Loading include/linux/netfilter/Kbuild +3 −0 Original line number Diff line number Diff line Loading @@ -5,7 +5,9 @@ header-y += nf_conntrack_ftp.h header-y += nf_conntrack_sctp.h header-y += nf_conntrack_tcp.h header-y += nf_conntrack_tuple_common.h header-y += nf_nat.h header-y += nfnetlink.h header-y += nfnetlink_acct.h header-y += nfnetlink_compat.h header-y += nfnetlink_conntrack.h header-y += nfnetlink_log.h Loading @@ -21,6 +23,7 @@ header-y += xt_DSCP.h header-y += xt_IDLETIMER.h header-y += xt_LED.h header-y += xt_MARK.h header-y += xt_nfacct.h header-y += xt_NFLOG.h header-y += xt_NFQUEUE.h header-y += xt_RATEEST.h Loading include/linux/netfilter/nf_conntrack_common.h +4 −0 Original line number Diff line number Diff line Loading @@ -83,6 +83,10 @@ enum ip_conntrack_status { /* Conntrack is a fake untracked entry */ IPS_UNTRACKED_BIT = 12, IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), /* Conntrack has a userspace helper. */ IPS_USERSPACE_HELPER_BIT = 13, IPS_USERSPACE_HELPER = (1 << IPS_USERSPACE_HELPER_BIT), }; /* Connection tracking event types */ Loading include/linux/netfilter/nf_conntrack_tuple_common.h +27 −0 Original line number Diff line number Diff line Loading @@ -7,6 +7,33 @@ enum ip_conntrack_dir { IP_CT_DIR_MAX }; /* The protocol-specific manipulable parts of the tuple: always in * network order */ union nf_conntrack_man_proto { /* Add other protocols here. */ __be16 all; struct { __be16 port; } tcp; struct { __be16 port; } udp; struct { __be16 id; } icmp; struct { __be16 port; } dccp; struct { __be16 port; } sctp; struct { __be16 key; /* GRE key is 32bit, PPtP only uses 16bit */ } gre; }; #define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL) #endif /* _NF_CONNTRACK_TUPLE_COMMON_H */ include/linux/netfilter/nf_nat.h 0 → 100644 +25 −0 Original line number Diff line number Diff line #ifndef _NETFILTER_NF_NAT_H #define _NETFILTER_NF_NAT_H #include <linux/netfilter.h> #include <linux/netfilter/nf_conntrack_tuple_common.h> #define NF_NAT_RANGE_MAP_IPS 1 #define NF_NAT_RANGE_PROTO_SPECIFIED 2 #define NF_NAT_RANGE_PROTO_RANDOM 4 #define NF_NAT_RANGE_PERSISTENT 8 struct nf_nat_ipv4_range { unsigned int flags; __be32 min_ip; __be32 max_ip; union nf_conntrack_man_proto min; union nf_conntrack_man_proto max; }; struct nf_nat_ipv4_multi_range_compat { unsigned int rangesize; struct nf_nat_ipv4_range range[1]; }; #endif /* _NETFILTER_NF_NAT_H */ include/linux/netfilter/nfnetlink.h +2 −1 Original line number Diff line number Diff line Loading @@ -48,7 +48,8 @@ struct nfgenmsg { #define NFNL_SUBSYS_ULOG 4 #define NFNL_SUBSYS_OSF 5 #define NFNL_SUBSYS_IPSET 6 #define NFNL_SUBSYS_COUNT 7 #define NFNL_SUBSYS_ACCT 7 #define NFNL_SUBSYS_COUNT 8 #ifdef __KERNEL__ Loading Loading
include/linux/netfilter/Kbuild +3 −0 Original line number Diff line number Diff line Loading @@ -5,7 +5,9 @@ header-y += nf_conntrack_ftp.h header-y += nf_conntrack_sctp.h header-y += nf_conntrack_tcp.h header-y += nf_conntrack_tuple_common.h header-y += nf_nat.h header-y += nfnetlink.h header-y += nfnetlink_acct.h header-y += nfnetlink_compat.h header-y += nfnetlink_conntrack.h header-y += nfnetlink_log.h Loading @@ -21,6 +23,7 @@ header-y += xt_DSCP.h header-y += xt_IDLETIMER.h header-y += xt_LED.h header-y += xt_MARK.h header-y += xt_nfacct.h header-y += xt_NFLOG.h header-y += xt_NFQUEUE.h header-y += xt_RATEEST.h Loading
include/linux/netfilter/nf_conntrack_common.h +4 −0 Original line number Diff line number Diff line Loading @@ -83,6 +83,10 @@ enum ip_conntrack_status { /* Conntrack is a fake untracked entry */ IPS_UNTRACKED_BIT = 12, IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), /* Conntrack has a userspace helper. */ IPS_USERSPACE_HELPER_BIT = 13, IPS_USERSPACE_HELPER = (1 << IPS_USERSPACE_HELPER_BIT), }; /* Connection tracking event types */ Loading
include/linux/netfilter/nf_conntrack_tuple_common.h +27 −0 Original line number Diff line number Diff line Loading @@ -7,6 +7,33 @@ enum ip_conntrack_dir { IP_CT_DIR_MAX }; /* The protocol-specific manipulable parts of the tuple: always in * network order */ union nf_conntrack_man_proto { /* Add other protocols here. */ __be16 all; struct { __be16 port; } tcp; struct { __be16 port; } udp; struct { __be16 id; } icmp; struct { __be16 port; } dccp; struct { __be16 port; } sctp; struct { __be16 key; /* GRE key is 32bit, PPtP only uses 16bit */ } gre; }; #define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL) #endif /* _NF_CONNTRACK_TUPLE_COMMON_H */
include/linux/netfilter/nf_nat.h 0 → 100644 +25 −0 Original line number Diff line number Diff line #ifndef _NETFILTER_NF_NAT_H #define _NETFILTER_NF_NAT_H #include <linux/netfilter.h> #include <linux/netfilter/nf_conntrack_tuple_common.h> #define NF_NAT_RANGE_MAP_IPS 1 #define NF_NAT_RANGE_PROTO_SPECIFIED 2 #define NF_NAT_RANGE_PROTO_RANDOM 4 #define NF_NAT_RANGE_PERSISTENT 8 struct nf_nat_ipv4_range { unsigned int flags; __be32 min_ip; __be32 max_ip; union nf_conntrack_man_proto min; union nf_conntrack_man_proto max; }; struct nf_nat_ipv4_multi_range_compat { unsigned int rangesize; struct nf_nat_ipv4_range range[1]; }; #endif /* _NETFILTER_NF_NAT_H */
include/linux/netfilter/nfnetlink.h +2 −1 Original line number Diff line number Diff line Loading @@ -48,7 +48,8 @@ struct nfgenmsg { #define NFNL_SUBSYS_ULOG 4 #define NFNL_SUBSYS_OSF 5 #define NFNL_SUBSYS_IPSET 6 #define NFNL_SUBSYS_COUNT 7 #define NFNL_SUBSYS_ACCT 7 #define NFNL_SUBSYS_COUNT 8 #ifdef __KERNEL__ Loading