diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-11-14 22:19:07 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-11-14 22:19:12 +0100 |
commit | a84921d7c0de950632ab4630dd4f7ad763e9e453 (patch) | |
tree | a2077597cf08c04df2066d1b21d60874f94d36c7 /src/netlink_delinearize.c | |
parent | 75bbb065740e184a8d910db014fdb8949cc5f18e (diff) |
src: add notrack support
This patch adds the notrack statement, to skip connection tracking for
certain packets.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink_delinearize.c')
-rw-r--r-- | src/netlink_delinearize.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 434089b7..66d38caa 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -635,6 +635,13 @@ static void netlink_parse_numgen(struct netlink_parse_ctx *ctx, netlink_set_register(ctx, dreg, expr); } +static void netlink_parse_notrack(struct netlink_parse_ctx *ctx, + const struct location *loc, + const struct nftnl_expr *nle) +{ + ctx->stmt = notrack_stmt_alloc(loc); +} + static void netlink_parse_ct_stmt(struct netlink_parse_ctx *ctx, const struct location *loc, const struct nftnl_expr *nle) @@ -1127,6 +1134,7 @@ static const struct { { .name = "range", .parse = netlink_parse_range }, { .name = "reject", .parse = netlink_parse_reject }, { .name = "nat", .parse = netlink_parse_nat }, + { .name = "notrack", .parse = netlink_parse_notrack }, { .name = "masq", .parse = netlink_parse_masq }, { .name = "redir", .parse = netlink_parse_redir }, { .name = "dup", .parse = netlink_parse_dup }, |