diff options
| author |   Florian Westphal <fw@strlen.de> | 2017-12-09 21:01:08 +0100 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2018-01-08 18:01:22 +0100 |
| commit | 625c556118f3c2fd28bb8ef6da18c53bd4037be4 (patch) | |
| tree | e67a0e7ac8ae1e482aa0af0f5363a74a37011228 /include/uapi/linux | |
| parent | netfilter: nf_tables: remove hooks from family definition (diff) | |
| download | linux-dev-625c556118f3c2fd28bb8ef6da18c53bd4037be4.tar.xz linux-dev-625c556118f3c2fd28bb8ef6da18c53bd4037be4.zip | |
netfilter: connlimit: split xt_connlimit into front and backend
This allows to reuse xt_connlimit infrastructure from nf_tables.
The upcoming nf_tables frontend can just pass in an nftables register
as input key, this allows limiting by any nft-supported key, including
concatenations.
For xt_connlimit, pass in the zone and the ip/ipv6 address.
With help from Yi-Hung Wei.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/uapi/linux')
| -rw-r--r-- | include/uapi/linux/netfilter/xt_connlimit.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/uapi/linux/netfilter/xt_connlimit.h b/include/uapi/linux/netfilter/xt_connlimit.h index 07e5e9d47882..d4d1943dcd11 100644 --- a/include/uapi/linux/netfilter/xt_connlimit.h +++ b/include/uapi/linux/netfilter/xt_connlimit.h @@ -27,7 +27,7 @@ struct xt_connlimit_info { __u32 flags; /* Used internally by the kernel */ - struct xt_connlimit_data *data __attribute__((aligned(8))); + struct nf_conncount_data *data __attribute__((aligned(8))); }; #endif /* _XT_CONNLIMIT_H */ |