summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2015-12-12 01:10:04 +0100
committerFlorian Westphal <fw@strlen.de>2015-12-12 01:10:04 +0100
commit0bfbe6146418d93b2523ea56b43213cac5d6620c (patch)
treee2bbc41841c648c69357c9dc66be1102ca6a8ffd /include/linux/netfilter
parent757b3ab08b8b22f230fb8e481bec78ecbfbb335a (diff)
ct: add packet/byte counter support
packets and bytes need special treatment -- we want to be able to get packet/byte counter in either direction, but also express 'fetch in *BOTH* directions', i.e. ct packets original + ct packets reply > 1000 This either requires a '+' expression, a new 'both' direction, or keys where direction is optional, i.e. ct packets > 12345 ; original + reply ct original packets > 12345 ; original Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux/netfilter')
-rw-r--r--include/linux/netfilter/nf_tables.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 70a9619e..49de2b8a 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -744,6 +744,8 @@ enum nft_ct_keys {
NFT_CT_PROTO_SRC,
NFT_CT_PROTO_DST,
NFT_CT_LABELS,
+ NFT_CT_PKTS,
+ NFT_CT_BYTES,
};
/**