diff options
| author |   Patrick McHardy <kaber@trash.net> | 2015-11-24 10:00:22 +0000 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2015-11-25 13:54:51 +0100 |
| commit | 7ec3f7b47b8d9ad7ba425726f2c58f9ddce040df (patch) | |
| tree | c71eef1afc6ec117b21585311856209bbf3b40b6 /include/net/netfilter | |
| parent | netfilter: nf_tables: remove unused struct members (diff) | |
| download | linux-dev-7ec3f7b47b8d9ad7ba425726f2c58f9ddce040df.tar.xz linux-dev-7ec3f7b47b8d9ad7ba425726f2c58f9ddce040df.zip | |
netfilter: nft_payload: add packet mangling support
Add support for mangling packet payload. Checksum for the specified base
header is updated automatically if requested, however no updates for any
kind of pseudo headers are supported, meaning no stateless NAT is supported.
For checksum updates different checksumming methods can be specified. The
currently supported methods are NONE for no checksum updates, and INET for
internet type checksums.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net/netfilter')
| -rw-r--r-- | include/net/netfilter/nf_tables_core.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables_core.h b/include/net/netfilter/nf_tables_core.h index c6f400cfaac8..4ff5424909aa 100644 --- a/include/net/netfilter/nf_tables_core.h +++ b/include/net/netfilter/nf_tables_core.h @@ -47,6 +47,15 @@ struct nft_payload { enum nft_registers dreg:8; }; +struct nft_payload_set { + enum nft_payload_bases base:8; + u8 offset; + u8 len; + enum nft_registers sreg:8; + u8 csum_type; + u8 csum_offset; +}; + extern const struct nft_expr_ops nft_payload_fast_ops; int nft_payload_module_init(void); |