git.baikalelectronics.ru Git - kernel.git/commit

]> git.baikalelectronics.ru Git - kernel.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Sat, 2 Jun 2018 19:38:51 +0000 (21:38 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Sat, 2 Jun 2018 23:18:29 +0000 (01:18 +0200)
commit	bebf2d3bec64d5d4af7ef8d95ea6e25afc8a0046
tree	46a80a6504c141f693b7c59a3fc05b6fbbe12d45	tree \| snapshot
parent	817968c3e21b268d25802c9dc405cbe50801c07c	commit \| diff

netfilter: nf_tables: add connlimit support

This features which allows you to limit the maximum number of
connections per arbitrary key. The connlimit expression is stateful,
therefore it can be used from meters to dynamically populate a set, this
provides a mapping to the iptables' connlimit match. This patch also
comes that allows you define static connlimit policies.

This extension depends on the nf_conncount infrastructure.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/uapi/linux/netfilter/nf_tables.h		diff \| blob \| history
net/netfilter/Kconfig		diff \| blob \| history
net/netfilter/Makefile		diff \| blob \| history
net/netfilter/nft_connlimit.c	[new file with mode: 0644]	blob

Linux Kernel Source Tree.

RSS Atom