1#ifndef __LINUX_BRIDGE_NETFILTER_H
2#define __LINUX_BRIDGE_NETFILTER_H
3
4#include <uapi/linux/netfilter_bridge.h>
5#include <linux/skbuff.h>
6
7enum nf_br_hook_priorities {
8 NF_BR_PRI_FIRST = INT_MIN,
9 NF_BR_PRI_NAT_DST_BRIDGED = -300,
10 NF_BR_PRI_FILTER_BRIDGED = -200,
11 NF_BR_PRI_BRNF = 0,
12 NF_BR_PRI_NAT_DST_OTHER = 100,
13 NF_BR_PRI_FILTER_OTHER = 200,
14 NF_BR_PRI_NAT_SRC = 300,
15 NF_BR_PRI_LAST = INT_MAX,
16};
17
18#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
19
20int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb);
21
22static inline void br_drop_fake_rtable(struct sk_buff *skb)
23{
24 struct dst_entry *dst = skb_dst(skb);
25
26 if (dst && (dst->flags & DST_FAKE_RTABLE))
27 skb_dst_drop(skb);
28}
29
30static inline int nf_bridge_get_physinif(const struct sk_buff *skb)
31{
32 struct nf_bridge_info *nf_bridge;
33
34 if (skb->nf_bridge == NULL)
35 return 0;
36
37 nf_bridge = skb->nf_bridge;
38 return nf_bridge->physindev ? nf_bridge->physindev->ifindex : 0;
39}
40
41static inline int nf_bridge_get_physoutif(const struct sk_buff *skb)
42{
43 struct nf_bridge_info *nf_bridge;
44
45 if (skb->nf_bridge == NULL)
46 return 0;
47
48 nf_bridge = skb->nf_bridge;
49 return nf_bridge->physoutdev ? nf_bridge->physoutdev->ifindex : 0;
50}
51
52static inline struct net_device *
53nf_bridge_get_physindev(const struct sk_buff *skb)
54{
55 return skb->nf_bridge ? skb->nf_bridge->physindev : NULL;
56}
57
58static inline struct net_device *
59nf_bridge_get_physoutdev(const struct sk_buff *skb)
60{
61 return skb->nf_bridge ? skb->nf_bridge->physoutdev : NULL;
62}
63
64static inline bool nf_bridge_in_prerouting(const struct sk_buff *skb)
65{
66 return skb->nf_bridge && skb->nf_bridge->in_prerouting;
67}
68#else
69#define br_drop_fake_rtable(skb) do { } while (0)
70static inline bool nf_bridge_in_prerouting(const struct sk_buff *skb)
71{
72 return false;
73}
74#endif
75
76#endif
77
