aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/linux/netfilter.h32
-rw-r--r--include/net/netfilter/nf_queue.h32
-rw-r--r--net/ipv4/netfilter.c1
-rw-r--r--net/ipv4/netfilter/ip_queue.c1
-rw-r--r--net/ipv6/netfilter.c1
-rw-r--r--net/ipv6/netfilter/ip6_queue.c1
-rw-r--r--net/netfilter/nf_queue.c1
-rw-r--r--net/netfilter/nfnetlink_queue.c1
8 files changed, 40 insertions, 30 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 1ba60112ab83..5fe4ef401cc8 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -101,19 +101,6 @@ struct nf_sockopt_ops
101 struct module *owner; 101 struct module *owner;
102}; 102};
103 103
104/* Each queued (to userspace) skbuff has one of these. */
105struct nf_info
106{
107 /* The ops struct which sent us to userspace. */
108 struct nf_hook_ops *elem;
109
110 /* If we're sent to userspace, this keeps housekeeping info */
111 int pf;
112 unsigned int hook;
113 struct net_device *indev, *outdev;
114 int (*okfn)(struct sk_buff *);
115};
116
117/* Function to register/unregister hook points. */ 104/* Function to register/unregister hook points. */
118int nf_register_hook(struct nf_hook_ops *reg); 105int nf_register_hook(struct nf_hook_ops *reg);
119void nf_unregister_hook(struct nf_hook_ops *reg); 106void nf_unregister_hook(struct nf_hook_ops *reg);
@@ -274,21 +261,6 @@ int compat_nf_setsockopt(struct sock *sk, int pf, int optval,
274int compat_nf_getsockopt(struct sock *sk, int pf, int optval, 261int compat_nf_getsockopt(struct sock *sk, int pf, int optval,
275 char __user *opt, int *len); 262 char __user *opt, int *len);
276 263
277/* Packet queuing */
278struct nf_queue_handler {
279 int (*outfn)(struct sk_buff *skb, struct nf_info *info,
280 unsigned int queuenum);
281 char *name;
282};
283extern int nf_register_queue_handler(int pf,
284 const struct nf_queue_handler *qh);
285extern int nf_unregister_queue_handler(int pf,
286 const struct nf_queue_handler *qh);
287extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh);
288extern void nf_reinject(struct sk_buff *skb,
289 struct nf_info *info,
290 unsigned int verdict);
291
292/* FIXME: Before cache is ever used, this must be implemented for real. */ 264/* FIXME: Before cache is ever used, this must be implemented for real. */
293extern void nf_invalidate_cache(int pf); 265extern void nf_invalidate_cache(int pf);
294 266
@@ -298,6 +270,8 @@ extern void nf_invalidate_cache(int pf);
298extern int skb_make_writable(struct sk_buff *skb, unsigned int writable_len); 270extern int skb_make_writable(struct sk_buff *skb, unsigned int writable_len);
299 271
300struct flowi; 272struct flowi;
273struct nf_info;
274
301struct nf_afinfo { 275struct nf_afinfo {
302 unsigned short family; 276 unsigned short family;
303 __sum16 (*checksum)(struct sk_buff *skb, unsigned int hook, 277 __sum16 (*checksum)(struct sk_buff *skb, unsigned int hook,
@@ -334,8 +308,6 @@ nf_checksum(struct sk_buff *skb, unsigned int hook, unsigned int dataoff,
334extern int nf_register_afinfo(struct nf_afinfo *afinfo); 308extern int nf_register_afinfo(struct nf_afinfo *afinfo);
335extern void nf_unregister_afinfo(struct nf_afinfo *afinfo); 309extern void nf_unregister_afinfo(struct nf_afinfo *afinfo);
336 310
337#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
338
339#include <net/flow.h> 311#include <net/flow.h>
340extern void (*ip_nat_decode_session)(struct sk_buff *, struct flowi *); 312extern void (*ip_nat_decode_session)(struct sk_buff *, struct flowi *);
341 313
diff --git a/include/net/netfilter/nf_queue.h b/include/net/netfilter/nf_queue.h
new file mode 100644
index 000000000000..8c6b382fd865
--- /dev/null
+++ b/include/net/netfilter/nf_queue.h
@@ -0,0 +1,32 @@
1#ifndef _NF_QUEUE_H
2#define _NF_QUEUE_H
3
4/* Each queued (to userspace) skbuff has one of these. */
5struct nf_info {
6 struct nf_hook_ops *elem;
7 int pf;
8 unsigned int hook;
9 struct net_device *indev;
10 struct net_device *outdev;
11 int (*okfn)(struct sk_buff *);
12};
13
14#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
15
16/* Packet queuing */
17struct nf_queue_handler {
18 int (*outfn)(struct sk_buff *skb,
19 struct nf_info *info,
20 unsigned int queuenum);
21 char *name;
22};
23
24extern int nf_register_queue_handler(int pf,
25 const struct nf_queue_handler *qh);
26extern int nf_unregister_queue_handler(int pf,
27 const struct nf_queue_handler *qh);
28extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh);
29extern void nf_reinject(struct sk_buff *skb, struct nf_info *info,
30 unsigned int verdict);
31
32#endif /* _NF_QUEUE_H */
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
index 599d448ef57e..f7166084a5ab 100644
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -7,6 +7,7 @@
7#include <net/route.h> 7#include <net/route.h>
8#include <net/xfrm.h> 8#include <net/xfrm.h>
9#include <net/ip.h> 9#include <net/ip.h>
10#include <net/netfilter/nf_queue.h>
10 11
11/* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */ 12/* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */
12int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type) 13int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type)
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index 08e7f8b4e951..2966fbddce8b 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -28,6 +28,7 @@
28#include <net/net_namespace.h> 28#include <net/net_namespace.h>
29#include <net/sock.h> 29#include <net/sock.h>
30#include <net/route.h> 30#include <net/route.h>
31#include <net/netfilter/nf_queue.h>
31 32
32#define IPQ_QMAX_DEFAULT 1024 33#define IPQ_QMAX_DEFAULT 1024
33#define IPQ_PROC_FS_NAME "ip_queue" 34#define IPQ_PROC_FS_NAME "ip_queue"
diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index 281f732e3c97..55ea9c6ec744 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -8,6 +8,7 @@
8#include <net/ip6_route.h> 8#include <net/ip6_route.h>
9#include <net/xfrm.h> 9#include <net/xfrm.h>
10#include <net/ip6_checksum.h> 10#include <net/ip6_checksum.h>
11#include <net/netfilter/nf_queue.h>
11 12
12int ip6_route_me_harder(struct sk_buff *skb) 13int ip6_route_me_harder(struct sk_buff *skb)
13{ 14{
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index 5a9ca0d4fb2f..7ff9915750a3 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -29,6 +29,7 @@
29#include <net/sock.h> 29#include <net/sock.h>
30#include <net/ipv6.h> 30#include <net/ipv6.h>
31#include <net/ip6_route.h> 31#include <net/ip6_route.h>
32#include <net/netfilter/nf_queue.h>
32#include <linux/netfilter_ipv4/ip_queue.h> 33#include <linux/netfilter_ipv4/ip_queue.h>
33#include <linux/netfilter_ipv4/ip_tables.h> 34#include <linux/netfilter_ipv4/ip_tables.h>
34#include <linux/netfilter_ipv6/ip6_tables.h> 35#include <linux/netfilter_ipv6/ip6_tables.h>
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index c098ccbbbcee..bd71f433b85e 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -7,6 +7,7 @@
7#include <linux/seq_file.h> 7#include <linux/seq_file.h>
8#include <linux/rcupdate.h> 8#include <linux/rcupdate.h>
9#include <net/protocol.h> 9#include <net/protocol.h>
10#include <net/netfilter/nf_queue.h>
10 11
11#include "nf_internals.h" 12#include "nf_internals.h"
12 13
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 94ec1c263d03..3a09f021065a 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -27,6 +27,7 @@
27#include <linux/netfilter/nfnetlink_queue.h> 27#include <linux/netfilter/nfnetlink_queue.h>
28#include <linux/list.h> 28#include <linux/list.h>
29#include <net/sock.h> 29#include <net/sock.h>
30#include <net/netfilter/nf_queue.h>
30 31
31#include <asm/atomic.h> 32#include <asm/atomic.h>
32 33
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-16 09:46:51 -0500