On Thu, Sep 17, 2015 at 04:04:27PM -0700, Joe Stringer wrote: > This patch adds support for specifying a "helper" or ALG to assist > connection tracking for protocols that consist of multiple streams. > Initially, only support for FTP is included. > > Below is an example set of flows to allow FTP control connections from > port 1->2 to establish active data connections in the reverse direction: > > priority=1,action=drop > priority=10,arp,action=normal > in_port=1,tcp,action=ct(alg=ftp,commit),2 > in_port=2,tcp,ct_state=-trk,action=ct(table=1) > table=1,in_port=2,tcp,ct_state=+trk+est,action=1 > table=1,in_port=2,tcp,ct_state=+trk+rel,action=ct(commit),1 > > Signed-off-by: Joe Stringer <[email protected]> > Acked-by: Jarno Rajahalme <[email protected]>
Acked-by: Ben Pfaff <[email protected]> _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
