diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/libnftnl/object.h | 8 | ||||
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 14 | ||||
-rw-r--r-- | include/obj.h | 8 |
3 files changed, 29 insertions, 1 deletions
diff --git a/include/libnftnl/object.h b/include/libnftnl/object.h index 4ce2230..cce0713 100644 --- a/include/libnftnl/object.h +++ b/include/libnftnl/object.h @@ -71,6 +71,14 @@ enum { }; enum { + NFTNL_OBJ_CT_EXPECT_L3PROTO = NFTNL_OBJ_BASE, + NFTNL_OBJ_CT_EXPECT_L4PROTO, + NFTNL_OBJ_CT_EXPECT_DPORT, + NFTNL_OBJ_CT_EXPECT_TIMEOUT, + NFTNL_OBJ_CT_EXPECT_SIZE, +}; + +enum { NFTNL_OBJ_LIMIT_RATE = NFTNL_OBJ_BASE, NFTNL_OBJ_LIMIT_UNIT, NFTNL_OBJ_LIMIT_BURST, diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index fd38cdc..7eb8a5b 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -1429,6 +1429,17 @@ enum nft_ct_timeout_attributes { }; #define NFTA_CT_TIMEOUT_MAX (__NFTA_CT_TIMEOUT_MAX - 1) +enum nft_ct_expectation_attributes { + NFTA_CT_EXPECT_UNSPEC, + NFTA_CT_EXPECT_L3PROTO, + NFTA_CT_EXPECT_L4PROTO, + NFTA_CT_EXPECT_DPORT, + NFTA_CT_EXPECT_TIMEOUT, + NFTA_CT_EXPECT_SIZE, + __NFTA_CT_EXPECT_MAX, +}; +#define NFTA_CT_EXPECT_MAX (__NFTA_CT_EXPECT_MAX - 1) + #define NFT_OBJECT_UNSPEC 0 #define NFT_OBJECT_COUNTER 1 #define NFT_OBJECT_QUOTA 2 @@ -1438,7 +1449,8 @@ enum nft_ct_timeout_attributes { #define NFT_OBJECT_TUNNEL 6 #define NFT_OBJECT_CT_TIMEOUT 7 #define NFT_OBJECT_SECMARK 8 -#define __NFT_OBJECT_MAX 9 +#define NFT_OBJECT_CT_EXPECT 9 +#define __NFT_OBJECT_MAX 10 #define NFT_OBJECT_MAX (__NFT_OBJECT_MAX - 1) /** diff --git a/include/obj.h b/include/obj.h index 35b5c40..9394d79 100644 --- a/include/obj.h +++ b/include/obj.h @@ -42,6 +42,13 @@ struct nftnl_obj { uint8_t l4proto; uint32_t timeout[NFTNL_CTTIMEOUT_ARRAY_MAX]; } ct_timeout; + struct nftnl_obj_ct_expect { + uint16_t l3proto; + uint16_t dport; + uint8_t l4proto; + uint8_t size; + uint32_t timeout; + } ct_expect; struct nftnl_obj_limit { uint64_t rate; uint64_t unit; @@ -99,6 +106,7 @@ extern struct obj_ops obj_ops_counter; extern struct obj_ops obj_ops_quota; extern struct obj_ops obj_ops_ct_helper; extern struct obj_ops obj_ops_ct_timeout; +extern struct obj_ops obj_ops_ct_expect; extern struct obj_ops obj_ops_limit; extern struct obj_ops obj_ops_tunnel; extern struct obj_ops obj_ops_secmark; |