-
Notifications
You must be signed in to change notification settings - Fork 11
/
colo-patch-for-kernel.patch
76 lines (70 loc) · 2.43 KB
/
colo-patch-for-kernel.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
From 062e2d075819e810a1b2eac6a4cc11b66e205cf0 Mon Sep 17 00:00:00 2001
From: Gao feng <[email protected]>
Date: Tue, 27 Jan 2015 17:33:09 +0800
Subject: [PATCH] colo patch for kernel
Signed-off-by: Gao feng <[email protected]>
---
include/net/netfilter/nf_conntrack_extend.h | 2 ++
include/uapi/linux/netfilter/nf_conntrack_common.h | 4 ++++
include/uapi/linux/netfilter/xt_COLO.h | 19 +++++++++++++++++++
3 files changed, 25 insertions(+)
create mode 100644 include/uapi/linux/netfilter/xt_COLO.h
diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h
index 55d1504..ad577cd 100644
--- a/include/net/netfilter/nf_conntrack_extend.h
+++ b/include/net/netfilter/nf_conntrack_extend.h
@@ -30,6 +30,7 @@ enum nf_ct_ext_id {
#if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
NF_CT_EXT_SYNPROXY,
#endif
+ NF_CT_EXT_COLO,
NF_CT_EXT_NUM,
};
@@ -43,6 +44,7 @@ enum nf_ct_ext_id {
#define NF_CT_EXT_TIMEOUT_TYPE struct nf_conn_timeout
#define NF_CT_EXT_LABELS_TYPE struct nf_conn_labels
#define NF_CT_EXT_SYNPROXY_TYPE struct nf_conn_synproxy
+#define NF_CT_EXT_COLO_TYPE struct nf_conn_colo
/* Extensions: optional stuff which isn't permanently in struct. */
struct nf_ct_ext {
diff --git a/include/uapi/linux/netfilter/nf_conntrack_common.h b/include/uapi/linux/netfilter/nf_conntrack_common.h
index 319f471..6e44fbd 100644
--- a/include/uapi/linux/netfilter/nf_conntrack_common.h
+++ b/include/uapi/linux/netfilter/nf_conntrack_common.h
@@ -91,6 +91,10 @@ enum ip_conntrack_status {
/* Conntrack got a helper explicitly attached via CT target. */
IPS_HELPER_BIT = 13,
IPS_HELPER = (1 << IPS_HELPER_BIT),
+
+ /* Conntrack is a colo template */
+ IPS_COLO_TEMPLATE_BIT = 14,
+ IPS_COLO_TEMPLATE = (1 << IPS_COLO_TEMPLATE_BIT),
};
/* Connection tracking event types */
diff --git a/include/uapi/linux/netfilter/xt_COLO.h b/include/uapi/linux/netfilter/xt_COLO.h
new file mode 100644
index 0000000..8b510ab
--- /dev/null
+++ b/include/uapi/linux/netfilter/xt_COLO.h
@@ -0,0 +1,19 @@
+#ifndef _XT_COLO_TARGET_H
+#define _XT_COLO_TARGET_H
+
+#include <linux/types.h>
+
+struct xt_colo_primary_info {
+ u32 index;
+
+ /* for kernel module internal use only */
+ struct colo_primary *colo __attribute__((aligned(8)));
+};
+
+struct xt_colo_secondary_info {
+ u32 index;
+
+ /* for kernel module internal use only */
+ struct colo_secondary *colo __attribute__((aligned(8)));
+};
+#endif
--
2.1.0