src: add ct expectations support

This modification allow to directly add/list/delete expectations. Signed-off-by: Stéphane Veyret <sveyret@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Stéphane Veyret <sveyret@gmail.com> 2019-07-09 15:02:09 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-07-16 21:26:52 +0200
commit: 1dd08fcfa07a4e5bacc14b4e4a27ed64581f2e41 (patch)
tree: 71cd776ee6b257d9a0cbefec922165d8c93cbe9b /src/mnl.c
parent: 543e7f405e3dc502ef0a69f0b85a745bdbc998ee (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/mnl.c b/src/mnl.c
index a954e9d8..eab8d548 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1003,6 +1003,19 @@ int mnl_nft_obj_add(struct netlink_ctx *ctx, const struct cmd *cmd,
 		nftnl_obj_set(nlo, NFTNL_OBJ_CT_TIMEOUT_ARRAY,
 			      obj->ct_timeout.timeout);
 		break;
+	case NFT_OBJECT_CT_EXPECT:
+		if (obj->ct_expect.l3proto)
+			nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_EXPECT_L3PROTO,
+					  obj->ct_expect.l3proto);
+		nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_EXPECT_L4PROTO,
+				 obj->ct_expect.l4proto);
+		nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_EXPECT_DPORT,
+				  obj->ct_expect.dport);
+		nftnl_obj_set_u32(nlo, NFTNL_OBJ_CT_EXPECT_TIMEOUT,
+				  obj->ct_expect.timeout);
+		nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_EXPECT_SIZE,
+				 obj->ct_expect.size);
+		break;
 	case NFT_OBJECT_SECMARK:
 		nftnl_obj_set_str(nlo, NFTNL_OBJ_SECMARK_CTX,
 				  obj->secmark.ctx);
author	Stéphane Veyret <sveyret@gmail.com>	2019-07-09 15:02:09 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-07-16 21:26:52 +0200
commit	1dd08fcfa07a4e5bacc14b4e4a27ed64581f2e41 (patch)
tree	71cd776ee6b257d9a0cbefec922165d8c93cbe9b /src/mnl.c
parent	543e7f405e3dc502ef0a69f0b85a745bdbc998ee (diff)