diff options
author | Florian Westphal <fw@strlen.de> | 2012-12-14 12:42:48 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2013-05-06 21:34:35 +0200 |
commit | 22c8af6991eab12a87fec4f06559e1d7ea3826f1 (patch) | |
tree | 56bd05aa44b7273770a471e0bee2677282de45eb /src/conntrack/copy.c | |
parent | d5e1f43e14bff7072e5a7a232bb2b04fcd710d52 (diff) |
api: add CTA_LABEL_MASK attribute handling
allows to set/clear only a subset of the in-kernel label set, e.g.
"set bit 1 and do not change any others".
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src/conntrack/copy.c')
-rw-r--r-- | src/conntrack/copy.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/conntrack/copy.c b/src/conntrack/copy.c index 9cb567c..5915c16 100644 --- a/src/conntrack/copy.c +++ b/src/conntrack/copy.c @@ -466,6 +466,12 @@ static void copy_attr_connlabels(struct nf_conntrack *dest, dest->connlabels = do_copy_attr_connlabels(dest->connlabels, orig->connlabels); } +static void copy_attr_connlabels_mask(struct nf_conntrack *dest, + const struct nf_conntrack *orig) +{ + dest->connlabels_mask = do_copy_attr_connlabels(dest->connlabels_mask, orig->connlabels_mask); +} + const copy_attr copy_attr_array[ATTR_MAX] = { [ATTR_ORIG_IPV4_SRC] = copy_attr_orig_ipv4_src, [ATTR_ORIG_IPV4_DST] = copy_attr_orig_ipv4_dst, @@ -534,6 +540,7 @@ const copy_attr copy_attr_array[ATTR_MAX] = { [ATTR_TIMESTAMP_STOP] = copy_attr_timestamp_stop, [ATTR_HELPER_INFO] = copy_attr_help_info, [ATTR_CONNLABELS] = copy_attr_connlabels, + [ATTR_CONNLABELS_MASK] = copy_attr_connlabels_mask, }; /* this is used by nfct_copy() with the NFCT_CP_OVERRIDE flag set. */ @@ -544,8 +551,10 @@ void __copy_fast(struct nf_conntrack *ct1, const struct nf_conntrack *ct2) ct1->secctx = NULL; ct1->helper_info = NULL; ct1->connlabels = NULL; + ct1->connlabels_mask = NULL; copy_attr_secctx(ct1, ct2); copy_attr_help_info(ct1, ct2); copy_attr_connlabels(ct1, ct2); + copy_attr_connlabels_mask(ct1, ct2); } |