From 2edc7ccd872c60f4a71218e34e737655d6e50efa Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 13 Mar 2018 18:44:11 +0100
Subject: conntrack: add synproxy support

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack/parse.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src/conntrack/parse.c')

diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c
index b52454b..8c1d813 100644
--- a/src/conntrack/parse.c
+++ b/src/conntrack/parse.c
@@ -422,6 +422,31 @@ __parse_nat_seq(const struct nfattr *attr, struct nf_conntrack *ct, int dir)
 	}
 }
 
+static void __parse_synproxy(const struct nfattr *attr, struct nf_conntrack *ct)
+{
+	struct nfattr *tb[CTA_SYNPROXY_MAX];
+
+	nfnl_parse_nested(tb, CTA_SYNPROXY_MAX, attr);
+
+	if (tb[CTA_SYNPROXY_ISN - 1]) {
+		ct->synproxy.isn =
+			ntohl(*(uint32_t *)NFA_DATA(tb[CTA_SYNPROXY_ISN-1]));
+		set_bit(ATTR_SYNPROXY_ISN, ct->head.set);
+	}
+
+	if (tb[CTA_SYNPROXY_ITS - 1]) {
+		ct->synproxy.its =
+			ntohl(*(uint32_t *)NFA_DATA(tb[CTA_SYNPROXY_ITS-1]));
+		set_bit(ATTR_SYNPROXY_ITS, ct->head.set);
+	}
+
+	if (tb[CTA_SYNPROXY_TSOFF - 1]) {
+		ct->synproxy.tsoff =
+			ntohl(*(uint32_t *)NFA_DATA(tb[CTA_SYNPROXY_TSOFF-1]));
+		set_bit(ATTR_SYNPROXY_TSOFF, ct->head.set);
+	}
+}
+
 static void 
 __parse_helper(const struct nfattr *attr, struct nf_conntrack *ct)
 {
@@ -596,4 +621,7 @@ void __parse_conntrack(const struct nlmsghdr *nlh,
 
 	if (cda[CTA_LABELS-1])
 		__parse_labels(cda[CTA_LABELS-1], ct);
+
+	if (cda[CTA_SYNPROXY-1])
+		__parse_synproxy(cda[CTA_SYNPROXY-1], ct);
 }
-- 
cgit v1.2.3