summaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorFernando Fernandez Mancera <ffmancera@riseup.net>2019-03-27 11:37:56 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2019-04-08 23:46:50 +0200
commitfdda1fad8853b92bac726cbe162b58a5b73c8b4d (patch)
tree5f3c3318af92f81c08fecd57baf6e725aa733777 /include/linux
parent067ac215e93f6cb912c3f99ca9e6689397bfba2f (diff)
osf: add version fingerprint support
Add support for version fingerprint in "osf" expression. Example: table ip foo { chain bar { type filter hook input priority filter; policy accept; osf ttl skip name "Linux" osf ttl skip version "Linux:4.20" } } Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/netfilter/nf_tables.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 37036be0..09a7b9ed 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -944,15 +944,21 @@ enum nft_socket_keys {
*
* @NFTA_OSF_DREG: destination register (NLA_U32: nft_registers)
* @NFTA_OSF_TTL: Value of the TTL osf option (NLA_U8)
+ * @NFTA_OSF_FLAGS: flags (NLA_U32)
*/
enum nft_osf_attributes {
NFTA_OSF_UNSPEC,
NFTA_OSF_DREG,
NFTA_OSF_TTL,
+ NFTA_OSF_FLAGS,
__NFTA_OSF_MAX
};
#define NFT_OSF_MAX (__NFTA_OSF_MAX - 1)
+enum nft_osf_flags {
+ NFT_OSF_F_VERSION = 1 << 0, /* check fingerprint version */
+};
+
/**
* enum nft_ct_keys - nf_tables ct expression keys
*