summaryrefslogtreecommitdiff
path: root/include/linux/netfilter
diff options
context:
space:
mode:
authorMathieu Poirier <mathieu.poirier@linaro.org>2014-04-20 18:57:36 -0600
committerPablo Neira Ayuso <pablo@netfilter.org>2014-04-29 18:25:14 +0200
commit683399eddb9fff742b1a14c5a5d03e12bfc0afff (patch)
treee810034ef24dd4f9a57cd9c3137563050bfa7015 /include/linux/netfilter
parent1404c3ab9810ab155db5e5368af69d4b20ea5aab (diff)
netfilter: nfnetlink_acct: Adding quota support to accounting framework
nfacct objects already support accounting at the byte and packet level. As such it is a natural extension to add the possiblity to define a ceiling limit for both metrics. All the support for quotas itself is added to nfnetlink acctounting framework to stay coherent with current accounting object management. Quota limit checks are implemented in xt_nfacct filter where statistic collection is already done. Pablo Neira Ayuso has also contributed to this feature. Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux/netfilter')
-rw-r--r--include/linux/netfilter/nfnetlink_acct.h8
1 files changed, 7 insertions, 1 deletions
diff --git a/include/linux/netfilter/nfnetlink_acct.h b/include/linux/netfilter/nfnetlink_acct.h
index b2e85e59f760..6ec975748742 100644
--- a/include/linux/netfilter/nfnetlink_acct.h
+++ b/include/linux/netfilter/nfnetlink_acct.h
@@ -3,11 +3,17 @@
#include <uapi/linux/netfilter/nfnetlink_acct.h>
+enum {
+ NFACCT_NO_QUOTA = -1,
+ NFACCT_UNDERQUOTA,
+ NFACCT_OVERQUOTA,
+};
struct nf_acct;
struct nf_acct *nfnl_acct_find_get(const char *filter_name);
void nfnl_acct_put(struct nf_acct *acct);
void nfnl_acct_update(const struct sk_buff *skb, struct nf_acct *nfacct);
-
+extern int nfnl_acct_overquota(const struct sk_buff *skb,
+ struct nf_acct *nfacct);
#endif /* _NFNL_ACCT_H */
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-14 11:06:36 +0000