make "add rule filter input ct label set ct label | bar" work. First patch is a cleanup and moves xt specific code to xt_connlabel. Second patch is a fix to the clabel replace function to not emit an event in case old and new are the same (this isn't a problem for xtables since it doesn't use nf_connlabels_replace). Last patch adds nft_ct set support. Let me know if you spot any problems with this approach. I'm especially interested in the userspace side, see patch #3 for example. include/net/netfilter/nf_conntrack_labels.h | 3 - net/netfilter/nf_conntrack_labels.c | 50 +++++----------------------- net/netfilter/nft_ct.c | 31 +++++++++++++++++ net/netfilter/xt_connlabel.c | 38 ++++++++++++++++++++- 4 files changed, 77 insertions(+), 45 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
