On Thu, Sep 17, 2015 at 04:04:27PM -0700, Joe Stringer wrote: > This patch adds support for specifying a "helper" or ALG to assist > connection tracking for protocols that consist of multiple streams. > Initially, only support for FTP is included. > > Below is an example set of flows to allow FTP control connections from > port 1->2 to establish active data connections in the reverse direction: > > priority=1,action=drop > priority=10,arp,action=normal > in_port=1,tcp,action=ct(alg=ftp,commit),2 > in_port=2,tcp,ct_state=-trk,action=ct(table=1) > table=1,in_port=2,tcp,ct_state=+trk+est,action=1 > table=1,in_port=2,tcp,ct_state=+trk+rel,action=ct(commit),1 > > Signed-off-by: Joe Stringer <joestrin...@nicira.com> > Acked-by: Jarno Rajahalme <jrajaha...@nicira.com>
Acked-by: Ben Pfaff <b...@nicira.com> _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
