From 59796dd29f54477fd5afa3083b3722b0e390fc23 Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org"
 </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>
Date: Wed, 12 Sep 2007 12:48:04 +0000
Subject: add support for TCP flags

---
 .../libnetfilter_conntrack/libnetfilter_conntrack.h  | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'include/libnetfilter_conntrack/libnetfilter_conntrack.h')

diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 3975dfc..7125414 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -98,6 +98,10 @@ enum nf_conntrack_attr {
 	ATTR_USE,				/* u32 bits */
 	ATTR_ID,				/* u32 bits */
 	ATTR_STATUS = 32,			/* u32 bits  */
+	ATTR_TCP_FLAGS_ORIG,			/* u8 bits */
+	ATTR_TCP_FLAGS_REPL,			/* u8 bits */
+	ATTR_TCP_MASK_ORIG,			/* u8 bits */
+	ATTR_TCP_MASK_REPL,			/* u8 bits */
 	ATTR_MAX
 };
 
@@ -427,6 +431,22 @@ enum ip_conntrack_status {
 	IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT),
 };
 
+/*
+ * TCP flags
+ */
+
+/* Window scaling is advertised by the sender */
+#define IP_CT_TCP_FLAG_WINDOW_SCALE             0x01
+
+/* SACK is permitted by the sender */
+#define IP_CT_TCP_FLAG_SACK_PERM                0x02
+
+/* This sender sent FIN first */
+#define IP_CT_TCP_FLAG_CLOSE_INIT               0x04
+
+/* Be liberal in window checking */
+#define IP_CT_TCP_FLAG_BE_LIBERAL               0x08
+
 /* 
  * Old deprecated API, its use for new applications is *strongly discouraged* 
  */
-- 
cgit v1.2.3