diff options
author | Florian Westphal <fw@strlen.de> | 2014-02-16 20:13:04 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2014-02-18 22:28:33 +0100 |
commit | 19c3da8e70d32818b7267fc63b44441295e69567 (patch) | |
tree | b6c11075fda4bb04b52c90c30cc4f7a837ebb1c9 | |
parent | 22d1247a9c86e7c3c3e7dd808102724b3edd7ab3 (diff) |
expr: add conntrack label match support
Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 2 | ||||
-rw-r--r-- | src/expr/ct.c | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 31ddd06..5bb7b72 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -585,6 +585,7 @@ enum nft_meta_attributes { * @NFT_CT_PROTOCOL: conntrack layer 4 protocol * @NFT_CT_PROTO_SRC: conntrack layer 4 protocol source * @NFT_CT_PROTO_DST: conntrack layer 4 protocol destination + * @NFT_CT_LABEL: conntrack label */ enum nft_ct_keys { NFT_CT_STATE, @@ -600,6 +601,7 @@ enum nft_ct_keys { NFT_CT_PROTOCOL, NFT_CT_PROTO_SRC, NFT_CT_PROTO_DST, + NFT_CT_LABEL, }; /** diff --git a/src/expr/ct.c b/src/expr/ct.c index 2df761c..4c18dde 100644 --- a/src/expr/ct.c +++ b/src/expr/ct.c @@ -33,7 +33,7 @@ struct nft_expr_ct { #define IP_CT_DIR_REPLY 1 #ifndef NFT_CT_MAX -#define NFT_CT_MAX (NFT_CT_PROTO_DST + 1) +#define NFT_CT_MAX (NFT_CT_LABEL + 1) #endif static int @@ -170,7 +170,8 @@ const char *ctkey2str_array[NFT_CT_MAX] = { [NFT_CT_SRC] = "src", [NFT_CT_DST] = "dst", [NFT_CT_PROTO_SRC] = "proto_src", - [NFT_CT_PROTO_DST] = "proto_dst" + [NFT_CT_PROTO_DST] = "proto_dst", + [NFT_CT_LABEL] = "label", }; static const char *ctkey2str(uint32_t ctkey) |