path: root/iptables/nft.h
diff options
authorTomasz Bursztyka <>2013-01-13 16:42:11 +0100
committerPablo Neira Ayuso <>2013-12-30 23:50:22 +0100
commit0391677c1a0b28c14d01febd9628a543e8e5fd62 (patch)
treeb9b7715693c1284f1839abab621266ab02994747 /iptables/nft.h
parent5a1b519d1e26767fa1f0de15b0f7e125531a1719 (diff)
xtables: add IPv6 support
Summary of changes to add IPv6 support to the xtables utility: * modify all commands (add, delete, replace, check and listing) to support IPv6 addresses. And for the internal nft library: * add family to struct nft_handle and modify all caller to use this family instead of the hardcoded AF_INET. * move code that we can re-use for IPv4 and IPv6 into helper functions. * add IPv6 rule printing support. * add support to parse IPv6 address. Pablo added several improvements to this patch: * added basic xtables-save and xtables-restore support (so it defaults to IPv4) * fixed a couple of bugs found while testing * added reference when -f is used to point to -m frag (until we can make this consistent with IPv4). Note that we use one single xtables binary utility for IPv4 and IPv6. Signed-off-by: Tomasz Bursztyka <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/nft.h')
1 files changed, 1 insertions, 0 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index aed2498b..1bd9ccce 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -4,6 +4,7 @@
#include "xshared.h"
struct nft_handle {
+ int family;
struct mnl_socket *nl;
uint32_t portid;
uint32_t seq;