netfilter: add generic flow table infrastructure

This patch defines the API to interact with flow tables, this allows to add, delete and lookup for entries in the flow table. This also adds the generic garbage code that removes entries that have expired, ie. no traffic has been seen for a while. Users of the flow table infrastructure can delete entries via flow_offload_dead(), which sets the dying bit, this signals the garbage collector to release an entry from user context. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2018-01-07 01:04:11 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2018-01-08 18:11:07 +0100
commit: ac2a66665e231847cab11b8c8e844ce43207dd2e (patch)
tree: dd5d483bb69fe147b5a52bee86dd7c3f09e653a5 /net/netfilter/Kconfig
parent: 3b49e2e94e6ebb8b23d0955d9e898254455734f8 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index af3d9f721b3f..264ce877ef49 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -657,6 +657,13 @@ endif # NF_TABLES_NETDEV
 
 endif # NF_TABLES
 
+config NF_FLOW_TABLE
+	tristate "Netfilter flow table module"
+	help
+	  This option adds the flow table core infrastructure.
+
+	  To compile it as a module, choose M here.
+
 config NETFILTER_XTABLES
 	tristate "Netfilter Xtables support (required for ip_tables)"
 	default m if NETFILTER_ADVANCED=n
author	Pablo Neira Ayuso <pablo@netfilter.org>	2018-01-07 01:04:11 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-01-08 18:11:07 +0100
commit	ac2a66665e231847cab11b8c8e844ce43207dd2e (patch)
tree	dd5d483bb69fe147b5a52bee86dd7c3f09e653a5 /net/netfilter/Kconfig
parent	3b49e2e94e6ebb8b23d0955d9e898254455734f8 (diff)