diff options
| author |  Pablo Neira Ayuso <pablo@netfilter.org>
| 2016-01-03 21:02:18 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org>
| 2016-01-03 21:04:23 +0100 |
| commit | 502061f81d3eb4518d2e72178e494a8547788ad0 (patch) | |
| tree | ed6697361ecf824620c428b0ad5cc221bd67351b /net/netfilter/Kconfig | |
| parent | netfilter: nft_limit: allow to invert matching criteria (diff) | |
| download | linux-502061f81d3eb4518d2e72178e494a8547788ad0.tar.gz linux-502061f81d3eb4518d2e72178e494a8547788ad0.tar.bz2 linux-502061f81d3eb4518d2e72178e494a8547788ad0.zip | |
netfilter: nf_tables: add packet duplication to the netdev family
You can use this to duplicate packets and inject them at the egress path
of the specified interface. This duplication allows you to inspect
traffic from the dummy or any other interface dedicated to this purpose.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/Kconfig')
| -rw-r--r-- | net/netfilter/Kconfig | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index 4692782b5280..8514cc4b22a8 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -563,6 +563,22 @@ config NFT_COMPAT x_tables match/target extensions over the nf_tables framework. +if NF_TABLES_NETDEV + +config NF_DUP_NETDEV + tristate "Netfilter packet duplication support" + help + This option enables the generic packet duplication infrastructure + for Netfilter. + +config NFT_DUP_NETDEV + tristate "Netfilter nf_tables netdev packet duplication support" + select NF_DUP_NETDEV + help + This option enables packet duplication for the "netdev" family. + +endif # NF_TABLES_NETDEV + endif # NF_TABLES config NETFILTER_XTABLES |