Add support for connection tracking helper/ALGs.

This patch adds support for specifying a "helper" or ALG to assist connection tracking for protocols that consist of multiple streams. Initially, only support for FTP is included. Below is an example set of flows to allow FTP control connections from port 1->2 to establish active data connections in the reverse direction: table=0,priority=1,action=drop table=0,arp,action=normal table=0,in_port=1,tcp,action=ct(alg=ftp,commit),2 table=0,in_port=2,tcp,ct_state=-trk,action=ct(table=1) table=1,in_port=2,tcp,ct_state=+trk+est,action=1 table=1,in_port=2,tcp,ct_state=+trk+rel,action=ct(commit),1 Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
author: Joe Stringer <joestringer@nicira.com> 2015-09-15 14:29:16 -0700
committer: Joe Stringer <joestringer@nicira.com> 2015-10-13 15:34:16 -0700
commit: d787ad39b8eb8fb9136837e1c65d0a18a1056eda (patch)
tree: c233e0ce5d00b526d3316c4c70028b2156f39123 /include/windows
parent: 9daf23484fb1f0d8fe8bf807a82c3d5b571a3dea (diff)
download: openvswitch-d787ad39b8eb8fb9136837e1c65d0a18a1056eda.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/include/windows/netinet/in.h b/include/windows/netinet/in.h
index 7143cf537..e4169994b 100644
--- a/include/windows/netinet/in.h
+++ b/include/windows/netinet/in.h
@@ -18,5 +18,6 @@
 #define __NETINET_IN_H 1
 
 #define IPPROTO_GRE 47
+#define IPPORT_FTP 21
 
 #endif /* netinet/in.h */
author	Joe Stringer <joestringer@nicira.com>	2015-09-15 14:29:16 -0700
committer	Joe Stringer <joestringer@nicira.com>	2015-10-13 15:34:16 -0700
commit	d787ad39b8eb8fb9136837e1c65d0a18a1056eda (patch)
tree	c233e0ce5d00b526d3316c4c70028b2156f39123 /include/windows
parent	9daf23484fb1f0d8fe8bf807a82c3d5b571a3dea (diff)
download	openvswitch-d787ad39b8eb8fb9136837e1c65d0a18a1056eda.tar.gz