diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-13 18:44:11 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-24 21:37:32 +0100 |
commit | 2edc7ccd872c60f4a71218e34e737655d6e50efa (patch) | |
tree | 4294844e1e3f7b81f907f618ea09943552878b09 /src/conntrack/build_mnl.c | |
parent | e870432649955d377a73ee5a72cb23f0f6b5e4c5 (diff) |
conntrack: add synproxy support
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack/build_mnl.c')
-rw-r--r-- | src/conntrack/build_mnl.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/conntrack/build_mnl.c b/src/conntrack/build_mnl.c index 2118bf3..d9ad268 100644 --- a/src/conntrack/build_mnl.c +++ b/src/conntrack/build_mnl.c @@ -438,6 +438,18 @@ nfct_build_labels(struct nlmsghdr *nlh, const struct nf_conntrack *ct) } } +static void nfct_build_synproxy(struct nlmsghdr *nlh, + const struct nf_conntrack *ct) +{ + struct nlattr *nest; + + nest = mnl_attr_nest_start(nlh, CTA_SYNPROXY); + mnl_attr_put_u32(nlh, CTA_SYNPROXY_ISN, htonl(ct->synproxy.isn)); + mnl_attr_put_u32(nlh, CTA_SYNPROXY_ITS, htonl(ct->synproxy.its)); + mnl_attr_put_u32(nlh, CTA_SYNPROXY_TSOFF, htonl(ct->synproxy.tsoff)); + mnl_attr_nest_end(nlh, nest); +} + int nfct_nlmsg_build(struct nlmsghdr *nlh, const struct nf_conntrack *ct) { @@ -579,5 +591,10 @@ nfct_nlmsg_build(struct nlmsghdr *nlh, const struct nf_conntrack *ct) if (test_bit(ATTR_CONNLABELS, ct->head.set)) nfct_build_labels(nlh, ct); + if (test_bit(ATTR_SYNPROXY_ISN, ct->head.set) && + test_bit(ATTR_SYNPROXY_ITS, ct->head.set) && + test_bit(ATTR_SYNPROXY_TSOFF, ct->head.set)) + nfct_build_synproxy(nlh, ct); + return 0; } |