netfilter: xt_socket: use IP early demux
authorEric Dumazet <edumazet@google.com>
Wed, 22 May 2013 11:01:06 +0000 (11:01 +0000)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 23 May 2013 09:09:53 +0000 (11:09 +0200)
commit00028aa37098168048728acc32ab0206687f2920
tree2b05baf2eade229d2c82e0c78f798fd123af7673
parent27e7190efd5b2f728686a8293af6d9bd34c4e562
netfilter: xt_socket: use IP early demux

With IP early demux added in linux-3.6, we perform TCP lookup in IP
layer before iptables hooks.

We can avoid doing a second lookup in xt_socket.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/xt_socket.c