diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-06-07 12:13:39 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-06-16 15:09:02 +0200 |
commit | 9cb0176654a7dc33a32af8a0bc9e0b2f9f9ebb0f (patch) | |
tree | d4945c63214441653bcd3f0ea3b3a15fb031798a /net/netfilter/core.c | |
parent | 1afc56794e03229fa53cfa3c5012704d226e1dec (diff) |
netfilter: add glue code to integrate nfnetlink_queue and ctnetlink
This patch allows you to include the conntrack information together
with the packet that is sent to user-space via NFQUEUE.
Previously, there was no integration between ctnetlink and
nfnetlink_queue. If you wanted to access conntrack information
from your libnetfilter_queue program, you required to query
ctnetlink from user-space to obtain it. Thus, delaying the packet
processing even more.
Including the conntrack information is optional, you can set it
via NFQA_CFG_F_CONNTRACK flag with the new NFQA_CFG_FLAGS attribute.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/core.c')
-rw-r--r-- | net/netfilter/core.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index e19f3653db2..7eef8453b90 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -264,6 +264,10 @@ void nf_conntrack_destroy(struct nf_conntrack *nfct) rcu_read_unlock(); } EXPORT_SYMBOL(nf_conntrack_destroy); + +struct nfq_ct_hook *nfq_ct_hook; +EXPORT_SYMBOL_GPL(nfq_ct_hook); + #endif /* CONFIG_NF_CONNTRACK */ #ifdef CONFIG_PROC_FS |