diff options
author | Florian Westphal <fw@strlen.de> | 2012-11-06 17:06:39 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2013-05-06 21:34:15 +0200 |
commit | 6510a98f4139f112a0c76c71ff889ef93eac41fb (patch) | |
tree | 01e2ee90772ff378629bd889d51a509a26d3098e /include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h | |
parent | 013a5284c901a6ce80320f499685b89d15eeed9e (diff) |
api: add connlabel api and attribute
adds new labelmap api to create a name <-> bit mapping
from a text file (default: /etc/xtables/connlabel.conf).
nfct_labelmap_new(filename) is used to create the map,
nfct_labelmap_destroy() releases the resources allocated for the map.
Two functions are added to make map lookups:
nfct_labelmap_get_name(map, bit) returns the name of a bit,
nfct_labelmap_get_bit returns the bit associated with a name.
The connlabel attribute is represented by a nfct_bitmask object, the
nfct_bitmask api can be used to test/set/get individual bits
("labels").
The exisiting nfct_attr_get/set interfaces can be used to read or
replace the existing labels associated with a conntrack with a new set.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h')
-rw-r--r-- | include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h index 39366c4..3c69ba9 100644 --- a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h +++ b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h @@ -53,6 +53,7 @@ enum ctattr_type { CTA_SECCTX, CTA_TIMESTAMP, CTA_MARK_MASK, + CTA_LABELS, __CTA_MAX }; #define CTA_MAX (__CTA_MAX - 1) |