diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-12-18 20:18:49 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2011-01-16 22:32:40 +0100 |
commit | fdda1474cc8654430f245b7f01c30e8ff171fa60 (patch) | |
tree | e9d4a4f3d5a45677c49079aefa13e70541db7f8d /include/internal | |
parent | f1456fa807f20bf8dd73ab3ae3312c2e8187f89f (diff) |
src: add support for CTA_SECCTX
This patch adds support for the new attribute CTA_SECCTX that
supersedes CTA_SECMARK.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/internal')
-rw-r--r-- | include/internal/object.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/internal/object.h b/include/internal/object.h index 8d95aa1..76a0566 100644 --- a/include/internal/object.h +++ b/include/internal/object.h @@ -166,6 +166,9 @@ struct nf_conntrack { * length accepted is 16 bytes, this limit is enforced during module load. */ #define __NFCT_HELPER_NAMELEN 16 char helper_name[__NFCT_HELPER_NAMELEN]; +/* According to Eric Paris <eparis@redhat.com> this field can be up to 4096 + * bytes long. For that reason, we allocate this dynamically. */ + char *secctx; union __nfct_protoinfo protoinfo; struct __nfct_counters counters[__DIR_MAX]; |