lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[NETFILTER]: ctnetlink: add support for NAT sequence adjustments

Browse Source 
The combination of NAT and helpers may produce TCP sequence adjustments.
In failover setups, this information needs to be replicated in order to
achieve a successful recovery of mangled, related connections. This patch is
particularly useful for conntrackd, see:

http://people.netfilter.org/pablo/conntrack-tools/

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Pablo Neira Ayuso
2007-12-17 22:28:00 -08:00
committed by David S. Miller
parent 170080645d
commit 13eae15a24
4 changed files with 140 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/linux/netfilter/nf_conntrack_common.h
View File

@ -129,6 +129,10 @@ enum ip_conntrack_events
/* Mark is set */
IPCT_MARK_BIT = 12,
IPCT_MARK = (1 << IPCT_MARK_BIT),
/* NAT sequence adjustment */
IPCT_NATSEQADJ_BIT = 13,
IPCT_NATSEQADJ = (1 << IPCT_NATSEQADJ_BIT),
};
enum ip_conntrack_expect_events {

10
include/linux/netfilter/nfnetlink_conntrack.h
View File

@ -37,6 +37,8 @@ enum ctattr_type {
CTA_ID,
CTA_NAT_DST,
CTA_TUPLE_MASTER,
CTA_NAT_SEQ_ADJ_ORIG,
CTA_NAT_SEQ_ADJ_REPLY,
__CTA_MAX
};
#define CTA_MAX (__CTA_MAX - 1)
@ -119,6 +121,14 @@ enum ctattr_protonat {
};
#define CTA_PROTONAT_MAX (__CTA_PROTONAT_MAX - 1)
enum ctattr_natseq {
CTA_NAT_SEQ_CORRECTION_POS,
CTA_NAT_SEQ_OFFSET_BEFORE,
CTA_NAT_SEQ_OFFSET_AFTER,
__CTA_NAT_SEQ_MAX
};
#define CTA_NAT_SEQ_MAX (__CTA_NAT_SEQ_MAX - 1)
enum ctattr_expect {
CTA_EXPECT_UNSPEC,
CTA_EXPECT_MASTER,