summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2007-12-17 22:28:41 -0800
committerDavid S. Miller <davem@davemloft.net>2008-01-28 14:58:52 -0800
commit37fccd8577d38e249dde71512fb38d2f6a4d9d3c (patch)
treeede873cf656ad872b94bc88e6530831f4f2dfb01 /include
parent0f417ce989f84cfd5418e3b316064bfbb2708196 (diff)
[NETFILTER]: ctnetlink: add support for secmark
This patch adds support for James Morris' connsecmark. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter/nf_conntrack_common.h4
-rw-r--r--include/linux/netfilter/nfnetlink_conntrack.h1
2 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h
index 19747e8f71c..bad1eb760f6 100644
--- a/include/linux/netfilter/nf_conntrack_common.h
+++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -133,6 +133,10 @@ enum ip_conntrack_events
/* NAT sequence adjustment */
IPCT_NATSEQADJ_BIT = 13,
IPCT_NATSEQADJ = (1 << IPCT_NATSEQADJ_BIT),
+
+ /* Secmark is set */
+ IPCT_SECMARK_BIT = 14,
+ IPCT_SECMARK = (1 << IPCT_SECMARK_BIT),
};
enum ip_conntrack_expect_events {
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
index c19d976b1b7..e3e1533aba2 100644
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -39,6 +39,7 @@ enum ctattr_type {
CTA_TUPLE_MASTER,
CTA_NAT_SEQ_ADJ_ORIG,
CTA_NAT_SEQ_ADJ_REPLY,
+ CTA_SECMARK,
__CTA_MAX
};
#define CTA_MAX (__CTA_MAX - 1)