Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 1d45ee333c2c4b1758abbd3e89c32dfd5d56342f / . / include / net / netfilter / nf_conntrack_l4proto.h
blob: e3d3ee3c06a2cc477fb2b85acf33090a2ef3496e [file] [log] [blame]
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]1/*
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]2 * Header for use in defining a given L4 protocol for connection tracking.
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]3 *
4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
5 * - generalized L3 protocol dependent part.
6 *
7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h
8 */
9
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]10#ifndef _NF_CONNTRACK_L4PROTO_H
11#define _NF_CONNTRACK_L4PROTO_H
Patrick McHardydf6fb862007-09-28 14:37:03 -0700[diff] [blame]12#include <linux/netlink.h>
Patrick McHardyf73e9242007-09-28 14:39:55 -0700[diff] [blame]13#include <net/netlink.h>
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]14#include <net/netfilter/nf_conntrack.h>
15
16struct seq_file;
17
Eric Dumazetfd2c3ef2009-11-03 03:26:03 +0000[diff] [blame]18struct nf_conntrack_l4proto {
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]19 /* L3 Protocol number. */
20 u_int16_t l3proto;
21
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]22 /* L4 Protocol number. */
23 u_int8_t l4proto;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]24
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]25 /* Try to fill in the third arg: dataoff is offset past network protocol
26 hdr. Return true if possible. */
Jan Engelhardt09f263c2008-04-14 11:15:53 +0200[diff] [blame]27 bool (*pkt_to_tuple)(const struct sk_buff *skb, unsigned int dataoff,
28 struct nf_conntrack_tuple *tuple);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]29
30 /* Invert the per-proto part of the tuple: ie. turn xmit into reply.
31 * Some packets can't be inverted: return 0 in that case.
32 */
Jan Engelhardt09f263c2008-04-14 11:15:53 +0200[diff] [blame]33 bool (*invert_tuple)(struct nf_conntrack_tuple *inverse,
34 const struct nf_conntrack_tuple *orig);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]35
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]36 /* Returns verdict for packet, or -1 for invalid. */
Patrick McHardyc88130b2008-01-31 04:42:11 -0800[diff] [blame]37 int (*packet)(struct nf_conn *ct,
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]38 const struct sk_buff *skb,
39 unsigned int dataoff,
40 enum ip_conntrack_info ctinfo,
Jan Engelhardt76108ce2008-10-08 11:35:00 +0200[diff] [blame]41 u_int8_t pf,
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]42 unsigned int hooknum);
43
44 /* Called when a new connection for this protocol found;
45 * returns TRUE if it's OK. If so, packet() called next. */
Jan Engelhardt09f263c2008-04-14 11:15:53 +0200[diff] [blame]46 bool (*new)(struct nf_conn *ct, const struct sk_buff *skb,
47 unsigned int dataoff);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]48
49 /* Called when a conntrack entry is destroyed */
Patrick McHardyc88130b2008-01-31 04:42:11 -0800[diff] [blame]50 void (*destroy)(struct nf_conn *ct);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]51
Patrick McHardy8fea97e2010-02-15 17:45:08 +0100[diff] [blame]52 int (*error)(struct net *net, struct nf_conn *tmpl, struct sk_buff *skb,
53 unsigned int dataoff, enum ip_conntrack_info *ctinfo,
Jan Engelhardt76108ce2008-10-08 11:35:00 +0200[diff] [blame]54 u_int8_t pf, unsigned int hooknum);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]55
Patrick McHardyffaa9c12008-01-31 04:41:14 -0800[diff] [blame]56 /* Print out the per-protocol part of the tuple. Return like seq_* */
57 int (*print_tuple)(struct seq_file *s,
58 const struct nf_conntrack_tuple *);
59
60 /* Print out the private part of the conntrack. */
Patrick McHardy440f0d52009-06-10 14:32:47 +0200[diff] [blame]61 int (*print_conntrack)(struct seq_file *s, struct nf_conn *);
Patrick McHardyffaa9c12008-01-31 04:41:14 -0800[diff] [blame]62
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]63 /* convert protoinfo to nfnetink attributes */
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]64 int (*to_nlattr)(struct sk_buff *skb, struct nlattr *nla,
Patrick McHardy440f0d52009-06-10 14:32:47 +0200[diff] [blame]65 struct nf_conn *ct);
Holger Eitzenbergerd0dba722009-03-25 18:24:48 +0100[diff] [blame]66 /* Calculate protoinfo nlattr size */
67 int (*nlattr_size)(void);
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]68
69 /* convert nfnetlink attributes to protoinfo */
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]70 int (*from_nlattr)(struct nlattr *tb[], struct nf_conn *ct);
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]71
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]72 int (*tuple_to_nlattr)(struct sk_buff *skb,
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]73 const struct nf_conntrack_tuple *t);
Holger Eitzenbergerd0dba722009-03-25 18:24:48 +0100[diff] [blame]74 /* Calculate tuple nlattr size */
75 int (*nlattr_tuple_size)(void);
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]76 int (*nlattr_to_tuple)(struct nlattr *tb[],
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]77 struct nf_conntrack_tuple *t);
Patrick McHardyf73e9242007-09-28 14:39:55 -0700[diff] [blame]78 const struct nla_policy *nla_policy;
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]79
Holger Eitzenbergerd0dba722009-03-25 18:24:48 +0100[diff] [blame]80 size_t nla_size;
81
Patrick McHardyd62f9ed2006-11-29 02:35:17 +0100[diff] [blame]82#ifdef CONFIG_SYSCTL
83 struct ctl_table_header **ctl_table_header;
84 struct ctl_table *ctl_table;
85 unsigned int *ctl_table_users;
Patrick McHardya999e682006-11-29 02:35:20 +0100[diff] [blame]86#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
87 struct ctl_table_header *ctl_compat_table_header;
88 struct ctl_table *ctl_compat_table;
89#endif
90#endif
Patrick McHardyffaa9c12008-01-31 04:41:14 -0800[diff] [blame]91 /* Protocol name */
92 const char *name;
Patrick McHardyd62f9ed2006-11-29 02:35:17 +0100[diff] [blame]93
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]94 /* Module (if any) which this is connected to. */
95 struct module *me;
96};
97
Christoph Paasch9d2493f2009-03-16 15:15:35 +0100[diff] [blame]98/* Existing built-in generic protocol */
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]99extern struct nf_conntrack_l4proto nf_conntrack_l4proto_generic;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]100
101#define MAX_NF_CT_PROTO 256
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]102
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]103extern struct nf_conntrack_l4proto *
104__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto);
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]105
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]106/* Protocol registration. */
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]107extern int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *proto);
Patrick McHardyfe3eb202007-02-12 11:14:28 -0800[diff] [blame]108extern void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *proto);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]109
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]110/* Generic netlink helpers */
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]111extern int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb,
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]112 const struct nf_conntrack_tuple *tuple);
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]113extern int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]114 struct nf_conntrack_tuple *t);
Holger Eitzenberger5c0de292009-03-25 21:52:17 +0100[diff] [blame]115extern int nf_ct_port_nlattr_tuple_size(void);
Patrick McHardyf73e9242007-09-28 14:39:55 -0700[diff] [blame]116extern const struct nla_policy nf_ct_port_nla_policy[];
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]117
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]118#ifdef CONFIG_SYSCTL
119#ifdef DEBUG_INVALID_PACKETS
Alexey Dobriyanc2a2c7e2008-10-08 11:35:08 +0200[diff] [blame]120#define LOG_INVALID(net, proto) \
121 ((net)->ct.sysctl_log_invalid == (proto) || \
122 (net)->ct.sysctl_log_invalid == IPPROTO_RAW)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]123#else
Alexey Dobriyanc2a2c7e2008-10-08 11:35:08 +0200[diff] [blame]124#define LOG_INVALID(net, proto) \
125 (((net)->ct.sysctl_log_invalid == (proto) || \
126 (net)->ct.sysctl_log_invalid == IPPROTO_RAW) \
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]127 && net_ratelimit())
128#endif
129#else
Ingo Molnar65f233f2008-11-25 18:20:13 +0100[diff] [blame]130static inline int LOG_INVALID(struct net *net, int proto) { return 0; }
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]131#endif /* CONFIG_SYSCTL */
132
133#endif /*_NF_CONNTRACK_PROTOCOL_H*/