From f233df44196f568075a5d70fc29f31b72b512783 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 27 Mar 2012 10:23:49 +0200
Subject: extensions: add nfacct match

This patch provides the user-space iptables support for the nfacct match.
This can be used as it follows:

 nfacct add http-traffic
 iptables -I INPUT -p tcp --sport 80 -m nfacct --nfacct-name http-traffic
 iptables -I OUTPUT -p tcp --dport 80 -m nfacct --nfacct-name http-traffic
 nfacct get http-traffic

See also man nfacct(8) for more information.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/linux/netfilter/xt_nfacct.h | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 include/linux/netfilter/xt_nfacct.h

(limited to 'include/linux/netfilter/xt_nfacct.h')

diff --git a/include/linux/netfilter/xt_nfacct.h b/include/linux/netfilter/xt_nfacct.h
new file mode 100644
index 00000000..59ab00dd
--- /dev/null
+++ b/include/linux/netfilter/xt_nfacct.h
@@ -0,0 +1,17 @@
+#ifndef _XT_NFACCT_MATCH_H
+#define _XT_NFACCT_MATCH_H
+
+#include <linux/types.h>
+
+#ifndef NFACCT_NAME_MAX
+#define NFACCT_NAME_MAX 32
+#endif
+
+struct nf_acct;
+
+struct xt_nfacct_match_info {
+	char		name[NFACCT_NAME_MAX];
+	struct nf_acct	*nfacct;
+};
+
+#endif /* _XT_NFACCT_MATCH_H */
-- 
cgit v1.2.3