From a84921d7c0de950632ab4630dd4f7ad763e9e453 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 14 Nov 2016 22:19:07 +0100
Subject: src: add notrack support

This patch adds the notrack statement, to skip connection tracking for
certain packets.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/ct.h        | 3 +++
 include/statement.h | 2 ++
 2 files changed, 5 insertions(+)

(limited to 'include')

diff --git a/include/ct.h b/include/ct.h
index 0aeeed60..03e76e61 100644
--- a/include/ct.h
+++ b/include/ct.h
@@ -31,4 +31,7 @@ extern struct error_record *ct_dir_parse(const struct location *loc,
 					 const char *str, int8_t *dir);
 extern struct error_record *ct_key_parse(const struct location *loc, const char *str,
 					 unsigned int *key);
+
+extern struct stmt *notrack_stmt_alloc(const struct location *loc);
+
 #endif /* NFTABLES_CT_H */
diff --git a/include/statement.h b/include/statement.h
index e278b706..fe83717f 100644
--- a/include/statement.h
+++ b/include/statement.h
@@ -208,6 +208,7 @@ extern struct stmt *xt_stmt_alloc(const struct location *loc);
  * @STMT_FWD:		forward statement
  * @STMT_XT:		XT statement
  * @STMT_QUOTA:		quota statement
+ * @STMT_NOTRACK:	notrack statement
  */
 enum stmt_types {
 	STMT_INVALID,
@@ -230,6 +231,7 @@ enum stmt_types {
 	STMT_FWD,
 	STMT_XT,
 	STMT_QUOTA,
+	STMT_NOTRACK,
 };
 
 /**
-- 
cgit v1.2.3