diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-02-29 13:48:36 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-04-02 13:37:49 +0200 |
commit | e8f32983048d6aa4a908b6a92da55fa71c859623 (patch) | |
tree | 7e3240694e7a06115f68fb04e61efd6038c0e62b /extensions/libxt_SECMARK.c | |
parent | c4a6b0d437b02458fb3cb827b694fd94b3fbe044 (diff) |
libxt_CT: add --timeout option
This patch adds the --timeout option to allow to attach timeout
policy objects to flows, eg.
iptables -I PREROUTING -t raw -s 1.1.1.1 -p tcp \
-j CT --timeout custom-tcp-policy
You need the nfct(8) tool which is available at:
http://git.netfilter.org/cgi-bin/gitweb.cgi?p=nfct.git
To define the cttimeout policies.
Example of usage:
nfct timeout add custom-tcp-policy inet tcp established 1000
The new nfct tool also requires libnetfilter_cttimeout:
http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_cttimeout.git
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_SECMARK.c')
0 files changed, 0 insertions, 0 deletions