diff options
| author | Pablo Neira Ayuso | 2018-06-02 21:38:51 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2018-06-03 01:18:29 +0200 |
| commit | 290180e2448c02d6b391455937098882a73a9494 (patch) | |
| tree | 46a80a6504c141f693b7c59a3fc05b6fbbe12d45 /net/netfilter/Makefile | |
| parent | netfilter: nf_tables: add destroy_clone expression (diff) | |
| download | kernel-qcow2-linux-290180e2448c02d6b391455937098882a73a9494.tar.gz kernel-qcow2-linux-290180e2448c02d6b391455937098882a73a9494.tar.xz kernel-qcow2-linux-290180e2448c02d6b391455937098882a73a9494.zip | |
netfilter: nf_tables: add connlimit support
This features which allows you to limit the maximum number of
connections per arbitrary key. The connlimit expression is stateful,
therefore it can be used from meters to dynamically populate a set, this
provides a mapping to the iptables' connlimit match. This patch also
comes that allows you define static connlimit policies.
This extension depends on the nf_conncount infrastructure.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/Makefile')
| -rw-r--r-- | net/netfilter/Makefile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/netfilter/Makefile b/net/netfilter/Makefile index eec169555731..44449389e527 100644 --- a/net/netfilter/Makefile +++ b/net/netfilter/Makefile @@ -80,6 +80,7 @@ nf_tables-objs := nf_tables_core.o nf_tables_api.o nft_chain_filter.o \ obj-$(CONFIG_NF_TABLES) += nf_tables.o obj-$(CONFIG_NFT_COMPAT) += nft_compat.o +obj-$(CONFIG_NFT_CONNLIMIT) += nft_connlimit.o obj-$(CONFIG_NFT_NUMGEN) += nft_numgen.o obj-$(CONFIG_NFT_CT) += nft_ct.o obj-$(CONFIG_NFT_FLOW_OFFLOAD) += nft_flow_offload.o |