diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-08-07 18:13:20 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-08-13 16:32:10 +0200 |
commit | bd0779370588386e4a67ba5d0b176cfded8e6a53 (patch) | |
tree | 7fddb1464b457c3288ced39a635fd38f0d207ba5 /net/netfilter/nfnetlink_queue_ct.c | |
parent | 0ef71ee1a5b92c038abefd8991d5368e6031d7de (diff) | |
download | op-kernel-dev-bd0779370588386e4a67ba5d0b176cfded8e6a53.zip op-kernel-dev-bd0779370588386e4a67ba5d0b176cfded8e6a53.tar.gz |
netfilter: nfnetlink_queue: allow to attach expectations to conntracks
This patch adds the capability to attach expectations via nfnetlink_queue.
This is required by conntrack helpers that trigger expectations based on
the first packet seen like the TFTP and the DHCPv6 user-space helpers.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nfnetlink_queue_ct.c')
-rw-r--r-- | net/netfilter/nfnetlink_queue_ct.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/net/netfilter/nfnetlink_queue_ct.c b/net/netfilter/nfnetlink_queue_ct.c index ab61d66..be89303 100644 --- a/net/netfilter/nfnetlink_queue_ct.c +++ b/net/netfilter/nfnetlink_queue_ct.c @@ -96,3 +96,18 @@ void nfqnl_ct_seq_adjust(struct sk_buff *skb, struct nf_conn *ct, if ((ct->status & IPS_NAT_MASK) && diff) nfq_nat_ct->seq_adjust(skb, ct, ctinfo, diff); } + +int nfqnl_attach_expect(struct nf_conn *ct, const struct nlattr *attr, + u32 portid, u32 report) +{ + struct nfq_ct_hook *nfq_ct; + + if (nf_ct_is_untracked(ct)) + return 0; + + nfq_ct = rcu_dereference(nfq_ct_hook); + if (nfq_ct == NULL) + return -EOPNOTSUPP; + + return nfq_ct->attach_expect(attr, ct, portid, report); +} |