[NETFILTER]: nf_conntrack: add DCCP protocol support

Add DCCP conntrack helper. Thanks to Gerrit Renker <gerrit@erg.abdn.ac.uk> for review and testing. Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Patrick McHardy <kaber@trash.net> 2008-03-20 10:15:55 -0400
committer: Patrick McHardy <kaber@trash.net> 2008-04-14 05:15:49 -0400
commit: 2bc780499aa33311ec0f3e42624dfaa7be0ade5e (patch)
tree: 5920fd09120573dc5a48ccdfa7d223ae9ae30fae /include
parent: d63a650736f566a1f9e9434725d2089597c0d2cc (diff)
4 files changed, 56 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_conntrack_dccp.h b/include/linux/netfilter/nf_conntrack_dccp.h
new file mode 100644
index 000000000000..40dcc82058d1
--- /dev/null
+++ b/include/linux/netfilter/nf_conntrack_dccp.h
@@ -0,0 +1,40 @@
+#ifndef _NF_CONNTRACK_DCCP_H
+#define _NF_CONNTRACK_DCCP_H
+/* Exposed to userspace over nfnetlink */
+enum ct_dccp_states {
+        CT_DCCP_NONE,
+        CT_DCCP_REQUEST,
+        CT_DCCP_RESPOND,
+        CT_DCCP_PARTOPEN,
+        CT_DCCP_OPEN,
+        CT_DCCP_CLOSEREQ,
+        CT_DCCP_CLOSING,
+        CT_DCCP_TIMEWAIT,
+        CT_DCCP_IGNORE,
+        CT_DCCP_INVALID,
+        __CT_DCCP_MAX
+};
+#define CT_DCCP_MAX             (__CT_DCCP_MAX - 1)
+enum ct_dccp_roles {
+        CT_DCCP_ROLE_CLIENT,
+        CT_DCCP_ROLE_SERVER,
+        __CT_DCCP_ROLE_MAX
+};
+#define CT_DCCP_ROLE_MAX        (__CT_DCCP_ROLE_MAX - 1)
+#ifdef __KERNEL__
+#include <net/netfilter/nf_conntrack_tuple.h>
+struct nf_ct_dccp {
+        u_int8_t        role[IP_CT_DIR_MAX];
+        u_int8_t        state;
+        u_int8_t        last_pkt;
+        u_int8_t        last_dir;
+        u_int64_t       handshake_seq;
+};
+#endif /* __KERNEL__ */
+#endif /* _NF_CONNTRACK_DCCP_H */
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
index e3e1533aba2d..0a383ac083cb 100644
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -80,6 +80,7 @@ enum ctattr_l4proto {
 enum ctattr_protoinfo {
        CTA_PROTOINFO_UNSPEC,
        CTA_PROTOINFO_TCP,
+        CTA_PROTOINFO_DCCP,
        __CTA_PROTOINFO_MAX
 };
 #define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1)
@@ -95,6 +96,13 @@ enum ctattr_protoinfo_tcp {
 };
 #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1)
+enum ctattr_protoinfo_dccp {
+        CTA_PROTOINFO_DCCP_UNSPEC,
+        CTA_PROTOINFO_DCCP_STATE,
+        __CTA_PROTOINFO_DCCP_MAX,
+};
+#define CTA_PROTOINFO_DCCP_MAX (__CTA_PROTOINFO_DCCP_MAX - 1)
 enum ctattr_counters {
        CTA_COUNTERS_UNSPEC,
        CTA_COUNTERS_PACKETS,           /* old 64bit counters */
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index a3567a7a6d67..bb9fc852e973 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -20,6 +20,7 @@
 #include <asm/atomic.h>
 #include <linux/netfilter/nf_conntrack_tcp.h>
+#include <linux/netfilter/nf_conntrack_dccp.h>
 #include <linux/netfilter/nf_conntrack_sctp.h>
 #include <linux/netfilter/nf_conntrack_proto_gre.h>
 #include <net/netfilter/ipv4/nf_conntrack_icmp.h>
@@ -30,6 +31,7 @@
 /* per conntrack: protocol private data */
 union nf_conntrack_proto {
        /* insert conntrack proto private data here */
+        struct nf_ct_dccp dccp;
        struct ip_ct_sctp sctp;
        struct ip_ct_tcp tcp;
        struct ip_ct_icmp icmp;
diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h
index 168c91754d89..bdeec3461384 100644
--- a/include/net/netfilter/nf_conntrack_tuple.h
+++ b/include/net/netfilter/nf_conntrack_tuple.h
@@ -41,6 +41,9 @@ union nf_conntrack_man_proto
        } icmp;
        struct {
                __be16 port;
+        } dccp;
+        struct {
+                __be16 port;
        } sctp;
        struct {
                __be16 key;     /* GRE key is 32bit, PPtP only uses 16bit */
@@ -79,6 +82,9 @@ struct nf_conntrack_tuple
                        } icmp;
                        struct {
                                __be16 port;
+                        } dccp;
+                        struct {
+                                __be16 port;
                        } sctp;
                        struct {
                                __be16 key;
author	Patrick McHardy <kaber@trash.net>	2008-03-20 10:15:55 -0400
committer	Patrick McHardy <kaber@trash.net>	2008-04-14 05:15:49 -0400
commit	2bc780499aa33311ec0f3e42624dfaa7be0ade5e (patch)
tree	5920fd09120573dc5a48ccdfa7d223ae9ae30fae /include
parent	d63a650736f566a1f9e9434725d2089597c0d2cc (diff)

diff --git a/include/linux/netfilter/nf_conntrack_dccp.h b/include/linux/netfilter/nf_conntrack_dccp.h new file mode 100644 index 000000000000..40dcc82058d1 --- /dev/null +++ b/include/linux/netfilter/nf_conntrack_dccp.h
@@ -0,0 +1,40 @@
		1	#ifndef _NF_CONNTRACK_DCCP_H
		2	#define _NF_CONNTRACK_DCCP_H
		3
		4	/* Exposed to userspace over nfnetlink */
		5	enum ct_dccp_states {
		6	CT_DCCP_NONE,
		7	CT_DCCP_REQUEST,
		8	CT_DCCP_RESPOND,
		9	CT_DCCP_PARTOPEN,
		10	CT_DCCP_OPEN,
		11	CT_DCCP_CLOSEREQ,
		12	CT_DCCP_CLOSING,
		13	CT_DCCP_TIMEWAIT,
		14	CT_DCCP_IGNORE,
		15	CT_DCCP_INVALID,
		16	__CT_DCCP_MAX
		17	};
		18	#define CT_DCCP_MAX (__CT_DCCP_MAX - 1)
		19
		20	enum ct_dccp_roles {
		21	CT_DCCP_ROLE_CLIENT,
		22	CT_DCCP_ROLE_SERVER,
		23	__CT_DCCP_ROLE_MAX
		24	};
		25	#define CT_DCCP_ROLE_MAX (__CT_DCCP_ROLE_MAX - 1)
		26
		27	#ifdef __KERNEL__
		28	#include <net/netfilter/nf_conntrack_tuple.h>
		29
		30	struct nf_ct_dccp {
		31	u_int8_t role[IP_CT_DIR_MAX];
		32	u_int8_t state;
		33	u_int8_t last_pkt;
		34	u_int8_t last_dir;
		35	u_int64_t handshake_seq;
		36	};
		37
		38	#endif /* __KERNEL__ */
		39
		40	#endif /* _NF_CONNTRACK_DCCP_H */


diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h index e3e1533aba2d..0a383ac083cb 100644 --- a/include/linux/netfilter/nfnetlink_conntrack.h +++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -80,6 +80,7 @@ enum ctattr_l4proto {
80	enum ctattr_protoinfo {	80	enum ctattr_protoinfo {
81	CTA_PROTOINFO_UNSPEC,	81	CTA_PROTOINFO_UNSPEC,
82	CTA_PROTOINFO_TCP,	82	CTA_PROTOINFO_TCP,
		83	CTA_PROTOINFO_DCCP,
83	__CTA_PROTOINFO_MAX	84	__CTA_PROTOINFO_MAX
84	};	85	};
85	#define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1)	86	#define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1)
@@ -95,6 +96,13 @@ enum ctattr_protoinfo_tcp {
95	};	96	};
96	#define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1)	97	#define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1)
97		98
		99	enum ctattr_protoinfo_dccp {
		100	CTA_PROTOINFO_DCCP_UNSPEC,
		101	CTA_PROTOINFO_DCCP_STATE,
		102	__CTA_PROTOINFO_DCCP_MAX,
		103	};
		104	#define CTA_PROTOINFO_DCCP_MAX (__CTA_PROTOINFO_DCCP_MAX - 1)
		105
98	enum ctattr_counters {	106	enum ctattr_counters {
99	CTA_COUNTERS_UNSPEC,	107	CTA_COUNTERS_UNSPEC,
100	CTA_COUNTERS_PACKETS, /* old 64bit counters */	108	CTA_COUNTERS_PACKETS, /* old 64bit counters */


diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index a3567a7a6d67..bb9fc852e973 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h
@@ -20,6 +20,7 @@
20	#include <asm/atomic.h>	20	#include <asm/atomic.h>
21		21
22	#include <linux/netfilter/nf_conntrack_tcp.h>	22	#include <linux/netfilter/nf_conntrack_tcp.h>
		23	#include <linux/netfilter/nf_conntrack_dccp.h>
23	#include <linux/netfilter/nf_conntrack_sctp.h>	24	#include <linux/netfilter/nf_conntrack_sctp.h>
24	#include <linux/netfilter/nf_conntrack_proto_gre.h>	25	#include <linux/netfilter/nf_conntrack_proto_gre.h>
25	#include <net/netfilter/ipv4/nf_conntrack_icmp.h>	26	#include <net/netfilter/ipv4/nf_conntrack_icmp.h>
@@ -30,6 +31,7 @@
30	/* per conntrack: protocol private data */	31	/* per conntrack: protocol private data */
31	union nf_conntrack_proto {	32	union nf_conntrack_proto {
32	/* insert conntrack proto private data here */	33	/* insert conntrack proto private data here */
		34	struct nf_ct_dccp dccp;
33	struct ip_ct_sctp sctp;	35	struct ip_ct_sctp sctp;
34	struct ip_ct_tcp tcp;	36	struct ip_ct_tcp tcp;
35	struct ip_ct_icmp icmp;	37	struct ip_ct_icmp icmp;


diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h index 168c91754d89..bdeec3461384 100644 --- a/include/net/netfilter/nf_conntrack_tuple.h +++ b/include/net/netfilter/nf_conntrack_tuple.h
@@ -41,6 +41,9 @@ union nf_conntrack_man_proto
41	} icmp;	41	} icmp;
42	struct {	42	struct {
43	__be16 port;	43	__be16 port;
		44	} dccp;
		45	struct {
		46	__be16 port;
44	} sctp;	47	} sctp;
45	struct {	48	struct {
46	__be16 key; /* GRE key is 32bit, PPtP only uses 16bit */	49	__be16 key; /* GRE key is 32bit, PPtP only uses 16bit */
@@ -79,6 +82,9 @@ struct nf_conntrack_tuple
79	} icmp;	82	} icmp;
80	struct {	83	struct {
81	__be16 port;	84	__be16 port;
		85	} dccp;
		86	struct {
		87	__be16 port;
82	} sctp;	88	} sctp;
83	struct {	89	struct {
84	__be16 key;	90	__be16 key;