Loading include/linux/netfilter.h +75 −1 Original line number Diff line number Diff line Loading @@ -6,11 +6,13 @@ #include <linux/types.h> #include <linux/skbuff.h> #include <linux/net.h> #include <linux/netdevice.h> #include <linux/if.h> #include <linux/in.h> #include <linux/in6.h> #include <linux/wait.h> #include <linux/list.h> #include <net/net_namespace.h> #endif #include <linux/compiler.h> Loading Loading @@ -76,7 +78,6 @@ extern void netfilter_init(void); #define NF_MAX_HOOKS 8 struct sk_buff; struct net_device; typedef unsigned int nf_hookfn(unsigned int hooknum, struct sk_buff *skb, Loading Loading @@ -233,6 +234,11 @@ struct nf_afinfo { unsigned short family; __sum16 (*checksum)(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, u_int8_t protocol); __sum16 (*checksum_partial)(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, unsigned int len, u_int8_t protocol); int (*route)(struct dst_entry **dst, struct flowi *fl); void (*saveroute)(const struct sk_buff *skb, struct nf_queue_entry *entry); Loading Loading @@ -262,6 +268,23 @@ nf_checksum(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, return csum; } static inline __sum16 nf_checksum_partial(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, unsigned int len, u_int8_t protocol, unsigned short family) { const struct nf_afinfo *afinfo; __sum16 csum = 0; rcu_read_lock(); afinfo = nf_get_afinfo(family); if (afinfo) csum = afinfo->checksum_partial(skb, hook, dataoff, len, protocol); rcu_read_unlock(); return csum; } extern int nf_register_afinfo(const struct nf_afinfo *afinfo); extern void nf_unregister_afinfo(const struct nf_afinfo *afinfo); Loading Loading @@ -320,5 +343,56 @@ extern void (*nf_ct_destroy)(struct nf_conntrack *); static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} #endif static inline struct net *nf_pre_routing_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return in->nd_net; #else return &init_net; #endif } static inline struct net *nf_local_in_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return in->nd_net; #else return &init_net; #endif } static inline struct net *nf_forward_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS BUG_ON(in->nd_net != out->nd_net); return in->nd_net; #else return &init_net; #endif } static inline struct net *nf_local_out_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return out->nd_net; #else return &init_net; #endif } static inline struct net *nf_post_routing_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return out->nd_net; #else return &init_net; #endif } #endif /*__KERNEL__*/ #endif /*__LINUX_NETFILTER_H*/ include/linux/netfilter/nf_conntrack_dccp.h 0 → 100644 +40 −0 Original line number Diff line number Diff line #ifndef _NF_CONNTRACK_DCCP_H #define _NF_CONNTRACK_DCCP_H /* Exposed to userspace over nfnetlink */ enum ct_dccp_states { CT_DCCP_NONE, CT_DCCP_REQUEST, CT_DCCP_RESPOND, CT_DCCP_PARTOPEN, CT_DCCP_OPEN, CT_DCCP_CLOSEREQ, CT_DCCP_CLOSING, CT_DCCP_TIMEWAIT, CT_DCCP_IGNORE, CT_DCCP_INVALID, __CT_DCCP_MAX }; #define CT_DCCP_MAX (__CT_DCCP_MAX - 1) enum ct_dccp_roles { CT_DCCP_ROLE_CLIENT, CT_DCCP_ROLE_SERVER, __CT_DCCP_ROLE_MAX }; #define CT_DCCP_ROLE_MAX (__CT_DCCP_ROLE_MAX - 1) #ifdef __KERNEL__ #include <net/netfilter/nf_conntrack_tuple.h> struct nf_ct_dccp { u_int8_t role[IP_CT_DIR_MAX]; u_int8_t state; u_int8_t last_pkt; u_int8_t last_dir; u_int64_t handshake_seq; }; #endif /* __KERNEL__ */ #endif /* _NF_CONNTRACK_DCCP_H */ include/linux/netfilter/nfnetlink_conntrack.h +8 −0 Original line number Diff line number Diff line Loading @@ -80,6 +80,7 @@ enum ctattr_l4proto { enum ctattr_protoinfo { CTA_PROTOINFO_UNSPEC, CTA_PROTOINFO_TCP, CTA_PROTOINFO_DCCP, __CTA_PROTOINFO_MAX }; #define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1) Loading @@ -95,6 +96,13 @@ enum ctattr_protoinfo_tcp { }; #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) enum ctattr_protoinfo_dccp { CTA_PROTOINFO_DCCP_UNSPEC, CTA_PROTOINFO_DCCP_STATE, __CTA_PROTOINFO_DCCP_MAX, }; #define CTA_PROTOINFO_DCCP_MAX (__CTA_PROTOINFO_DCCP_MAX - 1) enum ctattr_counters { CTA_COUNTERS_UNSPEC, CTA_COUNTERS_PACKETS, /* old 64bit counters */ Loading include/linux/netfilter/x_tables.h +2 −2 Original line number Diff line number Diff line Loading @@ -430,13 +430,13 @@ extern int xt_compat_add_offset(int af, unsigned int offset, short delta); extern void xt_compat_flush_offsets(int af); extern short xt_compat_calc_jump(int af, unsigned int offset); extern int xt_compat_match_offset(struct xt_match *match); extern int xt_compat_match_offset(const struct xt_match *match); extern int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, unsigned int *size); extern int xt_compat_match_to_user(struct xt_entry_match *m, void __user **dstptr, unsigned int *size); extern int xt_compat_target_offset(struct xt_target *target); extern int xt_compat_target_offset(const struct xt_target *target); extern void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr, unsigned int *size); extern int xt_compat_target_to_user(struct xt_entry_target *t, Loading include/linux/netfilter/xt_sctp.h +35 −49 Original line number Diff line number Diff line Loading @@ -37,68 +37,54 @@ struct xt_sctp_info { #define SCTP_CHUNKMAP_SET(chunkmap, type) \ do { \ chunkmap[type / bytes(u_int32_t)] |= \ (chunkmap)[type / bytes(u_int32_t)] |= \ 1 << (type % bytes(u_int32_t)); \ } while (0) #define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ do { \ chunkmap[type / bytes(u_int32_t)] &= \ (chunkmap)[type / bytes(u_int32_t)] &= \ ~(1 << (type % bytes(u_int32_t))); \ } while (0) #define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ ({ \ (chunkmap[type / bytes (u_int32_t)] & \ ((chunkmap)[type / bytes (u_int32_t)] & \ (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ }) #define SCTP_CHUNKMAP_RESET(chunkmap) \ do { \ int i; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ chunkmap[i] = 0; \ } while (0) memset((chunkmap), 0, sizeof(chunkmap)) #define SCTP_CHUNKMAP_SET_ALL(chunkmap) \ do { \ int i; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ chunkmap[i] = ~0; \ } while (0) memset((chunkmap), ~0U, sizeof(chunkmap)) #define SCTP_CHUNKMAP_COPY(destmap, srcmap) \ do { \ int i; \ for (i = 0; i < ARRAY_SIZE(srcmap); i++) \ destmap[i] = srcmap[i]; \ } while (0) memcpy((destmap), (srcmap), sizeof(srcmap)) #define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \ ({ \ int i; \ int flag = 1; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ if (chunkmap[i]) { \ flag = 0; \ break; \ } \ } \ flag; \ }) __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap)) static inline bool __sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n) { unsigned int i; for (i = 0; i < n; ++i) if (chunkmap[i]) return false; return true; } #define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \ ({ \ int i; \ int flag = 1; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ if (chunkmap[i] != ~0) { \ flag = 0; \ break; \ } \ } \ flag; \ }) __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap)) static inline bool __sctp_chunkmap_is_all_set(const u_int32_t *chunkmap, unsigned int n) { unsigned int i; for (i = 0; i < n; ++i) if (chunkmap[i] != ~0U) return false; return true; } #endif /* _XT_SCTP_H_ */ Loading
include/linux/netfilter.h +75 −1 Original line number Diff line number Diff line Loading @@ -6,11 +6,13 @@ #include <linux/types.h> #include <linux/skbuff.h> #include <linux/net.h> #include <linux/netdevice.h> #include <linux/if.h> #include <linux/in.h> #include <linux/in6.h> #include <linux/wait.h> #include <linux/list.h> #include <net/net_namespace.h> #endif #include <linux/compiler.h> Loading Loading @@ -76,7 +78,6 @@ extern void netfilter_init(void); #define NF_MAX_HOOKS 8 struct sk_buff; struct net_device; typedef unsigned int nf_hookfn(unsigned int hooknum, struct sk_buff *skb, Loading Loading @@ -233,6 +234,11 @@ struct nf_afinfo { unsigned short family; __sum16 (*checksum)(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, u_int8_t protocol); __sum16 (*checksum_partial)(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, unsigned int len, u_int8_t protocol); int (*route)(struct dst_entry **dst, struct flowi *fl); void (*saveroute)(const struct sk_buff *skb, struct nf_queue_entry *entry); Loading Loading @@ -262,6 +268,23 @@ nf_checksum(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, return csum; } static inline __sum16 nf_checksum_partial(struct sk_buff *skb, unsigned int hook, unsigned int dataoff, unsigned int len, u_int8_t protocol, unsigned short family) { const struct nf_afinfo *afinfo; __sum16 csum = 0; rcu_read_lock(); afinfo = nf_get_afinfo(family); if (afinfo) csum = afinfo->checksum_partial(skb, hook, dataoff, len, protocol); rcu_read_unlock(); return csum; } extern int nf_register_afinfo(const struct nf_afinfo *afinfo); extern void nf_unregister_afinfo(const struct nf_afinfo *afinfo); Loading Loading @@ -320,5 +343,56 @@ extern void (*nf_ct_destroy)(struct nf_conntrack *); static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} #endif static inline struct net *nf_pre_routing_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return in->nd_net; #else return &init_net; #endif } static inline struct net *nf_local_in_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return in->nd_net; #else return &init_net; #endif } static inline struct net *nf_forward_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS BUG_ON(in->nd_net != out->nd_net); return in->nd_net; #else return &init_net; #endif } static inline struct net *nf_local_out_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return out->nd_net; #else return &init_net; #endif } static inline struct net *nf_post_routing_net(const struct net_device *in, const struct net_device *out) { #ifdef CONFIG_NET_NS return out->nd_net; #else return &init_net; #endif } #endif /*__KERNEL__*/ #endif /*__LINUX_NETFILTER_H*/
include/linux/netfilter/nf_conntrack_dccp.h 0 → 100644 +40 −0 Original line number Diff line number Diff line #ifndef _NF_CONNTRACK_DCCP_H #define _NF_CONNTRACK_DCCP_H /* Exposed to userspace over nfnetlink */ enum ct_dccp_states { CT_DCCP_NONE, CT_DCCP_REQUEST, CT_DCCP_RESPOND, CT_DCCP_PARTOPEN, CT_DCCP_OPEN, CT_DCCP_CLOSEREQ, CT_DCCP_CLOSING, CT_DCCP_TIMEWAIT, CT_DCCP_IGNORE, CT_DCCP_INVALID, __CT_DCCP_MAX }; #define CT_DCCP_MAX (__CT_DCCP_MAX - 1) enum ct_dccp_roles { CT_DCCP_ROLE_CLIENT, CT_DCCP_ROLE_SERVER, __CT_DCCP_ROLE_MAX }; #define CT_DCCP_ROLE_MAX (__CT_DCCP_ROLE_MAX - 1) #ifdef __KERNEL__ #include <net/netfilter/nf_conntrack_tuple.h> struct nf_ct_dccp { u_int8_t role[IP_CT_DIR_MAX]; u_int8_t state; u_int8_t last_pkt; u_int8_t last_dir; u_int64_t handshake_seq; }; #endif /* __KERNEL__ */ #endif /* _NF_CONNTRACK_DCCP_H */
include/linux/netfilter/nfnetlink_conntrack.h +8 −0 Original line number Diff line number Diff line Loading @@ -80,6 +80,7 @@ enum ctattr_l4proto { enum ctattr_protoinfo { CTA_PROTOINFO_UNSPEC, CTA_PROTOINFO_TCP, CTA_PROTOINFO_DCCP, __CTA_PROTOINFO_MAX }; #define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1) Loading @@ -95,6 +96,13 @@ enum ctattr_protoinfo_tcp { }; #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) enum ctattr_protoinfo_dccp { CTA_PROTOINFO_DCCP_UNSPEC, CTA_PROTOINFO_DCCP_STATE, __CTA_PROTOINFO_DCCP_MAX, }; #define CTA_PROTOINFO_DCCP_MAX (__CTA_PROTOINFO_DCCP_MAX - 1) enum ctattr_counters { CTA_COUNTERS_UNSPEC, CTA_COUNTERS_PACKETS, /* old 64bit counters */ Loading
include/linux/netfilter/x_tables.h +2 −2 Original line number Diff line number Diff line Loading @@ -430,13 +430,13 @@ extern int xt_compat_add_offset(int af, unsigned int offset, short delta); extern void xt_compat_flush_offsets(int af); extern short xt_compat_calc_jump(int af, unsigned int offset); extern int xt_compat_match_offset(struct xt_match *match); extern int xt_compat_match_offset(const struct xt_match *match); extern int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, unsigned int *size); extern int xt_compat_match_to_user(struct xt_entry_match *m, void __user **dstptr, unsigned int *size); extern int xt_compat_target_offset(struct xt_target *target); extern int xt_compat_target_offset(const struct xt_target *target); extern void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr, unsigned int *size); extern int xt_compat_target_to_user(struct xt_entry_target *t, Loading
include/linux/netfilter/xt_sctp.h +35 −49 Original line number Diff line number Diff line Loading @@ -37,68 +37,54 @@ struct xt_sctp_info { #define SCTP_CHUNKMAP_SET(chunkmap, type) \ do { \ chunkmap[type / bytes(u_int32_t)] |= \ (chunkmap)[type / bytes(u_int32_t)] |= \ 1 << (type % bytes(u_int32_t)); \ } while (0) #define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ do { \ chunkmap[type / bytes(u_int32_t)] &= \ (chunkmap)[type / bytes(u_int32_t)] &= \ ~(1 << (type % bytes(u_int32_t))); \ } while (0) #define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ ({ \ (chunkmap[type / bytes (u_int32_t)] & \ ((chunkmap)[type / bytes (u_int32_t)] & \ (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ }) #define SCTP_CHUNKMAP_RESET(chunkmap) \ do { \ int i; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ chunkmap[i] = 0; \ } while (0) memset((chunkmap), 0, sizeof(chunkmap)) #define SCTP_CHUNKMAP_SET_ALL(chunkmap) \ do { \ int i; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ chunkmap[i] = ~0; \ } while (0) memset((chunkmap), ~0U, sizeof(chunkmap)) #define SCTP_CHUNKMAP_COPY(destmap, srcmap) \ do { \ int i; \ for (i = 0; i < ARRAY_SIZE(srcmap); i++) \ destmap[i] = srcmap[i]; \ } while (0) memcpy((destmap), (srcmap), sizeof(srcmap)) #define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \ ({ \ int i; \ int flag = 1; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ if (chunkmap[i]) { \ flag = 0; \ break; \ } \ } \ flag; \ }) __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap)) static inline bool __sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n) { unsigned int i; for (i = 0; i < n; ++i) if (chunkmap[i]) return false; return true; } #define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \ ({ \ int i; \ int flag = 1; \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ if (chunkmap[i] != ~0) { \ flag = 0; \ break; \ } \ } \ flag; \ }) __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap)) static inline bool __sctp_chunkmap_is_all_set(const u_int32_t *chunkmap, unsigned int n) { unsigned int i; for (i = 0; i < n; ++i) if (chunkmap[i] != ~0U) return false; return true; } #endif /* _XT_SCTP_H_ */
