]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c4a6b0d) | patch
libxt_CT: add --timeout option
authorPablo Neira Ayuso <pablo@netfilter.org>
Wed, 29 Feb 2012 12:48:36 +0000 (13:48 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 2 Apr 2012 11:37:49 +0000 (13:37 +0200)
commite8f32983048d6aa4a908b6a92da55fa71c859623
tree7e3240694e7a06115f68fb04e61efd6038c0e62btree
parentc4a6b0d437b02458fb3cb827b694fd94b3fbe044commit | diff
libxt_CT: add --timeout option

This patch adds the --timeout option to allow to attach timeout
policy objects to flows, eg.

 iptables -I PREROUTING -t raw -s 1.1.1.1 -p tcp \
  -j CT --timeout custom-tcp-policy

You need the nfct(8) tool which is available at:
http://git.netfilter.org/cgi-bin/gitweb.cgi?p=nfct.git
To define the cttimeout policies.

Example of usage:
 nfct timeout add custom-tcp-policy inet tcp established 1000

The new nfct tool also requires libnetfilter_cttimeout:
http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_cttimeout.git

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
extensions/libxt_CT.c diff | blob | blame | history
extensions/libxt_CT.man diff | blob | blame | history
include/linux/netfilter/xt_CT.h diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables