summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorFernando Fernandez Mancera <ffmancera@riseup.net>2018-10-23 17:06:22 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-10-23 17:46:47 +0200
commit03eafe098d5eead786cbbe6f79348f05819cd99e (patch)
tree852498d1288759dafa8773c04fc24e3f54d4512a /include
parentd7ef1e206bd9b36607dddcf337fada11d743b61f (diff)
osf: add ttl option support
Add support for ttl option in "osf" expression. Example: table ip foo { chain bar { type filter hook input priority filter; policy accept; osf ttl skip name "Linux" } } Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/expression.h4
-rw-r--r--include/linux/netfilter/nf_tables.h2
-rw-r--r--include/osf.h2
3 files changed, 7 insertions, 1 deletions
diff --git a/include/expression.h b/include/expression.h
index d6977c3a..f018c958 100644
--- a/include/expression.h
+++ b/include/expression.h
@@ -345,6 +345,10 @@ struct expr {
uint8_t direction;
uint8_t spnum;
} xfrm;
+ struct {
+ /* EXPR_OSF */
+ uint8_t ttl;
+ } osf;
};
};
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 4e285988..1d13ad37 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -939,10 +939,12 @@ enum nft_socket_keys {
* enum nft_osf_attributes - nf_tables osf expression netlink attributes
*
* @NFTA_OSF_DREG: destination register (NLA_U32: nft_registers)
+ * @NFTA_OSF_TTL: Value of the TTL osf option (NLA_U8)
*/
enum nft_osf_attributes {
NFTA_OSF_UNSPEC,
NFTA_OSF_DREG,
+ NFTA_OSF_TTL,
__NFTA_OSF_MAX
};
#define NFT_OSF_MAX (__NFTA_OSF_MAX - 1)
diff --git a/include/osf.h b/include/osf.h
index 54cdd4af..23ea34d3 100644
--- a/include/osf.h
+++ b/include/osf.h
@@ -1,7 +1,7 @@
#ifndef NFTABLES_OSF_H
#define NFTABLES_OSF_H
-struct expr *osf_expr_alloc(const struct location *loc);
+struct expr *osf_expr_alloc(const struct location *loc, const uint8_t ttl);
extern int nfnl_osf_load_fingerprints(struct netlink_ctx *ctx, int del);