diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2007-03-14 19:45:19 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-04-26 01:25:57 -0400 |
commit | c8e2078cfe414a99cf6f2f2f1d78c7e75392e9d4 (patch) | |
tree | 35f283c122ef0e82f0a76f7d42591ecaf77aa3f0 /include/linux | |
parent | 5c8ce7c92106434d2bdc9d5dfa5f62bf4546b296 (diff) |
[NETFILTER]: ctnetlink: add support for internal tcp connection tracking flags handling
This patch let userspace programs set the IP_CT_TCP_BE_LIBERAL flag to
force the pickup of established connections.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/netfilter/nf_conntrack_tcp.h | 5 | ||||
-rw-r--r-- | include/linux/netfilter/nfnetlink_conntrack.h | 4 |
2 files changed, 9 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_conntrack_tcp.h b/include/linux/netfilter/nf_conntrack_tcp.h index 007af4c2770b..22ce29995f13 100644 --- a/include/linux/netfilter/nf_conntrack_tcp.h +++ b/include/linux/netfilter/nf_conntrack_tcp.h | |||
@@ -30,6 +30,11 @@ enum tcp_conntrack { | |||
30 | /* Be liberal in window checking */ | 30 | /* Be liberal in window checking */ |
31 | #define IP_CT_TCP_FLAG_BE_LIBERAL 0x08 | 31 | #define IP_CT_TCP_FLAG_BE_LIBERAL 0x08 |
32 | 32 | ||
33 | struct nf_ct_tcp_flags { | ||
34 | u_int8_t flags; | ||
35 | u_int8_t mask; | ||
36 | }; | ||
37 | |||
33 | #ifdef __KERNEL__ | 38 | #ifdef __KERNEL__ |
34 | 39 | ||
35 | struct ip_ct_tcp_state { | 40 | struct ip_ct_tcp_state { |
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h index b5883ccee295..d7c35039721e 100644 --- a/include/linux/netfilter/nfnetlink_conntrack.h +++ b/include/linux/netfilter/nfnetlink_conntrack.h | |||
@@ -83,6 +83,10 @@ enum ctattr_protoinfo { | |||
83 | enum ctattr_protoinfo_tcp { | 83 | enum ctattr_protoinfo_tcp { |
84 | CTA_PROTOINFO_TCP_UNSPEC, | 84 | CTA_PROTOINFO_TCP_UNSPEC, |
85 | CTA_PROTOINFO_TCP_STATE, | 85 | CTA_PROTOINFO_TCP_STATE, |
86 | CTA_PROTOINFO_TCP_WSCALE_ORIGINAL, | ||
87 | CTA_PROTOINFO_TCP_WSCALE_REPLY, | ||
88 | CTA_PROTOINFO_TCP_FLAGS_ORIGINAL, | ||
89 | CTA_PROTOINFO_TCP_FLAGS_REPLY, | ||
86 | __CTA_PROTOINFO_TCP_MAX | 90 | __CTA_PROTOINFO_TCP_MAX |
87 | }; | 91 | }; |
88 | #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) | 92 | #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) |