On Thu, 9 Oct 2008, Pablo Neira Ayuso wrote:
This patch adds support for the explicit helper assignment to
libnetfilter_conntrack. You can use it to test the load-on-demand helper
modules via ctnetlink.
<CUT>
+enum nf_conntrack_helper_id {
+ NFCT_HELPER_UNSPEC = 0,
+ NFCT_HELPER_AMANDA,
+ NFCT_HELPER_FTP,
+ NFCT_HELPER_H323,
+ NFCT_HELPER_IRC = 4,
+ NFCT_HELPER_NETBIOS_NS,
+ NFCT_HELPER_PPTP,
+ NFCT_HELPER_SANE,
+ NFCT_HELPER_SIP = 8,
+ NFCT_HELPER_TFTP,
+ NFCT_HELPER_MAX
+};
+
/* message type */
enum nf_conntrack_msg_type {
NFCT_T_UNKNOWN = 0,
diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index 1bc87f9..8c7cb7f 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -308,6 +308,38 @@ void __build_secmark(struct nfnlhdr *req,
nfnl_addattr32(&req->nlh, size, CTA_SECMARK, htonl(ct->secmark));
}
+const char *helper_id_to_name[] = {
+ [NFCT_HELPER_UNSPEC] = "unknown-helper",
+ [NFCT_HELPER_AMANDA] = "amanda",
+ [NFCT_HELPER_FTP] = "ftp",
+ [NFCT_HELPER_H323] = "h323",
+ [NFCT_HELPER_IRC] = "irc",
+ [NFCT_HELPER_NETBIOS_NS] = "netbios_ns",
+ [NFCT_HELPER_PPTP] = "pptp",
+ [NFCT_HELPER_SANE] = "sane",
+ [NFCT_HELPER_SIP] = "sip",
+ [NFCT_HELPER_TFTP] = "tftp",
+};
+
Any chances to make it more frendly to new helpers and compatible with
out-of-tree helpers by registering a name directly from a helper and using
it? We may for example introduce something like /proc/net/nf_helpers.
Best regards,
Krzysztof Olędzki
