summaryrefslogtreecommitdiff
path: root/include/linux/netfilter
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2012-02-24 14:41:50 +0000
committerDavid S. Miller <davem@davemloft.net>2012-02-26 14:12:33 -0500
commit0f298a285f2e365cb34f69d1f79bb9fc996f683d (patch)
treee76d440e2966f778d7e0f911b7b0a53c93196ba3 /include/linux/netfilter
parent7175c883071515f0d4c1cece2646203b8a5a7415 (diff)
netfilter: ctnetlink: support kernel-space dump filtering by ctmark
This patch adds CTA_MARK_MASK which, together with CTA_MARK, allows you to selectively send conntrack entries to user-space by returning those that match mark & mask. With this, we can save cycles in the building and the parsing of the entries that may be later on filtered out in user-space by using the ctmark & mask. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/netfilter')
-rw-r--r--include/linux/netfilter/nfnetlink_conntrack.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
index debf1aefd753..d498a4426ebf 100644
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -43,6 +43,7 @@ enum ctattr_type {
CTA_ZONE,
CTA_SECCTX,
CTA_TIMESTAMP,
+ CTA_MARK_MASK,
__CTA_MAX
};
#define CTA_MAX (__CTA_MAX - 1)