netfilter: ctnetlink: support kernel-space dump filtering by ctmark

This patch adds CTA_MARK_MASK which, together with CTA_MARK, allows you to selectively send conntrack entries to user-space by returning those that match mark & mask. With this, we can save cycles in the building and the parsing of the entries that may be later on filtered out in user-space by using the ctmark & mask. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2012-02-24 14:41:50 +0000
committer: David S. Miller <davem@davemloft.net> 2012-02-26 14:12:33 -0500
commit: 0f298a285f2e365cb34f69d1f79bb9fc996f683d (patch)
tree: e76d440e2966f778d7e0f911b7b0a53c93196ba3 /include/linux/netfilter
parent: 7175c883071515f0d4c1cece2646203b8a5a7415 (diff)
download: linux-stable-0f298a285f2e365cb34f69d1f79bb9fc996f683d.tar.gz
linux-stable-0f298a285f2e365cb34f69d1f79bb9fc996f683d.tar.bz2
linux-stable-0f298a285f2e365cb34f69d1f79bb9fc996f683d.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
index debf1aefd753..d498a4426ebf 100644
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -43,6 +43,7 @@ enum ctattr_type {
 	CTA_ZONE,
 	CTA_SECCTX,
 	CTA_TIMESTAMP,
+	CTA_MARK_MASK,
 	__CTA_MAX
 };
 #define CTA_MAX (__CTA_MAX - 1)
author	Pablo Neira Ayuso <pablo@netfilter.org>	2012-02-24 14:41:50 +0000
committer	David S. Miller <davem@davemloft.net>	2012-02-26 14:12:33 -0500
commit	0f298a285f2e365cb34f69d1f79bb9fc996f683d (patch)
tree	e76d440e2966f778d7e0f911b7b0a53c93196ba3 /include/linux/netfilter
parent	7175c883071515f0d4c1cece2646203b8a5a7415 (diff)
download	linux-stable-0f298a285f2e365cb34f69d1f79bb9fc996f683d.tar.gz linux-stable-0f298a285f2e365cb34f69d1f79bb9fc996f683d.tar.bz2 linux-stable-0f298a285f2e365cb34f69d1f79bb9fc996f683d.zip