1
2#ifndef _BR_NETFILTER_H_
3#define _BR_NETFILTER_H_
4
5#include "../../../net/bridge/br_private.h"
6
7static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
8{
9 struct nf_bridge_info *b = skb_ext_add(skb, SKB_EXT_BRIDGE_NF);
10
11 if (b)
12 memset(b, 0, sizeof(*b));
13
14 return b;
15}
16
17void nf_bridge_update_protocol(struct sk_buff *skb);
18
19int br_nf_hook_thresh(unsigned int hook, struct net *net, struct sock *sk,
20 struct sk_buff *skb, struct net_device *indev,
21 struct net_device *outdev,
22 int (*okfn)(struct net *, struct sock *,
23 struct sk_buff *));
24
25unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb);
26
27static inline void nf_bridge_push_encap_header(struct sk_buff *skb)
28{
29 unsigned int len = nf_bridge_encap_header_len(skb);
30
31 skb_push(skb, len);
32 skb->network_header -= len;
33}
34
35int br_nf_pre_routing_finish_bridge(struct net *net, struct sock *sk, struct sk_buff *skb);
36
37static inline struct rtable *bridge_parent_rtable(const struct net_device *dev)
38{
39 struct net_bridge_port *port;
40
41 port = br_port_get_rcu(dev);
42 return port ? &port->br->fake_rtable : NULL;
43}
44
45struct net_device *setup_pre_routing(struct sk_buff *skb);
46
47#if IS_ENABLED(CONFIG_IPV6)
48int br_validate_ipv6(struct net *net, struct sk_buff *skb);
49unsigned int br_nf_pre_routing_ipv6(void *priv,
50 struct sk_buff *skb,
51 const struct nf_hook_state *state);
52#else
53static inline int br_validate_ipv6(struct net *net, struct sk_buff *skb)
54{
55 return -1;
56}
57
58static inline unsigned int
59br_nf_pre_routing_ipv6(const struct nf_hook_ops *ops, struct sk_buff *skb,
60 const struct nf_hook_state *state)
61{
62 return NF_ACCEPT;
63}
64#endif
65
66#endif
67
