diff options
| author |   Pablo Neira Ayuso <pablo@netfilter.org> | 2012-06-07 12:13:39 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-06-16 15:09:02 +0200 |
| commit | 9cb0176654a7dc33a32af8a0bc9e0b2f9f9ebb0f (patch) | |
| tree | d4945c63214441653bcd3f0ea3b3a15fb031798a /net/netfilter/core.c | |
| parent | netfilter: nf_ct_helper: implement variable length helper private data (diff) | |
| download | linux-dev-9cb0176654a7dc33a32af8a0bc9e0b2f9f9ebb0f.tar.xz linux-dev-9cb0176654a7dc33a32af8a0bc9e0b2f9f9ebb0f.zip | |
netfilter: add glue code to integrate nfnetlink_queue and ctnetlink
This patch allows you to include the conntrack information together
with the packet that is sent to user-space via NFQUEUE.
Previously, there was no integration between ctnetlink and
nfnetlink_queue. If you wanted to access conntrack information
from your libnetfilter_queue program, you required to query
ctnetlink from user-space to obtain it. Thus, delaying the packet
processing even more.
Including the conntrack information is optional, you can set it
via NFQA_CFG_F_CONNTRACK flag with the new NFQA_CFG_FLAGS attribute.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/core.c')
| -rw-r--r-- | net/netfilter/core.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index e19f3653db23..7eef8453b909 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -264,6 +264,10 @@ void nf_conntrack_destroy(struct nf_conntrack *nfct) rcu_read_unlock(); } EXPORT_SYMBOL(nf_conntrack_destroy); + +struct nfq_ct_hook *nfq_ct_hook; +EXPORT_SYMBOL_GPL(nfq_ct_hook); + #endif /* CONFIG_NF_CONNTRACK */ #ifdef CONFIG_PROC_FS |