diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/internal/object.h | 4 | ||||
| -rw-r--r-- | include/internal/prototypes.h | 9 | ||||
| -rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 9 | ||||
| -rw-r--r-- | include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h | 1 |
4 files changed, 23 insertions, 0 deletions
diff --git a/include/internal/object.h b/include/internal/object.h index 609265d..bbb038a 100644 --- a/include/internal/object.h +++ b/include/internal/object.h @@ -189,6 +189,8 @@ struct nf_conntrack { void *helper_info; size_t helper_info_len; + + struct nfct_bitmask *connlabels; }; /* @@ -305,4 +307,6 @@ struct nfct_bitmask { uint32_t bits[]; }; +struct nfct_labelmap; + #endif diff --git a/include/internal/prototypes.h b/include/internal/prototypes.h index eeeea24..484deea 100644 --- a/include/internal/prototypes.h +++ b/include/internal/prototypes.h @@ -54,4 +54,13 @@ int __snprintf_expect(char *buf, unsigned int len, const struct nf_expect *exp, int __snprintf_expect_default(char *buf, unsigned int len, const struct nf_expect *exp, unsigned int msg_type, unsigned int flags); int __snprintf_expect_xml(char *buf, unsigned int len, const struct nf_expect *exp, unsigned int msg_type, unsigned int flags); +/* + * connlabel internal prototypes + */ +struct nfct_labelmap *__labelmap_new(const char *); +void __labelmap_destroy(struct nfct_labelmap *); + +int __labelmap_get_bit(struct nfct_labelmap *map, const char *name); +const char *__labelmap_get_name(struct nfct_labelmap *map, unsigned int bit); + #endif diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 90290b8..c209184 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -133,6 +133,7 @@ enum nf_conntrack_attr { ATTR_TIMESTAMP_START, /* u64 bits, linux >= 2.6.38 */ ATTR_TIMESTAMP_STOP = 64, /* u64 bits, linux >= 2.6.38 */ ATTR_HELPER_INFO, /* variable length */ + ATTR_CONNLABELS, /* variable length */ ATTR_MAX }; @@ -285,6 +286,14 @@ int nfct_bitmask_test_bit(const struct nfct_bitmask *, unsigned int bit); void nfct_bitmask_unset_bit(struct nfct_bitmask *, unsigned int bit); void nfct_bitmask_destroy(struct nfct_bitmask *); +/* connlabel name <-> bit translation mapping */ +struct nfct_labelmap; + +struct nfct_labelmap *nfct_labelmap_new(const char *mapfile); +void nfct_labelmap_destroy(struct nfct_labelmap *map); +const char *nfct_labelmap_get_name(struct nfct_labelmap *m, unsigned int bit); +int nfct_labelmap_get_bit(struct nfct_labelmap *m, const char *name); + /* setter */ extern void nfct_set_attr(struct nf_conntrack *ct, const enum nf_conntrack_attr type, diff --git a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h index 39366c4..3c69ba9 100644 --- a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h +++ b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h @@ -53,6 +53,7 @@ enum ctattr_type { CTA_SECCTX, CTA_TIMESTAMP, CTA_MARK_MASK, + CTA_LABELS, __CTA_MAX }; #define CTA_MAX (__CTA_MAX - 1) |