summaryrefslogtreecommitdiffstats
path: root/utils/conntrack_filter.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2008-07-18 14:36:06 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2008-07-18 14:36:06 +0200
commitd65c9ce404a5a3dc4de220189daaf610f4ec306e (patch)
treed86743cc793c33231b051dd1b97dfa8b77c92bbb /utils/conntrack_filter.c
parent563114a47ae03c988ca0e66eddda33d485e35f6b (diff)
Extend high-level API for netlink BSF to add negative logic
This patch introduces nfct_filter_set_logic() to set the filtering logic which results in a more flexible solution. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'utils/conntrack_filter.c')
-rw-r--r--utils/conntrack_filter.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/utils/conntrack_filter.c b/utils/conntrack_filter.c
index 7d22950..eb26189 100644
--- a/utils/conntrack_filter.c
+++ b/utils/conntrack_filter.c
@@ -58,6 +58,11 @@ int main()
.mask = 0xffffffff,
};
+ /* ignore whatever that comes from 127.0.0.1 */
+ nfct_filter_set_logic(filter,
+ NFCT_FILTER_SRC_IPV4,
+ NFCT_FILTER_LOGIC_NEGATIVE);
+
nfct_filter_add_attr(filter, NFCT_FILTER_SRC_IPV4, &filter_ipv4);
if (nfct_filter_attach(nfct_fd(h), filter) == -1) {