git://ftp.safe.ca / safe / jmp / linux-2.6 / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2b95efe) | patch
netfilter: xtables: generate initial table on-demand
authorJan Engelhardt <jengelh@medozas.de>
Wed, 17 Jun 2009 20:14:54 +0000 (22:14 +0200)
committerJan Engelhardt <jengelh@medozas.de>
Wed, 10 Feb 2010 16:50:47 +0000 (17:50 +0100)
commite3eaa9910b380530cfd2c0670fcd3f627674da8a
tree309e522e78f78149ec3cb99ffc386d1b72415a96tree | snapshot
parent2b95efe7f6bb750256a702cc32d33b0cb2cd8223commit | diff
netfilter: xtables: generate initial table on-demand

The static initial tables are pretty large, and after the net
namespace has been instantiated, they just hang around for nothing.
This commit removes them and creates tables on-demand at runtime when
needed.

Size shrinks by 7735 bytes (x86_64).

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
18 files changed:
include/linux/netfilter_arp/arp_tables.h diff | blob | history
include/linux/netfilter_ipv4/ip_tables.h diff | blob | history
include/linux/netfilter_ipv6/ip6_tables.h diff | blob | history
net/ipv4/netfilter/arp_tables.c diff | blob | history
net/ipv4/netfilter/arptable_filter.c diff | blob | history
net/ipv4/netfilter/ip_tables.c diff | blob | history
net/ipv4/netfilter/iptable_filter.c diff | blob | history
net/ipv4/netfilter/iptable_mangle.c diff | blob | history
net/ipv4/netfilter/iptable_raw.c diff | blob | history
net/ipv4/netfilter/iptable_security.c diff | blob | history
net/ipv4/netfilter/nf_nat_rule.c diff | blob | history
net/ipv6/netfilter/ip6_tables.c diff | blob | history
net/ipv6/netfilter/ip6table_filter.c diff | blob | history
net/ipv6/netfilter/ip6table_mangle.c diff | blob | history
net/ipv6/netfilter/ip6table_raw.c diff | blob | history
net/ipv6/netfilter/ip6table_security.c diff | blob | history
net/netfilter/x_tables.c diff | blob | history
net/netfilter/xt_repldata.h [new file with mode: 0644] blob
Full containers within linux kernel