aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2010-02-03 17:17:06 +0100
committerPatrick McHardy <kaber@trash.net>2010-02-03 17:17:06 +0100
commit84f3bb9ae9db90f7fb15d98b55279a58ab1b2363 (patch)
tree7fe7b882f027ee138edbc0f189e21532dad6531a /include
parentb2a15a604d379af323645e330638e2cfcc696aff (diff)
downloadkernel_samsung_aries-84f3bb9ae9db90f7fb15d98b55279a58ab1b2363.zip
kernel_samsung_aries-84f3bb9ae9db90f7fb15d98b55279a58ab1b2363.tar.gz
kernel_samsung_aries-84f3bb9ae9db90f7fb15d98b55279a58ab1b2363.tar.bz2
netfilter: xtables: add CT target
Add a new target for the raw table, which can be used to specify conntrack parameters for specific connections, f.i. the conntrack helper. The target attaches a "template" connection tracking entry to the skb, which is used by the conntrack core when initializing a new conntrack. Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter/Kbuild1
-rw-r--r--include/linux/netfilter/xt_CT.h17
-rw-r--r--include/net/netfilter/nf_conntrack_helper.h3
3 files changed, 21 insertions, 0 deletions
diff --git a/include/linux/netfilter/Kbuild b/include/linux/netfilter/Kbuild
index 2aea503..a5a63e4 100644
--- a/include/linux/netfilter/Kbuild
+++ b/include/linux/netfilter/Kbuild
@@ -6,6 +6,7 @@ header-y += nfnetlink_queue.h
header-y += xt_CLASSIFY.h
header-y += xt_CONNMARK.h
header-y += xt_CONNSECMARK.h
+header-y += xt_CT.h
header-y += xt_DSCP.h
header-y += xt_LED.h
header-y += xt_MARK.h
diff --git a/include/linux/netfilter/xt_CT.h b/include/linux/netfilter/xt_CT.h
new file mode 100644
index 0000000..7fd0eff
--- /dev/null
+++ b/include/linux/netfilter/xt_CT.h
@@ -0,0 +1,17 @@
+#ifndef _XT_CT_H
+#define _XT_CT_H
+
+#define XT_CT_NOTRACK 0x1
+
+struct xt_ct_target_info {
+ u_int16_t flags;
+ u_int16_t __unused;
+ u_int32_t ct_events;
+ u_int32_t exp_events;
+ char helper[16];
+
+ /* Used internally by the kernel */
+ struct nf_conn *ct __attribute__((aligned(8)));
+};
+
+#endif /* _XT_CT_H */
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index e17aaa3..32c305d 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -42,6 +42,9 @@ struct nf_conntrack_helper {
extern struct nf_conntrack_helper *
__nf_conntrack_helper_find(const char *name, u16 l3num, u8 protonum);
+extern struct nf_conntrack_helper *
+nf_conntrack_helper_try_module_get(const char *name, u16 l3num, u8 protonum);
+
extern int nf_conntrack_helper_register(struct nf_conntrack_helper *);
extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *);