I am analyzing the iptables source code.In the kernel an iptable is
represented with the help of an ipt_table struct :-
struct ipt_table
struct list_head list;
/* A unique name... */
/* What hooks you will enter on */
unsigned int valid_hooks;
/* Lock for the curtain */
rwlock_t lock;
/* Man behind the curtain... */
struct ipt_table_info *private;
/* Set to THIS_MODULE. */
struct module *me;
struct ipt_table_info
/* Size per table */
unsigned int size;
/* Number of entries: FIXME. --RR */
unsigned int number;
/* Initial number of entries. Needed for module usage count */
unsigned int initial_entries;
/* Entry points and underflows */
unsigned int hook_entry[NF_IP_NUMHOOKS];
unsigned int underflow[NF_IP_NUMHOOKS];
/* ipt_entry tables: one per CPU */
char entries[0] ____cacheline_aligned;
Can anyone explain to be the significance of underflow entries and
initial entries??