ct: connlabel matching support

Takes advantage of the fact that the current maximum label storage area is 128 bits, i.e. the dynamically allocated extension area in the kernel will always fit into a nft register. Currently this re-uses rt_symbol_table_init() to read connlabel.conf. This works since the format is pretty much the same. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2013-10-22 15:03:52 +0200
committer: Florian Westphal <fw@strlen.de> 2014-02-18 22:31:07 +0100
commit: 2fcce8b0677b31a5566d4b0e2d7432e8f678aabc (patch)
tree: c1924e84d72d566526f22b4c663dd05141695dee /include/datatype.h
parent: 71dc2810574a373dd1969088b7484933e40f6b46 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/include/datatype.h b/include/datatype.h
index 9e609cf2..2c66e9d9 100644
--- a/include/datatype.h
+++ b/include/datatype.h
@@ -34,6 +34,7 @@
  * @TYPE_CT_DIR:	conntrack direction
  * @TYPE_CT_STATUS:	conntrack status (bitmask subtype)
  * @TYPE_ICMP6_TYPE:	ICMPv6 type codes (integer subtype)
+ * @TYPE_CT_LABEL:	Conntrack Label (bitmask subtype)
  */
 enum datatypes {
 	TYPE_INVALID,
@@ -66,6 +67,7 @@ enum datatypes {
 	TYPE_CT_DIR,
 	TYPE_CT_STATUS,
 	TYPE_ICMP6_TYPE,
+	TYPE_CT_LABEL,
 	__TYPE_MAX
 };
 #define TYPE_MAX		(__TYPE_MAX - 1)
author	Florian Westphal <fw@strlen.de>	2013-10-22 15:03:52 +0200
committer	Florian Westphal <fw@strlen.de>	2014-02-18 22:31:07 +0100
commit	2fcce8b0677b31a5566d4b0e2d7432e8f678aabc (patch)
tree	c1924e84d72d566526f22b4c663dd05141695dee /include/datatype.h
parent	71dc2810574a373dd1969088b7484933e40f6b46 (diff)