git.baikalelectronics.ru Git - kernel.git/commit

]> git.baikalelectronics.ru Git - kernel.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Sat, 2 Jun 2018 19:38:51 +0000 (21:38 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Sat, 2 Jun 2018 23:18:29 +0000 (01:18 +0200)
commit	12c11c0828fd31233edc16efd9f2ddfcb0c18a5c
tree	46a80a6504c141f693b7c59a3fc05b6fbbe12d45	tree \| snapshot
parent	121aba33d698d6084994e80456a7cdf71eb679fe	commit \| diff

netfilter: nf_tables: add connlimit support

This features which allows you to limit the maximum number of
connections per arbitrary key. The connlimit expression is stateful,
therefore it can be used from meters to dynamically populate a set, this
provides a mapping to the iptables' connlimit match. This patch also
comes that allows you define static connlimit policies.

This extension depends on the nf_conncount infrastructure.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/uapi/linux/netfilter/nf_tables.h		diff \| blob \| history
net/netfilter/Kconfig		diff \| blob \| history
net/netfilter/Makefile		diff \| blob \| history
net/netfilter/nft_connlimit.c	[new file with mode: 0644]	blob

Linux Kernel Source Tree.

RSS Atom