The 'id' key returns the id of the connection entry
Signed-off-by: Brett Mastbergen <bmastbergen@xxxxxxxxxxxx>
---
include/linux/netfilter/nf_tables.h | 2 ++
src/expr/ct.c | 1 +
2 files changed, 3 insertions(+)
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index fd38cdc..6da0bf5 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -978,6 +978,7 @@ enum nft_osf_attributes {
* @NFT_CT_SRC_IP6: conntrack layer 3 protocol source (IPv6 address)
* @NFT_CT_DST_IP6: conntrack layer 3 protocol destination (IPv6 address)
* @NFT_CT_TIMEOUT: connection tracking timeout policy assigned to conntrack
+ * @NFT_CT_ID: conntrack id
*/
enum nft_ct_keys {
NFT_CT_STATE,
@@ -1004,6 +1005,7 @@ enum nft_ct_keys {
NFT_CT_SRC_IP6,
NFT_CT_DST_IP6,
NFT_CT_TIMEOUT,
+ NFT_CT_ID,
__NFT_CT_MAX
};
#define NFT_CT_MAX (__NFT_CT_MAX - 1)
diff --git a/src/expr/ct.c b/src/expr/ct.c
index b9ca2dc..124de9d 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -172,6 +172,7 @@ static const char *ctkey2str_array[NFT_CT_MAX + 1] = {
[NFT_CT_DST_IP] = "dst_ip",
[NFT_CT_SRC_IP6] = "src_ip6",
[NFT_CT_DST_IP6] = "dst_ip6",
+ [NFT_CT_ID] = "id",
};
static const char *ctkey2str(uint32_t ctkey)
--
2.11.0
