diff options
author | Patrick McHardy <kaber@trash.net> | 2010-02-03 17:17:06 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2010-02-03 17:17:06 +0100 |
commit | 84f3bb9ae9db90f7fb15d98b55279a58ab1b2363 (patch) | |
tree | 7fe7b882f027ee138edbc0f189e21532dad6531a /include | |
parent | b2a15a604d379af323645e330638e2cfcc696aff (diff) | |
download | kernel_samsung_aries-84f3bb9ae9db90f7fb15d98b55279a58ab1b2363.zip kernel_samsung_aries-84f3bb9ae9db90f7fb15d98b55279a58ab1b2363.tar.gz kernel_samsung_aries-84f3bb9ae9db90f7fb15d98b55279a58ab1b2363.tar.bz2 |
netfilter: xtables: add CT target
Add a new target for the raw table, which can be used to specify conntrack
parameters for specific connections, f.i. the conntrack helper.
The target attaches a "template" connection tracking entry to the skb, which
is used by the conntrack core when initializing a new conntrack.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/Kbuild | 1 | ||||
-rw-r--r-- | include/linux/netfilter/xt_CT.h | 17 | ||||
-rw-r--r-- | include/net/netfilter/nf_conntrack_helper.h | 3 |
3 files changed, 21 insertions, 0 deletions
diff --git a/include/linux/netfilter/Kbuild b/include/linux/netfilter/Kbuild index 2aea503..a5a63e4 100644 --- a/include/linux/netfilter/Kbuild +++ b/include/linux/netfilter/Kbuild @@ -6,6 +6,7 @@ header-y += nfnetlink_queue.h header-y += xt_CLASSIFY.h header-y += xt_CONNMARK.h header-y += xt_CONNSECMARK.h +header-y += xt_CT.h header-y += xt_DSCP.h header-y += xt_LED.h header-y += xt_MARK.h diff --git a/include/linux/netfilter/xt_CT.h b/include/linux/netfilter/xt_CT.h new file mode 100644 index 0000000..7fd0eff --- /dev/null +++ b/include/linux/netfilter/xt_CT.h @@ -0,0 +1,17 @@ +#ifndef _XT_CT_H +#define _XT_CT_H + +#define XT_CT_NOTRACK 0x1 + +struct xt_ct_target_info { + u_int16_t flags; + u_int16_t __unused; + u_int32_t ct_events; + u_int32_t exp_events; + char helper[16]; + + /* Used internally by the kernel */ + struct nf_conn *ct __attribute__((aligned(8))); +}; + +#endif /* _XT_CT_H */ diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index e17aaa3..32c305d 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -42,6 +42,9 @@ struct nf_conntrack_helper { extern struct nf_conntrack_helper * __nf_conntrack_helper_find(const char *name, u16 l3num, u8 protonum); +extern struct nf_conntrack_helper * +nf_conntrack_helper_try_module_get(const char *name, u16 l3num, u8 protonum); + extern int nf_conntrack_helper_register(struct nf_conntrack_helper *); extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *); |