summaryrefslogtreecommitdiffstats
path: root/include/uapi/linux/netfilter/nf_conntrack_common.h
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-03-20 12:33:51 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2018-03-20 14:39:31 +0100
commit20710b3b81895c89e92bcc32ce85c0bede1171f8 (patch)
tree5c30b92f59ca013c86a87f55fd4c01eb71cf1cfd /include/uapi/linux/netfilter/nf_conntrack_common.h
parent5191d70f83fd1878c40029cffe69f6a2bf65fa0e (diff)
netfilter: ctnetlink: synproxy support
This patch exposes synproxy information per-conntrack. Moreover, send sequence adjustment events once server sends us the SYN,ACK packet, so we can synchronize the sequence adjustment too for packets going as reply from the server, as part of the synproxy logic. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/uapi/linux/netfilter/nf_conntrack_common.h')
-rw-r--r--include/uapi/linux/netfilter/nf_conntrack_common.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_conntrack_common.h b/include/uapi/linux/netfilter/nf_conntrack_common.h
index 9574bd40870b..c712eb6879f1 100644
--- a/include/uapi/linux/netfilter/nf_conntrack_common.h
+++ b/include/uapi/linux/netfilter/nf_conntrack_common.h
@@ -129,6 +129,7 @@ enum ip_conntrack_events {
IPCT_NATSEQADJ = IPCT_SEQADJ,
IPCT_SECMARK, /* new security mark has been set */
IPCT_LABEL, /* new connlabel has been set */
+ IPCT_SYNPROXY, /* synproxy has been set */
#ifdef __KERNEL__
__IPCT_MAX
#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 23:16:02 +0000