diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 3 | ||||
-rw-r--r-- | include/rule.h | 11 |
2 files changed, 13 insertions, 1 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 0ff932da..ed8881ad 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -1481,7 +1481,8 @@ enum nft_ct_expectation_attributes { #define NFT_OBJECT_CT_TIMEOUT 7 #define NFT_OBJECT_SECMARK 8 #define NFT_OBJECT_CT_EXPECT 9 -#define __NFT_OBJECT_MAX 10 +#define NFT_OBJECT_SYNPROXY 10 +#define __NFT_OBJECT_MAX 11 #define NFT_OBJECT_MAX (__NFT_OBJECT_MAX - 1) /** diff --git a/include/rule.h b/include/rule.h index 0ef6aacd..2708cbeb 100644 --- a/include/rule.h +++ b/include/rule.h @@ -399,6 +399,12 @@ struct limit { uint32_t flags; }; +struct synproxy { + uint16_t mss; + uint8_t wscale; + uint32_t flags; +}; + struct secmark { char ctx[NFT_SECMARK_CTX_MAXLEN]; }; @@ -426,6 +432,7 @@ struct obj { struct ct_timeout ct_timeout; struct secmark secmark; struct ct_expect ct_expect; + struct synproxy synproxy; }; }; @@ -529,6 +536,8 @@ enum cmd_ops { * @CMD_OBJ_FLOWTABLES: flow tables * @CMD_OBJ_SECMARK: secmark * @CMD_OBJ_SECMARKS: multiple secmarks + * @CMD_OBJ_SYNPROXY: synproxy + * @CMD_OBJ_SYNPROXYS: multiple synproxys */ enum cmd_obj { CMD_OBJ_INVALID, @@ -561,6 +570,8 @@ enum cmd_obj { CMD_OBJ_SECMARK, CMD_OBJ_SECMARKS, CMD_OBJ_CT_EXPECT, + CMD_OBJ_SYNPROXY, + CMD_OBJ_SYNPROXYS, }; struct markup { |