diff options
author | Krishna Kumar <krkumar2@in.ibm.com> | 2012-06-06 00:59:00 +0000 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-07-14 15:57:33 +0200 |
commit | 8b6ab7a3a503be66216db7c046646fcd15c28771 (patch) | |
tree | 0ce1bdee55fbd95ea20d1f0b2563eae72770c4af /include | |
parent | 2c481c1fd73bb744957b2e5c5161c7a0804ab2e4 (diff) |
src: implement API to set per-queue flags
Implement API to set per-queue flags. This is initially used
to implement fail-open support in NFQUEUE.
[ Pablo mangled this patch to bump LIBVERSION as well ]
Signed-off-by: Krishna Kumar <krkumar2@in.ibm.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/libnetfilter_queue/libnetfilter_queue.h | 3 | ||||
-rw-r--r-- | include/libnetfilter_queue/linux_nfnetlink_queue.h | 7 |
2 files changed, 10 insertions, 0 deletions
diff --git a/include/libnetfilter_queue/libnetfilter_queue.h b/include/libnetfilter_queue/libnetfilter_queue.h index 28bf2b1..6b8acd2 100644 --- a/include/libnetfilter_queue/libnetfilter_queue.h +++ b/include/libnetfilter_queue/libnetfilter_queue.h @@ -56,6 +56,9 @@ extern int nfq_set_mode(struct nfq_q_handle *qh, int nfq_set_queue_maxlen(struct nfq_q_handle *qh, u_int32_t queuelen); +extern int nfq_set_queue_flags(struct nfq_q_handle *qh, + uint32_t mask, uint32_t flags); + extern int nfq_set_verdict(struct nfq_q_handle *qh, u_int32_t id, u_int32_t verdict, diff --git a/include/libnetfilter_queue/linux_nfnetlink_queue.h b/include/libnetfilter_queue/linux_nfnetlink_queue.h index 6b4f86d..58c8ca5 100644 --- a/include/libnetfilter_queue/linux_nfnetlink_queue.h +++ b/include/libnetfilter_queue/linux_nfnetlink_queue.h @@ -87,8 +87,15 @@ enum nfqnl_attr_config { NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */ NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */ NFQA_CFG_QUEUE_MAXLEN, /* u_int32_t */ + NFQA_CFG_MASK, /* identify which flags to change */ + NFQA_CFG_FLAGS, /* value of these flags (__u32) */ __NFQA_CFG_MAX }; #define NFQA_CFG_MAX (__NFQA_CFG_MAX-1) +/* Flags/options for NFQA_CFG_FLAGS */ +#define NFQA_CFG_F_FAIL_OPEN (1 << 0) +#define NFQA_CFG_F_CONNTRACK (1 << 1) +#define NFQA_CFG_F_MAX (1 << 2) + #endif /* _NFNETLINK_QUEUE_H */ |