Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 1 | /* Header file for kernel module to match connection tracking information. |
| 2 | * GPL (C) 2001 Marc Boucher (marc@mbsi.ca). |
| 3 | */ |
| 4 | |
| 5 | #ifndef _XT_CONNTRACK_H |
| 6 | #define _XT_CONNTRACK_H |
| 7 | |
Jaswinder Singh Rajput | 9df27ba | 2009-01-30 20:00:47 +0530 | [diff] [blame] | 8 | #include <linux/types.h> |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 9 | #include <linux/netfilter/nf_conntrack_tuple_common.h> |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 10 | |
| 11 | #define XT_CONNTRACK_STATE_BIT(ctinfo) (1 << ((ctinfo)%IP_CT_IS_REPLY+1)) |
| 12 | #define XT_CONNTRACK_STATE_INVALID (1 << 0) |
| 13 | |
| 14 | #define XT_CONNTRACK_STATE_SNAT (1 << (IP_CT_NUMBER + 1)) |
| 15 | #define XT_CONNTRACK_STATE_DNAT (1 << (IP_CT_NUMBER + 2)) |
| 16 | #define XT_CONNTRACK_STATE_UNTRACKED (1 << (IP_CT_NUMBER + 3)) |
| 17 | |
| 18 | /* flags, invflags: */ |
Jan Engelhardt | b416499 | 2008-01-31 03:58:24 -0800 | [diff] [blame] | 19 | enum { |
| 20 | XT_CONNTRACK_STATE = 1 << 0, |
| 21 | XT_CONNTRACK_PROTO = 1 << 1, |
| 22 | XT_CONNTRACK_ORIGSRC = 1 << 2, |
| 23 | XT_CONNTRACK_ORIGDST = 1 << 3, |
| 24 | XT_CONNTRACK_REPLSRC = 1 << 4, |
| 25 | XT_CONNTRACK_REPLDST = 1 << 5, |
| 26 | XT_CONNTRACK_STATUS = 1 << 6, |
| 27 | XT_CONNTRACK_EXPIRES = 1 << 7, |
| 28 | XT_CONNTRACK_ORIGSRC_PORT = 1 << 8, |
| 29 | XT_CONNTRACK_ORIGDST_PORT = 1 << 9, |
| 30 | XT_CONNTRACK_REPLSRC_PORT = 1 << 10, |
| 31 | XT_CONNTRACK_REPLDST_PORT = 1 << 11, |
| 32 | XT_CONNTRACK_DIRECTION = 1 << 12, |
| 33 | }; |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 34 | |
| 35 | /* This is exposed to userspace, so remains frozen in time. */ |
| 36 | struct ip_conntrack_old_tuple |
| 37 | { |
| 38 | struct { |
Al Viro | 98a4a86 | 2006-11-08 00:26:51 -0800 | [diff] [blame] | 39 | __be32 ip; |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 40 | union { |
| 41 | __u16 all; |
| 42 | } u; |
| 43 | } src; |
| 44 | |
| 45 | struct { |
Al Viro | 98a4a86 | 2006-11-08 00:26:51 -0800 | [diff] [blame] | 46 | __be32 ip; |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 47 | union { |
| 48 | __u16 all; |
| 49 | } u; |
| 50 | |
| 51 | /* The protocol. */ |
David Woodhouse | 8e1515d | 2006-05-04 01:42:36 +0100 | [diff] [blame] | 52 | __u16 protonum; |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 53 | } dst; |
| 54 | }; |
| 55 | |
| 56 | struct xt_conntrack_info |
| 57 | { |
| 58 | unsigned int statemask, statusmask; |
| 59 | |
| 60 | struct ip_conntrack_old_tuple tuple[IP_CT_DIR_MAX]; |
| 61 | struct in_addr sipmsk[IP_CT_DIR_MAX], dipmsk[IP_CT_DIR_MAX]; |
| 62 | |
| 63 | unsigned long expires_min, expires_max; |
| 64 | |
| 65 | /* Flags word */ |
Arnd Bergmann | 60c195c | 2009-02-26 00:51:43 +0100 | [diff] [blame] | 66 | __u8 flags; |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 67 | /* Inverse flags */ |
Arnd Bergmann | 60c195c | 2009-02-26 00:51:43 +0100 | [diff] [blame] | 68 | __u8 invflags; |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 69 | }; |
Jan Engelhardt | 64eb12f | 2008-01-14 23:40:53 -0800 | [diff] [blame] | 70 | |
| 71 | struct xt_conntrack_mtinfo1 { |
| 72 | union nf_inet_addr origsrc_addr, origsrc_mask; |
| 73 | union nf_inet_addr origdst_addr, origdst_mask; |
| 74 | union nf_inet_addr replsrc_addr, replsrc_mask; |
| 75 | union nf_inet_addr repldst_addr, repldst_mask; |
Arnd Bergmann | 60c195c | 2009-02-26 00:51:43 +0100 | [diff] [blame] | 76 | __u32 expires_min, expires_max; |
| 77 | __u16 l4proto; |
Jan Engelhardt | b416499 | 2008-01-31 03:58:24 -0800 | [diff] [blame] | 78 | __be16 origsrc_port, origdst_port; |
| 79 | __be16 replsrc_port, repldst_port; |
Arnd Bergmann | 60c195c | 2009-02-26 00:51:43 +0100 | [diff] [blame] | 80 | __u16 match_flags, invert_flags; |
| 81 | __u8 state_mask, status_mask; |
Jan Engelhardt | 64eb12f | 2008-01-14 23:40:53 -0800 | [diff] [blame] | 82 | }; |
| 83 | |
Jan Engelhardt | d6d3f08 | 2009-06-29 14:31:46 +0200 | [diff] [blame] | 84 | struct xt_conntrack_mtinfo2 { |
| 85 | union nf_inet_addr origsrc_addr, origsrc_mask; |
| 86 | union nf_inet_addr origdst_addr, origdst_mask; |
| 87 | union nf_inet_addr replsrc_addr, replsrc_mask; |
| 88 | union nf_inet_addr repldst_addr, repldst_mask; |
| 89 | __u32 expires_min, expires_max; |
| 90 | __u16 l4proto; |
| 91 | __be16 origsrc_port, origdst_port; |
| 92 | __be16 replsrc_port, repldst_port; |
| 93 | __u16 match_flags, invert_flags; |
| 94 | __u16 state_mask, status_mask; |
| 95 | }; |
| 96 | |
Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 97 | #endif /*_XT_CONNTRACK_H*/ |