diff options
author | Harald Welte <laforge@gnumonks.org> | 2003-10-07 18:55:13 +0000 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2003-10-07 18:55:13 +0000 |
commit | 4dc734c73cc4a0ff87c0ce3673544628b58c7e24 (patch) | |
tree | d3bc1c09a798cd6bc205ac7dd77e83d9590b3e66 /extensions/libipt_conntrack.c | |
parent | 7fb4d1f3143eb1235aacc424b29e296948a78034 (diff) |
add support for the raw table to userspace
Diffstat (limited to 'extensions/libipt_conntrack.c')
-rw-r--r-- | extensions/libipt_conntrack.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/extensions/libipt_conntrack.c b/extensions/libipt_conntrack.c index ccb78ea1..63b38e98 100644 --- a/extensions/libipt_conntrack.c +++ b/extensions/libipt_conntrack.c @@ -13,13 +13,17 @@ #include <linux/netfilter_ipv4/ip_conntrack_tuple.h> #include <linux/netfilter_ipv4/ipt_conntrack.h> +#ifndef IPT_CONNTRACK_STATE_UNTRACKED +#define IPT_CONNTRACK_STATE_UNTRACKED (1 << (IP_CT_NUMBER + 3)) +#endif + /* Function which prints out usage message. */ static void help(void) { printf( "conntrack match v%s options:\n" -" [!] --ctstate [INVALID|ESTABLISHED|NEW|RELATED|SNAT|DNAT][,...]\n" +" [!] --ctstate [INVALID|ESTABLISHED|NEW|RELATED|UNTRACKED|SNAT|DNAT][,...]\n" " State(s) to match\n" " [!] --ctproto proto Protocol to match; by number or name, eg. `tcp'\n" " --ctorigsrc [!] address[/mask]\n" @@ -70,6 +74,8 @@ parse_state(const char *state, size_t strlen, struct ipt_conntrack_info *sinfo) sinfo->statemask |= IPT_CONNTRACK_STATE_BIT(IP_CT_ESTABLISHED); else if (strncasecmp(state, "RELATED", strlen) == 0) sinfo->statemask |= IPT_CONNTRACK_STATE_BIT(IP_CT_RELATED); + else if (strncasecmp(state, "UNTRACKED", strlen) == 0) + sinfo->statemask |= IPT_CONNTRACK_STATE_UNTRACKED; else if (strncasecmp(state, "SNAT", strlen) == 0) sinfo->statemask |= IPT_CONNTRACK_STATE_SNAT; else if (strncasecmp(state, "DNAT", strlen) == 0) @@ -349,6 +355,10 @@ print_state(unsigned int statemask) printf("%sESTABLISHED", sep); sep = ","; } + if (statemask & IPT_CONNTRACK_STATE_UNTRACKED) { + printf("%sUNTRACKED", sep); + sep = ","; + } if (statemask & IPT_CONNTRACK_STATE_SNAT) { printf("%sSNAT", sep); sep = ","; |