Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / refs/tags/FP3-REL-Q-3.A.0107 / . / include / net / netfilter / nf_conntrack_tuple.h
blob: aea3f8221be08b2208586900447f363af796440b [file] [log] [blame]
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]1/*
2 * Definitions and Declarations for tuple.
3 *
4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
5 * - generalize L3 protocol dependent part.
6 *
7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_tuple.h
8 */
9
10#ifndef _NF_CONNTRACK_TUPLE_H
11#define _NF_CONNTRACK_TUPLE_H
12
Jan Engelhardt643a2c12007-12-17 22:43:50 -0800[diff] [blame]13#include <linux/netfilter/x_tables.h>
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]14#include <linux/netfilter/nf_conntrack_tuple_common.h>
Eric Dumazetea781f12009-03-25 21:05:46 +0100[diff] [blame]15#include <linux/list_nulls.h>
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]16
17/* A `tuple' is a structure containing the information to uniquely
18 identify a connection. ie. if two packets have the same tuple, they
19 are in the same connection; if not, they are not.
20
21 We divide the structure along "manipulatable" and
22 "non-manipulatable" lines, for the benefit of the NAT code.
23*/
24
Jan Engelhardt643a2c12007-12-17 22:43:50 -0800[diff] [blame]25#define NF_CT_TUPLE_L3SIZE ARRAY_SIZE(((union nf_inet_addr *)NULL)->all)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]26
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]27/* The manipulable part of the tuple. */
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]28struct nf_conntrack_man {
Jan Engelhardt643a2c12007-12-17 22:43:50 -0800[diff] [blame]29 union nf_inet_addr u3;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]30 union nf_conntrack_man_proto u;
31 /* Layer 3 protocol */
32 u_int16_t l3num;
33};
34
35/* This contains the information to distinguish a connection. */
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]36struct nf_conntrack_tuple {
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]37 struct nf_conntrack_man src;
38
39 /* These are the parts of the tuple which are fixed. */
40 struct {
Jan Engelhardt643a2c12007-12-17 22:43:50 -0800[diff] [blame]41 union nf_inet_addr u3;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]42 union {
43 /* Add other protocols here. */
Al Viroa34c4582007-07-26 17:33:19 +0100[diff] [blame]44 __be16 all;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]45
46 struct {
Patrick McHardybff9a892006-12-02 22:05:08 -0800[diff] [blame]47 __be16 port;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]48 } tcp;
49 struct {
Patrick McHardybff9a892006-12-02 22:05:08 -0800[diff] [blame]50 __be16 port;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]51 } udp;
52 struct {
53 u_int8_t type, code;
54 } icmp;
55 struct {
Patrick McHardybff9a892006-12-02 22:05:08 -0800[diff] [blame]56 __be16 port;
Patrick McHardy2bc78042008-03-20 15:15:55 +0100[diff] [blame]57 } dccp;
58 struct {
59 __be16 port;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]60 } sctp;
Patrick McHardyf09943f2006-12-02 22:09:41 -0800[diff] [blame]61 struct {
62 __be16 key;
63 } gre;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]64 } u;
65
66 /* The protocol. */
67 u_int8_t protonum;
68
69 /* The direction (for tuplehash) */
70 u_int8_t dir;
71 } dst;
72};
73
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]74struct nf_conntrack_tuple_mask {
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]75 struct {
Jan Engelhardt643a2c12007-12-17 22:43:50 -0800[diff] [blame]76 union nf_inet_addr u3;
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]77 union nf_conntrack_man_proto u;
78 } src;
79};
80
Patrick McHardyef275592008-03-25 20:07:38 -0700[diff] [blame]81static inline void nf_ct_dump_tuple_ip(const struct nf_conntrack_tuple *t)
82{
83#ifdef DEBUG
Harvey Harrison3685f25d2008-10-31 00:56:49 -0700[diff] [blame]84 printk("tuple %p: %u %pI4:%hu -> %pI4:%hu\n",
Patrick McHardyef275592008-03-25 20:07:38 -0700[diff] [blame]85 t, t->dst.protonum,
Harvey Harrison3685f25d2008-10-31 00:56:49 -0700[diff] [blame]86 &t->src.u3.ip, ntohs(t->src.u.all),
87 &t->dst.u3.ip, ntohs(t->dst.u.all));
Patrick McHardyef275592008-03-25 20:07:38 -0700[diff] [blame]88#endif
89}
90
91static inline void nf_ct_dump_tuple_ipv6(const struct nf_conntrack_tuple *t)
92{
93#ifdef DEBUG
Harvey Harrison5b095d9892008-10-29 12:52:50 -0700[diff] [blame]94 printk("tuple %p: %u %pI6 %hu -> %pI6 %hu\n",
Patrick McHardyef275592008-03-25 20:07:38 -0700[diff] [blame]95 t, t->dst.protonum,
Harvey Harrison0c6ce782008-10-28 16:09:23 -0700[diff] [blame]96 t->src.u3.all, ntohs(t->src.u.all),
97 t->dst.u3.all, ntohs(t->dst.u.all));
Patrick McHardyef275592008-03-25 20:07:38 -0700[diff] [blame]98#endif
99}
100
101static inline void nf_ct_dump_tuple(const struct nf_conntrack_tuple *t)
102{
103 switch (t->src.l3num) {
104 case AF_INET:
105 nf_ct_dump_tuple_ip(t);
106 break;
107 case AF_INET6:
108 nf_ct_dump_tuple_ipv6(t);
109 break;
110 }
111}
112
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]113/* If we're the first tuple, it's the original dir. */
114#define NF_CT_DIRECTION(h) \
115 ((enum ip_conntrack_dir)(h)->tuple.dst.dir)
116
117/* Connections have two entries in the hash table: one for each way */
Eric Dumazetea781f12009-03-25 21:05:46 +0100[diff] [blame]118struct nf_conntrack_tuple_hash {
119 struct hlist_nulls_node hnnode;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]120 struct nf_conntrack_tuple tuple;
121};
122
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]123static inline bool __nf_ct_tuple_src_equal(const struct nf_conntrack_tuple *t1,
124 const struct nf_conntrack_tuple *t2)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]125{
Patrick McHardyb8beedd2008-03-25 20:09:33 -0700[diff] [blame]126 return (nf_inet_addr_cmp(&t1->src.u3, &t2->src.u3) &&
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]127 t1->src.u.all == t2->src.u.all &&
Patrick McHardy380517d2008-01-31 04:40:04 -0800[diff] [blame]128 t1->src.l3num == t2->src.l3num);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]129}
130
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]131static inline bool __nf_ct_tuple_dst_equal(const struct nf_conntrack_tuple *t1,
132 const struct nf_conntrack_tuple *t2)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]133{
Patrick McHardyb8beedd2008-03-25 20:09:33 -0700[diff] [blame]134 return (nf_inet_addr_cmp(&t1->dst.u3, &t2->dst.u3) &&
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]135 t1->dst.u.all == t2->dst.u.all &&
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]136 t1->dst.protonum == t2->dst.protonum);
137}
138
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]139static inline bool nf_ct_tuple_equal(const struct nf_conntrack_tuple *t1,
140 const struct nf_conntrack_tuple *t2)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]141{
Patrick McHardy380517d2008-01-31 04:40:04 -0800[diff] [blame]142 return __nf_ct_tuple_src_equal(t1, t2) &&
143 __nf_ct_tuple_dst_equal(t1, t2);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]144}
145
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]146static inline bool
147nf_ct_tuple_mask_equal(const struct nf_conntrack_tuple_mask *m1,
148 const struct nf_conntrack_tuple_mask *m2)
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]149{
Patrick McHardyb8beedd2008-03-25 20:09:33 -0700[diff] [blame]150 return (nf_inet_addr_cmp(&m1->src.u3, &m2->src.u3) &&
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]151 m1->src.u.all == m2->src.u.all);
152}
153
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]154static inline bool
155nf_ct_tuple_src_mask_cmp(const struct nf_conntrack_tuple *t1,
156 const struct nf_conntrack_tuple *t2,
157 const struct nf_conntrack_tuple_mask *mask)
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]158{
159 int count;
160
161 for (count = 0; count < NF_CT_TUPLE_L3SIZE; count++) {
162 if ((t1->src.u3.all[count] ^ t2->src.u3.all[count]) &
163 mask->src.u3.all[count])
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]164 return false;
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]165 }
166
167 if ((t1->src.u.all ^ t2->src.u.all) & mask->src.u.all)
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]168 return false;
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]169
170 if (t1->src.l3num != t2->src.l3num ||
171 t1->dst.protonum != t2->dst.protonum)
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]172 return false;
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]173
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]174 return true;
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]175}
176
Jan Engelhardt5f2b4c92008-04-14 11:15:53 +0200[diff] [blame]177static inline bool
178nf_ct_tuple_mask_cmp(const struct nf_conntrack_tuple *t,
179 const struct nf_conntrack_tuple *tuple,
180 const struct nf_conntrack_tuple_mask *mask)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]181{
Patrick McHardyd4156e82007-07-07 22:31:32 -0700[diff] [blame]182 return nf_ct_tuple_src_mask_cmp(t, tuple, mask) &&
Patrick McHardy380517d2008-01-31 04:40:04 -0800[diff] [blame]183 __nf_ct_tuple_dst_equal(t, tuple);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]184}
185
186#endif /* _NF_CONNTRACK_TUPLE_H */