Invoke the skb_netfilter_check LSM hook for outbound (OUTPUT/FORWARD)
traffic for secid reconciliation and flow control.
Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]>
---
net/netfilter/xt_CONNSECMARK.c | 44 ++-
net/netfilter/xt_SECMARK.c | 20
On Fri, 8 Sep 2006, Venkat Yekkirala wrote:
> @@ -114,6 +128,9 @@ static struct xt_target xt_connsecmark_t
> .target = target,
> .targetsize = sizeof(struct xt_connsecmark_target_info),
> .table = "mangle",
> + .hooks
On Fri, 8 Sep 2006, Venkat Yekkirala wrote:
> -static void secmark_restore(struct sk_buff *skb)
> +static unsigned int secmark_restore(struct sk_buff *skb, unsigned int
> hooknum,
> +const struct xt_target *target)
> {
> - if (!skb->secmark) {
> - u32 *conns
