git.baikalelectronics.ru Git - kernel.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 7 Jun 2012 10:13:39 +0000 (12:13 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Sat, 16 Jun 2012 13:09:02 +0000 (15:09 +0200)
commit	fdedde58c5b46c0794a758e0d455f0755da0d7d8
tree	d4945c63214441653bcd3f0ea3b3a15fb031798a	tree \| snapshot
parent	4daa009e264ec6c2b593eced2430dd82889afe5d	commit \| diff

netfilter: add glue code to integrate nfnetlink_queue and ctnetlink

This patch allows you to include the conntrack information together
with the packet that is sent to user-space via NFQUEUE.

Previously, there was no integration between ctnetlink and
nfnetlink_queue. If you wanted to access conntrack information
from your libnetfilter_queue program, you required to query
ctnetlink from user-space to obtain it. Thus, delaying the packet
processing even more.

Including the conntrack information is optional, you can set it
via NFQA_CFG_F_CONNTRACK flag with the new NFQA_CFG_FLAGS attribute.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/linux/netfilter.h		diff \| blob \| history
include/linux/netfilter/nfnetlink_queue.h		diff \| blob \| history
net/netfilter/core.c		diff \| blob \| history
net/netfilter/nf_conntrack_netlink.c		diff \| blob \| history
net/netfilter/nfnetlink_queue.c		diff \| blob \| history