diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2011-01-18 17:32:40 +0100 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2011-01-19 18:27:46 +0100 |
| commit | cc4fc022571376412986e27e08b0765e9cb2aafb (patch) | |
| tree | 5ac8445f9f00461614e18cd39cfcfe4f962b5412 /include/linux | |
| parent | 93557f53e1fbd9e2b6574ab0a9b5852628fde9e3 (diff) | |
| download | kernel_samsung_tuna-cc4fc022571376412986e27e08b0765e9cb2aafb.zip kernel_samsung_tuna-cc4fc022571376412986e27e08b0765e9cb2aafb.tar.gz kernel_samsung_tuna-cc4fc022571376412986e27e08b0765e9cb2aafb.tar.bz2 | |
netfilter: xtables: connlimit revision 1
This adds destination address-based selection. The old "inverse"
member is overloaded (memory-wise) with a new "flags" variable,
similar to how J.Park did it with xt_string rev 1. Since revision 0
userspace only sets flag 0x1, no great changes are made to explicitly
test for different revisions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/netfilter/xt_connlimit.h | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_connlimit.h b/include/linux/netfilter/xt_connlimit.h index 7e3284b..8884efc 100644 --- a/include/linux/netfilter/xt_connlimit.h +++ b/include/linux/netfilter/xt_connlimit.h @@ -3,6 +3,11 @@ struct xt_connlimit_data; +enum { + XT_CONNLIMIT_INVERT = 1 << 0, + XT_CONNLIMIT_DADDR = 1 << 1, +}; + struct xt_connlimit_info { union { union nf_inet_addr mask; @@ -14,6 +19,13 @@ struct xt_connlimit_info { #endif }; unsigned int limit, inverse; + union { + /* revision 0 */ + unsigned int inverse; + + /* revision 1 */ + __u32 flags; + }; /* Used internally by the kernel */ struct xt_connlimit_data *data __attribute__((aligned(8))); |