diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/internal.h | 5 | ||||
-rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 10 |
2 files changed, 15 insertions, 0 deletions
diff --git a/include/internal.h b/include/internal.h index 33b0dcd..9dc33f2 100644 --- a/include/internal.h +++ b/include/internal.h @@ -185,6 +185,11 @@ struct nfct_filter { */ /* + * filter logic: use positive or negative logic + */ + enum nfct_filter_logic logic[NFCT_FILTER_MAX]; + + /* * This the layer 4 protocol map for filtering. */ u_int32_t l4proto_map[IPPROTO_MAX/32]; diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 328cf8b..9840f90 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -356,6 +356,16 @@ extern void nfct_filter_add_attr_u32(struct nfct_filter *filter, const enum nfct_filter_attr attr, const u_int32_t value); +enum nfct_filter_logic { + NFCT_FILTER_LOGIC_POSITIVE, + NFCT_FILTER_LOGIC_NEGATIVE, + NFCT_FILTER_LOGIC_MAX +}; + +extern int nfct_filter_set_logic(struct nfct_filter *filter, + const enum nfct_filter_attr attr, + const enum nfct_filter_logic logic); + extern int nfct_filter_attach(int fd, struct nfct_filter *filter); extern int nfct_filter_detach(int fd); |