diff options
author | Jack Ma <jack.ma@alliedtelesis.co.nz> | 2018-04-24 14:58:57 +1200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-08 14:52:39 +0200 |
commit | db7b4e0de960c0ff86b10a3d303b4765dba13d6a (patch) | |
tree | 4de1e9c09890119bcac9bab1924b95f892a6d3f3 /include | |
parent | 155e1c0c783158b3b55967a99233d37b4b3d1490 (diff) |
extensions: libxt_CONNMARK: Support bit-shifting for --restore,set and save-mark
This patch adds a new feature to iptables that allow bitshifting for
--restore,set and save-mark operations. This allows existing logic
operators (and, or and xor) and mask to co-operate with new bitshift
operations.
The intention is to provide uses with more fexible uses of skb->mark
and ct->mark. For example, users can save extra bits in skb->mark:
skb->mark = ct->mark << 8;
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Jack Ma <jack.ma@alliedtelesis.co.nz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/xt_connmark.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_connmark.h b/include/linux/netfilter/xt_connmark.h index efc17a83..bbf2acc9 100644 --- a/include/linux/netfilter/xt_connmark.h +++ b/include/linux/netfilter/xt_connmark.h @@ -23,6 +23,11 @@ struct xt_connmark_tginfo1 { __u8 mode; }; +struct xt_connmark_tginfo2 { + __u32 ctmark, ctmask, nfmask; + __u8 shift_dir, shift_bits, mode; +}; + struct xt_connmark_mtinfo1 { __u32 mark, mask; __u8 invert; |