diff options
| author | Mikhail Sennikovsky <mikhail.sennikovskii@ionos.com> | 2022-07-08 12:46:09 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-07-08 12:50:07 +0200 |
| commit | e42ea65e9c93ff6ebb9627943370aedab853eb46 (patch) | |
| tree | 5f2141bf6a1ac35e93a4cd09b42830eee875d126 /extensions | |
| parent | ccf225870d8dd5ea40df442ce5080dd64c4181c7 (diff) | |
conntrack: introduce new -A command
The -A command works exactly the same way as -I except that it
does not fail if the ct entry already exists.
This command is useful for the batched ct loads to not abort if
some entries being applied exist.
The ct entry dump in the "save" format is now switched to use the
-A command as well for the generated output.
Also tests added to cover the -A command.
Signed-off-by: Mikhail Sennikovsky <mikhail.sennikovskii@ionos.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions')
| -rw-r--r-- | extensions/libct_proto_dccp.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_gre.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_icmp.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_icmpv6.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_sctp.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_tcp.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_udp.c | 1 | ||||
| -rw-r--r-- | extensions/libct_proto_udplite.c | 1 |
8 files changed, 8 insertions, 0 deletions
diff --git a/extensions/libct_proto_dccp.c b/extensions/libct_proto_dccp.c index 6103117..0204929 100644 --- a/extensions/libct_proto_dccp.c +++ b/extensions/libct_proto_dccp.c @@ -83,6 +83,7 @@ static char dccp_commands_v_options[NUMBER_OF_CMD][DCCP_OPT_MAX] = [EXP_GET_BIT] = {1,1,1,1,0,0,0,0,0,0}, [EXP_FLUSH_BIT] = {0,0,0,0,0,0,0,0,0,0}, [EXP_EVENT_BIT] = {0,0,0,0,0,0,0,0,0,0}, + [CT_ADD_BIT] = {3,3,3,3,0,0,1,0,0,1}, }; static const char *dccp_states[DCCP_CONNTRACK_MAX] = { diff --git a/extensions/libct_proto_gre.c b/extensions/libct_proto_gre.c index c619db3..2f216b9 100644 --- a/extensions/libct_proto_gre.c +++ b/extensions/libct_proto_gre.c @@ -82,6 +82,7 @@ static char gre_commands_v_options[NUMBER_OF_CMD][GRE_OPT_MAX] = [EXP_GET_BIT] = {1,1,1,1,0,0,0,0}, [EXP_FLUSH_BIT] = {0,0,0,0,0,0,0,0}, [EXP_EVENT_BIT] = {0,0,0,0,0,0,0,0}, + [CT_ADD_BIT] = {3,3,3,3,0,0,0,0}, }; static int parse_options(char c, diff --git a/extensions/libct_proto_icmp.c b/extensions/libct_proto_icmp.c index 304018f..9f67cf4 100644 --- a/extensions/libct_proto_icmp.c +++ b/extensions/libct_proto_icmp.c @@ -56,6 +56,7 @@ static char icmp_commands_v_options[NUMBER_OF_CMD][ICMP_NUMBER_OF_OPT] = [EXP_GET_BIT] = {0,0,0}, [EXP_FLUSH_BIT] = {0,0,0}, [EXP_EVENT_BIT] = {0,0,0}, + [CT_ADD_BIT] = {1,1,2}, }; static void help(void) diff --git a/extensions/libct_proto_icmpv6.c b/extensions/libct_proto_icmpv6.c index 114bcac..216757e 100644 --- a/extensions/libct_proto_icmpv6.c +++ b/extensions/libct_proto_icmpv6.c @@ -59,6 +59,7 @@ static char icmpv6_commands_v_options[NUMBER_OF_CMD][ICMPV6_NUMBER_OF_OPT] = [EXP_GET_BIT] = {0,0,0}, [EXP_FLUSH_BIT] = {0,0,0}, [EXP_EVENT_BIT] = {0,0,0}, + [CT_ADD_BIT] = {1,1,2}, }; static void help(void) diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c index 723a2cd..8099b83 100644 --- a/extensions/libct_proto_sctp.c +++ b/extensions/libct_proto_sctp.c @@ -86,6 +86,7 @@ static char sctp_commands_v_options[NUMBER_OF_CMD][SCTP_OPT_MAX] = [EXP_GET_BIT] = {1,1,1,1,0,0,0,0,0,0,0}, [EXP_FLUSH_BIT] = {0,0,0,0,0,0,0,0,0,0,0}, [EXP_EVENT_BIT] = {0,0,0,0,0,0,0,0,0,0,0}, + [CT_ADD_BIT] = {3,3,3,3,0,0,1,0,0,1,1}, }; static const char *sctp_states[SCTP_CONNTRACK_MAX] = { diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index 7e4500c..27f5833 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -70,6 +70,7 @@ static char tcp_commands_v_options[NUMBER_OF_CMD][TCP_NUMBER_OF_OPT] = [EXP_GET_BIT] = {1,1,1,1,0,0,0,0,0}, [EXP_FLUSH_BIT] = {0,0,0,0,0,0,0,0,0}, [EXP_EVENT_BIT] = {0,0,0,0,0,0,0,0,0}, + [CT_ADD_BIT] = {3,3,3,3,0,0,1,0,0}, }; static const char *tcp_states[TCP_CONNTRACK_MAX] = { diff --git a/extensions/libct_proto_udp.c b/extensions/libct_proto_udp.c index fce489d..a78857f 100644 --- a/extensions/libct_proto_udp.c +++ b/extensions/libct_proto_udp.c @@ -78,6 +78,7 @@ static char udp_commands_v_options[NUMBER_OF_CMD][UDP_NUMBER_OF_OPT] = [EXP_GET_BIT] = {1,1,1,1,0,0,0,0}, [EXP_FLUSH_BIT] = {0,0,0,0,0,0,0,0}, [EXP_EVENT_BIT] = {0,0,0,0,0,0,0,0}, + [CT_ADD_BIT] = {3,3,3,3,0,0,0,0}, }; static int parse_options(char c, diff --git a/extensions/libct_proto_udplite.c b/extensions/libct_proto_udplite.c index 8d42d1a..3df3142 100644 --- a/extensions/libct_proto_udplite.c +++ b/extensions/libct_proto_udplite.c @@ -86,6 +86,7 @@ static char udplite_commands_v_options[NUMBER_OF_CMD][UDP_OPT_MAX] = [EXP_GET_BIT] = {1,1,1,1,0,0,0,0}, [EXP_FLUSH_BIT] = {0,0,0,0,0,0,0,0}, [EXP_EVENT_BIT] = {0,0,0,0,0,0,0,0}, + [CT_ADD_BIT] = {3,3,3,3,0,0,0,0}, }; static int parse_options(char c, |