summaryrefslogtreecommitdiffstats
path: root/src/conntrack/build.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/conntrack/build.c')
-rw-r--r--src/conntrack/build.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index 169f289..f5e7353 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -236,6 +236,13 @@ void __build_mark(struct nfnlhdr *req,
nfnl_addattr32(&req->nlh, size, CTA_MARK, htonl(ct->mark));
}
+void __build_secmark(struct nfnlhdr *req,
+ size_t size,
+ const struct nf_conntrack *ct)
+{
+ nfnl_addattr32(&req->nlh, size, CTA_SECMARK, htonl(ct->secmark));
+}
+
int __build_conntrack(struct nfnl_subsys_handle *ssh,
struct nfnlhdr *req,
size_t size,
@@ -282,11 +289,14 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh,
if (test_bit(ATTR_MARK, ct->set))
__build_mark(req, size, ct);
+ if (test_bit(ATTR_SECMARK, ct->set))
+ __build_secmark(req, size, ct);
+
if (test_bit(ATTR_TCP_STATE, ct->set) ||
(test_bit(ATTR_TCP_FLAGS_ORIG, ct->set) &&
test_bit(ATTR_TCP_MASK_ORIG, ct->set)) ||
(test_bit(ATTR_TCP_FLAGS_REPL, ct->set) &&
- test_but(ATTR_TCP_MASK_REPL, ct->set)))
+ test_bit(ATTR_TCP_MASK_REPL, ct->set)))
__build_protoinfo(req, size, ct);
if (test_bit(ATTR_SNAT_IPV4, ct->set) &&