diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-07-18 14:36:06 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-07-18 14:36:06 +0200 |
commit | d65c9ce404a5a3dc4de220189daaf610f4ec306e (patch) | |
tree | d86743cc793c33231b051dd1b97dfa8b77c92bbb /utils | |
parent | 563114a47ae03c988ca0e66eddda33d485e35f6b (diff) |
Extend high-level API for netlink BSF to add negative logic
This patch introduces nfct_filter_set_logic() to set the filtering
logic which results in a more flexible solution.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'utils')
-rw-r--r-- | utils/conntrack_filter.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/utils/conntrack_filter.c b/utils/conntrack_filter.c index 7d22950..eb26189 100644 --- a/utils/conntrack_filter.c +++ b/utils/conntrack_filter.c @@ -58,6 +58,11 @@ int main() .mask = 0xffffffff, }; + /* ignore whatever that comes from 127.0.0.1 */ + nfct_filter_set_logic(filter, + NFCT_FILTER_SRC_IPV4, + NFCT_FILTER_LOGIC_NEGATIVE); + nfct_filter_add_attr(filter, NFCT_FILTER_SRC_IPV4, &filter_ipv4); if (nfct_filter_attach(nfct_fd(h), filter) == -1) { |