diff options
author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-09-12 12:48:04 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-09-12 12:48:04 +0000 |
commit | 59796dd29f54477fd5afa3083b3722b0e390fc23 (patch) | |
tree | 402d3ad278a6557210f9adff0174bf8f861862a6 /include | |
parent | b8ea431f5620e8fb2b9f4ee9f8ce16fa423ab572 (diff) |
add support for TCP flagssvn_t_libnetfilter_conntrack-0.0.82
Diffstat (limited to 'include')
-rw-r--r-- | include/internal.h | 12 | ||||
-rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 20 | ||||
-rw-r--r-- | include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h | 4 |
3 files changed, 32 insertions, 4 deletions
diff --git a/include/internal.h b/include/internal.h index 5a13c11..cf2d7a1 100644 --- a/include/internal.h +++ b/include/internal.h @@ -88,9 +88,17 @@ struct __nfct_tuple { union __nfct_l4 l4dst; }; +#define __DIR_ORIG 0 +#define __DIR_REPL 1 +#define __DIR_MAX __DIR_REPL+1 + union __nfct_protoinfo { struct { u_int8_t state; + struct { + u_int8_t value; + u_int8_t mask; + } flags[__DIR_MAX]; } tcp; }; @@ -104,10 +112,6 @@ struct __nfct_nat { union __nfct_l4 l4min, l4max; }; -#define __DIR_ORIG 0 -#define __DIR_REPL 1 -#define __DIR_MAX __DIR_REPL+1 - struct nf_conntrack { struct __nfct_tuple tuple[__DIR_MAX]; diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 3975dfc..7125414 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -98,6 +98,10 @@ enum nf_conntrack_attr { ATTR_USE, /* u32 bits */ ATTR_ID, /* u32 bits */ ATTR_STATUS = 32, /* u32 bits */ + ATTR_TCP_FLAGS_ORIG, /* u8 bits */ + ATTR_TCP_FLAGS_REPL, /* u8 bits */ + ATTR_TCP_MASK_ORIG, /* u8 bits */ + ATTR_TCP_MASK_REPL, /* u8 bits */ ATTR_MAX }; @@ -427,6 +431,22 @@ enum ip_conntrack_status { IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT), }; +/* + * TCP flags + */ + +/* Window scaling is advertised by the sender */ +#define IP_CT_TCP_FLAG_WINDOW_SCALE 0x01 + +/* SACK is permitted by the sender */ +#define IP_CT_TCP_FLAG_SACK_PERM 0x02 + +/* This sender sent FIN first */ +#define IP_CT_TCP_FLAG_CLOSE_INIT 0x04 + +/* Be liberal in window checking */ +#define IP_CT_TCP_FLAG_BE_LIBERAL 0x08 + /* * Old deprecated API, its use for new applications is *strongly discouraged* */ diff --git a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h index b268cc8..71baee1 100644 --- a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h +++ b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h @@ -87,6 +87,10 @@ enum ctattr_protoinfo { enum ctattr_protoinfo_tcp { CTA_PROTOINFO_TCP_UNSPEC, CTA_PROTOINFO_TCP_STATE, + CTA_PROTOINFO_TCP_WSCALE_ORIGINAL, + CTA_PROTOINFO_TCP_WSCALE_REPLY, + CTA_PROTOINFO_TCP_FLAGS_ORIGINAL, + CTA_PROTOINFO_TCP_FLAGS_REPLY, __CTA_PROTOINFO_TCP_MAX }; #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) |