From ee4991ea402ca61a9d1a46c83c4d4219b97d7da0 Mon Sep 17 00:00:00 2001
From: Michal Kubecek <mkubecek@suse.cz>
Date: Fri, 19 Jul 2019 09:31:24 +0200
Subject: conntrackd: cthelper: Add new SLP helper

Service Location Protocol (SLP) uses multicast requests for DA (Directory
agent) and SA (Service agent) discovery. Replies to these requests are
unicast and their source address does not match destination address of the
request so that we need a conntrack helper. A kernel helper was submitted
back in 2013 but was rejected as userspace helper infrastructure is
preferred. This adds an SLP helper to conntrackd.

As the function of SLP helper is the same as what existing mDNS helper
does, src/helpers/slp.c is essentially just a copy of src/helpers/mdns.c,
except for the default timeout and example usage. As with mDNS helper,
there is no NAT support for the time being as that would probably require
kernel side changes and certainly further study (and could possibly work
only for source NAT).

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/helper/conntrackd.conf | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'doc/helper/conntrackd.conf')

diff --git a/doc/helper/conntrackd.conf b/doc/helper/conntrackd.conf
index 4148544..6ffe008 100644
--- a/doc/helper/conntrackd.conf
+++ b/doc/helper/conntrackd.conf
@@ -96,6 +96,14 @@ Helper {
 			ExpectTimeout 300
 		}
 	}
+	Type slp inet udp {
+		QueueNum 7
+		QueueLen 10240
+		Policy slp {
+			ExpectMax 8
+			ExpectTimeout 16
+		}
+	}
 }
 
 #
-- 
cgit v1.2.3