summaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2016-01-03 21:02:18 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2016-01-03 21:04:23 +0100
commit502061f81d3eb4518d2e72178e494a8547788ad0 (patch)
treeed6697361ecf824620c428b0ad5cc221bd67351b /include/net
parentnetfilter: nft_limit: allow to invert matching criteria (diff)
downloadlinux-502061f81d3eb4518d2e72178e494a8547788ad0.tar.xz
linux-502061f81d3eb4518d2e72178e494a8547788ad0.zip
netfilter: nf_tables: add packet duplication to the netdev family
You can use this to duplicate packets and inject them at the egress path of the specified interface. This duplication allows you to inspect traffic from the dummy or any other interface dedicated to this purpose. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netfilter/nf_dup_netdev.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_dup_netdev.h b/include/net/netfilter/nf_dup_netdev.h
new file mode 100644
index 000000000000..397dcae349f9
--- /dev/null
+++ b/include/net/netfilter/nf_dup_netdev.h
@@ -0,0 +1,6 @@
+#ifndef _NF_DUP_NETDEV_H_
+#define _NF_DUP_NETDEV_H_
+
+void nf_dup_netdev_egress(const struct nft_pktinfo *pkt, int oif);
+
+#endif