src: add notrack support

This patch adds the notrack statement, to skip connection tracking for certain packets. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2016-11-14 22:19:07 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2016-11-14 22:19:12 +0100
commit: a84921d7c0de950632ab4630dd4f7ad763e9e453 (patch)
tree: a2077597cf08c04df2066d1b21d60874f94d36c7 /src/ct.c
parent: 75bbb065740e184a8d910db014fdb8949cc5f18e (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/src/ct.c b/src/ct.c
index 81918764..e5327539 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -414,6 +414,22 @@ struct stmt *ct_stmt_alloc(const struct location *loc, enum nft_ct_keys key,
 	return stmt;
 }
 
+static void notrack_stmt_print(const struct stmt *stmt)
+{
+	printf("notrack");
+}
+
+static const struct stmt_ops notrack_stmt_ops = {
+	.type		= STMT_NOTRACK,
+	.name		= "notrack",
+	.print		= notrack_stmt_print,
+};
+
+struct stmt *notrack_stmt_alloc(const struct location *loc)
+{
+	return stmt_alloc(loc, &notrack_stmt_ops);
+}
+
 static void __init ct_init(void)
 {
 	datatype_register(&ct_state_type);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2016-11-14 22:19:07 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2016-11-14 22:19:12 +0100
commit	a84921d7c0de950632ab4630dd4f7ad763e9e453 (patch)
tree	a2077597cf08c04df2066d1b21d60874f94d36c7 /src/ct.c
parent	75bbb065740e184a8d910db014fdb8949cc5f18e (diff)