diff options
author | Florian Westphal <fw@strlen.de> | 2017-02-21 18:11:31 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2017-03-16 10:09:42 +0100 |
commit | 5ca4eb30d62e0ab2768d64de5c70931292213338 (patch) | |
tree | a54d95ecbb4de9deeeee83f1353421ef690f135e /src/ct.c | |
parent | f2af2b2ad1c4dd68bd5bbf3c763f0f1513281c0c (diff) |
src: add initial ct helper support
This adds initial support for defining conntrack helper objects
which can then be assigned to connections using the objref infrastructure:
table ip filter {
ct helper ftp-standard {
type "ftp" protocol tcp
}
chain y {
tcp dport 21 ct helper set "ftp-standard"
}
}
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/ct.c')
-rw-r--r-- | src/ct.c | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -353,6 +353,16 @@ struct error_record *ct_key_parse(const struct location *loc, const char *str, return error(loc, "syntax error, unexpected %s, known keys are %s", str, buf); } +struct error_record *ct_objtype_parse(const struct location *loc, const char *str, int *type) +{ + if (strcmp(str, "helper") == 0) { + *type = NFT_OBJECT_CT_HELPER; + return NULL; + } + + return error(loc, "unknown ct class '%s', want 'helper'", str); +} + struct expr *ct_expr_alloc(const struct location *loc, enum nft_ct_keys key, int8_t direction) { |