diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-01-03 21:02:18 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-01-03 21:04:23 +0100 |
commit | 502061f81d3eb4518d2e72178e494a8547788ad0 (patch) | |
tree | ed6697361ecf824620c428b0ad5cc221bd67351b /include/net | |
parent | netfilter: nft_limit: allow to invert matching criteria (diff) | |
download | linux-502061f81d3eb4518d2e72178e494a8547788ad0.tar.xz linux-502061f81d3eb4518d2e72178e494a8547788ad0.zip |
netfilter: nf_tables: add packet duplication to the netdev family
You can use this to duplicate packets and inject them at the egress path
of the specified interface. This duplication allows you to inspect
traffic from the dummy or any other interface dedicated to this purpose.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netfilter/nf_dup_netdev.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_dup_netdev.h b/include/net/netfilter/nf_dup_netdev.h new file mode 100644 index 000000000000..397dcae349f9 --- /dev/null +++ b/include/net/netfilter/nf_dup_netdev.h @@ -0,0 +1,6 @@ +#ifndef _NF_DUP_NETDEV_H_ +#define _NF_DUP_NETDEV_H_ + +void nf_dup_netdev_egress(const struct nft_pktinfo *pkt, int oif); + +#endif |