From 3587ad1e751576993b2d11391ee17b07b1d99075 Mon Sep 17 00:00:00 2001
From: Brett Mastbergen <bmastbergen@untangle.com>
Date: Tue, 23 Apr 2019 16:18:17 -0400
Subject: src: Add ct id support

The 'id' key returns the id of the connection entry

Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/linux/netfilter/nf_tables.h | 2 ++
 src/expr/ct.c                       | 1 +
 2 files changed, 3 insertions(+)

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 7eb8a5b..38f74e4 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -978,6 +978,7 @@ enum nft_osf_attributes {
  * @NFT_CT_SRC_IP6: conntrack layer 3 protocol source (IPv6 address)
  * @NFT_CT_DST_IP6: conntrack layer 3 protocol destination (IPv6 address)
  * @NFT_CT_TIMEOUT: connection tracking timeout policy assigned to conntrack
+ * @NFT_CT_ID: conntrack id
  */
 enum nft_ct_keys {
 	NFT_CT_STATE,
@@ -1004,6 +1005,7 @@ enum nft_ct_keys {
 	NFT_CT_SRC_IP6,
 	NFT_CT_DST_IP6,
 	NFT_CT_TIMEOUT,
+	NFT_CT_ID,
 	__NFT_CT_MAX
 };
 #define NFT_CT_MAX		(__NFT_CT_MAX - 1)
diff --git a/src/expr/ct.c b/src/expr/ct.c
index b9ca2dc..124de9d 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -172,6 +172,7 @@ static const char *ctkey2str_array[NFT_CT_MAX + 1] = {
 	[NFT_CT_DST_IP]		= "dst_ip",
 	[NFT_CT_SRC_IP6]	= "src_ip6",
 	[NFT_CT_DST_IP6]	= "dst_ip6",
+	[NFT_CT_ID]		= "id",
 };
 
 static const char *ctkey2str(uint32_t ctkey)
-- 
cgit v1.2.3