From c3704c0e73d0dda9d9d5919af22831a439fbc611 Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org" Date: Sun, 13 Apr 2008 00:38:09 +0000 Subject: - add nfct_cmp (replacement for nfct_compare a bit more flexible) - add nfct_copy - conditional build of original and reply tuples - fix secmark parsing --- include/internal.h | 2 +- .../libnetfilter_conntrack.h | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/internal.h b/include/internal.h index 0c369aa..f38b7d3 100644 --- a/include/internal.h +++ b/include/internal.h @@ -199,7 +199,7 @@ int __callback(struct nlmsghdr *nlh, struct nfattr *nfa[], void *data); int __setobjopt(struct nf_conntrack *ct, unsigned int option); int __getobjopt(const struct nf_conntrack *ct, unsigned int option); -int __compare(const struct nf_conntrack *ct1, const struct nf_conntrack *ct2); +int __compare(const struct nf_conntrack *ct1, const struct nf_conntrack *ct2, unsigned int flags); typedef void (*set_exp_attr)(struct nf_expect *exp, const void *value); typedef const void *(*get_exp_attr)(const struct nf_expect *exp); diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 644806d..e366061 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -260,9 +260,21 @@ extern int nfct_snprintf(char *buf, const unsigned int out_type, const unsigned int out_flags); +/* comparison */ extern int nfct_compare(const struct nf_conntrack *ct1, const struct nf_conntrack *ct2); +enum { + NFCT_CMP_ALL = 0, + NFCT_CMP_ORIG = (1 << 0), + NFCT_CMP_REPL = (1 << 1), +}; + +extern int nfct_cmp(const struct nf_conntrack *ct1, + const struct nf_conntrack *ct2, + unsigned int flags); + + /* query */ enum nf_conntrack_query { NFCT_Q_CREATE, @@ -285,6 +297,16 @@ extern int nfct_send(struct nfct_handle *h, extern int nfct_catch(struct nfct_handle *h); +/* copy */ +enum { + NFCT_CP_ORIG = (1 << 0), + NFCT_CP_REPL = (1 << 1) +}; + +extern void nfct_copy(struct nf_conntrack *dest, + const struct nf_conntrack *source, + unsigned int flags); + /* low level API: netlink functions */ extern int nfct_build_conntrack(struct nfnl_subsys_handle *ssh, -- cgit v1.2.3