtering at local input and
346 local output. On a bridge, you can also specify filtering rules
/net/core/
Dfib_rules.c1193 static void attach_rules(struct list_head *rules, struct net_device *dev) in attach_rules() argument
1197 list_for_each_entry(rule, rules, list) { in attach_rules()
1207 static void detach_rules(struct list_head *rules, struct net_device *dev) in detach_rules() argument
1211 list_for_each_entry(rule, rules, list) { in detach_rules()
/net/openvswitch/
DKconfig31 translate it into packet processing rules.
/net/bridge/
DKconfig28 take this into account when setting up your firewall rules.
/net/ceph/
Dosdmap.c454 c->rules = kcalloc(c->max_rules, sizeof(*c->rules), GFP_NOFS); in crush_decode()
455 if (c->rules == NULL) in crush_decode()
550 dout("rule vec is %p\n", c->rules); in crush_decode()
559 c->rules[i] = NULL; in crush_decode()
574 c->rules[i] = r; in crush_decode()
/net/ipv6/netfilter/
DKconfig196 rules for simple packet filtering at local input, forwarding and
/net/wireless/
Dnl80211.c12418 rule = &rdev->coalesce->rules[i]; in nl80211_send_coalesce_rules()
12494 rule = &coalesce->rules[i]; in cfg80211_rdev_free_coalesce()
12499 kfree(coalesce->rules); in cfg80211_rdev_free_coalesce()
12620 new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]), in nl80211_set_coalesce()
12622 if (!new_coalesce.rules) in nl80211_set_coalesce()
12631 &new_coalesce.rules[i]); in nl80211_set_coalesce()
12653 tmp_rule = &new_coalesce.rules[i]; in nl80211_set_coalesce()
12658 kfree(new_coalesce.rules); in nl80211_set_coalesce()