diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-09-22 02:36:59 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2010-09-22 02:36:59 -0400 |
| commit | 8b008faf92ac8f7eeb65e8cd36077601af7c46db (patch) | |
| tree | 033d7dbdc7cf54af84daed6c0293726c1e3e7dd1 /include | |
| parent | bcac0dfab191cb53b3f9b43c8014a34070ed58ff (diff) | |
netfilter: ctnetlink: allow to specify the expectation flags
With this patch, you can specify the expectation flags for user-space
created expectations.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/netfilter/nf_conntrack_common.h | 4 | ||||
| -rw-r--r-- | include/linux/netfilter/nfnetlink_conntrack.h | 1 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_expect.h | 3 |
3 files changed, 5 insertions, 3 deletions
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h index 1afd18c855ec..fdc50cae861f 100644 --- a/include/linux/netfilter/nf_conntrack_common.h +++ b/include/linux/netfilter/nf_conntrack_common.h | |||
| @@ -100,6 +100,10 @@ enum ip_conntrack_expect_events { | |||
| 100 | IPEXP_NEW, /* new expectation */ | 100 | IPEXP_NEW, /* new expectation */ |
| 101 | }; | 101 | }; |
| 102 | 102 | ||
| 103 | /* expectation flags */ | ||
| 104 | #define NF_CT_EXPECT_PERMANENT 0x1 | ||
| 105 | #define NF_CT_EXPECT_INACTIVE 0x2 | ||
| 106 | |||
| 103 | #ifdef __KERNEL__ | 107 | #ifdef __KERNEL__ |
| 104 | struct ip_conntrack_stat { | 108 | struct ip_conntrack_stat { |
| 105 | unsigned int searched; | 109 | unsigned int searched; |
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h index 9ed534c991b9..455f0ce4f430 100644 --- a/include/linux/netfilter/nfnetlink_conntrack.h +++ b/include/linux/netfilter/nfnetlink_conntrack.h | |||
| @@ -161,6 +161,7 @@ enum ctattr_expect { | |||
| 161 | CTA_EXPECT_ID, | 161 | CTA_EXPECT_ID, |
| 162 | CTA_EXPECT_HELP_NAME, | 162 | CTA_EXPECT_HELP_NAME, |
| 163 | CTA_EXPECT_ZONE, | 163 | CTA_EXPECT_ZONE, |
| 164 | CTA_EXPECT_FLAGS, | ||
| 164 | __CTA_EXPECT_MAX | 165 | __CTA_EXPECT_MAX |
| 165 | }; | 166 | }; |
| 166 | #define CTA_EXPECT_MAX (__CTA_EXPECT_MAX - 1) | 167 | #define CTA_EXPECT_MAX (__CTA_EXPECT_MAX - 1) |
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h index 11e815084fcf..96bb42af5fae 100644 --- a/include/net/netfilter/nf_conntrack_expect.h +++ b/include/net/netfilter/nf_conntrack_expect.h | |||
| @@ -67,9 +67,6 @@ struct nf_conntrack_expect_policy { | |||
| 67 | 67 | ||
| 68 | #define NF_CT_EXPECT_CLASS_DEFAULT 0 | 68 | #define NF_CT_EXPECT_CLASS_DEFAULT 0 |
| 69 | 69 | ||
| 70 | #define NF_CT_EXPECT_PERMANENT 0x1 | ||
| 71 | #define NF_CT_EXPECT_INACTIVE 0x2 | ||
| 72 | |||
| 73 | int nf_conntrack_expect_init(struct net *net); | 70 | int nf_conntrack_expect_init(struct net *net); |
| 74 | void nf_conntrack_expect_fini(struct net *net); | 71 | void nf_conntrack_expect_fini(struct net *net); |
| 75 | 72 | ||