netfilter: nftables: add catch-all set element support

[mirror_ubuntu-jammy-kernel.git] / include / net / netfilter / nf_tables.h

diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index eb708b77c4a54a687eda1e591aaac654646ca83a..27eeb613bb4e89daea9ee208e93ae6dbb7bf84f2 100644 (file)
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -497,6 +497,7 @@ struct nft_set {
        u8                              dlen;
        u8                              num_exprs;
        struct nft_expr                 *exprs[NFT_SET_EXPR_MAX];
+       struct list_head                catchall_list;
        unsigned char                   data[]
                __attribute__((aligned(__alignof__(u64))));
 };
@@ -522,6 +523,10 @@ struct nft_set *nft_set_lookup_global(const struct net *net,
                                      const struct nlattr *nla_set_id,
                                      u8 genmask);
 
+struct nft_set_ext *nft_set_catchall_lookup(const struct net *net,
+                                           const struct nft_set *set);
+void *nft_set_catchall_gc(const struct nft_set *set);
+
 static inline unsigned long nft_set_gc_interval(const struct nft_set *set)
 {
        return set->gc_int ? msecs_to_jiffies(set->gc_int) : HZ;