summaryrefslogtreecommitdiffstats
path: root/include/uapi/linux/netfilter/nf_tables.h
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2017-01-17 22:51:26 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2017-02-08 14:14:09 +0100
commitc078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 (patch)
treebebb843cfdedd03db69bcec8981e66503079f1ca /include/uapi/linux/netfilter/nf_tables.h
parent6e7bc478c9a006c701c14476ec9d389a484b4864 (diff)
netfilter: nft_exthdr: Add support for existence check
If NFT_EXTHDR_F_PRESENT is set, exthdr will not copy any header field data into *dest, but instead set it to 1 if the header is found and 0 otherwise. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/uapi/linux/netfilter/nf_tables.h')
-rw-r--r--include/uapi/linux/netfilter/nf_tables.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h
index 7b730cab99bd..53aac8b8ed6b 100644
--- a/include/uapi/linux/netfilter/nf_tables.h
+++ b/include/uapi/linux/netfilter/nf_tables.h
@@ -704,6 +704,10 @@ enum nft_payload_attributes {
};
#define NFTA_PAYLOAD_MAX (__NFTA_PAYLOAD_MAX - 1)
+enum nft_exthdr_flags {
+ NFT_EXTHDR_F_PRESENT = (1 << 0),
+};
+
/**
* enum nft_exthdr_attributes - nf_tables IPv6 extension header expression netlink attributes
*
@@ -711,6 +715,7 @@ enum nft_payload_attributes {
* @NFTA_EXTHDR_TYPE: extension header type (NLA_U8)
* @NFTA_EXTHDR_OFFSET: extension header offset (NLA_U32)
* @NFTA_EXTHDR_LEN: extension header length (NLA_U32)
+ * @NFTA_EXTHDR_FLAGS: extension header flags (NLA_U32)
*/
enum nft_exthdr_attributes {
NFTA_EXTHDR_UNSPEC,
@@ -718,6 +723,7 @@ enum nft_exthdr_attributes {
NFTA_EXTHDR_TYPE,
NFTA_EXTHDR_OFFSET,
NFTA_EXTHDR_LEN,
+ NFTA_EXTHDR_FLAGS,
__NFTA_EXTHDR_MAX
};
#define NFTA_EXTHDR_MAX (__NFTA_EXTHDR_MAX - 1)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 12:38:33 +0000