On Tue, Jan 16, 2018 at 8:30 AM, Cong Wang wrote:
> On Fri, Jan 12, 2018 at 4:57 AM, Eyal Birger wrote:
>> +static void em_policy_destroy(struct tcf_ematch *em)
>> +{
>> + const struct xt_policy_info *info = (const void *)em->data;
>> +
>> + if (!info)
>> + return;
>> +
On Fri, Jan 12, 2018 at 4:57 AM, Eyal Birger wrote:
> +static void em_policy_destroy(struct tcf_ematch *em)
> +{
> + const struct xt_policy_info *info = (const void *)em->data;
> +
> + if (!info)
> + return;
> +
> + kfree((void *)em->data);
> +}
Nit: kfree() could
From: Eyal Birger
Allows classification based on the incoming IPSec policy used during
decpsulation.
This allows similar matching capabilities to those provided by netfilter
xt_policy module, and uses the same data strcuture - but from a tc entry
point.
Signed-off-by: Eyal Birger
---
include/
