summaryrefslogtreecommitdiff
path: root/src/cthelper.c
AgeCommit message (Collapse)Author
2015-08-18conntrackd: fix error handling in nfq_queue_cb()Pablo Neira Ayuso
Make sure we have a clean exit on error, everything needs to be properly released. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-06-12cthelper: Optimise nfq_queue_cbPaul Aitken
ct and myct have both already been checked for non-NULL, so there's no need to check either of them again later. Signed-off-by: Paul Aitken <paitken@brocade.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-05-21cthelper: don't pass up a 0 length queueChas Williams III
If the user didn't specify a queue length in the configuration file it will have a length of 0. Allow the kernel's default to take precedence instead. Signed-off-by: Charles (Chas) Williams <ciwillia@brocade.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-05-21src: Define _GNU_SOURCE to get members of tcphdr&ucphdrFelix Janda
The source uses linux names for members of tcphdr. For example "source" instead of "th_sport", ... musl libc's headers need _GNU_SOURCE defined in order to expose these. Signed-off-by: Felix Janda <felix.janda@posteo.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-09-26conntrackd: cthelper: allow to attach expectations via nfqueuePablo Neira Ayuso
This requires the Linux kernel 3.12. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-06-07cthelper: helpers may not use private information areaPablo Neira Ayuso
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-06-07cthelper: add IPv6 supportPablo Neira Ayuso
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-09-10conntrackd: cthelper: add QueueLen optionPablo Neira Ayuso
This patch adds the QueueLen option, that allows you to increase the maximum number of packets waiting in the nfnetlink_queue to receive a verdict from userspace. Rising the default value (1024) is useful to avoid hitting the following error message: "nf_queue: full at X entries, dropping packets(s)". Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-08-01conntrackd: add cthelper infrastructure (+ example FTP helper)Pablo Neira Ayuso
This patch adds the user-space helper infrastructure. It also contains the implementation of the FTP helper in user-space. There's one example file that you can use to configure conntrackd as user-space connection tracking helper under: doc/helper/conntrackd.conf Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>