summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/internal.h5
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack.h10
2 files changed, 15 insertions, 0 deletions
diff --git a/include/internal.h b/include/internal.h
index 33b0dcd..9dc33f2 100644
--- a/include/internal.h
+++ b/include/internal.h
@@ -185,6 +185,11 @@ struct nfct_filter {
*/
/*
+ * filter logic: use positive or negative logic
+ */
+ enum nfct_filter_logic logic[NFCT_FILTER_MAX];
+
+ /*
* This the layer 4 protocol map for filtering.
*/
u_int32_t l4proto_map[IPPROTO_MAX/32];
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 328cf8b..9840f90 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -356,6 +356,16 @@ extern void nfct_filter_add_attr_u32(struct nfct_filter *filter,
const enum nfct_filter_attr attr,
const u_int32_t value);
+enum nfct_filter_logic {
+ NFCT_FILTER_LOGIC_POSITIVE,
+ NFCT_FILTER_LOGIC_NEGATIVE,
+ NFCT_FILTER_LOGIC_MAX
+};
+
+extern int nfct_filter_set_logic(struct nfct_filter *filter,
+ const enum nfct_filter_attr attr,
+ const enum nfct_filter_logic logic);
+
extern int nfct_filter_attach(int fd, struct nfct_filter *filter);
extern int nfct_filter_detach(int fd);