diff options
author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2019-03-27 11:37:56 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-04-08 23:46:50 +0200 |
commit | fdda1fad8853b92bac726cbe162b58a5b73c8b4d (patch) | |
tree | 5f3c3318af92f81c08fecd57baf6e725aa733777 /include/linux | |
parent | 067ac215e93f6cb912c3f99ca9e6689397bfba2f (diff) |
osf: add version fingerprint support
Add support for version fingerprint in "osf" expression. Example:
table ip foo {
chain bar {
type filter hook input priority filter; policy accept;
osf ttl skip name "Linux"
osf ttl skip version "Linux:4.20"
}
}
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 37036be0..09a7b9ed 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -944,15 +944,21 @@ enum nft_socket_keys { * * @NFTA_OSF_DREG: destination register (NLA_U32: nft_registers) * @NFTA_OSF_TTL: Value of the TTL osf option (NLA_U8) + * @NFTA_OSF_FLAGS: flags (NLA_U32) */ enum nft_osf_attributes { NFTA_OSF_UNSPEC, NFTA_OSF_DREG, NFTA_OSF_TTL, + NFTA_OSF_FLAGS, __NFTA_OSF_MAX }; #define NFT_OSF_MAX (__NFTA_OSF_MAX - 1) +enum nft_osf_flags { + NFT_OSF_F_VERSION = 1 << 0, /* check fingerprint version */ +}; + /** * enum nft_ct_keys - nf_tables ct expression keys * |