summaryrefslogtreecommitdiffstats
path: root/src/mnl.c
diff options
context:
space:
mode:
authorStéphane Veyret <sveyret@gmail.com>2019-07-09 15:02:09 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2019-07-16 21:26:52 +0200
commit1dd08fcfa07a4e5bacc14b4e4a27ed64581f2e41 (patch)
tree71cd776ee6b257d9a0cbefec922165d8c93cbe9b /src/mnl.c
parent543e7f405e3dc502ef0a69f0b85a745bdbc998ee (diff)
src: add ct expectations support
This modification allow to directly add/list/delete expectations. Signed-off-by: Stéphane Veyret <sveyret@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/mnl.c')
-rw-r--r--src/mnl.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/mnl.c b/src/mnl.c
index a954e9d8..eab8d548 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1003,6 +1003,19 @@ int mnl_nft_obj_add(struct netlink_ctx *ctx, const struct cmd *cmd,
nftnl_obj_set(nlo, NFTNL_OBJ_CT_TIMEOUT_ARRAY,
obj->ct_timeout.timeout);
break;
+ case NFT_OBJECT_CT_EXPECT:
+ if (obj->ct_expect.l3proto)
+ nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_EXPECT_L3PROTO,
+ obj->ct_expect.l3proto);
+ nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_EXPECT_L4PROTO,
+ obj->ct_expect.l4proto);
+ nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_EXPECT_DPORT,
+ obj->ct_expect.dport);
+ nftnl_obj_set_u32(nlo, NFTNL_OBJ_CT_EXPECT_TIMEOUT,
+ obj->ct_expect.timeout);
+ nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_EXPECT_SIZE,
+ obj->ct_expect.size);
+ break;
case NFT_OBJECT_SECMARK:
nftnl_obj_set_str(nlo, NFTNL_OBJ_SECMARK_CTX,
obj->secmark.ctx);