diff options
-rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 1 | ||||
-rw-r--r-- | src/conntrack/api.c | 19 |
2 files changed, 13 insertions, 7 deletions
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 965050f..c6e2425 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -249,6 +249,7 @@ enum nf_conntrack_query { NFCT_Q_FLUSH, NFCT_Q_DUMP, NFCT_Q_DUMP_RESET, + NFCT_Q_CREATE_UPDATE, }; extern int nfct_query(struct nfct_handle *h, diff --git a/src/conntrack/api.c b/src/conntrack/api.c index 2d90818..245ced2 100644 --- a/src/conntrack/api.c +++ b/src/conntrack/api.c @@ -428,17 +428,18 @@ int nfct_build_conntrack(struct nfnl_subsys_handle *ssh, * depending on the request. * * For query types: - * NFCT_Q_CREATE - * NFCT_Q_UPDATE - * NFCT_Q_DESTROY - * NFCT_Q_GET + * NFCT_Q_CREATE: add a new conntrack, if it exists, fail + * NFCT_O_CREATE_UPDATE: add a new conntrack, if it exists, update it + * NFCT_Q_UPDATE: update a conntrack + * NFCT_Q_DESTROY: destroy a conntrack + * NFCT_Q_GET: get a conntrack * * Pass a valid pointer to a conntrack object. * * For query types: - * NFCT_Q_FLUSH - * NFCT_Q_DUMP - * NFCT_Q_DUMP_RESET + * NFCT_Q_FLUSH: flush the conntrack table + * NFCT_Q_DUMP: dump the conntrack table + * NFCT_Q_DUMP_RESET: dump the conntrack table and reset counters * * Pass a valid pointer to the protocol family (u_int8_t) * @@ -482,6 +483,10 @@ int nfct_build_query(struct nfnl_subsys_handle *ssh, case NFCT_Q_DUMP_RESET: nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST|NLM_F_DUMP); break; + case NFCT_Q_CREATE_UPDATE: + nfct_build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK, data); + break; + default: errno = ENOTSUP; return -1; |