diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-12-19 20:46:36 +0000 |
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-12-19 20:46:36 +0000 |
| commit | 1d1624d49fbf3327aa6086f3f3ef256ad796fa75 (patch) | |
| tree | c9626564f68ab58e3f84b4163feb306c88e3d5c7 | |
| parent | 75d1a172320a312b97d692cd60668c02eb980c9d (diff) | |
Add support for per-family table flushing. ie. flush just AF_INET entries. Towards ipv6 support.
| -rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 4 | ||||
| -rw-r--r-- | src/libnetfilter_conntrack.c | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 32daaca..7f0b7e0 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -303,7 +303,7 @@ extern int nfct_conntrack_compare(struct nfct_conntrack *ct1, * Expectations */ extern int nfct_dump_expect_list(struct nfct_handle *cth, int family); -extern int nfct_flush_conntrack_table(struct nfct_handle *cth); +extern int nfct_flush_conntrack_table(struct nfct_handle *cth, int family); extern int nfct_get_expectation(struct nfct_handle *cth, struct nfct_tuple *tuple, u_int32_t id); @@ -311,7 +311,7 @@ extern int nfct_create_expectation(struct nfct_handle *cth, struct nfct_expect * extern int nfct_delete_expectation(struct nfct_handle *cth, struct nfct_tuple *tuple, u_int32_t id); extern int nfct_event_expectation(struct nfct_handle *cth); -extern int nfct_flush_expectation_table(struct nfct_handle *cth); +extern int nfct_flush_expectation_table(struct nfct_handle *cth, int family); /* * expectation printing functions diff --git a/src/libnetfilter_conntrack.c b/src/libnetfilter_conntrack.c index 0976143..3651fc7 100644 --- a/src/libnetfilter_conntrack.c +++ b/src/libnetfilter_conntrack.c @@ -1007,14 +1007,14 @@ int nfct_dump_expect_list(struct nfct_handle *cth, int family) return nfnl_listen(&cth->nfnlh, &callback_handler, cth); } -int nfct_flush_conntrack_table(struct nfct_handle *cth) +int nfct_flush_conntrack_table(struct nfct_handle *cth, int family) { struct nfnlhdr req; memset(&req, 0, sizeof(req)); nfnl_fill_hdr(&cth->nfnlh, (struct nlmsghdr *) &req, - 0, AF_INET, 0, IPCTNL_MSG_CT_DELETE, + 0, family, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK); return nfnl_talk(&cth->nfnlh, &req.nlh, 0, 0, NULL, NULL, NULL); @@ -1139,14 +1139,14 @@ int nfct_event_expectation(struct nfct_handle *cth) return nfnl_listen(&cth->nfnlh, &callback_handler, cth); } -int nfct_flush_expectation_table(struct nfct_handle *cth) +int nfct_flush_expectation_table(struct nfct_handle *cth, int family) { struct nfnlhdr req; memset(&req, 0, sizeof(req)); nfnl_fill_hdr(&cth->nfnlh, (struct nlmsghdr *) &req, - 0, AF_INET, 0, IPCTNL_MSG_EXP_DELETE, + 0, family, 0, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK); return nfnl_talk(&cth->nfnlh, &req.nlh, 0, 0, NULL, NULL, NULL); |