This adds support to set the conntrack helper from nftables, using nft set ct helper "foo" syntax. Helpers are defined through the objref infrastructure. Open question: should NFT_MSG_GETOBJ_RESET get rejected for this new type? A future patch could extend the attributes so we can also handle module specific settings, such as ftp loose mode, or configure the number of allowed expectations. include/net/netfilter/nf_tables.h | 3 ++- include/net/netfilter/nf_tables.h | 3 include/uapi/linux/netfilter/nf_tables.h | 12 +- net/netfilter/nf_tables_api.c | 7 - net/netfilter/nft_counter.c | 3 net/netfilter/nft_ct.c | 171 +++++++++++++++++++++++++++++++ net/netfilter/nft_quota.c | 3 6 files changed, 192 insertions(+), 7 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
