linux/include/net/netfilter/nf_conntrack_core.h
<<
>>
Prefs 
   1/*
   2 * This header is used to share core functionality between the
   3 * standalone connection tracking module, and the compatibility layer's use
   4 * of connection tracking.
   5 *
   6 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
   7 *      - generalize L3 protocol dependent part.
   8 *
   9 * Derived from include/linux/netfiter_ipv4/ip_conntrack_core.h
  10 */
  11
  12#ifndef _NF_CONNTRACK_CORE_H
  13#define _NF_CONNTRACK_CORE_H
  14
  15#include <linux/netfilter.h>
  16#include <net/netfilter/nf_conntrack_l3proto.h>
  17#include <net/netfilter/nf_conntrack_l4proto.h>
  18#include <net/netfilter/nf_conntrack_ecache.h>
  19
  20/* This header is used to share core functionality between the
  21   standalone connection tracking module, and the compatibility layer's use
  22   of connection tracking. */
  23extern unsigned int nf_conntrack_in(struct net *net,
  24                                    u_int8_t pf,
  25                                    unsigned int hooknum,
  26                                    struct sk_buff *skb);
  27
  28extern int nf_conntrack_init(struct net *net);
  29extern void nf_conntrack_cleanup(struct net *net);
  30
  31extern int nf_conntrack_proto_init(void);
  32extern void nf_conntrack_proto_fini(void);
  33
  34extern bool
  35nf_ct_get_tuple(const struct sk_buff *skb,
  36                unsigned int nhoff,
  37                unsigned int dataoff,
  38                u_int16_t l3num,
  39                u_int8_t protonum,
  40                struct nf_conntrack_tuple *tuple,
  41                const struct nf_conntrack_l3proto *l3proto,
  42                const struct nf_conntrack_l4proto *l4proto);
  43
  44extern bool
  45nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
  46                   const struct nf_conntrack_tuple *orig,
  47                   const struct nf_conntrack_l3proto *l3proto,
  48                   const struct nf_conntrack_l4proto *l4proto);
  49
  50/* Find a connection corresponding to a tuple. */
  51extern struct nf_conntrack_tuple_hash *
  52nf_conntrack_find_get(struct net *net, const struct nf_conntrack_tuple *tuple);
  53
  54extern int __nf_conntrack_confirm(struct sk_buff *skb);
  55
  56/* Confirm a connection: returns NF_DROP if packet must be dropped. */
  57static inline int nf_conntrack_confirm(struct sk_buff *skb)
  58{
  59        struct nf_conn *ct = (struct nf_conn *)skb->nfct;
  60        int ret = NF_ACCEPT;
  61
  62        if (ct && ct != &nf_conntrack_untracked) {
  63                if (!nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))
  64                        ret = __nf_conntrack_confirm(skb);
  65                if (likely(ret == NF_ACCEPT))
  66                        nf_ct_deliver_cached_events(ct);
  67        }
  68        return ret;
  69}
  70
  71int
  72print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
  73            const struct nf_conntrack_l3proto *l3proto,
  74            const struct nf_conntrack_l4proto *proto);
  75
  76extern spinlock_t nf_conntrack_lock ;
  77
  78#endif /* _NF_CONNTRACK_CORE_H */
  79
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.