summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorJeremy Sowden <jeremy@azazel.net>2023-05-09 22:19:45 +0100
committerFlorian Westphal <fw@strlen.de>2023-05-18 08:48:54 +0200
commitb9f9a485fb0eb80b0e2b90410b28cbb9b0e85687 (patch)
treedb9da6e7738d3cc83ac2b5a65949f4e46696cecc /include
parentd4b7f29eb85c93893bc27388b37709efbc3c9a0e (diff)
downloadlinux-b9f9a485fb0eb80b0e2b90410b28cbb9b0e85687.tar.gz
linux-b9f9a485fb0eb80b0e2b90410b28cbb9b0e85687.tar.bz2
linux-b9f9a485fb0eb80b0e2b90410b28cbb9b0e85687.zip
netfilter: nft_exthdr: add boolean DCCP option matching
The xt_dccp iptables module supports the matching of DCCP packets based on the presence or absence of DCCP options. Extend nft_exthdr to add this functionality to nftables. Link: https://bugzilla.netfilter.org/show_bug.cgi?id=930 Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'include')
-rw-r--r--include/uapi/linux/netfilter/nf_tables.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h
index c4d4d8e42dc8..e059dc2644df 100644
--- a/include/uapi/linux/netfilter/nf_tables.h
+++ b/include/uapi/linux/netfilter/nf_tables.h
@@ -859,12 +859,14 @@ enum nft_exthdr_flags {
* @NFT_EXTHDR_OP_TCP: match against tcp options
* @NFT_EXTHDR_OP_IPV4: match against ipv4 options
* @NFT_EXTHDR_OP_SCTP: match against sctp chunks
+ * @NFT_EXTHDR_OP_DCCP: match against dccp otions
*/
enum nft_exthdr_op {
NFT_EXTHDR_OP_IPV6,
NFT_EXTHDR_OP_TCPOPT,
NFT_EXTHDR_OP_IPV4,
NFT_EXTHDR_OP_SCTP,
+ NFT_EXTHDR_OP_DCCP,
__NFT_EXTHDR_OP_MAX
};
#define NFT_EXTHDR_OP_MAX (__NFT_EXTHDR_OP_MAX - 1)
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-03 20:04:30 +0000