summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2010-12-15 09:46:26 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2011-01-13 12:05:12 +0100
commitb017900aac4a158b9bf7ffdcb8a369a91115b3e4 (patch)
tree8516ac2dae8db038e7e45d76a1c8ecfb75faf7a9 /include/linux/netfilter
parent5df15196a2bbf16ca4c6a797ec00ff36d0d5c179 (diff)
downloadlinux-stable-b017900aac4a158b9bf7ffdcb8a369a91115b3e4.tar.gz
linux-stable-b017900aac4a158b9bf7ffdcb8a369a91115b3e4.tar.bz2
linux-stable-b017900aac4a158b9bf7ffdcb8a369a91115b3e4.zip
netfilter: xt_conntrack: support matching on port ranges
Add a new revision 3 that contains port ranges for all of origsrc, origdst, replsrc and repldst. The high ports are appended to the original v2 data structure to allow sharing most of the code with v1 and v2. Use of the revision specific port matching function is made dependant on par->match->revision. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux/netfilter')
-rw-r--r--include/linux/netfilter/xt_conntrack.h15
1 files changed, 15 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_conntrack.h b/include/linux/netfilter/xt_conntrack.h
index 54f47a2f6152..74b904d8f99c 100644
--- a/include/linux/netfilter/xt_conntrack.h
+++ b/include/linux/netfilter/xt_conntrack.h
@@ -58,4 +58,19 @@ struct xt_conntrack_mtinfo2 {
__u16 state_mask, status_mask;
};
+struct xt_conntrack_mtinfo3 {
+ union nf_inet_addr origsrc_addr, origsrc_mask;
+ union nf_inet_addr origdst_addr, origdst_mask;
+ union nf_inet_addr replsrc_addr, replsrc_mask;
+ union nf_inet_addr repldst_addr, repldst_mask;
+ __u32 expires_min, expires_max;
+ __u16 l4proto;
+ __u16 origsrc_port, origdst_port;
+ __u16 replsrc_port, repldst_port;
+ __u16 match_flags, invert_flags;
+ __u16 state_mask, status_mask;
+ __u16 origsrc_port_high, origdst_port_high;
+ __u16 replsrc_port_high, repldst_port_high;
+};
+
#endif /*_XT_CONNTRACK_H*/