From 2807cc26b8e46eef5f23c06534a853dd48183331 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Wed, 6 Aug 2014 19:00:18 +0200
Subject: Selectively flush conntrack

Record active IP addresses in firewall state file and trigger
conntrack flush for changed IP addresses on firewall reload.

Additionally trigger a complete flush on the first firewall
start in order to clear out streams which might have bypassed
the masquerading rules.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
---
 utils.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'utils.h')

diff --git a/utils.h b/utils.h
index d2e1aa6..834d979 100644
--- a/utils.h
+++ b/utils.h
@@ -28,6 +28,8 @@
 #include <sys/stat.h>
 #include <sys/wait.h>
 #include <sys/file.h>
+#include <sys/types.h>
+#include <ifaddrs.h>
 
 #include <libubox/list.h>
 #include <uci.h>
@@ -99,4 +101,6 @@ int fw3_netmask2bitlen(int family, void *mask);
 
 bool fw3_bitlen2netmask(int family, int bits, void *mask);
 
+void fw3_flush_conntrack(void *zone);
+
 #endif
-- 
cgit v1.2.1