diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-13 18:44:11 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-24 21:37:32 +0100 |
commit | 2edc7ccd872c60f4a71218e34e737655d6e50efa (patch) | |
tree | 4294844e1e3f7b81f907f618ea09943552878b09 /src/conntrack/build.c | |
parent | e870432649955d377a73ee5a72cb23f0f6b5e4c5 (diff) |
conntrack: add synproxy support
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack/build.c')
-rw-r--r-- | src/conntrack/build.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/conntrack/build.c b/src/conntrack/build.c index cf282e6..d132890 100644 --- a/src/conntrack/build.c +++ b/src/conntrack/build.c @@ -459,6 +459,21 @@ static void __build_labels(struct nfnlhdr *req, } } +static void __build_synproxy(struct nfnlhdr *req, size_t size, + const struct nf_conntrack *ct) +{ + struct nfattr *nest; + + nest = nfnl_nest(&req->nlh, size, CTA_SYNPROXY); + nfnl_addattr32(&req->nlh, size, CTA_SYNPROXY_ISN, + htonl(ct->synproxy.isn)); + nfnl_addattr32(&req->nlh, size, CTA_SYNPROXY_ITS, + htonl(ct->synproxy.its)); + nfnl_addattr32(&req->nlh, size, CTA_SYNPROXY_TSOFF, + htonl(ct->synproxy.tsoff)); + nfnl_nest_end(&req->nlh, nest); +} + int __build_conntrack(struct nfnl_subsys_handle *ssh, struct nfnlhdr *req, size_t size, @@ -594,5 +609,10 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh, if (test_bit(ATTR_CONNLABELS, ct->head.set)) __build_labels(req, size, ct); + if (test_bit(ATTR_SYNPROXY_ISN, ct->head.set) && + test_bit(ATTR_SYNPROXY_ITS, ct->head.set) && + test_bit(ATTR_SYNPROXY_TSOFF, ct->head.set)) + __build_synproxy(req, size, ct); + return 0; } |