src: ct helper support

add support for ct helper objects, these are used to assign helpers to connections, similar to iptables -j CT --set-helper target. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2017-02-19 22:49:51 +0100
committer: Florian Westphal <fw@strlen.de> 2017-03-16 10:08:59 +0100
commit: 4b89c0cb0883f638ff1abbc2ff47c43cdc26aac5 (patch)
tree: 7f17cc130bd6c4d8a47861869a0286b00e4d4410 /include/linux/netfilter
parent: 5d24b4686f7b3e3f3858afbc986d0d14c0ab044c (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index a9280a6..8f38426 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -1260,10 +1260,20 @@ enum nft_fib_flags {
 	NFTA_FIB_F_PRESENT	= 1 << 5,	/* check existence only */
 };
 
+enum nft_ct_helper_attributes {
+	NFTA_CT_HELPER_UNSPEC,
+	NFTA_CT_HELPER_NAME,
+	NFTA_CT_HELPER_L3PROTO,
+	NFTA_CT_HELPER_L4PROTO,
+	__NFTA_CT_HELPER_MAX,
+};
+#define NFTA_CT_HELPER_MAX	(__NFTA_CT_HELPER_MAX - 1)
+
 #define NFT_OBJECT_UNSPEC	0
 #define NFT_OBJECT_COUNTER	1
 #define NFT_OBJECT_QUOTA	2
-#define __NFT_OBJECT_MAX	3
+#define NFT_OBJECT_CT_HELPER	3
+#define __NFT_OBJECT_MAX	4
 #define NFT_OBJECT_MAX		(__NFT_OBJECT_MAX - 1)
 
 /**
author	Florian Westphal <fw@strlen.de>	2017-02-19 22:49:51 +0100
committer	Florian Westphal <fw@strlen.de>	2017-03-16 10:08:59 +0100
commit	4b89c0cb0883f638ff1abbc2ff47c43cdc26aac5 (patch)
tree	7f17cc130bd6c4d8a47861869a0286b00e4d4410 /include/linux/netfilter
parent	5d24b4686f7b3e3f3858afbc986d0d14c0ab044c (diff)