From 22c8af6991eab12a87fec4f06559e1d7ea3826f1 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Fri, 14 Dec 2012 12:42:48 +0100 Subject: api: add CTA_LABEL_MASK attribute handling allows to set/clear only a subset of the in-kernel label set, e.g. "set bit 1 and do not change any others". Signed-off-by: Florian Westphal --- src/conntrack/build_mnl.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/conntrack/build_mnl.c') diff --git a/src/conntrack/build_mnl.c b/src/conntrack/build_mnl.c index a666e01..a37bd73 100644 --- a/src/conntrack/build_mnl.c +++ b/src/conntrack/build_mnl.c @@ -386,6 +386,12 @@ nfct_build_labels(struct nlmsghdr *nlh, const struct nf_conntrack *ct) struct nfct_bitmask *b = ct->connlabels; unsigned int size = b->words * sizeof(b->bits[0]); mnl_attr_put(nlh, CTA_LABELS, size, b->bits); + + if (test_bit(ATTR_CONNLABELS_MASK, ct->head.set)) { + b = ct->connlabels_mask; + if (size == (b->words * sizeof(b->bits[0]))) + mnl_attr_put(nlh, CTA_LABELS_MASK, size, b->bits); + } } int -- cgit v1.2.3