[NETFILTER]: Add ctnetlink port for nf_conntrack

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2006-01-05 15:19:05 -0500
committer: David S. Miller <davem@davemloft.net> 2006-01-05 15:19:05 -0500
commit: c1d10adb4a521de5760112853f42aaeefcec96eb (patch)
tree: c7ba283aa0b9016c8403fa6589b7b3418f71acda /include/net
parent: 205d67c7d942c057648148fefb17e46f77e3efd6 (diff)
4 files changed, 72 insertions, 2 deletions
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index cc4825610795..64b82b74a650 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -94,6 +94,9 @@ struct nf_conn
        /* Current number of expected connections */
        unsigned int expecting;
+        /* Unique ID that identifies this conntrack*/
+        unsigned int id;
        /* Helper. if any */
        struct nf_conntrack_helper *helper;
@@ -140,6 +143,9 @@ struct nf_conntrack_expect
        /* Usage count. */
        atomic_t use;
+        /* Unique ID */
+        unsigned int id;
        /* Flags */
        unsigned int flags;
@@ -190,6 +196,31 @@ static inline void nf_ct_put(struct nf_conn *ct)
        nf_conntrack_put(&ct->ct_general);
 }
+extern struct nf_conntrack_tuple_hash *
+__nf_conntrack_find(const struct nf_conntrack_tuple *tuple,
+                    const struct nf_conn *ignored_conntrack);
+extern void nf_conntrack_hash_insert(struct nf_conn *ct);
+extern struct nf_conntrack_expect *
+__nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
+extern struct nf_conntrack_expect *
+nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
+extern void nf_ct_unlink_expect(struct nf_conntrack_expect *exp);
+extern void nf_ct_remove_expectations(struct nf_conn *ct);
+extern void nf_conntrack_flush(void);
+extern struct nf_conntrack_helper *
+nf_ct_helper_find_get( const struct nf_conntrack_tuple *tuple);
+extern void nf_ct_helper_put(struct nf_conntrack_helper *helper);
+extern struct nf_conntrack_helper *
+__nf_conntrack_helper_find_byname(const char *name);
 /* call to create an explicit dependency on nf_conntrack. */
 extern void need_nf_conntrack(void);
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 5a66b2a3a623..86ec8174ad02 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -33,6 +33,8 @@ struct nf_conntrack_helper
                    unsigned int protoff,
                    struct nf_conn *ct,
                    enum ip_conntrack_info conntrackinfo);
+        int (*to_nfattr)(struct sk_buff *skb, const struct nf_conn *ct);
 };
 extern int nf_conntrack_helper_register(struct nf_conntrack_helper *);
diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h
index 01663e5b33df..67856eb93b43 100644
--- a/include/net/netfilter/nf_conntrack_l3proto.h
+++ b/include/net/netfilter/nf_conntrack_l3proto.h
@@ -14,6 +14,8 @@
 #include <linux/seq_file.h>
 #include <net/netfilter/nf_conntrack.h>
+struct nfattr;
 struct nf_conntrack_l3proto
 {
        /* Next pointer. */
@@ -70,6 +72,12 @@ struct nf_conntrack_l3proto
        u_int32_t (*get_features)(const struct nf_conntrack_tuple *tuple);
+        int (*tuple_to_nfattr)(struct sk_buff *skb,
+                               const struct nf_conntrack_tuple *t);
+        int (*nfattr_to_tuple)(struct nfattr *tb[],
+                               struct nf_conntrack_tuple *t);
        /* Module (if any) which this is connected to. */
        struct module *me;
 };
@@ -81,11 +89,16 @@ extern int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto);
 extern void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto);
 static inline struct nf_conntrack_l3proto *
-nf_ct_find_l3proto(u_int16_t l3proto)
+__nf_ct_l3proto_find(u_int16_t l3proto)
 {
        return nf_ct_l3protos[l3proto];
 }
+extern struct nf_conntrack_l3proto *
+nf_ct_l3proto_find_get(u_int16_t l3proto);
+extern void nf_ct_l3proto_put(struct nf_conntrack_l3proto *p);
 /* Existing built-in protocols */
 extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4;
 extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
diff --git a/include/net/netfilter/nf_conntrack_protocol.h b/include/net/netfilter/nf_conntrack_protocol.h
index b3afda35397a..1f33737fcea5 100644
--- a/include/net/netfilter/nf_conntrack_protocol.h
+++ b/include/net/netfilter/nf_conntrack_protocol.h
@@ -12,6 +12,7 @@
 #include <net/netfilter/nf_conntrack.h>
 struct seq_file;
+struct nfattr;
 struct nf_conntrack_protocol
 {
@@ -66,6 +67,18 @@ struct nf_conntrack_protocol
                     enum ip_conntrack_info *ctinfo,
                     int pf, unsigned int hooknum);
+        /* convert protoinfo to nfnetink attributes */
+        int (*to_nfattr)(struct sk_buff *skb, struct nfattr *nfa,
+                         const struct nf_conn *ct);
+        /* convert nfnetlink attributes to protoinfo */
+        int (*from_nfattr)(struct nfattr *tb[], struct nf_conn *ct);
+        int (*tuple_to_nfattr)(struct sk_buff *skb,
+                               const struct nf_conntrack_tuple *t);
+        int (*nfattr_to_tuple)(struct nfattr *tb[],
+                               struct nf_conntrack_tuple *t);
        /* Module (if any) which this is connected to. */
        struct module *me;
 };
@@ -80,12 +93,23 @@ extern struct nf_conntrack_protocol nf_conntrack_generic_protocol;
 extern struct nf_conntrack_protocol **nf_ct_protos[PF_MAX];
 extern struct nf_conntrack_protocol *
-nf_ct_find_proto(u_int16_t l3proto, u_int8_t protocol);
+__nf_ct_proto_find(u_int16_t l3proto, u_int8_t protocol);
+extern struct nf_conntrack_protocol *
+nf_ct_proto_find_get(u_int16_t l3proto, u_int8_t protocol);
+extern void nf_ct_proto_put(struct nf_conntrack_protocol *p);
 /* Protocol registration. */
 extern int nf_conntrack_protocol_register(struct nf_conntrack_protocol *proto);
 extern void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto);
+/* Generic netlink helpers */
+extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb,
+                                      const struct nf_conntrack_tuple *tuple);
+extern int nf_ct_port_nfattr_to_tuple(struct nfattr *tb[],
+                                      struct nf_conntrack_tuple *t);
 /* Log invalid packets */
 extern unsigned int nf_ct_log_invalid;
author	Pablo Neira Ayuso <pablo@netfilter.org>	2006-01-05 15:19:05 -0500
committer	David S. Miller <davem@davemloft.net>	2006-01-05 15:19:05 -0500
commit	c1d10adb4a521de5760112853f42aaeefcec96eb (patch)
tree	c7ba283aa0b9016c8403fa6589b7b3418f71acda /include/net
parent	205d67c7d942c057648148fefb17e46f77e3efd6 (diff)