kybaaz/linux-xiaomi-chiron
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

netfilter: xt_conntrack: Support bit-shifting for CONNMARK & MARK targets.

Browse source 
This patch introduces a new feature that allows bitshifting (left
and right) operations to co-operate with existing iptables options.

Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Jack Ma <jack.ma@alliedtelesis.co.nz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Jack Ma 2018-03-19 09:41:59 +13:00 committed by Pablo Neira Ayuso
parent d72133e628
commit 472a73e007
2 changed files with 70 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

10
include/uapi/linux/netfilter/xt_connmark.h
View file

@ -19,11 +19,21 @@ enum {
XT_CONNMARK_RESTORE
};
enum {
D_SHIFT_LEFT = 0,
D_SHIFT_RIGHT,
};
struct xt_connmark_tginfo1 {
__u32 ctmark, ctmask, nfmask;
__u8 mode;
};
struct xt_connmark_tginfo2 {
__u32 ctmark, ctmask, nfmask;
__u8 shift_dir, shift_bits, mode;
};
struct xt_connmark_mtinfo1 {
__u32 mark, mask;
__u8 invert;