[NETFILTER]: Add SELINUX priority values for ipv4/ipv6, approved by Harald Welte.

cd4eb2e9 · James Morris · David S. Miller · 239f727a · cd4eb2e9 · cd4eb2e9
Commit cd4eb2e9 authored Jan 06, 2004 by James Morris Committed by David S. Miller Jan 06, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

include/linux/netfilter_ipv4.h include/linux/netfilter_ipv4.h +2 -0

include/linux/netfilter_ipv6.h include/linux/netfilter_ipv6.h +2 -0

No files found.
--- a/include/linux/netfilter_ipv4.h
+++ b/include/linux/netfilter_ipv4.h
@@ -51,6 +51,7 @@
 enum nf_ip_hook_priorities {
 	NF_IP_PRI_FIRST = INT_MIN,
+	NF_IP_PRI_SELINUX_FIRST = -225,
 	NF_IP_PRI_CONNTRACK = -200,
 	NF_IP_PRI_BRIDGE_SABOTAGE_FORWARD = -175,
 	NF_IP_PRI_MANGLE = -150,
@@ -58,6 +59,7 @@ enum nf_ip_hook_priorities {
 	NF_IP_PRI_BRIDGE_SABOTAGE_LOCAL_OUT = -50,
 	NF_IP_PRI_FILTER = 0,
 	NF_IP_PRI_NAT_SRC = 100,
+	NF_IP_PRI_SELINUX_LAST = 225,
 	NF_IP_PRI_LAST = INT_MAX,
 };

--- a/include/linux/netfilter_ipv6.h
+++ b/include/linux/netfilter_ipv6.h
@@ -56,11 +56,13 @@
 enum nf_ip6_hook_priorities {
 	NF_IP6_PRI_FIRST = INT_MIN,
+	NF_IP6_PRI_SELINUX_FIRST = -225,
 	NF_IP6_PRI_CONNTRACK = -200,
 	NF_IP6_PRI_MANGLE = -150,
 	NF_IP6_PRI_NAT_DST = -100,
 	NF_IP6_PRI_FILTER = 0,
 	NF_IP6_PRI_NAT_SRC = 100,
+	NF_IP6_PRI_SELINUX_LAST = 225,
 	NF_IP6_PRI_LAST = INT_MAX,
 };