diff options
| author | Pablo Neira Ayuso | 2012-02-28 19:13:48 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2012-03-07 17:41:22 +0100 |
| commit | 50978462300f74dc48aea4a38471cb69bdf741a5 (patch) | |
| tree | 0d63f721f996d4c4a4e37cd08df949e25d4c980e /include/net | |
| parent | netfilter: nf_conntrack: pass timeout array to l4->new and l4->packet (diff) | |
| download | kernel-qcow2-linux-50978462300f74dc48aea4a38471cb69bdf741a5.tar.gz kernel-qcow2-linux-50978462300f74dc48aea4a38471cb69bdf741a5.tar.xz kernel-qcow2-linux-50978462300f74dc48aea4a38471cb69bdf741a5.zip | |
netfilter: add cttimeout infrastructure for fine timeout tuning
This patch adds the infrastructure to add fine timeout tuning
over nfnetlink. Now you can use the NFNL_SUBSYS_CTNETLINK_TIMEOUT
subsystem to create/delete/dump timeout objects that contain some
specific timeout policy for one flow.
The follow up patches will allow you attach timeout policy object
to conntrack via the CT target and the conntrack extension
infrastructure.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/netfilter/nf_conntrack_l4proto.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h index c48b67405aa0..90c67c7db7e9 100644 --- a/include/net/netfilter/nf_conntrack_l4proto.h +++ b/include/net/netfilter/nf_conntrack_l4proto.h @@ -83,6 +83,17 @@ struct nf_conntrack_l4proto { size_t nla_size; +#if IS_ENABLED(CONFIG_NF_CT_NETLINK_TIMEOUT) + struct { + size_t obj_size; + int (*nlattr_to_obj)(struct nlattr *tb[], void *data); + int (*obj_to_nlattr)(struct sk_buff *skb, const void *data); + + unsigned int nlattr_max; + const struct nla_policy *nla_policy; + } ctnl_timeout; +#endif + #ifdef CONFIG_SYSCTL struct ctl_table_header **ctl_table_header; struct ctl_table *ctl_table; |