apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity

netfilter: nf_conntrack: add support for "conntrack zones"

Browse Source 
Normally, each connection needs a unique identity. Conntrack zones allow
to specify a numerical zone using the CT target, connections in different
zones can use the same identity.

Example:

iptables -t raw -A PREROUTING -i veth0 -j CT --zone 1
iptables -t raw -A OUTPUT -o veth1 -j CT --zone 1

Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Patrick McHardy
2010-02-15 18:13:33 +01:00
parent 8fea97ec17
commit 5d0aa2ccd4
25 changed files with 235 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/linux/netfilter/xt_CT.h
+1 -1
View File
@@ -5,7 +5,7 @@
struct xt_ct_target_info {
u_int16_t flags;
u_int16_t __unused;
u_int16_t zone;
u_int32_t ct_events;
u_int32_t exp_events;
char helper[16];