Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 5c0de29d06318ec8f6e3ba0d17d62529dbbdc1e8 / . / include / net / netfilter / nf_conntrack_l4proto.h
blob: ba32ed7bdabe75c0655e728fbdcebbffae492151 [file] [log] [blame]
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]1/*
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]2 * Header for use in defining a given L4 protocol for connection tracking.
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]3 *
4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
5 * - generalized L3 protocol dependent part.
6 *
7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h
8 */
9
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]10#ifndef _NF_CONNTRACK_L4PROTO_H
11#define _NF_CONNTRACK_L4PROTO_H
Patrick McHardydf6fb862007-09-28 14:37:03 -0700[diff] [blame]12#include <linux/netlink.h>
Patrick McHardyf73e9242007-09-28 14:39:55 -0700[diff] [blame]13#include <net/netlink.h>
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]14#include <net/netfilter/nf_conntrack.h>
15
16struct seq_file;
17
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]18struct nf_conntrack_l4proto
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]19{
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]20 /* L3 Protocol number. */
21 u_int16_t l3proto;
22
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]23 /* L4 Protocol number. */
24 u_int8_t l4proto;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]25
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]26 /* Try to fill in the third arg: dataoff is offset past network protocol
27 hdr. Return true if possible. */
Jan Engelhardt09f263c2008-04-14 11:15:53 +0200[diff] [blame]28 bool (*pkt_to_tuple)(const struct sk_buff *skb, unsigned int dataoff,
29 struct nf_conntrack_tuple *tuple);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]30
31 /* Invert the per-proto part of the tuple: ie. turn xmit into reply.
32 * Some packets can't be inverted: return 0 in that case.
33 */
Jan Engelhardt09f263c2008-04-14 11:15:53 +0200[diff] [blame]34 bool (*invert_tuple)(struct nf_conntrack_tuple *inverse,
35 const struct nf_conntrack_tuple *orig);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]36
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]37 /* Returns verdict for packet, or -1 for invalid. */
Patrick McHardyc88130b2008-01-31 04:42:11 -0800[diff] [blame]38 int (*packet)(struct nf_conn *ct,
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]39 const struct sk_buff *skb,
40 unsigned int dataoff,
41 enum ip_conntrack_info ctinfo,
Jan Engelhardt76108ce2008-10-08 11:35:00 +0200[diff] [blame]42 u_int8_t pf,
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]43 unsigned int hooknum);
44
45 /* Called when a new connection for this protocol found;
46 * returns TRUE if it's OK. If so, packet() called next. */
Jan Engelhardt09f263c2008-04-14 11:15:53 +0200[diff] [blame]47 bool (*new)(struct nf_conn *ct, const struct sk_buff *skb,
48 unsigned int dataoff);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]49
50 /* Called when a conntrack entry is destroyed */
Patrick McHardyc88130b2008-01-31 04:42:11 -0800[diff] [blame]51 void (*destroy)(struct nf_conn *ct);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]52
Alexey Dobriyan74c51a12008-10-08 11:35:05 +0200[diff] [blame]53 int (*error)(struct net *net, struct sk_buff *skb, unsigned int dataoff,
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]54 enum ip_conntrack_info *ctinfo,
Jan Engelhardt76108ce2008-10-08 11:35:00 +0200[diff] [blame]55 u_int8_t pf, unsigned int hooknum);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]56
Patrick McHardyffaa9c12008-01-31 04:41:14 -0800[diff] [blame]57 /* Print out the per-protocol part of the tuple. Return like seq_* */
58 int (*print_tuple)(struct seq_file *s,
59 const struct nf_conntrack_tuple *);
60
61 /* Print out the private part of the conntrack. */
62 int (*print_conntrack)(struct seq_file *s, const struct nf_conn *);
63
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]64 /* convert protoinfo to nfnetink attributes */
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]65 int (*to_nlattr)(struct sk_buff *skb, struct nlattr *nla,
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]66 const struct nf_conn *ct);
Holger Eitzenbergerd0dba722009-03-25 18:24:48 +0100[diff] [blame]67 /* Calculate protoinfo nlattr size */
68 int (*nlattr_size)(void);
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]69
70 /* convert nfnetlink attributes to protoinfo */
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]71 int (*from_nlattr)(struct nlattr *tb[], struct nf_conn *ct);
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]72
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]73 int (*tuple_to_nlattr)(struct sk_buff *skb,
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]74 const struct nf_conntrack_tuple *t);
Holger Eitzenbergerd0dba722009-03-25 18:24:48 +0100[diff] [blame]75 /* Calculate tuple nlattr size */
76 int (*nlattr_tuple_size)(void);
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]77 int (*nlattr_to_tuple)(struct nlattr *tb[],
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]78 struct nf_conntrack_tuple *t);
Patrick McHardyf73e9242007-09-28 14:39:55 -0700[diff] [blame]79 const struct nla_policy *nla_policy;
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]80
Holger Eitzenbergerd0dba722009-03-25 18:24:48 +0100[diff] [blame]81 size_t nla_size;
82
Patrick McHardyd62f9ed2006-11-29 02:35:17 +0100[diff] [blame]83#ifdef CONFIG_SYSCTL
84 struct ctl_table_header **ctl_table_header;
85 struct ctl_table *ctl_table;
86 unsigned int *ctl_table_users;
Patrick McHardya999e682006-11-29 02:35:20 +0100[diff] [blame]87#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
88 struct ctl_table_header *ctl_compat_table_header;
89 struct ctl_table *ctl_compat_table;
90#endif
91#endif
Patrick McHardyffaa9c12008-01-31 04:41:14 -0800[diff] [blame]92 /* Protocol name */
93 const char *name;
Patrick McHardyd62f9ed2006-11-29 02:35:17 +0100[diff] [blame]94
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]95 /* Module (if any) which this is connected to. */
96 struct module *me;
97};
98
Christoph Paasch9d2493f2009-03-16 15:15:35 +0100[diff] [blame]99/* Existing built-in generic protocol */
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]100extern struct nf_conntrack_l4proto nf_conntrack_l4proto_generic;
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]101
102#define MAX_NF_CT_PROTO 256
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]103
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]104extern struct nf_conntrack_l4proto *
105__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto);
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]106
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]107/* Protocol registration. */
Martin Josefsson605dcad2006-11-29 02:35:06 +0100[diff] [blame]108extern int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *proto);
Patrick McHardyfe3eb202007-02-12 11:14:28 -0800[diff] [blame]109extern void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *proto);
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]110
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]111/* Generic netlink helpers */
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]112extern int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb,
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]113 const struct nf_conntrack_tuple *tuple);
Patrick McHardyfdf70832007-09-28 14:37:41 -0700[diff] [blame]114extern int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]115 struct nf_conntrack_tuple *t);
Holger Eitzenberger5c0de292009-03-25 21:52:17 +0100[diff] [blame^]116extern int nf_ct_port_nlattr_tuple_size(void);
Patrick McHardyf73e9242007-09-28 14:39:55 -0700[diff] [blame]117extern const struct nla_policy nf_ct_port_nla_policy[];
Pablo Neira Ayusoc1d10ad2006-01-05 12:19:05 -0800[diff] [blame]118
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]119#ifdef CONFIG_SYSCTL
120#ifdef DEBUG_INVALID_PACKETS
Alexey Dobriyanc2a2c7e2008-10-08 11:35:08 +0200[diff] [blame]121#define LOG_INVALID(net, proto) \
122 ((net)->ct.sysctl_log_invalid == (proto) || \
123 (net)->ct.sysctl_log_invalid == IPPROTO_RAW)
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]124#else
Alexey Dobriyanc2a2c7e2008-10-08 11:35:08 +0200[diff] [blame]125#define LOG_INVALID(net, proto) \
126 (((net)->ct.sysctl_log_invalid == (proto) || \
127 (net)->ct.sysctl_log_invalid == IPPROTO_RAW) \
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]128 && net_ratelimit())
129#endif
130#else
Ingo Molnar65f233f2008-11-25 18:20:13 +0100[diff] [blame]131static inline int LOG_INVALID(struct net *net, int proto) { return 0; }
Yasuyuki Kozakai9fb9cbb2005-11-09 16:38:16 -0800[diff] [blame]132#endif /* CONFIG_SYSCTL */
133
134#endif /*_NF_CONNTRACK_PROTOCOL_H*/