Re: [PATCH] netfilter: conntrack do not print ah and esp as unknown via /proc

[Pablo Neira Ayuso]

On Fri, Feb 21, 2025 at 10:21:53AM +0000, wh_bin@xxxxxxx wrote:
> From: hongbin wang <wh_bin@xxxxxxx>
> 
> /proc/net/nf_conntrack shows ah and esp as unknown.

there are no AH and ESP trackers in conntrack this far, that is why
they are shown as unknown.

> Signed-off-by: hongbin wang <wh_bin@xxxxxxx>
> ---
>  net/netfilter/nf_conntrack_standalone.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
> index 502cf10aab41..29fb5a07a6c2 100644
> --- a/net/netfilter/nf_conntrack_standalone.c
> +++ b/net/netfilter/nf_conntrack_standalone.c
> @@ -266,6 +266,8 @@ static const char* l4proto_name(u16 proto)
>  	case IPPROTO_SCTP: return "sctp";
>  	case IPPROTO_UDPLITE: return "udplite";
>  	case IPPROTO_ICMPV6: return "icmpv6";
> +	case IPPROTO_ESP: return "esp";
> +	case IPPROTO_AH: return "ah";
>  	}
>  
>  	return "unknown";
> -- 
> 2.34.1
>