aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/dccp.h456
-rw-r--r--include/linux/ethtool.h13
-rw-r--r--include/linux/hippidevice.h8
-rw-r--r--include/linux/if_ether.h2
-rw-r--r--include/linux/if_fc.h2
-rw-r--r--include/linux/if_fddi.h2
-rw-r--r--include/linux/if_frad.h6
-rw-r--r--include/linux/if_hippi.h6
-rw-r--r--include/linux/if_tr.h4
-rw-r--r--include/linux/if_vlan.h1
-rw-r--r--include/linux/igmp.h3
-rw-r--r--include/linux/in.h1
-rw-r--r--include/linux/inet_diag.h138
-rw-r--r--include/linux/ip.h2
-rw-r--r--include/linux/ipv6.h52
-rw-r--r--include/linux/list.h65
-rw-r--r--include/linux/net.h11
-rw-r--r--include/linux/netdevice.h35
-rw-r--r--include/linux/netfilter.h88
-rw-r--r--include/linux/netfilter/nfnetlink.h169
-rw-r--r--include/linux/netfilter/nfnetlink_conntrack.h124
-rw-r--r--include/linux/netfilter/nfnetlink_log.h88
-rw-r--r--include/linux/netfilter/nfnetlink_queue.h89
-rw-r--r--include/linux/netfilter_decnet.h17
-rw-r--r--include/linux/netfilter_ipv4.h8
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack.h189
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_core.h18
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_helper.h2
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_protocol.h24
-rw-r--r--include/linux/netfilter_ipv4/ip_logging.h20
-rw-r--r--include/linux/netfilter_ipv4/ip_nat_protocol.h25
-rw-r--r--include/linux/netfilter_ipv4/ip_tables.h3
-rw-r--r--include/linux/netfilter_ipv4/ipt_LOG.h1
-rw-r--r--include/linux/netfilter_ipv4/ipt_NFQUEUE.h16
-rw-r--r--include/linux/netfilter_ipv4/ipt_TTL.h21
-rw-r--r--include/linux/netfilter_ipv4/ipt_connbytes.h25
-rw-r--r--include/linux/netfilter_ipv4/ipt_dccp.h23
-rw-r--r--include/linux/netfilter_ipv4/ipt_string.h18
-rw-r--r--include/linux/netfilter_ipv6.h6
-rw-r--r--include/linux/netfilter_ipv6/ip6_logging.h20
-rw-r--r--include/linux/netfilter_ipv6/ip6_tables.h3
-rw-r--r--include/linux/netfilter_ipv6/ip6t_HL.h22
-rw-r--r--include/linux/netfilter_ipv6/ip6t_LOG.h1
-rw-r--r--include/linux/netfilter_ipv6/ip6t_REJECT.h18
-rw-r--r--include/linux/netlink.h18
-rw-r--r--include/linux/random.h2
-rw-r--r--include/linux/rtnetlink.h42
-rw-r--r--include/linux/security.h6
-rw-r--r--include/linux/selinux_netlink.h13
-rw-r--r--include/linux/skbuff.h118
-rw-r--r--include/linux/socket.h9
-rw-r--r--include/linux/tcp.h82
-rw-r--r--include/linux/tcp_diag.h127
-rw-r--r--include/linux/types.h3
-rw-r--r--include/linux/xfrm.h18
55 files changed, 1942 insertions, 341 deletions
diff --git a/include/linux/dccp.h b/include/linux/dccp.h
new file mode 100644
index 000000000000..007c290f74d4
--- /dev/null
+++ b/include/linux/dccp.h
@@ -0,0 +1,456 @@
1#ifndef _LINUX_DCCP_H
2#define _LINUX_DCCP_H
3
4#include <linux/types.h>
5#include <asm/byteorder.h>
6
7/* Structure describing an Internet (DCCP) socket address. */
8struct sockaddr_dccp {
9 __u16 sdccp_family; /* Address family */
10 __u16 sdccp_port; /* Port number */
11 __u32 sdccp_addr; /* Internet address */
12 __u32 sdccp_service; /* Service */
13 /* Pad to size of `struct sockaddr': 16 bytes . */
14 __u32 sdccp_pad;
15};
16
17/**
18 * struct dccp_hdr - generic part of DCCP packet header
19 *
20 * @dccph_sport - Relevant port on the endpoint that sent this packet
21 * @dccph_dport - Relevant port on the other endpoint
22 * @dccph_doff - Data Offset from the start of the DCCP header, in 32-bit words
23 * @dccph_ccval - Used by the HC-Sender CCID
24 * @dccph_cscov - Parts of the packet that are covered by the Checksum field
25 * @dccph_checksum - Internet checksum, depends on dccph_cscov
26 * @dccph_x - 0 = 24 bit sequence number, 1 = 48
27 * @dccph_type - packet type, see DCCP_PKT_ prefixed macros
28 * @dccph_seq - sequence number high or low order 24 bits, depends on dccph_x
29 */
30struct dccp_hdr {
31 __u16 dccph_sport,
32 dccph_dport;
33 __u8 dccph_doff;
34#if defined(__LITTLE_ENDIAN_BITFIELD)
35 __u8 dccph_cscov:4,
36 dccph_ccval:4;
37#elif defined(__BIG_ENDIAN_BITFIELD)
38 __u8 dccph_ccval:4,
39 dccph_cscov:4;
40#else
41#error "Adjust your <asm/byteorder.h> defines"
42#endif
43 __u16 dccph_checksum;
44#if defined(__LITTLE_ENDIAN_BITFIELD)
45 __u32 dccph_x:1,
46 dccph_type:4,
47 dccph_reserved:3,
48 dccph_seq:24;
49#elif defined(__BIG_ENDIAN_BITFIELD)
50 __u32 dccph_reserved:3,
51 dccph_type:4,
52 dccph_x:1,
53 dccph_seq:24;
54#else
55#error "Adjust your <asm/byteorder.h> defines"
56#endif
57};
58
59/**
60 * struct dccp_hdr_ext - the low bits of a 48 bit seq packet
61 *
62 * @dccph_seq_low - low 24 bits of a 48 bit seq packet
63 */
64struct dccp_hdr_ext {
65 __u32 dccph_seq_low;
66};
67
68/**
69 * struct dccp_hdr_request - Conection initiation request header
70 *
71 * @dccph_req_service - Service to which the client app wants to connect
72 * @dccph_req_options - list of options (must be a multiple of 32 bits
73 */
74struct dccp_hdr_request {
75 __u32 dccph_req_service;
76};
77/**
78 * struct dccp_hdr_ack_bits - acknowledgment bits common to most packets
79 *
80 * @dccph_resp_ack_nr_high - 48 bit ack number high order bits, contains GSR
81 * @dccph_resp_ack_nr_low - 48 bit ack number low order bits, contains GSR
82 */
83struct dccp_hdr_ack_bits {
84 __u32 dccph_reserved1:8,
85 dccph_ack_nr_high:24;
86 __u32 dccph_ack_nr_low;
87};
88/**
89 * struct dccp_hdr_response - Conection initiation response header
90 *
91 * @dccph_resp_ack_nr_high - 48 bit ack number high order bits, contains GSR
92 * @dccph_resp_ack_nr_low - 48 bit ack number low order bits, contains GSR
93 * @dccph_resp_service - Echoes the Service Code on a received DCCP-Request
94 * @dccph_resp_options - list of options (must be a multiple of 32 bits
95 */
96struct dccp_hdr_response {
97 struct dccp_hdr_ack_bits dccph_resp_ack;
98 __u32 dccph_resp_service;
99};
100
101/**
102 * struct dccp_hdr_reset - Unconditionally shut down a connection
103 *
104 * @dccph_reset_service - Echoes the Service Code on a received DCCP-Request
105 * @dccph_reset_options - list of options (must be a multiple of 32 bits
106 */
107struct dccp_hdr_reset {
108 struct dccp_hdr_ack_bits dccph_reset_ack;
109 __u8 dccph_reset_code,
110 dccph_reset_data[3];
111};
112
113enum dccp_pkt_type {
114 DCCP_PKT_REQUEST = 0,
115 DCCP_PKT_RESPONSE,
116 DCCP_PKT_DATA,
117 DCCP_PKT_ACK,
118 DCCP_PKT_DATAACK,
119 DCCP_PKT_CLOSEREQ,
120 DCCP_PKT_CLOSE,
121 DCCP_PKT_RESET,
122 DCCP_PKT_SYNC,
123 DCCP_PKT_SYNCACK,
124 DCCP_PKT_INVALID,
125};
126
127#define DCCP_NR_PKT_TYPES DCCP_PKT_INVALID
128
129static inline unsigned int dccp_packet_hdr_len(const __u8 type)
130{
131 if (type == DCCP_PKT_DATA)
132 return 0;
133 if (type == DCCP_PKT_DATAACK ||
134 type == DCCP_PKT_ACK ||
135 type == DCCP_PKT_SYNC ||
136 type == DCCP_PKT_SYNCACK ||
137 type == DCCP_PKT_CLOSE ||
138 type == DCCP_PKT_CLOSEREQ)
139 return sizeof(struct dccp_hdr_ack_bits);
140 if (type == DCCP_PKT_REQUEST)
141 return sizeof(struct dccp_hdr_request);
142 if (type == DCCP_PKT_RESPONSE)
143 return sizeof(struct dccp_hdr_response);
144 return sizeof(struct dccp_hdr_reset);
145}
146enum dccp_reset_codes {
147 DCCP_RESET_CODE_UNSPECIFIED = 0,
148 DCCP_RESET_CODE_CLOSED,
149 DCCP_RESET_CODE_ABORTED,
150 DCCP_RESET_CODE_NO_CONNECTION,
151 DCCP_RESET_CODE_PACKET_ERROR,
152 DCCP_RESET_CODE_OPTION_ERROR,
153 DCCP_RESET_CODE_MANDATORY_ERROR,
154 DCCP_RESET_CODE_CONNECTION_REFUSED,
155 DCCP_RESET_CODE_BAD_SERVICE_CODE,
156 DCCP_RESET_CODE_TOO_BUSY,
157 DCCP_RESET_CODE_BAD_INIT_COOKIE,
158 DCCP_RESET_CODE_AGGRESSION_PENALTY,
159};
160
161/* DCCP options */
162enum {
163 DCCPO_PADDING = 0,
164 DCCPO_MANDATORY = 1,
165 DCCPO_MIN_RESERVED = 3,
166 DCCPO_MAX_RESERVED = 31,
167 DCCPO_NDP_COUNT = 37,
168 DCCPO_ACK_VECTOR_0 = 38,
169 DCCPO_ACK_VECTOR_1 = 39,
170 DCCPO_TIMESTAMP = 41,
171 DCCPO_TIMESTAMP_ECHO = 42,
172 DCCPO_ELAPSED_TIME = 43,
173 DCCPO_MAX = 45,
174 DCCPO_MIN_CCID_SPECIFIC = 128,
175 DCCPO_MAX_CCID_SPECIFIC = 255,
176};
177
178/* DCCP features */
179enum {
180 DCCPF_RESERVED = 0,
181 DCCPF_SEQUENCE_WINDOW = 3,
182 DCCPF_SEND_ACK_VECTOR = 6,
183 DCCPF_SEND_NDP_COUNT = 7,
184 /* 10-127 reserved */
185 DCCPF_MIN_CCID_SPECIFIC = 128,
186 DCCPF_MAX_CCID_SPECIFIC = 255,
187};
188
189/* DCCP socket options */
190#define DCCP_SOCKOPT_PACKET_SIZE 1
191
192#ifdef __KERNEL__
193
194#include <linux/in.h>
195#include <linux/list.h>
196#include <linux/uio.h>
197#include <linux/workqueue.h>
198
199#include <net/inet_connection_sock.h>
200#include <net/inet_timewait_sock.h>
201#include <net/sock.h>
202#include <net/tcp_states.h>
203#include <net/tcp.h>
204
205enum dccp_state {
206 DCCP_OPEN = TCP_ESTABLISHED,
207 DCCP_REQUESTING = TCP_SYN_SENT,
208 DCCP_PARTOPEN = TCP_FIN_WAIT1, /* FIXME:
209 This mapping is horrible, but TCP has
210 no matching state for DCCP_PARTOPEN,
211 as TCP_SYN_RECV is already used by
212 DCCP_RESPOND, why don't stop using TCP
213 mapping of states? OK, now we don't use
214 sk_stream_sendmsg anymore, so doesn't
215 seem to exist any reason for us to
216 do the TCP mapping here */
217 DCCP_LISTEN = TCP_LISTEN,
218 DCCP_RESPOND = TCP_SYN_RECV,
219 DCCP_CLOSING = TCP_CLOSING,
220 DCCP_TIME_WAIT = TCP_TIME_WAIT,
221 DCCP_CLOSED = TCP_CLOSE,
222 DCCP_MAX_STATES = TCP_MAX_STATES,
223};
224
225#define DCCP_STATE_MASK 0xf
226#define DCCP_ACTION_FIN (1<<7)
227
228enum {
229 DCCPF_OPEN = TCPF_ESTABLISHED,
230 DCCPF_REQUESTING = TCPF_SYN_SENT,
231 DCCPF_PARTOPEN = TCPF_FIN_WAIT1,
232 DCCPF_LISTEN = TCPF_LISTEN,
233 DCCPF_RESPOND = TCPF_SYN_RECV,
234 DCCPF_CLOSING = TCPF_CLOSING,
235 DCCPF_TIME_WAIT = TCPF_TIME_WAIT,
236 DCCPF_CLOSED = TCPF_CLOSE,
237};
238
239static inline struct dccp_hdr *dccp_hdr(const struct sk_buff *skb)
240{
241 return (struct dccp_hdr *)skb->h.raw;
242}
243
244static inline struct dccp_hdr_ext *dccp_hdrx(const struct sk_buff *skb)
245{
246 return (struct dccp_hdr_ext *)(skb->h.raw + sizeof(struct dccp_hdr));
247}
248
249static inline unsigned int __dccp_basic_hdr_len(const struct dccp_hdr *dh)
250{
251 return sizeof(*dh) + (dh->dccph_x ? sizeof(struct dccp_hdr_ext) : 0);
252}
253
254static inline unsigned int dccp_basic_hdr_len(const struct sk_buff *skb)
255{
256 const struct dccp_hdr *dh = dccp_hdr(skb);
257 return __dccp_basic_hdr_len(dh);
258}
259
260static inline __u64 dccp_hdr_seq(const struct sk_buff *skb)
261{
262 const struct dccp_hdr *dh = dccp_hdr(skb);
263#if defined(__LITTLE_ENDIAN_BITFIELD)
264 __u64 seq_nr = ntohl(dh->dccph_seq << 8);
265#elif defined(__BIG_ENDIAN_BITFIELD)
266 __u64 seq_nr = ntohl(dh->dccph_seq);
267#else
268#error "Adjust your <asm/byteorder.h> defines"
269#endif
270
271 if (dh->dccph_x != 0)
272 seq_nr = (seq_nr << 32) + ntohl(dccp_hdrx(skb)->dccph_seq_low);
273
274 return seq_nr;
275}
276
277static inline struct dccp_hdr_request *dccp_hdr_request(struct sk_buff *skb)
278{
279 return (struct dccp_hdr_request *)(skb->h.raw + dccp_basic_hdr_len(skb));
280}
281
282static inline struct dccp_hdr_ack_bits *dccp_hdr_ack_bits(const struct sk_buff *skb)
283{
284 return (struct dccp_hdr_ack_bits *)(skb->h.raw + dccp_basic_hdr_len(skb));
285}
286
287static inline u64 dccp_hdr_ack_seq(const struct sk_buff *skb)
288{
289 const struct dccp_hdr_ack_bits *dhack = dccp_hdr_ack_bits(skb);
290#if defined(__LITTLE_ENDIAN_BITFIELD)
291 return (((u64)ntohl(dhack->dccph_ack_nr_high << 8)) << 32) + ntohl(dhack->dccph_ack_nr_low);
292#elif defined(__BIG_ENDIAN_BITFIELD)
293 return (((u64)ntohl(dhack->dccph_ack_nr_high)) << 32) + ntohl(dhack->dccph_ack_nr_low);
294#else
295#error "Adjust your <asm/byteorder.h> defines"
296#endif
297}
298
299static inline struct dccp_hdr_response *dccp_hdr_response(struct sk_buff *skb)
300{
301 return (struct dccp_hdr_response *)(skb->h.raw + dccp_basic_hdr_len(skb));
302}
303
304static inline struct dccp_hdr_reset *dccp_hdr_reset(struct sk_buff *skb)
305{
306 return (struct dccp_hdr_reset *)(skb->h.raw + dccp_basic_hdr_len(skb));
307}
308
309static inline unsigned int __dccp_hdr_len(const struct dccp_hdr *dh)
310{
311 return __dccp_basic_hdr_len(dh) +
312 dccp_packet_hdr_len(dh->dccph_type);
313}
314
315static inline unsigned int dccp_hdr_len(const struct sk_buff *skb)
316{
317 return __dccp_hdr_len(dccp_hdr(skb));
318}
319
320
321/* initial values for each feature */
322#define DCCPF_INITIAL_SEQUENCE_WINDOW 100
323/* FIXME: for now we're using CCID 3 (TFRC) */
324#define DCCPF_INITIAL_CCID 3
325#define DCCPF_INITIAL_SEND_ACK_VECTOR 0
326/* FIXME: for now we're default to 1 but it should really be 0 */
327#define DCCPF_INITIAL_SEND_NDP_COUNT 1
328
329#define DCCP_NDP_LIMIT 0xFFFFFF
330
331/**
332 * struct dccp_options - option values for a DCCP connection
333 * @dccpo_sequence_window - Sequence Window Feature (section 7.5.2)
334 * @dccpo_ccid - Congestion Control Id (CCID) (section 10)
335 * @dccpo_send_ack_vector - Send Ack Vector Feature (section 11.5)
336 * @dccpo_send_ndp_count - Send NDP Count Feature (7.7.2)
337 */
338struct dccp_options {
339 __u64 dccpo_sequence_window;
340 __u8 dccpo_ccid;
341 __u8 dccpo_send_ack_vector;
342 __u8 dccpo_send_ndp_count;
343};
344
345extern void __dccp_options_init(struct dccp_options *dccpo);
346extern void dccp_options_init(struct dccp_options *dccpo);
347extern int dccp_parse_options(struct sock *sk, struct sk_buff *skb);
348
349struct dccp_request_sock {
350 struct inet_request_sock dreq_inet_rsk;
351 __u64 dreq_iss;
352 __u64 dreq_isr;
353 __u32 dreq_service;
354};
355
356static inline struct dccp_request_sock *dccp_rsk(const struct request_sock *req)
357{
358 return (struct dccp_request_sock *)req;
359}
360
361extern struct inet_timewait_death_row dccp_death_row;
362
363/* Read about the ECN nonce to see why it is 253 */
364#define DCCP_MAX_ACK_VECTOR_LEN 253
365
366struct dccp_options_received {
367 u32 dccpor_ndp:24,
368 dccpor_ack_vector_len:8;
369 u32 dccpor_ack_vector_idx:10;
370 /* 22 bits hole, try to pack */
371 u32 dccpor_timestamp;
372 u32 dccpor_timestamp_echo;
373 u32 dccpor_elapsed_time;
374};
375
376struct ccid;
377
378enum dccp_role {
379 DCCP_ROLE_UNDEFINED,
380 DCCP_ROLE_LISTEN,
381 DCCP_ROLE_CLIENT,
382 DCCP_ROLE_SERVER,
383};
384
385/**
386 * struct dccp_sock - DCCP socket state
387 *
388 * @dccps_swl - sequence number window low
389 * @dccps_swh - sequence number window high
390 * @dccps_awl - acknowledgement number window low
391 * @dccps_awh - acknowledgement number window high
392 * @dccps_iss - initial sequence number sent
393 * @dccps_isr - initial sequence number received
394 * @dccps_osr - first OPEN sequence number received
395 * @dccps_gss - greatest sequence number sent
396 * @dccps_gsr - greatest valid sequence number received
397 * @dccps_gar - greatest valid ack number received on a non-Sync; initialized to %dccps_iss
398 * @dccps_timestamp_time - time of latest TIMESTAMP option
399 * @dccps_timestamp_echo - latest timestamp received on a TIMESTAMP option
400 * @dccps_ext_header_len - network protocol overhead (IP/IPv6 options)
401 * @dccps_pmtu_cookie - Last pmtu seen by socket
402 * @dccps_packet_size - Set thru setsockopt
403 * @dccps_role - Role of this sock, one of %dccp_role
404 * @dccps_ndp_count - number of Non Data Packets since last data packet
405 * @dccps_hc_rx_ackpkts - receiver half connection acked packets
406 */
407struct dccp_sock {
408 /* inet_connection_sock has to be the first member of dccp_sock */
409 struct inet_connection_sock dccps_inet_connection;
410 __u64 dccps_swl;
411 __u64 dccps_swh;
412 __u64 dccps_awl;
413 __u64 dccps_awh;
414 __u64 dccps_iss;
415 __u64 dccps_isr;
416 __u64 dccps_osr;
417 __u64 dccps_gss;
418 __u64 dccps_gsr;
419 __u64 dccps_gar;
420 unsigned long dccps_service;
421 struct timeval dccps_timestamp_time;
422 __u32 dccps_timestamp_echo;
423 __u32 dccps_packet_size;
424 unsigned long dccps_ndp_count;
425 __u16 dccps_ext_header_len;
426 __u32 dccps_pmtu_cookie;
427 __u32 dccps_mss_cache;
428 struct dccp_options dccps_options;
429 struct dccp_ackpkts *dccps_hc_rx_ackpkts;
430 void *dccps_hc_rx_ccid_private;
431 void *dccps_hc_tx_ccid_private;
432 struct ccid *dccps_hc_rx_ccid;
433 struct ccid *dccps_hc_tx_ccid;
434 struct dccp_options_received dccps_options_received;
435 enum dccp_role dccps_role:2;
436};
437
438static inline struct dccp_sock *dccp_sk(const struct sock *sk)
439{
440 return (struct dccp_sock *)sk;
441}
442
443static inline const char *dccp_role(const struct sock *sk)
444{
445 switch (dccp_sk(sk)->dccps_role) {
446 case DCCP_ROLE_UNDEFINED: return "undefined";
447 case DCCP_ROLE_LISTEN: return "listen";
448 case DCCP_ROLE_SERVER: return "server";
449 case DCCP_ROLE_CLIENT: return "client";
450 }
451 return NULL;
452}
453
454#endif /* __KERNEL__ */
455
456#endif /* _LINUX_DCCP_H */
diff --git a/include/linux/ethtool.h b/include/linux/ethtool.h
index d7021c391b2b..ed1440ea4c91 100644
--- a/include/linux/ethtool.h
+++ b/include/linux/ethtool.h
@@ -250,6 +250,12 @@ struct ethtool_stats {
250 u64 data[0]; 250 u64 data[0];
251}; 251};
252 252
253struct ethtool_perm_addr {
254 u32 cmd; /* ETHTOOL_GPERMADDR */
255 u32 size;
256 u8 data[0];
257};
258
253struct net_device; 259struct net_device;
254 260
255/* Some generic methods drivers may use in their ethtool_ops */ 261/* Some generic methods drivers may use in their ethtool_ops */
@@ -261,6 +267,8 @@ u32 ethtool_op_get_sg(struct net_device *dev);
261int ethtool_op_set_sg(struct net_device *dev, u32 data); 267int ethtool_op_set_sg(struct net_device *dev, u32 data);
262u32 ethtool_op_get_tso(struct net_device *dev); 268u32 ethtool_op_get_tso(struct net_device *dev);
263int ethtool_op_set_tso(struct net_device *dev, u32 data); 269int ethtool_op_set_tso(struct net_device *dev, u32 data);
270int ethtool_op_get_perm_addr(struct net_device *dev,
271 struct ethtool_perm_addr *addr, u8 *data);
264 272
265/** 273/**
266 * &ethtool_ops - Alter and report network device settings 274 * &ethtool_ops - Alter and report network device settings
@@ -294,7 +302,8 @@ int ethtool_op_set_tso(struct net_device *dev, u32 data);
294 * get_strings: Return a set of strings that describe the requested objects 302 * get_strings: Return a set of strings that describe the requested objects
295 * phys_id: Identify the device 303 * phys_id: Identify the device
296 * get_stats: Return statistics about the device 304 * get_stats: Return statistics about the device
297 * 305 * get_perm_addr: Gets the permanent hardware address
306 *
298 * Description: 307 * Description:
299 * 308 *
300 * get_settings: 309 * get_settings:
@@ -352,6 +361,7 @@ struct ethtool_ops {
352 int (*phys_id)(struct net_device *, u32); 361 int (*phys_id)(struct net_device *, u32);
353 int (*get_stats_count)(struct net_device *); 362 int (*get_stats_count)(struct net_device *);
354 void (*get_ethtool_stats)(struct net_device *, struct ethtool_stats *, u64 *); 363 void (*get_ethtool_stats)(struct net_device *, struct ethtool_stats *, u64 *);
364 int (*get_perm_addr)(struct net_device *, struct ethtool_perm_addr *, u8 *);
355 int (*begin)(struct net_device *); 365 int (*begin)(struct net_device *);
356 void (*complete)(struct net_device *); 366 void (*complete)(struct net_device *);
357}; 367};
@@ -389,6 +399,7 @@ struct ethtool_ops {
389#define ETHTOOL_GSTATS 0x0000001d /* get NIC-specific statistics */ 399#define ETHTOOL_GSTATS 0x0000001d /* get NIC-specific statistics */
390#define ETHTOOL_GTSO 0x0000001e /* Get TSO enable (ethtool_value) */ 400#define ETHTOOL_GTSO 0x0000001e /* Get TSO enable (ethtool_value) */
391#define ETHTOOL_STSO 0x0000001f /* Set TSO enable (ethtool_value) */ 401#define ETHTOOL_STSO 0x0000001f /* Set TSO enable (ethtool_value) */
402#define ETHTOOL_GPERMADDR 0x00000020 /* Get permanent hardware address */
392 403
393/* compatibility with older code */ 404/* compatibility with older code */
394#define SPARC_ETH_GSET ETHTOOL_GSET 405#define SPARC_ETH_GSET ETHTOOL_GSET
diff --git a/include/linux/hippidevice.h b/include/linux/hippidevice.h
index 9debe6bbe5f0..bab303dafd6e 100644
--- a/include/linux/hippidevice.h
+++ b/include/linux/hippidevice.h
@@ -26,8 +26,12 @@
26#include <linux/if_hippi.h> 26#include <linux/if_hippi.h>
27 27
28#ifdef __KERNEL__ 28#ifdef __KERNEL__
29extern unsigned short hippi_type_trans(struct sk_buff *skb, 29
30 struct net_device *dev); 30struct hippi_cb {
31 __u32 ifield;
32};
33
34extern __be16 hippi_type_trans(struct sk_buff *skb, struct net_device *dev);
31 35
32extern struct net_device *alloc_hippi_dev(int sizeof_priv); 36extern struct net_device *alloc_hippi_dev(int sizeof_priv);
33#endif 37#endif
diff --git a/include/linux/if_ether.h b/include/linux/if_ether.h
index b5b58e9c054c..fc2d4c8225aa 100644
--- a/include/linux/if_ether.h
+++ b/include/linux/if_ether.h
@@ -110,6 +110,8 @@ static inline struct ethhdr *eth_hdr(const struct sk_buff *skb)
110{ 110{
111 return (struct ethhdr *)skb->mac.raw; 111 return (struct ethhdr *)skb->mac.raw;
112} 112}
113
114extern struct ctl_table ether_table[];
113#endif 115#endif
114 116
115#endif /* _LINUX_IF_ETHER_H */ 117#endif /* _LINUX_IF_ETHER_H */
diff --git a/include/linux/if_fc.h b/include/linux/if_fc.h
index 33330b458b95..376a34ea4723 100644
--- a/include/linux/if_fc.h
+++ b/include/linux/if_fc.h
@@ -44,7 +44,7 @@ struct fcllc {
44 __u8 ssap; /* source SAP */ 44 __u8 ssap; /* source SAP */
45 __u8 llc; /* LLC control field */ 45 __u8 llc; /* LLC control field */
46 __u8 protid[3]; /* protocol id */ 46 __u8 protid[3]; /* protocol id */
47 __u16 ethertype; /* ether type field */ 47 __be16 ethertype; /* ether type field */
48}; 48};
49 49
50#endif /* _LINUX_IF_FC_H */ 50#endif /* _LINUX_IF_FC_H */
diff --git a/include/linux/if_fddi.h b/include/linux/if_fddi.h
index a912818e6361..1288a161bc0b 100644
--- a/include/linux/if_fddi.h
+++ b/include/linux/if_fddi.h
@@ -85,7 +85,7 @@ struct fddi_snap_hdr
85 __u8 ssap; /* always 0xAA */ 85 __u8 ssap; /* always 0xAA */
86 __u8 ctrl; /* always 0x03 */ 86 __u8 ctrl; /* always 0x03 */
87 __u8 oui[FDDI_K_OUI_LEN]; /* organizational universal id */ 87 __u8 oui[FDDI_K_OUI_LEN]; /* organizational universal id */
88 __u16 ethertype; /* packet type ID field */ 88 __be16 ethertype; /* packet type ID field */
89 } __attribute__ ((packed)); 89 } __attribute__ ((packed));
90 90
91/* Define FDDI LLC frame header */ 91/* Define FDDI LLC frame header */
diff --git a/include/linux/if_frad.h b/include/linux/if_frad.h
index 3c94b1736570..511999c7eeda 100644
--- a/include/linux/if_frad.h
+++ b/include/linux/if_frad.h
@@ -191,10 +191,12 @@ struct frad_local
191 int buffer; /* current buffer for S508 firmware */ 191 int buffer; /* current buffer for S508 firmware */
192}; 192};
193 193
194extern void dlci_ioctl_set(int (*hook)(unsigned int, void __user *));
195
196#endif /* __KERNEL__ */ 194#endif /* __KERNEL__ */
197 195
198#endif /* CONFIG_DLCI || CONFIG_DLCI_MODULE */ 196#endif /* CONFIG_DLCI || CONFIG_DLCI_MODULE */
199 197
198#ifdef __KERNEL__
199extern void dlci_ioctl_set(int (*hook)(unsigned int, void __user *));
200#endif
201
200#endif 202#endif
diff --git a/include/linux/if_hippi.h b/include/linux/if_hippi.h
index c8ca72c46f76..94d31ca7d71a 100644
--- a/include/linux/if_hippi.h
+++ b/include/linux/if_hippi.h
@@ -102,9 +102,9 @@ struct hippi_fp_hdr
102#error "Please fix <asm/byteorder.h>" 102#error "Please fix <asm/byteorder.h>"
103#endif 103#endif
104#else 104#else
105 __u32 fixed; 105 __be32 fixed;
106#endif 106#endif
107 __u32 d2_size; 107 __be32 d2_size;
108} __attribute__ ((packed)); 108} __attribute__ ((packed));
109 109
110struct hippi_le_hdr 110struct hippi_le_hdr
@@ -144,7 +144,7 @@ struct hippi_snap_hdr
144 __u8 ssap; /* always 0xAA */ 144 __u8 ssap; /* always 0xAA */
145 __u8 ctrl; /* always 0x03 */ 145 __u8 ctrl; /* always 0x03 */
146 __u8 oui[HIPPI_OUI_LEN]; /* organizational universal id (zero)*/ 146 __u8 oui[HIPPI_OUI_LEN]; /* organizational universal id (zero)*/
147 __u16 ethertype; /* packet type ID field */ 147 __be16 ethertype; /* packet type ID field */
148} __attribute__ ((packed)); 148} __attribute__ ((packed));
149 149
150struct hippi_hdr 150struct hippi_hdr
diff --git a/include/linux/if_tr.h b/include/linux/if_tr.h
index 3fba9e2f5427..5502f597cf0e 100644
--- a/include/linux/if_tr.h
+++ b/include/linux/if_tr.h
@@ -43,12 +43,16 @@ struct trh_hdr {
43}; 43};
44 44
45#ifdef __KERNEL__ 45#ifdef __KERNEL__
46#include <linux/config.h>
46#include <linux/skbuff.h> 47#include <linux/skbuff.h>
47 48
48static inline struct trh_hdr *tr_hdr(const struct sk_buff *skb) 49static inline struct trh_hdr *tr_hdr(const struct sk_buff *skb)
49{ 50{
50 return (struct trh_hdr *)skb->mac.raw; 51 return (struct trh_hdr *)skb->mac.raw;
51} 52}
53#ifdef CONFIG_SYSCTL
54extern struct ctl_table tr_table[];
55#endif
52#endif 56#endif
53 57
54/* This is an Token-Ring LLC structure */ 58/* This is an Token-Ring LLC structure */
diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h
index 62a9d89dfbe2..17d0c0d40b0e 100644
--- a/include/linux/if_vlan.h
+++ b/include/linux/if_vlan.h
@@ -155,7 +155,6 @@ static inline int __vlan_hwaccel_rx(struct sk_buff *skb,
155{ 155{
156 struct net_device_stats *stats; 156 struct net_device_stats *stats;
157 157
158 skb->real_dev = skb->dev;
159 skb->dev = grp->vlan_devices[vlan_tag & VLAN_VID_MASK]; 158 skb->dev = grp->vlan_devices[vlan_tag & VLAN_VID_MASK];
160 if (skb->dev == NULL) { 159 if (skb->dev == NULL) {
161 dev_kfree_skb_any(skb); 160 dev_kfree_skb_any(skb);
diff --git a/include/linux/igmp.h b/include/linux/igmp.h
index 0c31ef0b5bad..28f4f3b36950 100644
--- a/include/linux/igmp.h
+++ b/include/linux/igmp.h
@@ -129,6 +129,9 @@ struct igmpv3_query {
129#include <linux/skbuff.h> 129#include <linux/skbuff.h>
130#include <linux/in.h> 130#include <linux/in.h>
131 131
132extern int sysctl_igmp_max_memberships;
133extern int sysctl_igmp_max_msf;
134
132struct ip_sf_socklist 135struct ip_sf_socklist
133{ 136{
134 unsigned int sl_max; 137 unsigned int sl_max;
diff --git a/include/linux/in.h b/include/linux/in.h
index fb88c66d748d..ba355384016a 100644
--- a/include/linux/in.h
+++ b/include/linux/in.h
@@ -32,6 +32,7 @@ enum {
32 IPPROTO_PUP = 12, /* PUP protocol */ 32 IPPROTO_PUP = 12, /* PUP protocol */
33 IPPROTO_UDP = 17, /* User Datagram Protocol */ 33 IPPROTO_UDP = 17, /* User Datagram Protocol */
34 IPPROTO_IDP = 22, /* XNS IDP protocol */ 34 IPPROTO_IDP = 22, /* XNS IDP protocol */
35 IPPROTO_DCCP = 33, /* Datagram Congestion Control Protocol */
35 IPPROTO_RSVP = 46, /* RSVP protocol */ 36 IPPROTO_RSVP = 46, /* RSVP protocol */
36 IPPROTO_GRE = 47, /* Cisco GRE tunnels (rfc 1701,1702) */ 37 IPPROTO_GRE = 47, /* Cisco GRE tunnels (rfc 1701,1702) */
37 38
diff --git a/include/linux/inet_diag.h b/include/linux/inet_diag.h
new file mode 100644
index 000000000000..a4606e5810e5
--- /dev/null
+++ b/include/linux/inet_diag.h
@@ -0,0 +1,138 @@
1#ifndef _INET_DIAG_H_
2#define _INET_DIAG_H_ 1
3
4/* Just some random number */
5#define TCPDIAG_GETSOCK 18
6#define DCCPDIAG_GETSOCK 19
7
8#define INET_DIAG_GETSOCK_MAX 24
9
10/* Socket identity */
11struct inet_diag_sockid {
12 __u16 idiag_sport;
13 __u16 idiag_dport;
14 __u32 idiag_src[4];
15 __u32 idiag_dst[4];
16 __u32 idiag_if;
17 __u32 idiag_cookie[2];
18#define INET_DIAG_NOCOOKIE (~0U)
19};
20
21/* Request structure */
22
23struct inet_diag_req {
24 __u8 idiag_family; /* Family of addresses. */
25 __u8 idiag_src_len;
26 __u8 idiag_dst_len;
27 __u8 idiag_ext; /* Query extended information */
28
29 struct inet_diag_sockid id;
30
31 __u32 idiag_states; /* States to dump */
32 __u32 idiag_dbs; /* Tables to dump (NI) */
33};
34
35enum {
36 INET_DIAG_REQ_NONE,
37 INET_DIAG_REQ_BYTECODE,
38};
39
40#define INET_DIAG_REQ_MAX INET_DIAG_REQ_BYTECODE
41
42/* Bytecode is sequence of 4 byte commands followed by variable arguments.
43 * All the commands identified by "code" are conditional jumps forward:
44 * to offset cc+"yes" or to offset cc+"no". "yes" is supposed to be
45 * length of the command and its arguments.
46 */
47
48struct inet_diag_bc_op {
49 unsigned char code;
50 unsigned char yes;
51 unsigned short no;
52};
53
54enum {
55 INET_DIAG_BC_NOP,
56 INET_DIAG_BC_JMP,
57 INET_DIAG_BC_S_GE,
58 INET_DIAG_BC_S_LE,
59 INET_DIAG_BC_D_GE,
60 INET_DIAG_BC_D_LE,
61 INET_DIAG_BC_AUTO,
62 INET_DIAG_BC_S_COND,
63 INET_DIAG_BC_D_COND,
64};
65
66struct inet_diag_hostcond {
67 __u8 family;
68 __u8 prefix_len;
69 int port;
70 __u32 addr[0];
71};
72
73/* Base info structure. It contains socket identity (addrs/ports/cookie)
74 * and, alas, the information shown by netstat. */
75struct inet_diag_msg {
76 __u8 idiag_family;
77 __u8 idiag_state;
78 __u8 idiag_timer;
79 __u8 idiag_retrans;
80
81 struct inet_diag_sockid id;
82
83 __u32 idiag_expires;
84 __u32 idiag_rqueue;
85 __u32 idiag_wqueue;
86 __u32 idiag_uid;
87 __u32 idiag_inode;
88};
89
90/* Extensions */
91
92enum {
93 INET_DIAG_NONE,
94 INET_DIAG_MEMINFO,
95 INET_DIAG_INFO,
96 INET_DIAG_VEGASINFO,
97 INET_DIAG_CONG,
98};
99
100#define INET_DIAG_MAX INET_DIAG_CONG
101
102
103/* INET_DIAG_MEM */
104
105struct inet_diag_meminfo {
106 __u32 idiag_rmem;
107 __u32 idiag_wmem;
108 __u32 idiag_fmem;
109 __u32 idiag_tmem;
110};
111
112/* INET_DIAG_VEGASINFO */
113
114struct tcpvegas_info {
115 __u32 tcpv_enabled;
116 __u32 tcpv_rttcnt;
117 __u32 tcpv_rtt;
118 __u32 tcpv_minrtt;
119};
120
121#ifdef __KERNEL__
122struct sock;
123struct inet_hashinfo;
124
125struct inet_diag_handler {
126 struct inet_hashinfo *idiag_hashinfo;
127 void (*idiag_get_info)(struct sock *sk,
128 struct inet_diag_msg *r,
129 void *info);
130 __u16 idiag_info_size;
131 __u16 idiag_type;
132};
133
134extern int inet_diag_register(const struct inet_diag_handler *handler);
135extern void inet_diag_unregister(const struct inet_diag_handler *handler);
136#endif /* __KERNEL__ */
137
138#endif /* _INET_DIAG_H_ */
diff --git a/include/linux/ip.h b/include/linux/ip.h
index 31e7cedd9f84..33e8a19a1a0f 100644
--- a/include/linux/ip.h
+++ b/include/linux/ip.h
@@ -196,6 +196,8 @@ static inline void inet_sk_copy_descendant(struct sock *sk_to,
196#endif 196#endif
197#endif 197#endif
198 198
199extern int inet_sk_rebuild_header(struct sock *sk);
200
199struct iphdr { 201struct iphdr {
200#if defined(__LITTLE_ENDIAN_BITFIELD) 202#if defined(__LITTLE_ENDIAN_BITFIELD)
201 __u8 ihl:4, 203 __u8 ihl:4,
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 6fcd6a0ade24..3c7dbc6a0a70 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -193,6 +193,11 @@ struct inet6_skb_parm {
193 193
194#define IP6CB(skb) ((struct inet6_skb_parm*)((skb)->cb)) 194#define IP6CB(skb) ((struct inet6_skb_parm*)((skb)->cb))
195 195
196static inline int inet6_iif(const struct sk_buff *skb)
197{
198 return IP6CB(skb)->iif;
199}
200
196struct tcp6_request_sock { 201struct tcp6_request_sock {
197 struct tcp_request_sock req; 202 struct tcp_request_sock req;
198 struct in6_addr loc_addr; 203 struct in6_addr loc_addr;
@@ -308,6 +313,36 @@ static inline void inet_sk_copy_descendant(struct sock *sk_to,
308 313
309#define __ipv6_only_sock(sk) (inet6_sk(sk)->ipv6only) 314#define __ipv6_only_sock(sk) (inet6_sk(sk)->ipv6only)
310#define ipv6_only_sock(sk) ((sk)->sk_family == PF_INET6 && __ipv6_only_sock(sk)) 315#define ipv6_only_sock(sk) ((sk)->sk_family == PF_INET6 && __ipv6_only_sock(sk))
316
317#include <linux/tcp.h>
318
319struct tcp6_timewait_sock {
320 struct tcp_timewait_sock tw_v6_sk;
321 struct in6_addr tw_v6_daddr;
322 struct in6_addr tw_v6_rcv_saddr;
323};
324
325static inline struct tcp6_timewait_sock *tcp6_twsk(const struct sock *sk)
326{
327 return (struct tcp6_timewait_sock *)sk;
328}
329
330static inline struct in6_addr *__tcp_v6_rcv_saddr(const struct sock *sk)
331{
332 return likely(sk->sk_state != TCP_TIME_WAIT) ?
333 &inet6_sk(sk)->rcv_saddr : &tcp6_twsk(sk)->tw_v6_rcv_saddr;
334}
335
336static inline struct in6_addr *tcp_v6_rcv_saddr(const struct sock *sk)
337{
338 return sk->sk_family == AF_INET6 ? __tcp_v6_rcv_saddr(sk) : NULL;
339}
340
341static inline int inet_v6_ipv6only(const struct sock *sk)
342{
343 return likely(sk->sk_state != TCP_TIME_WAIT) ?
344 ipv6_only_sock(sk) : inet_twsk(sk)->tw_ipv6only;
345}
311#else 346#else
312#define __ipv6_only_sock(sk) 0 347#define __ipv6_only_sock(sk) 0
313#define ipv6_only_sock(sk) 0 348#define ipv6_only_sock(sk) 0
@@ -322,8 +357,19 @@ static inline struct raw6_sock *raw6_sk(const struct sock *sk)
322 return NULL; 357 return NULL;
323} 358}
324 359
325#endif 360#define __tcp_v6_rcv_saddr(__sk) NULL
361#define tcp_v6_rcv_saddr(__sk) NULL
362#define tcp_twsk_ipv6only(__sk) 0
363#define inet_v6_ipv6only(__sk) 0
364#endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
326 365
327#endif 366#define INET6_MATCH(__sk, __saddr, __daddr, __ports, __dif) \
367 (((*((__u32 *)&(inet_sk(__sk)->dport))) == (__ports)) && \
368 ((__sk)->sk_family == AF_INET6) && \
369 ipv6_addr_equal(&inet6_sk(__sk)->daddr, (__saddr)) && \
370 ipv6_addr_equal(&inet6_sk(__sk)->rcv_saddr, (__daddr)) && \
371 (!((__sk)->sk_bound_dev_if) || ((__sk)->sk_bound_dev_if == (__dif))))
328 372
329#endif 373#endif /* __KERNEL__ */
374
375#endif /* _IPV6_H */
diff --git a/include/linux/list.h b/include/linux/list.h
index aab2db21b013..e6ec59682274 100644
--- a/include/linux/list.h
+++ b/include/linux/list.h
@@ -419,6 +419,20 @@ static inline void list_splice_init(struct list_head *list,
419 pos = n, n = list_entry(n->member.next, typeof(*n), member)) 419 pos = n, n = list_entry(n->member.next, typeof(*n), member))
420 420
421/** 421/**
422 * list_for_each_entry_safe_continue - iterate over list of given type
423 * continuing after existing point safe against removal of list entry
424 * @pos: the type * to use as a loop counter.
425 * @n: another type * to use as temporary storage
426 * @head: the head for your list.
427 * @member: the name of the list_struct within the struct.
428 */
429#define list_for_each_entry_safe_continue(pos, n, head, member) \
430 for (pos = list_entry(pos->member.next, typeof(*pos), member), \
431 n = list_entry(pos->member.next, typeof(*pos), member); \
432 &pos->member != (head); \
433 pos = n, n = list_entry(n->member.next, typeof(*n), member))
434
435/**
422 * list_for_each_rcu - iterate over an rcu-protected list 436 * list_for_each_rcu - iterate over an rcu-protected list
423 * @pos: the &struct list_head to use as a loop counter. 437 * @pos: the &struct list_head to use as a loop counter.
424 * @head: the head for your list. 438 * @head: the head for your list.
@@ -620,6 +634,57 @@ static inline void hlist_add_after(struct hlist_node *n,
620 next->next->pprev = &next->next; 634 next->next->pprev = &next->next;
621} 635}
622 636
637/**
638 * hlist_add_before_rcu - adds the specified element to the specified hlist
639 * before the specified node while permitting racing traversals.
640 * @n: the new element to add to the hash list.
641 * @next: the existing element to add the new element before.
642 *
643 * The caller must take whatever precautions are necessary
644 * (such as holding appropriate locks) to avoid racing
645 * with another list-mutation primitive, such as hlist_add_head_rcu()
646 * or hlist_del_rcu(), running on this same list.
647 * However, it is perfectly legal to run concurrently with
648 * the _rcu list-traversal primitives, such as
649 * hlist_for_each_rcu(), used to prevent memory-consistency
650 * problems on Alpha CPUs.
651 */
652static inline void hlist_add_before_rcu(struct hlist_node *n,
653 struct hlist_node *next)
654{
655 n->pprev = next->pprev;
656 n->next = next;
657 smp_wmb();
658 next->pprev = &n->next;
659 *(n->pprev) = n;
660}
661
662/**
663 * hlist_add_after_rcu - adds the specified element to the specified hlist
664 * after the specified node while permitting racing traversals.
665 * @prev: the existing element to add the new element after.
666 * @n: the new element to add to the hash list.
667 *
668 * The caller must take whatever precautions are necessary
669 * (such as holding appropriate locks) to avoid racing
670 * with another list-mutation primitive, such as hlist_add_head_rcu()
671 * or hlist_del_rcu(), running on this same list.
672 * However, it is perfectly legal to run concurrently with
673 * the _rcu list-traversal primitives, such as
674 * hlist_for_each_rcu(), used to prevent memory-consistency
675 * problems on Alpha CPUs.
676 */
677static inline void hlist_add_after_rcu(struct hlist_node *prev,
678 struct hlist_node *n)
679{
680 n->next = prev->next;
681 n->pprev = &prev->next;
682 smp_wmb();
683 prev->next = n;
684 if (n->next)
685 n->next->pprev = &n->next;
686}
687
623#define hlist_entry(ptr, type, member) container_of(ptr,type,member) 688#define hlist_entry(ptr, type, member) container_of(ptr,type,member)
624 689
625#define hlist_for_each(pos, head) \ 690#define hlist_for_each(pos, head) \
diff --git a/include/linux/net.h b/include/linux/net.h
index 20cb226b2268..4e981585a89a 100644
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -84,6 +84,7 @@ enum sock_type {
84 SOCK_RAW = 3, 84 SOCK_RAW = 3,
85 SOCK_RDM = 4, 85 SOCK_RDM = 4,
86 SOCK_SEQPACKET = 5, 86 SOCK_SEQPACKET = 5,
87 SOCK_DCCP = 6,
87 SOCK_PACKET = 10, 88 SOCK_PACKET = 10,
88}; 89};
89 90
@@ -282,5 +283,15 @@ static struct proto_ops name##_ops = { \
282#define MODULE_ALIAS_NETPROTO(proto) \ 283#define MODULE_ALIAS_NETPROTO(proto) \
283 MODULE_ALIAS("net-pf-" __stringify(proto)) 284 MODULE_ALIAS("net-pf-" __stringify(proto))
284 285
286#define MODULE_ALIAS_NET_PF_PROTO(pf, proto) \
287 MODULE_ALIAS("net-pf-" __stringify(pf) "-proto-" __stringify(proto))
288
289#ifdef CONFIG_SYSCTL
290#include <linux/sysctl.h>
291extern ctl_table net_table[];
292extern int net_msg_cost;
293extern int net_msg_burst;
294#endif
295
285#endif /* __KERNEL__ */ 296#endif /* __KERNEL__ */
286#endif /* _LINUX_NET_H */ 297#endif /* _LINUX_NET_H */
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index 3a0ed7f9e801..7c717907896d 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -244,6 +244,7 @@ struct netdev_boot_setup {
244}; 244};
245#define NETDEV_BOOT_SETUP_MAX 8 245#define NETDEV_BOOT_SETUP_MAX 8
246 246
247extern int __init netdev_boot_setup(char *str);
247 248
248/* 249/*
249 * The DEVICE structure. 250 * The DEVICE structure.
@@ -336,6 +337,7 @@ struct net_device
336 /* Interface address info. */ 337 /* Interface address info. */
337 unsigned char broadcast[MAX_ADDR_LEN]; /* hw bcast add */ 338 unsigned char broadcast[MAX_ADDR_LEN]; /* hw bcast add */
338 unsigned char dev_addr[MAX_ADDR_LEN]; /* hw address */ 339 unsigned char dev_addr[MAX_ADDR_LEN]; /* hw address */
340 unsigned char perm_addr[MAX_ADDR_LEN]; /* permanent hw address */
339 unsigned char addr_len; /* hardware address length */ 341 unsigned char addr_len; /* hardware address length */
340 unsigned short dev_id; /* for shared network cards */ 342 unsigned short dev_id; /* for shared network cards */
341 343
@@ -497,10 +499,12 @@ static inline void *netdev_priv(struct net_device *dev)
497#define SET_NETDEV_DEV(net, pdev) ((net)->class_dev.dev = (pdev)) 499#define SET_NETDEV_DEV(net, pdev) ((net)->class_dev.dev = (pdev))
498 500
499struct packet_type { 501struct packet_type {
500 __be16 type; /* This is really htons(ether_type). */ 502 __be16 type; /* This is really htons(ether_type). */
501 struct net_device *dev; /* NULL is wildcarded here */ 503 struct net_device *dev; /* NULL is wildcarded here */
502 int (*func) (struct sk_buff *, struct net_device *, 504 int (*func) (struct sk_buff *,
503 struct packet_type *); 505 struct net_device *,
506 struct packet_type *,
507 struct net_device *);
504 void *af_packet_priv; 508 void *af_packet_priv;
505 struct list_head list; 509 struct list_head list;
506}; 510};
@@ -671,6 +675,7 @@ extern void dev_queue_xmit_nit(struct sk_buff *skb, struct net_device *dev);
671extern void dev_init(void); 675extern void dev_init(void);
672 676
673extern int netdev_nit; 677extern int netdev_nit;
678extern int netdev_budget;
674 679
675/* Called by rtnetlink.c:rtnl_unlock() */ 680/* Called by rtnetlink.c:rtnl_unlock() */
676extern void netdev_run_todo(void); 681extern void netdev_run_todo(void);
@@ -697,19 +702,9 @@ static inline int netif_carrier_ok(const struct net_device *dev)
697 702
698extern void __netdev_watchdog_up(struct net_device *dev); 703extern void __netdev_watchdog_up(struct net_device *dev);
699 704
700static inline void netif_carrier_on(struct net_device *dev) 705extern void netif_carrier_on(struct net_device *dev);
701{
702 if (test_and_clear_bit(__LINK_STATE_NOCARRIER, &dev->state))
703 linkwatch_fire_event(dev);
704 if (netif_running(dev))
705 __netdev_watchdog_up(dev);
706}
707 706
708static inline void netif_carrier_off(struct net_device *dev) 707extern void netif_carrier_off(struct net_device *dev);
709{
710 if (!test_and_set_bit(__LINK_STATE_NOCARRIER, &dev->state))
711 linkwatch_fire_event(dev);
712}
713 708
714/* Hot-plugging. */ 709/* Hot-plugging. */
715static inline int netif_device_present(struct net_device *dev) 710static inline int netif_device_present(struct net_device *dev)
@@ -916,6 +911,14 @@ extern int skb_checksum_help(struct sk_buff *skb, int inward);
916extern void net_enable_timestamp(void); 911extern void net_enable_timestamp(void);
917extern void net_disable_timestamp(void); 912extern void net_disable_timestamp(void);
918 913
914#ifdef CONFIG_PROC_FS
915extern void *dev_seq_start(struct seq_file *seq, loff_t *pos);
916extern void *dev_seq_next(struct seq_file *seq, void *v, loff_t *pos);
917extern void dev_seq_stop(struct seq_file *seq, void *v);
918#endif
919
920extern void linkwatch_run_queue(void);
921
919#endif /* __KERNEL__ */ 922#endif /* __KERNEL__ */
920 923
921#endif /* _LINUX_DEV_H */ 924#endif /* _LINUX_DEV_H */
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 2e2045482cb1..be365e70ee99 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -21,10 +21,23 @@
21#define NF_STOP 5 21#define NF_STOP 5
22#define NF_MAX_VERDICT NF_STOP 22#define NF_MAX_VERDICT NF_STOP
23 23
24/* we overload the higher bits for encoding auxiliary data such as the queue
25 * number. Not nice, but better than additional function arguments. */
26#define NF_VERDICT_MASK 0x0000ffff
27#define NF_VERDICT_BITS 16
28
29#define NF_VERDICT_QMASK 0xffff0000
30#define NF_VERDICT_QBITS 16
31
32#define NF_QUEUE_NR(x) (((x << NF_VERDICT_QBITS) & NF_VERDICT_QMASK) | NF_QUEUE)
33
34/* only for userspace compatibility */
35#ifndef __KERNEL__
24/* Generic cache responses from hook functions. 36/* Generic cache responses from hook functions.
25 <= 0x2000 is used for protocol-flags. */ 37 <= 0x2000 is used for protocol-flags. */
26#define NFC_UNKNOWN 0x4000 38#define NFC_UNKNOWN 0x4000
27#define NFC_ALTERED 0x8000 39#define NFC_ALTERED 0x8000
40#endif
28 41
29#ifdef __KERNEL__ 42#ifdef __KERNEL__
30#include <linux/config.h> 43#include <linux/config.h>
@@ -101,15 +114,51 @@ void nf_unregister_sockopt(struct nf_sockopt_ops *reg);
101 114
102extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS]; 115extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS];
103 116
104typedef void nf_logfn(unsigned int hooknum, 117/* those NF_LOG_* defines and struct nf_loginfo are legacy definitios that will
118 * disappear once iptables is replaced with pkttables. Please DO NOT use them
119 * for any new code! */
120#define NF_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
121#define NF_LOG_TCPOPT 0x02 /* Log TCP options */
122#define NF_LOG_IPOPT 0x04 /* Log IP options */
123#define NF_LOG_UID 0x08 /* Log UID owning local socket */
124#define NF_LOG_MASK 0x0f
125
126#define NF_LOG_TYPE_LOG 0x01
127#define NF_LOG_TYPE_ULOG 0x02
128
129struct nf_loginfo {
130 u_int8_t type;
131 union {
132 struct {
133 u_int32_t copy_len;
134 u_int16_t group;
135 u_int16_t qthreshold;
136 } ulog;
137 struct {
138 u_int8_t level;
139 u_int8_t logflags;
140 } log;
141 } u;
142};
143
144typedef void nf_logfn(unsigned int pf,
145 unsigned int hooknum,
105 const struct sk_buff *skb, 146 const struct sk_buff *skb,
106 const struct net_device *in, 147 const struct net_device *in,
107 const struct net_device *out, 148 const struct net_device *out,
149 const struct nf_loginfo *li,
108 const char *prefix); 150 const char *prefix);
109 151
152struct nf_logger {
153 struct module *me;
154 nf_logfn *logfn;
155 char *name;
156};
157
110/* Function to register/unregister log function. */ 158/* Function to register/unregister log function. */
111int nf_log_register(int pf, nf_logfn *logfn); 159int nf_log_register(int pf, struct nf_logger *logger);
112void nf_log_unregister(int pf, nf_logfn *logfn); 160int nf_log_unregister_pf(int pf);
161void nf_log_unregister_logger(struct nf_logger *logger);
113 162
114/* Calls the registered backend logging function */ 163/* Calls the registered backend logging function */
115void nf_log_packet(int pf, 164void nf_log_packet(int pf,
@@ -117,6 +166,7 @@ void nf_log_packet(int pf,
117 const struct sk_buff *skb, 166 const struct sk_buff *skb,
118 const struct net_device *in, 167 const struct net_device *in,
119 const struct net_device *out, 168 const struct net_device *out,
169 struct nf_loginfo *li,
120 const char *fmt, ...); 170 const char *fmt, ...);
121 171
122/* Activate hook; either okfn or kfree_skb called, unless a hook 172/* Activate hook; either okfn or kfree_skb called, unless a hook
@@ -175,11 +225,16 @@ int nf_getsockopt(struct sock *sk, int pf, int optval, char __user *opt,
175 int *len); 225 int *len);
176 226
177/* Packet queuing */ 227/* Packet queuing */
178typedef int (*nf_queue_outfn_t)(struct sk_buff *skb, 228struct nf_queue_handler {
179 struct nf_info *info, void *data); 229 int (*outfn)(struct sk_buff *skb, struct nf_info *info,
230 unsigned int queuenum, void *data);
231 void *data;
232 char *name;
233};
180extern int nf_register_queue_handler(int pf, 234extern int nf_register_queue_handler(int pf,
181 nf_queue_outfn_t outfn, void *data); 235 struct nf_queue_handler *qh);
182extern int nf_unregister_queue_handler(int pf); 236extern int nf_unregister_queue_handler(int pf);
237extern void nf_unregister_queue_handlers(struct nf_queue_handler *qh);
183extern void nf_reinject(struct sk_buff *skb, 238extern void nf_reinject(struct sk_buff *skb,
184 struct nf_info *info, 239 struct nf_info *info,
185 unsigned int verdict); 240 unsigned int verdict);
@@ -190,6 +245,27 @@ extern void nf_ct_attach(struct sk_buff *, struct sk_buff *);
190/* FIXME: Before cache is ever used, this must be implemented for real. */ 245/* FIXME: Before cache is ever used, this must be implemented for real. */
191extern void nf_invalidate_cache(int pf); 246extern void nf_invalidate_cache(int pf);
192 247
248/* Call this before modifying an existing packet: ensures it is
249 modifiable and linear to the point you care about (writable_len).
250 Returns true or false. */
251extern int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len);
252
253struct nf_queue_rerouter {
254 void (*save)(const struct sk_buff *skb, struct nf_info *info);
255 int (*reroute)(struct sk_buff **skb, const struct nf_info *info);
256 int rer_size;
257};
258
259#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
260
261extern int nf_register_queue_rerouter(int pf, struct nf_queue_rerouter *rer);
262extern int nf_unregister_queue_rerouter(int pf);
263
264#ifdef CONFIG_PROC_FS
265#include <linux/proc_fs.h>
266extern struct proc_dir_entry *proc_net_netfilter;
267#endif
268
193#else /* !CONFIG_NETFILTER */ 269#else /* !CONFIG_NETFILTER */
194#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb) 270#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb)
195static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} 271static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
new file mode 100644
index 000000000000..1d5b10ae2399
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink.h
@@ -0,0 +1,169 @@
1#ifndef _NFNETLINK_H
2#define _NFNETLINK_H
3#include <linux/types.h>
4
5#ifndef __KERNEL__
6/* nfnetlink groups: Up to 32 maximum - backwards compatibility for userspace */
7#define NF_NETLINK_CONNTRACK_NEW 0x00000001
8#define NF_NETLINK_CONNTRACK_UPDATE 0x00000002
9#define NF_NETLINK_CONNTRACK_DESTROY 0x00000004
10#define NF_NETLINK_CONNTRACK_EXP_NEW 0x00000008
11#define NF_NETLINK_CONNTRACK_EXP_UPDATE 0x00000010
12#define NF_NETLINK_CONNTRACK_EXP_DESTROY 0x00000020
13#endif
14
15enum nfnetlink_groups {
16 NFNLGRP_NONE,
17#define NFNLGRP_NONE NFNLGRP_NONE
18 NFNLGRP_CONNTRACK_NEW,
19#define NFNLGRP_CONNTRACK_NEW NFNLGRP_CONNTRACK_NEW
20 NFNLGRP_CONNTRACK_UPDATE,
21#define NFNLGRP_CONNTRACK_UPDATE NFNLGRP_CONNTRACK_UPDATE
22 NFNLGRP_CONNTRACK_DESTROY,
23#define NFNLGRP_CONNTRACK_DESTROY NFNLGRP_CONNTRACK_DESTROY
24 NFNLGRP_CONNTRACK_EXP_NEW,
25#define NFNLGRP_CONNTRACK_EXP_NEW NFNLGRP_CONNTRACK_EXP_NEW
26 NFNLGRP_CONNTRACK_EXP_UPDATE,
27#define NFNLGRP_CONNTRACK_EXP_UPDATE NFNLGRP_CONNTRACK_EXP_UPDATE
28 NFNLGRP_CONNTRACK_EXP_DESTROY,
29#define NFNLGRP_CONNTRACK_EXP_DESTROY NFNLGRP_CONNTRACK_EXP_DESTROY
30 __NFNLGRP_MAX,
31};
32#define NFNLGRP_MAX (__NFNLGRP_MAX - 1)
33
34/* Generic structure for encapsulation optional netfilter information.
35 * It is reminiscent of sockaddr, but with sa_family replaced
36 * with attribute type.
37 * ! This should someday be put somewhere generic as now rtnetlink and
38 * ! nfnetlink use the same attributes methods. - J. Schulist.
39 */
40
41struct nfattr
42{
43 u_int16_t nfa_len;
44 u_int16_t nfa_type;
45} __attribute__ ((packed));
46
47/* FIXME: Shamelessly copy and pasted from rtnetlink.h, it's time
48 * to put this in a generic file */
49
50#define NFA_ALIGNTO 4
51#define NFA_ALIGN(len) (((len) + NFA_ALIGNTO - 1) & ~(NFA_ALIGNTO - 1))
52#define NFA_OK(nfa,len) ((len) > 0 && (nfa)->nfa_len >= sizeof(struct nfattr) \
53 && (nfa)->nfa_len <= (len))
54#define NFA_NEXT(nfa,attrlen) ((attrlen) -= NFA_ALIGN((nfa)->nfa_len), \
55 (struct nfattr *)(((char *)(nfa)) + NFA_ALIGN((nfa)->nfa_len)))
56#define NFA_LENGTH(len) (NFA_ALIGN(sizeof(struct nfattr)) + (len))
57#define NFA_SPACE(len) NFA_ALIGN(NFA_LENGTH(len))
58#define NFA_DATA(nfa) ((void *)(((char *)(nfa)) + NFA_LENGTH(0)))
59#define NFA_PAYLOAD(nfa) ((int)((nfa)->nfa_len) - NFA_LENGTH(0))
60#define NFA_NEST(skb, type) \
61({ struct nfattr *__start = (struct nfattr *) (skb)->tail; \
62 NFA_PUT(skb, type, 0, NULL); \
63 __start; })
64#define NFA_NEST_END(skb, start) \
65({ (start)->nfa_len = ((skb)->tail - (unsigned char *) (start)); \
66 (skb)->len; })
67#define NFA_NEST_CANCEL(skb, start) \
68({ if (start) \
69 skb_trim(skb, (unsigned char *) (start) - (skb)->data); \
70 -1; })
71
72/* General form of address family dependent message.
73 */
74struct nfgenmsg {
75 u_int8_t nfgen_family; /* AF_xxx */
76 u_int8_t version; /* nfnetlink version */
77 u_int16_t res_id; /* resource id */
78} __attribute__ ((packed));
79
80#define NFNETLINK_V0 0
81
82#define NFM_NFA(n) ((struct nfattr *)(((char *)(n)) \
83 + NLMSG_ALIGN(sizeof(struct nfgenmsg))))
84#define NFM_PAYLOAD(n) NLMSG_PAYLOAD(n, sizeof(struct nfgenmsg))
85
86/* netfilter netlink message types are split in two pieces:
87 * 8 bit subsystem, 8bit operation.
88 */
89
90#define NFNL_SUBSYS_ID(x) ((x & 0xff00) >> 8)
91#define NFNL_MSG_TYPE(x) (x & 0x00ff)
92
93/* No enum here, otherwise __stringify() trick of MODULE_ALIAS_NFNL_SUBSYS()
94 * won't work anymore */
95#define NFNL_SUBSYS_NONE 0
96#define NFNL_SUBSYS_CTNETLINK 1
97#define NFNL_SUBSYS_CTNETLINK_EXP 2
98#define NFNL_SUBSYS_QUEUE 3
99#define NFNL_SUBSYS_ULOG 4
100#define NFNL_SUBSYS_COUNT 5
101
102#ifdef __KERNEL__
103
104#include <linux/netlink.h>
105#include <linux/capability.h>
106
107struct nfnl_callback
108{
109 int (*call)(struct sock *nl, struct sk_buff *skb,
110 struct nlmsghdr *nlh, struct nfattr *cda[], int *errp);
111 kernel_cap_t cap_required; /* capabilities required for this msg */
112 u_int16_t attr_count; /* number of nfattr's */
113};
114
115struct nfnetlink_subsystem
116{
117 const char *name;
118 __u8 subsys_id; /* nfnetlink subsystem ID */
119 __u8 cb_count; /* number of callbacks */
120 struct nfnl_callback *cb; /* callback for individual types */
121};
122
123extern void __nfa_fill(struct sk_buff *skb, int attrtype,
124 int attrlen, const void *data);
125#define NFA_PUT(skb, attrtype, attrlen, data) \
126({ if (skb_tailroom(skb) < (int)NFA_SPACE(attrlen)) goto nfattr_failure; \
127 __nfa_fill(skb, attrtype, attrlen, data); })
128
129extern struct semaphore nfnl_sem;
130
131#define nfnl_shlock() down(&nfnl_sem)
132#define nfnl_shlock_nowait() down_trylock(&nfnl_sem)
133
134#define nfnl_shunlock() do { up(&nfnl_sem); \
135 if(nfnl && nfnl->sk_receive_queue.qlen) \
136 nfnl->sk_data_ready(nfnl, 0); \
137 } while(0)
138
139extern void nfnl_lock(void);
140extern void nfnl_unlock(void);
141
142extern int nfnetlink_subsys_register(struct nfnetlink_subsystem *n);
143extern int nfnetlink_subsys_unregister(struct nfnetlink_subsystem *n);
144
145extern int nfattr_parse(struct nfattr *tb[], int maxattr,
146 struct nfattr *nfa, int len);
147
148#define nfattr_parse_nested(tb, max, nfa) \
149 nfattr_parse((tb), (max), NFA_DATA((nfa)), NFA_PAYLOAD((nfa)))
150
151#define nfattr_bad_size(tb, max, cta_min) \
152({ int __i, __res = 0; \
153 for (__i=0; __i<max; __i++) \
154 if (tb[__i] && NFA_PAYLOAD(tb[__i]) < cta_min[__i]){ \
155 __res = 1; \
156 break; \
157 } \
158 __res; \
159})
160
161extern int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group,
162 int echo);
163extern int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags);
164
165#define MODULE_ALIAS_NFNL_SUBSYS(subsys) \
166 MODULE_ALIAS("nfnetlink-subsys-" __stringify(subsys))
167
168#endif /* __KERNEL__ */
169#endif /* _NFNETLINK_H */
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
new file mode 100644
index 000000000000..5c55751c78e4
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -0,0 +1,124 @@
1#ifndef _IPCONNTRACK_NETLINK_H
2#define _IPCONNTRACK_NETLINK_H
3#include <linux/netfilter/nfnetlink.h>
4
5enum cntl_msg_types {
6 IPCTNL_MSG_CT_NEW,
7 IPCTNL_MSG_CT_GET,
8 IPCTNL_MSG_CT_DELETE,
9 IPCTNL_MSG_CT_GET_CTRZERO,
10
11 IPCTNL_MSG_MAX
12};
13
14enum ctnl_exp_msg_types {
15 IPCTNL_MSG_EXP_NEW,
16 IPCTNL_MSG_EXP_GET,
17 IPCTNL_MSG_EXP_DELETE,
18
19 IPCTNL_MSG_EXP_MAX
20};
21
22
23enum ctattr_type {
24 CTA_UNSPEC,
25 CTA_TUPLE_ORIG,
26 CTA_TUPLE_REPLY,
27 CTA_STATUS,
28 CTA_PROTOINFO,
29 CTA_HELP,
30 CTA_NAT,
31 CTA_TIMEOUT,
32 CTA_MARK,
33 CTA_COUNTERS_ORIG,
34 CTA_COUNTERS_REPLY,
35 CTA_USE,
36 CTA_ID,
37 __CTA_MAX
38};
39#define CTA_MAX (__CTA_MAX - 1)
40
41enum ctattr_tuple {
42 CTA_TUPLE_UNSPEC,
43 CTA_TUPLE_IP,
44 CTA_TUPLE_PROTO,
45 __CTA_TUPLE_MAX
46};
47#define CTA_TUPLE_MAX (__CTA_TUPLE_MAX - 1)
48
49enum ctattr_ip {
50 CTA_IP_UNSPEC,
51 CTA_IP_V4_SRC,
52 CTA_IP_V4_DST,
53 CTA_IP_V6_SRC,
54 CTA_IP_V6_DST,
55 __CTA_IP_MAX
56};
57#define CTA_IP_MAX (__CTA_IP_MAX - 1)
58
59enum ctattr_l4proto {
60 CTA_PROTO_UNSPEC,
61 CTA_PROTO_NUM,
62 CTA_PROTO_SRC_PORT,
63 CTA_PROTO_DST_PORT,
64 CTA_PROTO_ICMP_ID,
65 CTA_PROTO_ICMP_TYPE,
66 CTA_PROTO_ICMP_CODE,
67 __CTA_PROTO_MAX
68};
69#define CTA_PROTO_MAX (__CTA_PROTO_MAX - 1)
70
71enum ctattr_protoinfo {
72 CTA_PROTOINFO_UNSPEC,
73 CTA_PROTOINFO_TCP_STATE,
74 __CTA_PROTOINFO_MAX
75};
76#define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1)
77
78enum ctattr_counters {
79 CTA_COUNTERS_UNSPEC,
80 CTA_COUNTERS_PACKETS,
81 CTA_COUNTERS_BYTES,
82 __CTA_COUNTERS_MAX
83};
84#define CTA_COUNTERS_MAX (__CTA_COUNTERS_MAX - 1)
85
86enum ctattr_nat {
87 CTA_NAT_UNSPEC,
88 CTA_NAT_MINIP,
89 CTA_NAT_MAXIP,
90 CTA_NAT_PROTO,
91 __CTA_NAT_MAX
92};
93#define CTA_NAT_MAX (__CTA_NAT_MAX - 1)
94
95enum ctattr_protonat {
96 CTA_PROTONAT_UNSPEC,
97 CTA_PROTONAT_PORT_MIN,
98 CTA_PROTONAT_PORT_MAX,
99 __CTA_PROTONAT_MAX
100};
101#define CTA_PROTONAT_MAX (__CTA_PROTONAT_MAX - 1)
102
103enum ctattr_expect {
104 CTA_EXPECT_UNSPEC,
105 CTA_EXPECT_MASTER,
106 CTA_EXPECT_TUPLE,
107 CTA_EXPECT_MASK,
108 CTA_EXPECT_TIMEOUT,
109 CTA_EXPECT_ID,
110 CTA_EXPECT_HELP_NAME,
111 __CTA_EXPECT_MAX
112};
113#define CTA_EXPECT_MAX (__CTA_EXPECT_MAX - 1)
114
115enum ctattr_help {
116 CTA_HELP_UNSPEC,
117 CTA_HELP_NAME,
118 __CTA_HELP_MAX
119};
120#define CTA_HELP_MAX (__CTA_HELP_MAX - 1)
121
122#define CTA_HELP_MAXNAMESIZE 32
123
124#endif /* _IPCONNTRACK_NETLINK_H */
diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h
new file mode 100644
index 000000000000..b04b03880595
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink_log.h
@@ -0,0 +1,88 @@
1#ifndef _NFNETLINK_LOG_H
2#define _NFNETLINK_LOG_H
3
4/* This file describes the netlink messages (i.e. 'protocol packets'),
5 * and not any kind of function definitions. It is shared between kernel and
6 * userspace. Don't put kernel specific stuff in here */
7
8#include <linux/types.h>
9#include <linux/netfilter/nfnetlink.h>
10
11enum nfulnl_msg_types {
12 NFULNL_MSG_PACKET, /* packet from kernel to userspace */
13 NFULNL_MSG_CONFIG, /* connect to a particular queue */
14
15 NFULNL_MSG_MAX
16};
17
18struct nfulnl_msg_packet_hdr {
19 u_int16_t hw_protocol; /* hw protocol (network order) */
20 u_int8_t hook; /* netfilter hook */
21 u_int8_t _pad;
22} __attribute__ ((packed));
23
24struct nfulnl_msg_packet_hw {
25 u_int16_t hw_addrlen;
26 u_int16_t _pad;
27 u_int8_t hw_addr[8];
28} __attribute__ ((packed));
29
30struct nfulnl_msg_packet_timestamp {
31 aligned_u64 sec;
32 aligned_u64 usec;
33} __attribute__ ((packed));
34
35#define NFULNL_PREFIXLEN 30 /* just like old log target */
36
37enum nfulnl_attr_type {
38 NFULA_UNSPEC,
39 NFULA_PACKET_HDR,
40 NFULA_MARK, /* u_int32_t nfmark */
41 NFULA_TIMESTAMP, /* nfulnl_msg_packet_timestamp */
42 NFULA_IFINDEX_INDEV, /* u_int32_t ifindex */
43 NFULA_IFINDEX_OUTDEV, /* u_int32_t ifindex */
44 NFULA_IFINDEX_PHYSINDEV, /* u_int32_t ifindex */
45 NFULA_IFINDEX_PHYSOUTDEV, /* u_int32_t ifindex */
46 NFULA_HWADDR, /* nfulnl_msg_packet_hw */
47 NFULA_PAYLOAD, /* opaque data payload */
48 NFULA_PREFIX, /* string prefix */
49 NFULA_UID, /* user id of socket */
50
51 __NFULA_MAX
52};
53#define NFULA_MAX (__NFULA_MAX - 1)
54
55enum nfulnl_msg_config_cmds {
56 NFULNL_CFG_CMD_NONE,
57 NFULNL_CFG_CMD_BIND,
58 NFULNL_CFG_CMD_UNBIND,
59 NFULNL_CFG_CMD_PF_BIND,
60 NFULNL_CFG_CMD_PF_UNBIND,
61};
62
63struct nfulnl_msg_config_cmd {
64 u_int8_t command; /* nfulnl_msg_config_cmds */
65} __attribute__ ((packed));
66
67struct nfulnl_msg_config_mode {
68 u_int32_t copy_range;
69 u_int8_t copy_mode;
70 u_int8_t _pad;
71} __attribute__ ((packed));
72
73enum nfulnl_attr_config {
74 NFULA_CFG_UNSPEC,
75 NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */
76 NFULA_CFG_MODE, /* nfulnl_msg_config_mode */
77 NFULA_CFG_NLBUFSIZ, /* u_int32_t buffer size */
78 NFULA_CFG_TIMEOUT, /* u_int32_t in 1/100 s */
79 NFULA_CFG_QTHRESH, /* u_int32_t */
80 __NFULA_CFG_MAX
81};
82#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1)
83
84#define NFULNL_COPY_NONE 0x00
85#define NFULNL_COPY_META 0x01
86#define NFULNL_COPY_PACKET 0x02
87
88#endif /* _NFNETLINK_LOG_H */
diff --git a/include/linux/netfilter/nfnetlink_queue.h b/include/linux/netfilter/nfnetlink_queue.h
new file mode 100644
index 000000000000..9e774373244c
--- /dev/null
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -0,0 +1,89 @@
1#ifndef _NFNETLINK_QUEUE_H
2#define _NFNETLINK_QUEUE_H
3
4#include <linux/types.h>
5#include <linux/netfilter/nfnetlink.h>
6
7enum nfqnl_msg_types {
8 NFQNL_MSG_PACKET, /* packet from kernel to userspace */
9 NFQNL_MSG_VERDICT, /* verdict from userspace to kernel */
10 NFQNL_MSG_CONFIG, /* connect to a particular queue */
11
12 NFQNL_MSG_MAX
13};
14
15struct nfqnl_msg_packet_hdr {
16 u_int32_t packet_id; /* unique ID of packet in queue */
17 u_int16_t hw_protocol; /* hw protocol (network order) */
18 u_int8_t hook; /* netfilter hook */
19} __attribute__ ((packed));
20
21struct nfqnl_msg_packet_hw {
22 u_int16_t hw_addrlen;
23 u_int16_t _pad;
24 u_int8_t hw_addr[8];
25} __attribute__ ((packed));
26
27struct nfqnl_msg_packet_timestamp {
28 aligned_u64 sec;
29 aligned_u64 usec;
30} __attribute__ ((packed));
31
32enum nfqnl_attr_type {
33 NFQA_UNSPEC,
34 NFQA_PACKET_HDR,
35 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */
36 NFQA_MARK, /* u_int32_t nfmark */
37 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */
38 NFQA_IFINDEX_INDEV, /* u_int32_t ifindex */
39 NFQA_IFINDEX_OUTDEV, /* u_int32_t ifindex */
40 NFQA_IFINDEX_PHYSINDEV, /* u_int32_t ifindex */
41 NFQA_IFINDEX_PHYSOUTDEV, /* u_int32_t ifindex */
42 NFQA_HWADDR, /* nfqnl_msg_packet_hw */
43 NFQA_PAYLOAD, /* opaque data payload */
44
45 __NFQA_MAX
46};
47#define NFQA_MAX (__NFQA_MAX - 1)
48
49struct nfqnl_msg_verdict_hdr {
50 u_int32_t verdict;
51 u_int32_t id;
52} __attribute__ ((packed));
53
54
55enum nfqnl_msg_config_cmds {
56 NFQNL_CFG_CMD_NONE,
57 NFQNL_CFG_CMD_BIND,
58 NFQNL_CFG_CMD_UNBIND,
59 NFQNL_CFG_CMD_PF_BIND,
60 NFQNL_CFG_CMD_PF_UNBIND,
61};
62
63struct nfqnl_msg_config_cmd {
64 u_int8_t command; /* nfqnl_msg_config_cmds */
65 u_int8_t _pad;
66 u_int16_t pf; /* AF_xxx for PF_[UN]BIND */
67} __attribute__ ((packed));
68
69enum nfqnl_config_mode {
70 NFQNL_COPY_NONE,
71 NFQNL_COPY_META,
72 NFQNL_COPY_PACKET,
73};
74
75struct nfqnl_msg_config_params {
76 u_int32_t copy_range;
77 u_int8_t copy_mode; /* enum nfqnl_config_mode */
78} __attribute__ ((packed));
79
80
81enum nfqnl_attr_config {
82 NFQA_CFG_UNSPEC,
83 NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */
84 NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */
85 __NFQA_CFG_MAX
86};
87#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1)
88
89#endif /* _NFNETLINK_QUEUE_H */
diff --git a/include/linux/netfilter_decnet.h b/include/linux/netfilter_decnet.h
index 3064eec9cb8e..6f425369ee29 100644
--- a/include/linux/netfilter_decnet.h
+++ b/include/linux/netfilter_decnet.h
@@ -9,6 +9,8 @@
9 9
10#include <linux/netfilter.h> 10#include <linux/netfilter.h>
11 11
12/* only for userspace compatibility */
13#ifndef __KERNEL__
12/* IP Cache bits. */ 14/* IP Cache bits. */
13/* Src IP address. */ 15/* Src IP address. */
14#define NFC_DN_SRC 0x0001 16#define NFC_DN_SRC 0x0001
@@ -18,6 +20,7 @@
18#define NFC_DN_IF_IN 0x0004 20#define NFC_DN_IF_IN 0x0004
19/* Output device. */ 21/* Output device. */
20#define NFC_DN_IF_OUT 0x0008 22#define NFC_DN_IF_OUT 0x0008
23#endif /* ! __KERNEL__ */
21 24
22/* DECnet Hooks */ 25/* DECnet Hooks */
23/* After promisc drops, checksum checks. */ 26/* After promisc drops, checksum checks. */
@@ -53,7 +56,21 @@ struct nf_dn_rtmsg {
53 56
54#define NFDN_RTMSG(r) ((unsigned char *)(r) + NLMSG_ALIGN(sizeof(struct nf_dn_rtmsg))) 57#define NFDN_RTMSG(r) ((unsigned char *)(r) + NLMSG_ALIGN(sizeof(struct nf_dn_rtmsg)))
55 58
59#ifndef __KERNEL__
60/* backwards compatibility for userspace */
56#define DNRMG_L1_GROUP 0x01 61#define DNRMG_L1_GROUP 0x01
57#define DNRMG_L2_GROUP 0x02 62#define DNRMG_L2_GROUP 0x02
63#endif
64
65enum {
66 DNRNG_NLGRP_NONE,
67#define DNRNG_NLGRP_NONE DNRNG_NLGRP_NONE
68 DNRNG_NLGRP_L1,
69#define DNRNG_NLGRP_L1 DNRNG_NLGRP_L1
70 DNRNG_NLGRP_L2,
71#define DNRNG_NLGRP_L2 DNRNG_NLGRP_L2
72 __DNRNG_NLGRP_MAX
73};
74#define DNRNG_NLGRP_MAX (__DNRNG_NLGRP_MAX - 1)
58 75
59#endif /*__LINUX_DECNET_NETFILTER_H*/ 76#endif /*__LINUX_DECNET_NETFILTER_H*/
diff --git a/include/linux/netfilter_ipv4.h b/include/linux/netfilter_ipv4.h
index 3ebc36afae1a..fdc4a9527343 100644
--- a/include/linux/netfilter_ipv4.h
+++ b/include/linux/netfilter_ipv4.h
@@ -8,6 +8,8 @@
8#include <linux/config.h> 8#include <linux/config.h>
9#include <linux/netfilter.h> 9#include <linux/netfilter.h>
10 10
11/* only for userspace compatibility */
12#ifndef __KERNEL__
11/* IP Cache bits. */ 13/* IP Cache bits. */
12/* Src IP address. */ 14/* Src IP address. */
13#define NFC_IP_SRC 0x0001 15#define NFC_IP_SRC 0x0001
@@ -35,6 +37,7 @@
35#define NFC_IP_DST_PT 0x0400 37#define NFC_IP_DST_PT 0x0400
36/* Something else about the proto */ 38/* Something else about the proto */
37#define NFC_IP_PROTO_UNKNOWN 0x2000 39#define NFC_IP_PROTO_UNKNOWN 0x2000
40#endif /* ! __KERNEL__ */
38 41
39/* IP Hooks */ 42/* IP Hooks */
40/* After promisc drops, checksum checks. */ 43/* After promisc drops, checksum checks. */
@@ -77,11 +80,6 @@ enum nf_ip_hook_priorities {
77#ifdef __KERNEL__ 80#ifdef __KERNEL__
78extern int ip_route_me_harder(struct sk_buff **pskb); 81extern int ip_route_me_harder(struct sk_buff **pskb);
79 82
80/* Call this before modifying an existing IP packet: ensures it is
81 modifiable and linear to the point you care about (writable_len).
82 Returns true or false. */
83extern int skb_ip_make_writable(struct sk_buff **pskb,
84 unsigned int writable_len);
85#endif /*__KERNEL__*/ 83#endif /*__KERNEL__*/
86 84
87#endif /*__LINUX_IP_NETFILTER_H*/ 85#endif /*__LINUX_IP_NETFILTER_H*/
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h
index 08fe5f7d14a0..088742befe49 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack.h
@@ -65,6 +65,63 @@ enum ip_conntrack_status {
65 65
66 /* Both together */ 66 /* Both together */
67 IPS_NAT_DONE_MASK = (IPS_DST_NAT_DONE | IPS_SRC_NAT_DONE), 67 IPS_NAT_DONE_MASK = (IPS_DST_NAT_DONE | IPS_SRC_NAT_DONE),
68
69 /* Connection is dying (removed from lists), can not be unset. */
70 IPS_DYING_BIT = 9,
71 IPS_DYING = (1 << IPS_DYING_BIT),
72};
73
74/* Connection tracking event bits */
75enum ip_conntrack_events
76{
77 /* New conntrack */
78 IPCT_NEW_BIT = 0,
79 IPCT_NEW = (1 << IPCT_NEW_BIT),
80
81 /* Expected connection */
82 IPCT_RELATED_BIT = 1,
83 IPCT_RELATED = (1 << IPCT_RELATED_BIT),
84
85 /* Destroyed conntrack */
86 IPCT_DESTROY_BIT = 2,
87 IPCT_DESTROY = (1 << IPCT_DESTROY_BIT),
88
89 /* Timer has been refreshed */
90 IPCT_REFRESH_BIT = 3,
91 IPCT_REFRESH = (1 << IPCT_REFRESH_BIT),
92
93 /* Status has changed */
94 IPCT_STATUS_BIT = 4,
95 IPCT_STATUS = (1 << IPCT_STATUS_BIT),
96
97 /* Update of protocol info */
98 IPCT_PROTOINFO_BIT = 5,
99 IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT),
100
101 /* Volatile protocol info */
102 IPCT_PROTOINFO_VOLATILE_BIT = 6,
103 IPCT_PROTOINFO_VOLATILE = (1 << IPCT_PROTOINFO_VOLATILE_BIT),
104
105 /* New helper for conntrack */
106 IPCT_HELPER_BIT = 7,
107 IPCT_HELPER = (1 << IPCT_HELPER_BIT),
108
109 /* Update of helper info */
110 IPCT_HELPINFO_BIT = 8,
111 IPCT_HELPINFO = (1 << IPCT_HELPINFO_BIT),
112
113 /* Volatile helper info */
114 IPCT_HELPINFO_VOLATILE_BIT = 9,
115 IPCT_HELPINFO_VOLATILE = (1 << IPCT_HELPINFO_VOLATILE_BIT),
116
117 /* NAT info */
118 IPCT_NATINFO_BIT = 10,
119 IPCT_NATINFO = (1 << IPCT_NATINFO_BIT),
120};
121
122enum ip_conntrack_expect_events {
123 IPEXP_NEW_BIT = 0,
124 IPEXP_NEW = (1 << IPEXP_NEW_BIT),
68}; 125};
69 126
70#ifdef __KERNEL__ 127#ifdef __KERNEL__
@@ -152,6 +209,9 @@ struct ip_conntrack
152 /* Current number of expected connections */ 209 /* Current number of expected connections */
153 unsigned int expecting; 210 unsigned int expecting;
154 211
212 /* Unique ID that identifies this conntrack*/
213 unsigned int id;
214
155 /* Helper, if any. */ 215 /* Helper, if any. */
156 struct ip_conntrack_helper *helper; 216 struct ip_conntrack_helper *helper;
157 217
@@ -171,7 +231,7 @@ struct ip_conntrack
171#endif /* CONFIG_IP_NF_NAT_NEEDED */ 231#endif /* CONFIG_IP_NF_NAT_NEEDED */
172 232
173#if defined(CONFIG_IP_NF_CONNTRACK_MARK) 233#if defined(CONFIG_IP_NF_CONNTRACK_MARK)
174 unsigned long mark; 234 u_int32_t mark;
175#endif 235#endif
176 236
177 /* Traversed often, so hopefully in different cacheline to top */ 237 /* Traversed often, so hopefully in different cacheline to top */
@@ -200,6 +260,9 @@ struct ip_conntrack_expect
200 /* Usage count. */ 260 /* Usage count. */
201 atomic_t use; 261 atomic_t use;
202 262
263 /* Unique ID */
264 unsigned int id;
265
203#ifdef CONFIG_IP_NF_NAT_NEEDED 266#ifdef CONFIG_IP_NF_NAT_NEEDED
204 /* This is the original per-proto part, used to map the 267 /* This is the original per-proto part, used to map the
205 * expected connection the way the recipient expects. */ 268 * expected connection the way the recipient expects. */
@@ -239,7 +302,12 @@ ip_conntrack_get(const struct sk_buff *skb, enum ip_conntrack_info *ctinfo)
239} 302}
240 303
241/* decrement reference count on a conntrack */ 304/* decrement reference count on a conntrack */
242extern void ip_conntrack_put(struct ip_conntrack *ct); 305static inline void
306ip_conntrack_put(struct ip_conntrack *ct)
307{
308 IP_NF_ASSERT(ct);
309 nf_conntrack_put(&ct->ct_general);
310}
243 311
244/* call to create an explicit dependency on ip_conntrack. */ 312/* call to create an explicit dependency on ip_conntrack. */
245extern void need_ip_conntrack(void); 313extern void need_ip_conntrack(void);
@@ -274,12 +342,50 @@ extern void
274ip_ct_iterate_cleanup(int (*iter)(struct ip_conntrack *i, void *data), 342ip_ct_iterate_cleanup(int (*iter)(struct ip_conntrack *i, void *data),
275 void *data); 343 void *data);
276 344
345extern struct ip_conntrack_helper *
346__ip_conntrack_helper_find_byname(const char *);
347extern struct ip_conntrack_helper *
348ip_conntrack_helper_find_get(const struct ip_conntrack_tuple *tuple);
349extern void ip_conntrack_helper_put(struct ip_conntrack_helper *helper);
350
351extern struct ip_conntrack_protocol *
352__ip_conntrack_proto_find(u_int8_t protocol);
353extern struct ip_conntrack_protocol *
354ip_conntrack_proto_find_get(u_int8_t protocol);
355extern void ip_conntrack_proto_put(struct ip_conntrack_protocol *proto);
356
357extern void ip_ct_remove_expectations(struct ip_conntrack *ct);
358
359extern struct ip_conntrack *ip_conntrack_alloc(struct ip_conntrack_tuple *,
360 struct ip_conntrack_tuple *);
361
362extern void ip_conntrack_free(struct ip_conntrack *ct);
363
364extern void ip_conntrack_hash_insert(struct ip_conntrack *ct);
365
366extern struct ip_conntrack_expect *
367__ip_conntrack_expect_find(const struct ip_conntrack_tuple *tuple);
368
369extern struct ip_conntrack_expect *
370ip_conntrack_expect_find_get(const struct ip_conntrack_tuple *tuple);
371
372extern struct ip_conntrack_tuple_hash *
373__ip_conntrack_find(const struct ip_conntrack_tuple *tuple,
374 const struct ip_conntrack *ignored_conntrack);
375
376extern void ip_conntrack_flush(void);
377
277/* It's confirmed if it is, or has been in the hash table. */ 378/* It's confirmed if it is, or has been in the hash table. */
278static inline int is_confirmed(struct ip_conntrack *ct) 379static inline int is_confirmed(struct ip_conntrack *ct)
279{ 380{
280 return test_bit(IPS_CONFIRMED_BIT, &ct->status); 381 return test_bit(IPS_CONFIRMED_BIT, &ct->status);
281} 382}
282 383
384static inline int is_dying(struct ip_conntrack *ct)
385{
386 return test_bit(IPS_DYING_BIT, &ct->status);
387}
388
283extern unsigned int ip_conntrack_htable_size; 389extern unsigned int ip_conntrack_htable_size;
284 390
285struct ip_conntrack_stat 391struct ip_conntrack_stat
@@ -303,6 +409,85 @@ struct ip_conntrack_stat
303 409
304#define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++) 410#define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++)
305 411
412#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
413#include <linux/notifier.h>
414#include <linux/interrupt.h>
415
416struct ip_conntrack_ecache {
417 struct ip_conntrack *ct;
418 unsigned int events;
419};
420DECLARE_PER_CPU(struct ip_conntrack_ecache, ip_conntrack_ecache);
421
422#define CONNTRACK_ECACHE(x) (__get_cpu_var(ip_conntrack_ecache).x)
423
424extern struct notifier_block *ip_conntrack_chain;
425extern struct notifier_block *ip_conntrack_expect_chain;
426
427static inline int ip_conntrack_register_notifier(struct notifier_block *nb)
428{
429 return notifier_chain_register(&ip_conntrack_chain, nb);
430}
431
432static inline int ip_conntrack_unregister_notifier(struct notifier_block *nb)
433{
434 return notifier_chain_unregister(&ip_conntrack_chain, nb);
435}
436
437static inline int
438ip_conntrack_expect_register_notifier(struct notifier_block *nb)
439{
440 return notifier_chain_register(&ip_conntrack_expect_chain, nb);
441}
442
443static inline int
444ip_conntrack_expect_unregister_notifier(struct notifier_block *nb)
445{
446 return notifier_chain_unregister(&ip_conntrack_expect_chain, nb);
447}
448
449extern void ip_ct_deliver_cached_events(const struct ip_conntrack *ct);
450extern void __ip_ct_event_cache_init(struct ip_conntrack *ct);
451
452static inline void
453ip_conntrack_event_cache(enum ip_conntrack_events event,
454 const struct sk_buff *skb)
455{
456 struct ip_conntrack *ct = (struct ip_conntrack *)skb->nfct;
457 struct ip_conntrack_ecache *ecache;
458
459 local_bh_disable();
460 ecache = &__get_cpu_var(ip_conntrack_ecache);
461 if (ct != ecache->ct)
462 __ip_ct_event_cache_init(ct);
463 ecache->events |= event;
464 local_bh_enable();
465}
466
467static inline void ip_conntrack_event(enum ip_conntrack_events event,
468 struct ip_conntrack *ct)
469{
470 if (is_confirmed(ct) && !is_dying(ct))
471 notifier_call_chain(&ip_conntrack_chain, event, ct);
472}
473
474static inline void
475ip_conntrack_expect_event(enum ip_conntrack_expect_events event,
476 struct ip_conntrack_expect *exp)
477{
478 notifier_call_chain(&ip_conntrack_expect_chain, event, exp);
479}
480#else /* CONFIG_IP_NF_CONNTRACK_EVENTS */
481static inline void ip_conntrack_event_cache(enum ip_conntrack_events event,
482 const struct sk_buff *skb) {}
483static inline void ip_conntrack_event(enum ip_conntrack_events event,
484 struct ip_conntrack *ct) {}
485static inline void ip_ct_deliver_cached_events(const struct ip_conntrack *ct) {}
486static inline void
487ip_conntrack_expect_event(enum ip_conntrack_expect_events event,
488 struct ip_conntrack_expect *exp) {}
489#endif /* CONFIG_IP_NF_CONNTRACK_EVENTS */
490
306#ifdef CONFIG_IP_NF_NAT_NEEDED 491#ifdef CONFIG_IP_NF_NAT_NEEDED
307static inline int ip_nat_initialized(struct ip_conntrack *conntrack, 492static inline int ip_nat_initialized(struct ip_conntrack *conntrack,
308 enum ip_nat_manip_type manip) 493 enum ip_nat_manip_type manip)
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_core.h b/include/linux/netfilter_ipv4/ip_conntrack_core.h
index 694aec9b4784..dc4d2a0575de 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack_core.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_core.h
@@ -2,6 +2,9 @@
2#define _IP_CONNTRACK_CORE_H 2#define _IP_CONNTRACK_CORE_H
3#include <linux/netfilter.h> 3#include <linux/netfilter.h>
4 4
5#define MAX_IP_CT_PROTO 256
6extern struct ip_conntrack_protocol *ip_ct_protos[MAX_IP_CT_PROTO];
7
5/* This header is used to share core functionality between the 8/* This header is used to share core functionality between the
6 standalone connection tracking module, and the compatibility layer's use 9 standalone connection tracking module, and the compatibility layer's use
7 of connection tracking. */ 10 of connection tracking. */
@@ -38,12 +41,19 @@ extern int __ip_conntrack_confirm(struct sk_buff **pskb);
38/* Confirm a connection: returns NF_DROP if packet must be dropped. */ 41/* Confirm a connection: returns NF_DROP if packet must be dropped. */
39static inline int ip_conntrack_confirm(struct sk_buff **pskb) 42static inline int ip_conntrack_confirm(struct sk_buff **pskb)
40{ 43{
41 if ((*pskb)->nfct 44 struct ip_conntrack *ct = (struct ip_conntrack *)(*pskb)->nfct;
42 && !is_confirmed((struct ip_conntrack *)(*pskb)->nfct)) 45 int ret = NF_ACCEPT;
43 return __ip_conntrack_confirm(pskb); 46
44 return NF_ACCEPT; 47 if (ct) {
48 if (!is_confirmed(ct))
49 ret = __ip_conntrack_confirm(pskb);
50 ip_ct_deliver_cached_events(ct);
51 }
52 return ret;
45} 53}
46 54
55extern void __ip_ct_expect_unlink_destroy(struct ip_conntrack_expect *exp);
56
47extern struct list_head *ip_conntrack_hash; 57extern struct list_head *ip_conntrack_hash;
48extern struct list_head ip_conntrack_expect_list; 58extern struct list_head ip_conntrack_expect_list;
49extern rwlock_t ip_conntrack_lock; 59extern rwlock_t ip_conntrack_lock;
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_helper.h b/include/linux/netfilter_ipv4/ip_conntrack_helper.h
index 3692daa93dec..8d69279ccfe4 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack_helper.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_helper.h
@@ -24,6 +24,8 @@ struct ip_conntrack_helper
24 int (*help)(struct sk_buff **pskb, 24 int (*help)(struct sk_buff **pskb,
25 struct ip_conntrack *ct, 25 struct ip_conntrack *ct,
26 enum ip_conntrack_info conntrackinfo); 26 enum ip_conntrack_info conntrackinfo);
27
28 int (*to_nfattr)(struct sk_buff *skb, const struct ip_conntrack *ct);
27}; 29};
28 30
29extern int ip_conntrack_helper_register(struct ip_conntrack_helper *); 31extern int ip_conntrack_helper_register(struct ip_conntrack_helper *);
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_protocol.h b/include/linux/netfilter_ipv4/ip_conntrack_protocol.h
index e20b57c5e1b7..b6b99be8632a 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack_protocol.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_protocol.h
@@ -2,6 +2,7 @@
2#ifndef _IP_CONNTRACK_PROTOCOL_H 2#ifndef _IP_CONNTRACK_PROTOCOL_H
3#define _IP_CONNTRACK_PROTOCOL_H 3#define _IP_CONNTRACK_PROTOCOL_H
4#include <linux/netfilter_ipv4/ip_conntrack.h> 4#include <linux/netfilter_ipv4/ip_conntrack.h>
5#include <linux/netfilter/nfnetlink_conntrack.h>
5 6
6struct seq_file; 7struct seq_file;
7 8
@@ -47,22 +48,22 @@ struct ip_conntrack_protocol
47 int (*error)(struct sk_buff *skb, enum ip_conntrack_info *ctinfo, 48 int (*error)(struct sk_buff *skb, enum ip_conntrack_info *ctinfo,
48 unsigned int hooknum); 49 unsigned int hooknum);
49 50
51 /* convert protoinfo to nfnetink attributes */
52 int (*to_nfattr)(struct sk_buff *skb, struct nfattr *nfa,
53 const struct ip_conntrack *ct);
54
55 int (*tuple_to_nfattr)(struct sk_buff *skb,
56 const struct ip_conntrack_tuple *t);
57 int (*nfattr_to_tuple)(struct nfattr *tb[],
58 struct ip_conntrack_tuple *t);
59
50 /* Module (if any) which this is connected to. */ 60 /* Module (if any) which this is connected to. */
51 struct module *me; 61 struct module *me;
52}; 62};
53 63
54#define MAX_IP_CT_PROTO 256
55extern struct ip_conntrack_protocol *ip_ct_protos[MAX_IP_CT_PROTO];
56
57/* Protocol registration. */ 64/* Protocol registration. */
58extern int ip_conntrack_protocol_register(struct ip_conntrack_protocol *proto); 65extern int ip_conntrack_protocol_register(struct ip_conntrack_protocol *proto);
59extern void ip_conntrack_protocol_unregister(struct ip_conntrack_protocol *proto); 66extern void ip_conntrack_protocol_unregister(struct ip_conntrack_protocol *proto);
60
61static inline struct ip_conntrack_protocol *ip_ct_find_proto(u_int8_t protocol)
62{
63 return ip_ct_protos[protocol];
64}
65
66/* Existing built-in protocols */ 67/* Existing built-in protocols */
67extern struct ip_conntrack_protocol ip_conntrack_protocol_tcp; 68extern struct ip_conntrack_protocol ip_conntrack_protocol_tcp;
68extern struct ip_conntrack_protocol ip_conntrack_protocol_udp; 69extern struct ip_conntrack_protocol ip_conntrack_protocol_udp;
@@ -73,6 +74,11 @@ extern int ip_conntrack_protocol_tcp_init(void);
73/* Log invalid packets */ 74/* Log invalid packets */
74extern unsigned int ip_ct_log_invalid; 75extern unsigned int ip_ct_log_invalid;
75 76
77extern int ip_ct_port_tuple_to_nfattr(struct sk_buff *,
78 const struct ip_conntrack_tuple *);
79extern int ip_ct_port_nfattr_to_tuple(struct nfattr *tb[],
80 struct ip_conntrack_tuple *);
81
76#ifdef CONFIG_SYSCTL 82#ifdef CONFIG_SYSCTL
77#ifdef DEBUG_INVALID_PACKETS 83#ifdef DEBUG_INVALID_PACKETS
78#define LOG_INVALID(proto) \ 84#define LOG_INVALID(proto) \
diff --git a/include/linux/netfilter_ipv4/ip_logging.h b/include/linux/netfilter_ipv4/ip_logging.h
deleted file mode 100644
index 0c5c52cb6589..000000000000
--- a/include/linux/netfilter_ipv4/ip_logging.h
+++ /dev/null
@@ -1,20 +0,0 @@
1/* IPv4 macros for the internal logging interface. */
2#ifndef __IP_LOGGING_H
3#define __IP_LOGGING_H
4
5#ifdef __KERNEL__
6#include <linux/socket.h>
7#include <linux/netfilter_logging.h>
8
9#define nf_log_ip_packet(pskb,hooknum,in,out,fmt,args...) \
10 nf_log_packet(AF_INET,pskb,hooknum,in,out,fmt,##args)
11
12#define nf_log_ip(pfh,len,fmt,args...) \
13 nf_log(AF_INET,pfh,len,fmt,##args)
14
15#define nf_ip_log_register(logging) nf_log_register(AF_INET,logging)
16#define nf_ip_log_unregister(logging) nf_log_unregister(AF_INET,logging)
17
18#endif /*__KERNEL__*/
19
20#endif /*__IP_LOGGING_H*/
diff --git a/include/linux/netfilter_ipv4/ip_nat_protocol.h b/include/linux/netfilter_ipv4/ip_nat_protocol.h
index 129708c22386..ef63aa991a06 100644
--- a/include/linux/netfilter_ipv4/ip_nat_protocol.h
+++ b/include/linux/netfilter_ipv4/ip_nat_protocol.h
@@ -4,6 +4,9 @@
4#include <linux/init.h> 4#include <linux/init.h>
5#include <linux/list.h> 5#include <linux/list.h>
6 6
7#include <linux/netfilter_ipv4/ip_nat.h>
8#include <linux/netfilter/nfnetlink_conntrack.h>
9
7struct iphdr; 10struct iphdr;
8struct ip_nat_range; 11struct ip_nat_range;
9 12
@@ -15,6 +18,8 @@ struct ip_nat_protocol
15 /* Protocol number. */ 18 /* Protocol number. */
16 unsigned int protonum; 19 unsigned int protonum;
17 20
21 struct module *me;
22
18 /* Translate a packet to the target according to manip type. 23 /* Translate a packet to the target according to manip type.
19 Return true if succeeded. */ 24 Return true if succeeded. */
20 int (*manip_pkt)(struct sk_buff **pskb, 25 int (*manip_pkt)(struct sk_buff **pskb,
@@ -43,19 +48,20 @@ struct ip_nat_protocol
43 48
44 unsigned int (*print_range)(char *buffer, 49 unsigned int (*print_range)(char *buffer,
45 const struct ip_nat_range *range); 50 const struct ip_nat_range *range);
46};
47 51
48#define MAX_IP_NAT_PROTO 256 52 int (*range_to_nfattr)(struct sk_buff *skb,
49extern struct ip_nat_protocol *ip_nat_protos[MAX_IP_NAT_PROTO]; 53 const struct ip_nat_range *range);
54
55 int (*nfattr_to_range)(struct nfattr *tb[],
56 struct ip_nat_range *range);
57};
50 58
51/* Protocol registration. */ 59/* Protocol registration. */
52extern int ip_nat_protocol_register(struct ip_nat_protocol *proto); 60extern int ip_nat_protocol_register(struct ip_nat_protocol *proto);
53extern void ip_nat_protocol_unregister(struct ip_nat_protocol *proto); 61extern void ip_nat_protocol_unregister(struct ip_nat_protocol *proto);
54 62
55static inline struct ip_nat_protocol *ip_nat_find_proto(u_int8_t protocol) 63extern struct ip_nat_protocol *ip_nat_proto_find_get(u_int8_t protocol);
56{ 64extern void ip_nat_proto_put(struct ip_nat_protocol *proto);
57 return ip_nat_protos[protocol];
58}
59 65
60/* Built-in protocols. */ 66/* Built-in protocols. */
61extern struct ip_nat_protocol ip_nat_protocol_tcp; 67extern struct ip_nat_protocol ip_nat_protocol_tcp;
@@ -67,4 +73,9 @@ extern int init_protocols(void) __init;
67extern void cleanup_protocols(void); 73extern void cleanup_protocols(void);
68extern struct ip_nat_protocol *find_nat_proto(u_int16_t protonum); 74extern struct ip_nat_protocol *find_nat_proto(u_int16_t protonum);
69 75
76extern int ip_nat_port_range_to_nfattr(struct sk_buff *skb,
77 const struct ip_nat_range *range);
78extern int ip_nat_port_nfattr_to_range(struct nfattr *tb[],
79 struct ip_nat_range *range);
80
70#endif /*_IP_NAT_PROTO_H*/ 81#endif /*_IP_NAT_PROTO_H*/
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h
index 12ce47808e7d..d19d65cf4530 100644
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -109,7 +109,8 @@ struct ipt_counters
109 109
110/* Values for "flag" field in struct ipt_ip (general ip structure). */ 110/* Values for "flag" field in struct ipt_ip (general ip structure). */
111#define IPT_F_FRAG 0x01 /* Set if rule is a fragment rule */ 111#define IPT_F_FRAG 0x01 /* Set if rule is a fragment rule */
112#define IPT_F_MASK 0x01 /* All possible flag bits mask. */ 112#define IPT_F_GOTO 0x02 /* Set if jump is a goto */
113#define IPT_F_MASK 0x03 /* All possible flag bits mask. */
113 114
114/* Values for "inv" field in struct ipt_ip. */ 115/* Values for "inv" field in struct ipt_ip. */
115#define IPT_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */ 116#define IPT_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */
diff --git a/include/linux/netfilter_ipv4/ipt_LOG.h b/include/linux/netfilter_ipv4/ipt_LOG.h
index d25f782e57d1..22d16177319b 100644
--- a/include/linux/netfilter_ipv4/ipt_LOG.h
+++ b/include/linux/netfilter_ipv4/ipt_LOG.h
@@ -1,6 +1,7 @@
1#ifndef _IPT_LOG_H 1#ifndef _IPT_LOG_H
2#define _IPT_LOG_H 2#define _IPT_LOG_H
3 3
4/* make sure not to change this without changing netfilter.h:NF_LOG_* (!) */
4#define IPT_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */ 5#define IPT_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
5#define IPT_LOG_TCPOPT 0x02 /* Log TCP options */ 6#define IPT_LOG_TCPOPT 0x02 /* Log TCP options */
6#define IPT_LOG_IPOPT 0x04 /* Log IP options */ 7#define IPT_LOG_IPOPT 0x04 /* Log IP options */
diff --git a/include/linux/netfilter_ipv4/ipt_NFQUEUE.h b/include/linux/netfilter_ipv4/ipt_NFQUEUE.h
new file mode 100644
index 000000000000..b5b2943b0c66
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_NFQUEUE.h
@@ -0,0 +1,16 @@
1/* iptables module for using NFQUEUE mechanism
2 *
3 * (C) 2005 Harald Welte <laforge@netfilter.org>
4 *
5 * This software is distributed under GNU GPL v2, 1991
6 *
7*/
8#ifndef _IPT_NFQ_TARGET_H
9#define _IPT_NFQ_TARGET_H
10
11/* target info */
12struct ipt_NFQ_info {
13 u_int16_t queuenum;
14};
15
16#endif /* _IPT_DSCP_TARGET_H */
diff --git a/include/linux/netfilter_ipv4/ipt_TTL.h b/include/linux/netfilter_ipv4/ipt_TTL.h
new file mode 100644
index 000000000000..ee6611edc112
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_TTL.h
@@ -0,0 +1,21 @@
1/* TTL modification module for IP tables
2 * (C) 2000 by Harald Welte <laforge@netfilter.org> */
3
4#ifndef _IPT_TTL_H
5#define _IPT_TTL_H
6
7enum {
8 IPT_TTL_SET = 0,
9 IPT_TTL_INC,
10 IPT_TTL_DEC
11};
12
13#define IPT_TTL_MAXMODE IPT_TTL_DEC
14
15struct ipt_TTL_info {
16 u_int8_t mode;
17 u_int8_t ttl;
18};
19
20
21#endif
diff --git a/include/linux/netfilter_ipv4/ipt_connbytes.h b/include/linux/netfilter_ipv4/ipt_connbytes.h
new file mode 100644
index 000000000000..9e5532f8d8ac
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_connbytes.h
@@ -0,0 +1,25 @@
1#ifndef _IPT_CONNBYTES_H
2#define _IPT_CONNBYTES_H
3
4enum ipt_connbytes_what {
5 IPT_CONNBYTES_PKTS,
6 IPT_CONNBYTES_BYTES,
7 IPT_CONNBYTES_AVGPKT,
8};
9
10enum ipt_connbytes_direction {
11 IPT_CONNBYTES_DIR_ORIGINAL,
12 IPT_CONNBYTES_DIR_REPLY,
13 IPT_CONNBYTES_DIR_BOTH,
14};
15
16struct ipt_connbytes_info
17{
18 struct {
19 aligned_u64 from; /* count to be matched */
20 aligned_u64 to; /* count to be matched */
21 } count;
22 u_int8_t what; /* ipt_connbytes_what */
23 u_int8_t direction; /* ipt_connbytes_direction */
24};
25#endif
diff --git a/include/linux/netfilter_ipv4/ipt_dccp.h b/include/linux/netfilter_ipv4/ipt_dccp.h
new file mode 100644
index 000000000000..3cb3a522e62b
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_dccp.h
@@ -0,0 +1,23 @@
1#ifndef _IPT_DCCP_H_
2#define _IPT_DCCP_H_
3
4#define IPT_DCCP_SRC_PORTS 0x01
5#define IPT_DCCP_DEST_PORTS 0x02
6#define IPT_DCCP_TYPE 0x04
7#define IPT_DCCP_OPTION 0x08
8
9#define IPT_DCCP_VALID_FLAGS 0x0f
10
11struct ipt_dccp_info {
12 u_int16_t dpts[2]; /* Min, Max */
13 u_int16_t spts[2]; /* Min, Max */
14
15 u_int16_t flags;
16 u_int16_t invflags;
17
18 u_int16_t typemask;
19 u_int8_t option;
20};
21
22#endif /* _IPT_DCCP_H_ */
23
diff --git a/include/linux/netfilter_ipv4/ipt_string.h b/include/linux/netfilter_ipv4/ipt_string.h
new file mode 100644
index 000000000000..a265f6e44eab
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_string.h
@@ -0,0 +1,18 @@
1#ifndef _IPT_STRING_H
2#define _IPT_STRING_H
3
4#define IPT_STRING_MAX_PATTERN_SIZE 128
5#define IPT_STRING_MAX_ALGO_NAME_SIZE 16
6
7struct ipt_string_info
8{
9 u_int16_t from_offset;
10 u_int16_t to_offset;
11 char algo[IPT_STRING_MAX_ALGO_NAME_SIZE];
12 char pattern[IPT_STRING_MAX_PATTERN_SIZE];
13 u_int8_t patlen;
14 u_int8_t invert;
15 struct ts_config __attribute__((aligned(8))) *config;
16};
17
18#endif /*_IPT_STRING_H*/
diff --git a/include/linux/netfilter_ipv6.h b/include/linux/netfilter_ipv6.h
index bee7a5ec7c66..edcc2c6eb5c7 100644
--- a/include/linux/netfilter_ipv6.h
+++ b/include/linux/netfilter_ipv6.h
@@ -10,6 +10,8 @@
10 10
11#include <linux/netfilter.h> 11#include <linux/netfilter.h>
12 12
13/* only for userspace compatibility */
14#ifndef __KERNEL__
13/* IP Cache bits. */ 15/* IP Cache bits. */
14/* Src IP address. */ 16/* Src IP address. */
15#define NFC_IP6_SRC 0x0001 17#define NFC_IP6_SRC 0x0001
@@ -38,6 +40,7 @@
38#define NFC_IP6_DST_PT 0x0400 40#define NFC_IP6_DST_PT 0x0400
39/* Something else about the proto */ 41/* Something else about the proto */
40#define NFC_IP6_PROTO_UNKNOWN 0x2000 42#define NFC_IP6_PROTO_UNKNOWN 0x2000
43#endif /* ! __KERNEL__ */
41 44
42 45
43/* IP6 Hooks */ 46/* IP6 Hooks */
@@ -68,4 +71,7 @@ enum nf_ip6_hook_priorities {
68 NF_IP6_PRI_LAST = INT_MAX, 71 NF_IP6_PRI_LAST = INT_MAX,
69}; 72};
70 73
74extern int ipv6_netfilter_init(void);
75extern void ipv6_netfilter_fini(void);
76
71#endif /*__LINUX_IP6_NETFILTER_H*/ 77#endif /*__LINUX_IP6_NETFILTER_H*/
diff --git a/include/linux/netfilter_ipv6/ip6_logging.h b/include/linux/netfilter_ipv6/ip6_logging.h
deleted file mode 100644
index a0b2ee3043aa..000000000000
--- a/include/linux/netfilter_ipv6/ip6_logging.h
+++ /dev/null
@@ -1,20 +0,0 @@
1/* IPv6 macros for the nternal logging interface. */
2#ifndef __IP6_LOGGING_H
3#define __IP6_LOGGING_H
4
5#ifdef __KERNEL__
6#include <linux/socket.h>
7#include <linux/netfilter_logging.h>
8
9#define nf_log_ip6_packet(pskb,hooknum,in,out,fmt,args...) \
10 nf_log_packet(AF_INET6,pskb,hooknum,in,out,fmt,##args)
11
12#define nf_log_ip6(pfh,len,fmt,args...) \
13 nf_log(AF_INET6,pfh,len,fmt,##args)
14
15#define nf_ip6_log_register(logging) nf_log_register(AF_INET6,logging)
16#define nf_ip6_log_unregister(logging) nf_log_unregister(AF_INET6,logging)
17
18#endif /*__KERNEL__*/
19
20#endif /*__IP6_LOGGING_H*/
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h
index f1ce3b009853..58c72a52dc65 100644
--- a/include/linux/netfilter_ipv6/ip6_tables.h
+++ b/include/linux/netfilter_ipv6/ip6_tables.h
@@ -111,7 +111,8 @@ struct ip6t_counters
111#define IP6T_F_PROTO 0x01 /* Set if rule cares about upper 111#define IP6T_F_PROTO 0x01 /* Set if rule cares about upper
112 protocols */ 112 protocols */
113#define IP6T_F_TOS 0x02 /* Match the TOS. */ 113#define IP6T_F_TOS 0x02 /* Match the TOS. */
114#define IP6T_F_MASK 0x03 /* All possible flag bits mask. */ 114#define IP6T_F_GOTO 0x04 /* Set if jump is a goto */
115#define IP6T_F_MASK 0x07 /* All possible flag bits mask. */
115 116
116/* Values for "inv" field in struct ip6t_ip6. */ 117/* Values for "inv" field in struct ip6t_ip6. */
117#define IP6T_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */ 118#define IP6T_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */
diff --git a/include/linux/netfilter_ipv6/ip6t_HL.h b/include/linux/netfilter_ipv6/ip6t_HL.h
new file mode 100644
index 000000000000..afb7813d45ab
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_HL.h
@@ -0,0 +1,22 @@
1/* Hop Limit modification module for ip6tables
2 * Maciej Soltysiak <solt@dns.toxicfilms.tv>
3 * Based on HW's TTL module */
4
5#ifndef _IP6T_HL_H
6#define _IP6T_HL_H
7
8enum {
9 IP6T_HL_SET = 0,
10 IP6T_HL_INC,
11 IP6T_HL_DEC
12};
13
14#define IP6T_HL_MAXMODE IP6T_HL_DEC
15
16struct ip6t_HL_info {
17 u_int8_t mode;
18 u_int8_t hop_limit;
19};
20
21
22#endif
diff --git a/include/linux/netfilter_ipv6/ip6t_LOG.h b/include/linux/netfilter_ipv6/ip6t_LOG.h
index 42996a43bb39..9008ff5c40ae 100644
--- a/include/linux/netfilter_ipv6/ip6t_LOG.h
+++ b/include/linux/netfilter_ipv6/ip6t_LOG.h
@@ -1,6 +1,7 @@
1#ifndef _IP6T_LOG_H 1#ifndef _IP6T_LOG_H
2#define _IP6T_LOG_H 2#define _IP6T_LOG_H
3 3
4/* make sure not to change this without changing netfilter.h:NF_LOG_* (!) */
4#define IP6T_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */ 5#define IP6T_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
5#define IP6T_LOG_TCPOPT 0x02 /* Log TCP options */ 6#define IP6T_LOG_TCPOPT 0x02 /* Log TCP options */
6#define IP6T_LOG_IPOPT 0x04 /* Log IP options */ 7#define IP6T_LOG_IPOPT 0x04 /* Log IP options */
diff --git a/include/linux/netfilter_ipv6/ip6t_REJECT.h b/include/linux/netfilter_ipv6/ip6t_REJECT.h
new file mode 100644
index 000000000000..6be6504162bb
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_REJECT.h
@@ -0,0 +1,18 @@
1#ifndef _IP6T_REJECT_H
2#define _IP6T_REJECT_H
3
4enum ip6t_reject_with {
5 IP6T_ICMP6_NO_ROUTE,
6 IP6T_ICMP6_ADM_PROHIBITED,
7 IP6T_ICMP6_NOT_NEIGHBOUR,
8 IP6T_ICMP6_ADDR_UNREACH,
9 IP6T_ICMP6_PORT_UNREACH,
10 IP6T_ICMP6_ECHOREPLY,
11 IP6T_TCP_RESET
12};
13
14struct ip6t_reject_info {
15 u_int32_t with; /* reject type */
16};
17
18#endif /*_IP6T_REJECT_H*/
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index 6552b71bfa73..167518668936 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -8,7 +8,7 @@
8#define NETLINK_W1 1 /* 1-wire subsystem */ 8#define NETLINK_W1 1 /* 1-wire subsystem */
9#define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */ 9#define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */
10#define NETLINK_FIREWALL 3 /* Firewalling hook */ 10#define NETLINK_FIREWALL 3 /* Firewalling hook */
11#define NETLINK_TCPDIAG 4 /* TCP socket monitoring */ 11#define NETLINK_INET_DIAG 4 /* INET socket monitoring */
12#define NETLINK_NFLOG 5 /* netfilter/iptables ULOG */ 12#define NETLINK_NFLOG 5 /* netfilter/iptables ULOG */
13#define NETLINK_XFRM 6 /* ipsec */ 13#define NETLINK_XFRM 6 /* ipsec */
14#define NETLINK_SELINUX 7 /* SELinux event notifications */ 14#define NETLINK_SELINUX 7 /* SELinux event notifications */
@@ -90,6 +90,15 @@ struct nlmsgerr
90 struct nlmsghdr msg; 90 struct nlmsghdr msg;
91}; 91};
92 92
93#define NETLINK_ADD_MEMBERSHIP 1
94#define NETLINK_DROP_MEMBERSHIP 2
95#define NETLINK_PKTINFO 3
96
97struct nl_pktinfo
98{
99 __u32 group;
100};
101
93#define NET_MAJOR 36 /* Major 36 is reserved for networking */ 102#define NET_MAJOR 36 /* Major 36 is reserved for networking */
94 103
95enum { 104enum {
@@ -106,9 +115,8 @@ struct netlink_skb_parms
106{ 115{
107 struct ucred creds; /* Skb credentials */ 116 struct ucred creds; /* Skb credentials */
108 __u32 pid; 117 __u32 pid;
109 __u32 groups;
110 __u32 dst_pid; 118 __u32 dst_pid;
111 __u32 dst_groups; 119 __u32 dst_group;
112 kernel_cap_t eff_cap; 120 kernel_cap_t eff_cap;
113 __u32 loginuid; /* Login (audit) uid */ 121 __u32 loginuid; /* Login (audit) uid */
114}; 122};
@@ -117,11 +125,11 @@ struct netlink_skb_parms
117#define NETLINK_CREDS(skb) (&NETLINK_CB((skb)).creds) 125#define NETLINK_CREDS(skb) (&NETLINK_CB((skb)).creds)
118 126
119 127
120extern struct sock *netlink_kernel_create(int unit, void (*input)(struct sock *sk, int len)); 128extern struct sock *netlink_kernel_create(int unit, unsigned int groups, void (*input)(struct sock *sk, int len), struct module *module);
121extern void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err); 129extern void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err);
122extern int netlink_unicast(struct sock *ssk, struct sk_buff *skb, __u32 pid, int nonblock); 130extern int netlink_unicast(struct sock *ssk, struct sk_buff *skb, __u32 pid, int nonblock);
123extern int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, __u32 pid, 131extern int netlink_broadcast(struct sock *ssk, struct sk_buff *skb, __u32 pid,
124 __u32 group, int allocation); 132 __u32 group, unsigned int __nocast allocation);
125extern void netlink_set_err(struct sock *ssk, __u32 pid, __u32 group, int code); 133extern void netlink_set_err(struct sock *ssk, __u32 pid, __u32 group, int code);
126extern int netlink_register_notifier(struct notifier_block *nb); 134extern int netlink_register_notifier(struct notifier_block *nb);
127extern int netlink_unregister_notifier(struct notifier_block *nb); 135extern int netlink_unregister_notifier(struct notifier_block *nb);
diff --git a/include/linux/random.h b/include/linux/random.h
index cc6703449916..7b2adb3322d5 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -59,6 +59,8 @@ extern __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
59 __u16 sport, __u16 dport); 59 __u16 sport, __u16 dport);
60extern __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr, 60extern __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr,
61 __u16 sport, __u16 dport); 61 __u16 sport, __u16 dport);
62extern u64 secure_dccp_sequence_number(__u32 saddr, __u32 daddr,
63 __u16 sport, __u16 dport);
62 64
63#ifndef MODULE 65#ifndef MODULE
64extern struct file_operations random_fops, urandom_fops; 66extern struct file_operations random_fops, urandom_fops;
diff --git a/include/linux/rtnetlink.h b/include/linux/rtnetlink.h
index 657c05ab8f9e..c231e9a08f0b 100644
--- a/include/linux/rtnetlink.h
+++ b/include/linux/rtnetlink.h
@@ -826,9 +826,8 @@ enum
826#define TCA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct tcmsg)))) 826#define TCA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct tcmsg))))
827#define TCA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct tcmsg)) 827#define TCA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct tcmsg))
828 828
829 829#ifndef __KERNEL__
830/* RTnetlink multicast groups */ 830/* RTnetlink multicast groups - backwards compatibility for userspace */
831
832#define RTMGRP_LINK 1 831#define RTMGRP_LINK 1
833#define RTMGRP_NOTIFY 2 832#define RTMGRP_NOTIFY 2
834#define RTMGRP_NEIGH 4 833#define RTMGRP_NEIGH 4
@@ -847,6 +846,43 @@ enum
847#define RTMGRP_DECnet_ROUTE 0x4000 846#define RTMGRP_DECnet_ROUTE 0x4000
848 847
849#define RTMGRP_IPV6_PREFIX 0x20000 848#define RTMGRP_IPV6_PREFIX 0x20000
849#endif
850
851/* RTnetlink multicast groups */
852enum rtnetlink_groups {
853 RTNLGRP_NONE,
854#define RTNLGRP_NONE RTNLGRP_NONE
855 RTNLGRP_LINK,
856#define RTNLGRP_LINK RTNLGRP_LINK
857 RTNLGRP_NOTIFY,
858#define RTNLGRP_NOTIFY RTNLGRP_NOTIFY
859 RTNLGRP_NEIGH,
860#define RTNLGRP_NEIGH RTNLGRP_NEIGH
861 RTNLGRP_TC,
862#define RTNLGRP_TC RTNLGRP_TC
863 RTNLGRP_IPV4_IFADDR,
864#define RTNLGRP_IPV4_IFADDR RTNLGRP_IPV4_IFADDR
865 RTNLGRP_IPV4_MROUTE,
866#define RTNLGRP_IPV4_MROUTE RTNLGRP_IPV4_MROUTE
867 RTNLGRP_IPV4_ROUTE,
868#define RTNLGRP_IPV4_ROUTE RTNLGRP_IPV4_ROUTE
869 RTNLGRP_IPV6_IFADDR,
870#define RTNLGRP_IPV6_IFADDR RTNLGRP_IPV6_IFADDR
871 RTNLGRP_IPV6_MROUTE,
872#define RTNLGRP_IPV6_MROUTE RTNLGRP_IPV6_MROUTE
873 RTNLGRP_IPV6_ROUTE,
874#define RTNLGRP_IPV6_ROUTE RTNLGRP_IPV6_ROUTE
875 RTNLGRP_IPV6_IFINFO,
876#define RTNLGRP_IPV6_IFINFO RTNLGRP_IPV6_IFINFO
877 RTNLGRP_DECnet_IFADDR,
878#define RTNLGRP_DECnet_IFADDR RTNLGRP_DECnet_IFADDR
879 RTNLGRP_DECnet_ROUTE,
880#define RTNLGRP_DECnet_ROUTE RTNLGRP_DECnet_ROUTE
881 RTNLGRP_IPV6_PREFIX,
882#define RTNLGRP_IPV6_PREFIX RTNLGRP_IPV6_PREFIX
883 __RTNLGRP_MAX
884};
885#define RTNLGRP_MAX (__RTNLGRP_MAX - 1)
850 886
851/* TC action piece */ 887/* TC action piece */
852struct tcamsg 888struct tcamsg
diff --git a/include/linux/security.h b/include/linux/security.h
index b42095a68b1c..7aab6ab7c57f 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -2727,7 +2727,8 @@ static inline int security_socket_getpeersec(struct socket *sock, char __user *o
2727 return security_ops->socket_getpeersec(sock, optval, optlen, len); 2727 return security_ops->socket_getpeersec(sock, optval, optlen, len);
2728} 2728}
2729 2729
2730static inline int security_sk_alloc(struct sock *sk, int family, int priority) 2730static inline int security_sk_alloc(struct sock *sk, int family,
2731 unsigned int __nocast priority)
2731{ 2732{
2732 return security_ops->sk_alloc_security(sk, family, priority); 2733 return security_ops->sk_alloc_security(sk, family, priority);
2733} 2734}
@@ -2844,7 +2845,8 @@ static inline int security_socket_getpeersec(struct socket *sock, char __user *o
2844 return -ENOPROTOOPT; 2845 return -ENOPROTOOPT;
2845} 2846}
2846 2847
2847static inline int security_sk_alloc(struct sock *sk, int family, int priority) 2848static inline int security_sk_alloc(struct sock *sk, int family,
2849 unsigned int __nocast priority)
2848{ 2850{
2849 return 0; 2851 return 0;
2850} 2852}
diff --git a/include/linux/selinux_netlink.h b/include/linux/selinux_netlink.h
index 957e6ebca4e6..bbf489decd84 100644
--- a/include/linux/selinux_netlink.h
+++ b/include/linux/selinux_netlink.h
@@ -20,10 +20,21 @@ enum {
20 SELNL_MSG_MAX 20 SELNL_MSG_MAX
21}; 21};
22 22
23/* Multicast groups */ 23#ifndef __KERNEL__
24/* Multicast groups - backwards compatiblility for userspace */
24#define SELNL_GRP_NONE 0x00000000 25#define SELNL_GRP_NONE 0x00000000
25#define SELNL_GRP_AVC 0x00000001 /* AVC notifications */ 26#define SELNL_GRP_AVC 0x00000001 /* AVC notifications */
26#define SELNL_GRP_ALL 0xffffffff 27#define SELNL_GRP_ALL 0xffffffff
28#endif
29
30enum selinux_nlgroups {
31 SELNLGRP_NONE,
32#define SELNLGRP_NONE SELNLGRP_NONE
33 SELNLGRP_AVC,
34#define SELNLGRP_AVC SELNLGRP_AVC
35 __SELNLGRP_MAX
36};
37#define SELNLGRP_MAX (__SELNLGRP_MAX - 1)
27 38
28/* Message structures */ 39/* Message structures */
29struct selnl_msg_setenforce { 40struct selnl_msg_setenforce {
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 948527e42a60..42edce6abe23 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -155,16 +155,29 @@ struct skb_shared_info {
155#define SKB_DATAREF_SHIFT 16 155#define SKB_DATAREF_SHIFT 16
156#define SKB_DATAREF_MASK ((1 << SKB_DATAREF_SHIFT) - 1) 156#define SKB_DATAREF_MASK ((1 << SKB_DATAREF_SHIFT) - 1)
157 157
158extern struct timeval skb_tv_base;
159
160struct skb_timeval {
161 u32 off_sec;
162 u32 off_usec;
163};
164
165
166enum {
167 SKB_FCLONE_UNAVAILABLE,
168 SKB_FCLONE_ORIG,
169 SKB_FCLONE_CLONE,
170};
171
158/** 172/**
159 * struct sk_buff - socket buffer 173 * struct sk_buff - socket buffer
160 * @next: Next buffer in list 174 * @next: Next buffer in list
161 * @prev: Previous buffer in list 175 * @prev: Previous buffer in list
162 * @list: List we are on 176 * @list: List we are on
163 * @sk: Socket we are owned by 177 * @sk: Socket we are owned by
164 * @stamp: Time we arrived 178 * @tstamp: Time we arrived stored as offset to skb_tv_base
165 * @dev: Device we arrived on/are leaving by 179 * @dev: Device we arrived on/are leaving by
166 * @input_dev: Device we arrived on 180 * @input_dev: Device we arrived on
167 * @real_dev: The real device we are using
168 * @h: Transport layer header 181 * @h: Transport layer header
169 * @nh: Network layer header 182 * @nh: Network layer header
170 * @mac: Link layer header 183 * @mac: Link layer header
@@ -190,14 +203,11 @@ struct skb_shared_info {
190 * @end: End pointer 203 * @end: End pointer
191 * @destructor: Destruct function 204 * @destructor: Destruct function
192 * @nfmark: Can be used for communication between hooks 205 * @nfmark: Can be used for communication between hooks
193 * @nfcache: Cache info
194 * @nfct: Associated connection, if any 206 * @nfct: Associated connection, if any
195 * @nfctinfo: Relationship of this skb to the connection 207 * @nfctinfo: Relationship of this skb to the connection
196 * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c 208 * @nf_bridge: Saved data about a bridged frame - see br_netfilter.c
197 * @private: Data which is private to the HIPPI implementation
198 * @tc_index: Traffic control index 209 * @tc_index: Traffic control index
199 * @tc_verd: traffic control verdict 210 * @tc_verd: traffic control verdict
200 * @tc_classid: traffic control classid
201 */ 211 */
202 212
203struct sk_buff { 213struct sk_buff {
@@ -205,12 +215,10 @@ struct sk_buff {
205 struct sk_buff *next; 215 struct sk_buff *next;
206 struct sk_buff *prev; 216 struct sk_buff *prev;
207 217
208 struct sk_buff_head *list;
209 struct sock *sk; 218 struct sock *sk;
210 struct timeval stamp; 219 struct skb_timeval tstamp;
211 struct net_device *dev; 220 struct net_device *dev;
212 struct net_device *input_dev; 221 struct net_device *input_dev;
213 struct net_device *real_dev;
214 222
215 union { 223 union {
216 struct tcphdr *th; 224 struct tcphdr *th;
@@ -252,33 +260,28 @@ struct sk_buff {
252 __u8 local_df:1, 260 __u8 local_df:1,
253 cloned:1, 261 cloned:1,
254 ip_summed:2, 262 ip_summed:2,
255 nohdr:1; 263 nohdr:1,
256 /* 3 bits spare */ 264 nfctinfo:3;
257 __u8 pkt_type; 265 __u8 pkt_type:3,
266 fclone:2;
258 __be16 protocol; 267 __be16 protocol;
259 268
260 void (*destructor)(struct sk_buff *skb); 269 void (*destructor)(struct sk_buff *skb);
261#ifdef CONFIG_NETFILTER 270#ifdef CONFIG_NETFILTER
262 unsigned long nfmark; 271 __u32 nfmark;
263 __u32 nfcache;
264 __u32 nfctinfo;
265 struct nf_conntrack *nfct; 272 struct nf_conntrack *nfct;
273#if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
274 __u8 ipvs_property:1;
275#endif
266#ifdef CONFIG_BRIDGE_NETFILTER 276#ifdef CONFIG_BRIDGE_NETFILTER
267 struct nf_bridge_info *nf_bridge; 277 struct nf_bridge_info *nf_bridge;
268#endif 278#endif
269#endif /* CONFIG_NETFILTER */ 279#endif /* CONFIG_NETFILTER */
270#if defined(CONFIG_HIPPI)
271 union {
272 __u32 ifield;
273 } private;
274#endif
275#ifdef CONFIG_NET_SCHED 280#ifdef CONFIG_NET_SCHED
276 __u32 tc_index; /* traffic control index */ 281 __u16 tc_index; /* traffic control index */
277#ifdef CONFIG_NET_CLS_ACT 282#ifdef CONFIG_NET_CLS_ACT
278 __u32 tc_verd; /* traffic control verdict */ 283 __u16 tc_verd; /* traffic control verdict */
279 __u32 tc_classid; /* traffic control classid */
280#endif 284#endif
281
282#endif 285#endif
283 286
284 287
@@ -300,8 +303,20 @@ struct sk_buff {
300#include <asm/system.h> 303#include <asm/system.h>
301 304
302extern void __kfree_skb(struct sk_buff *skb); 305extern void __kfree_skb(struct sk_buff *skb);
303extern struct sk_buff *alloc_skb(unsigned int size, 306extern struct sk_buff *__alloc_skb(unsigned int size,
304 unsigned int __nocast priority); 307 unsigned int __nocast priority, int fclone);
308static inline struct sk_buff *alloc_skb(unsigned int size,
309 unsigned int __nocast priority)
310{
311 return __alloc_skb(size, priority, 0);
312}
313
314static inline struct sk_buff *alloc_skb_fclone(unsigned int size,
315 unsigned int __nocast priority)
316{
317 return __alloc_skb(size, priority, 1);
318}
319
305extern struct sk_buff *alloc_skb_from_cache(kmem_cache_t *cp, 320extern struct sk_buff *alloc_skb_from_cache(kmem_cache_t *cp,
306 unsigned int size, 321 unsigned int size,
307 unsigned int __nocast priority); 322 unsigned int __nocast priority);
@@ -597,7 +612,6 @@ static inline void __skb_queue_head(struct sk_buff_head *list,
597{ 612{
598 struct sk_buff *prev, *next; 613 struct sk_buff *prev, *next;
599 614
600 newsk->list = list;
601 list->qlen++; 615 list->qlen++;
602 prev = (struct sk_buff *)list; 616 prev = (struct sk_buff *)list;
603 next = prev->next; 617 next = prev->next;
@@ -622,7 +636,6 @@ static inline void __skb_queue_tail(struct sk_buff_head *list,
622{ 636{
623 struct sk_buff *prev, *next; 637 struct sk_buff *prev, *next;
624 638
625 newsk->list = list;
626 list->qlen++; 639 list->qlen++;
627 next = (struct sk_buff *)list; 640 next = (struct sk_buff *)list;
628 prev = next->prev; 641 prev = next->prev;
@@ -655,7 +668,6 @@ static inline struct sk_buff *__skb_dequeue(struct sk_buff_head *list)
655 next->prev = prev; 668 next->prev = prev;
656 prev->next = next; 669 prev->next = next;
657 result->next = result->prev = NULL; 670 result->next = result->prev = NULL;
658 result->list = NULL;
659 } 671 }
660 return result; 672 return result;
661} 673}
@@ -664,7 +676,7 @@ static inline struct sk_buff *__skb_dequeue(struct sk_buff_head *list)
664/* 676/*
665 * Insert a packet on a list. 677 * Insert a packet on a list.
666 */ 678 */
667extern void skb_insert(struct sk_buff *old, struct sk_buff *newsk); 679extern void skb_insert(struct sk_buff *old, struct sk_buff *newsk, struct sk_buff_head *list);
668static inline void __skb_insert(struct sk_buff *newsk, 680static inline void __skb_insert(struct sk_buff *newsk,
669 struct sk_buff *prev, struct sk_buff *next, 681 struct sk_buff *prev, struct sk_buff *next,
670 struct sk_buff_head *list) 682 struct sk_buff_head *list)
@@ -672,24 +684,23 @@ static inline void __skb_insert(struct sk_buff *newsk,
672 newsk->next = next; 684 newsk->next = next;
673 newsk->prev = prev; 685 newsk->prev = prev;
674 next->prev = prev->next = newsk; 686 next->prev = prev->next = newsk;
675 newsk->list = list;
676 list->qlen++; 687 list->qlen++;
677} 688}
678 689
679/* 690/*
680 * Place a packet after a given packet in a list. 691 * Place a packet after a given packet in a list.
681 */ 692 */
682extern void skb_append(struct sk_buff *old, struct sk_buff *newsk); 693extern void skb_append(struct sk_buff *old, struct sk_buff *newsk, struct sk_buff_head *list);
683static inline void __skb_append(struct sk_buff *old, struct sk_buff *newsk) 694static inline void __skb_append(struct sk_buff *old, struct sk_buff *newsk, struct sk_buff_head *list)
684{ 695{
685 __skb_insert(newsk, old, old->next, old->list); 696 __skb_insert(newsk, old, old->next, list);
686} 697}
687 698
688/* 699/*
689 * remove sk_buff from list. _Must_ be called atomically, and with 700 * remove sk_buff from list. _Must_ be called atomically, and with
690 * the list known.. 701 * the list known..
691 */ 702 */
692extern void skb_unlink(struct sk_buff *skb); 703extern void skb_unlink(struct sk_buff *skb, struct sk_buff_head *list);
693static inline void __skb_unlink(struct sk_buff *skb, struct sk_buff_head *list) 704static inline void __skb_unlink(struct sk_buff *skb, struct sk_buff_head *list)
694{ 705{
695 struct sk_buff *next, *prev; 706 struct sk_buff *next, *prev;
@@ -698,7 +709,6 @@ static inline void __skb_unlink(struct sk_buff *skb, struct sk_buff_head *list)
698 next = skb->next; 709 next = skb->next;
699 prev = skb->prev; 710 prev = skb->prev;
700 skb->next = skb->prev = NULL; 711 skb->next = skb->prev = NULL;
701 skb->list = NULL;
702 next->prev = prev; 712 next->prev = prev;
703 prev->next = next; 713 prev->next = next;
704} 714}
@@ -1213,6 +1223,8 @@ extern void skb_copy_and_csum_dev(const struct sk_buff *skb, u8 *to);
1213extern void skb_split(struct sk_buff *skb, 1223extern void skb_split(struct sk_buff *skb,
1214 struct sk_buff *skb1, const u32 len); 1224 struct sk_buff *skb1, const u32 len);
1215 1225
1226extern void skb_release_data(struct sk_buff *skb);
1227
1216static inline void *skb_header_pointer(const struct sk_buff *skb, int offset, 1228static inline void *skb_header_pointer(const struct sk_buff *skb, int offset,
1217 int len, void *buffer) 1229 int len, void *buffer)
1218{ 1230{
@@ -1230,6 +1242,42 @@ static inline void *skb_header_pointer(const struct sk_buff *skb, int offset,
1230extern void skb_init(void); 1242extern void skb_init(void);
1231extern void skb_add_mtu(int mtu); 1243extern void skb_add_mtu(int mtu);
1232 1244
1245/**
1246 * skb_get_timestamp - get timestamp from a skb
1247 * @skb: skb to get stamp from
1248 * @stamp: pointer to struct timeval to store stamp in
1249 *
1250 * Timestamps are stored in the skb as offsets to a base timestamp.
1251 * This function converts the offset back to a struct timeval and stores
1252 * it in stamp.
1253 */
1254static inline void skb_get_timestamp(struct sk_buff *skb, struct timeval *stamp)
1255{
1256 stamp->tv_sec = skb->tstamp.off_sec;
1257 stamp->tv_usec = skb->tstamp.off_usec;
1258 if (skb->tstamp.off_sec) {
1259 stamp->tv_sec += skb_tv_base.tv_sec;
1260 stamp->tv_usec += skb_tv_base.tv_usec;
1261 }
1262}
1263
1264/**
1265 * skb_set_timestamp - set timestamp of a skb
1266 * @skb: skb to set stamp of
1267 * @stamp: pointer to struct timeval to get stamp from
1268 *
1269 * Timestamps are stored in the skb as offsets to a base timestamp.
1270 * This function converts a struct timeval to an offset and stores
1271 * it in the skb.
1272 */
1273static inline void skb_set_timestamp(struct sk_buff *skb, struct timeval *stamp)
1274{
1275 skb->tstamp.off_sec = stamp->tv_sec - skb_tv_base.tv_sec;
1276 skb->tstamp.off_usec = stamp->tv_usec - skb_tv_base.tv_usec;
1277}
1278
1279extern void __net_timestamp(struct sk_buff *skb);
1280
1233#ifdef CONFIG_NETFILTER 1281#ifdef CONFIG_NETFILTER
1234static inline void nf_conntrack_put(struct nf_conntrack *nfct) 1282static inline void nf_conntrack_put(struct nf_conntrack *nfct)
1235{ 1283{
diff --git a/include/linux/socket.h b/include/linux/socket.h
index a5c7d96e4d2e..1739c2d5b95b 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -26,6 +26,13 @@ struct __kernel_sockaddr_storage {
26#include <linux/types.h> /* pid_t */ 26#include <linux/types.h> /* pid_t */
27#include <linux/compiler.h> /* __user */ 27#include <linux/compiler.h> /* __user */
28 28
29extern int sysctl_somaxconn;
30extern void sock_init(void);
31#ifdef CONFIG_PROC_FS
32struct seq_file;
33extern void socket_seq_show(struct seq_file *seq);
34#endif
35
29typedef unsigned short sa_family_t; 36typedef unsigned short sa_family_t;
30 37
31/* 38/*
@@ -271,6 +278,8 @@ struct ucred {
271#define SOL_IRDA 266 278#define SOL_IRDA 266
272#define SOL_NETBEUI 267 279#define SOL_NETBEUI 267
273#define SOL_LLC 268 280#define SOL_LLC 268
281#define SOL_DCCP 269
282#define SOL_NETLINK 270
274 283
275/* IPX options */ 284/* IPX options */
276#define IPX_TYPE 1 285#define IPX_TYPE 1
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
index e4fd82e42104..ac4ca44c75ca 100644
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -55,24 +55,6 @@ struct tcphdr {
55 __u16 urg_ptr; 55 __u16 urg_ptr;
56}; 56};
57 57
58
59enum {
60 TCP_ESTABLISHED = 1,
61 TCP_SYN_SENT,
62 TCP_SYN_RECV,
63 TCP_FIN_WAIT1,
64 TCP_FIN_WAIT2,
65 TCP_TIME_WAIT,
66 TCP_CLOSE,
67 TCP_CLOSE_WAIT,
68 TCP_LAST_ACK,
69 TCP_LISTEN,
70 TCP_CLOSING, /* now a valid state */
71
72 TCP_MAX_STATES /* Leave at the end! */
73};
74
75#define TCP_STATE_MASK 0xF
76#define TCP_ACTION_FIN (1 << 7) 58#define TCP_ACTION_FIN (1 << 7)
77 59
78enum { 60enum {
@@ -195,8 +177,9 @@ struct tcp_info
195 177
196#include <linux/config.h> 178#include <linux/config.h>
197#include <linux/skbuff.h> 179#include <linux/skbuff.h>
198#include <linux/ip.h>
199#include <net/sock.h> 180#include <net/sock.h>
181#include <net/inet_connection_sock.h>
182#include <net/inet_timewait_sock.h>
200 183
201/* This defines a selective acknowledgement block. */ 184/* This defines a selective acknowledgement block. */
202struct tcp_sack_block { 185struct tcp_sack_block {
@@ -236,8 +219,8 @@ static inline struct tcp_request_sock *tcp_rsk(const struct request_sock *req)
236} 219}
237 220
238struct tcp_sock { 221struct tcp_sock {
239 /* inet_sock has to be the first member of tcp_sock */ 222 /* inet_connection_sock has to be the first member of tcp_sock */
240 struct inet_sock inet; 223 struct inet_connection_sock inet_conn;
241 int tcp_header_len; /* Bytes of tcp header to send */ 224 int tcp_header_len; /* Bytes of tcp header to send */
242 225
243/* 226/*
@@ -258,19 +241,6 @@ struct tcp_sock {
258 __u32 snd_sml; /* Last byte of the most recently transmitted small packet */ 241 __u32 snd_sml; /* Last byte of the most recently transmitted small packet */
259 __u32 rcv_tstamp; /* timestamp of last received ACK (for keepalives) */ 242 __u32 rcv_tstamp; /* timestamp of last received ACK (for keepalives) */
260 __u32 lsndtime; /* timestamp of last sent data packet (for restart window) */ 243 __u32 lsndtime; /* timestamp of last sent data packet (for restart window) */
261 struct tcp_bind_bucket *bind_hash;
262 /* Delayed ACK control data */
263 struct {
264 __u8 pending; /* ACK is pending */
265 __u8 quick; /* Scheduled number of quick acks */
266 __u8 pingpong; /* The session is interactive */
267 __u8 blocked; /* Delayed ACK was blocked by socket lock*/
268 __u32 ato; /* Predicted tick of soft clock */
269 unsigned long timeout; /* Currently scheduled timeout */
270 __u32 lrcvtime; /* timestamp of last received data packet*/
271 __u16 last_seg_size; /* Size of last incoming segment */
272 __u16 rcv_mss; /* MSS used for delayed ACK decisions */
273 } ack;
274 244
275 /* Data for direct copy to user */ 245 /* Data for direct copy to user */
276 struct { 246 struct {
@@ -288,19 +258,15 @@ struct tcp_sock {
288 __u32 mss_cache; /* Cached effective mss, not including SACKS */ 258 __u32 mss_cache; /* Cached effective mss, not including SACKS */
289 __u16 xmit_size_goal; /* Goal for segmenting output packets */ 259 __u16 xmit_size_goal; /* Goal for segmenting output packets */
290 __u16 ext_header_len; /* Network protocol overhead (IP/IPv6 options) */ 260 __u16 ext_header_len; /* Network protocol overhead (IP/IPv6 options) */
291 __u8 ca_state; /* State of fast-retransmit machine */
292 __u8 retransmits; /* Number of unrecovered RTO timeouts. */
293 261
294 __u16 advmss; /* Advertised MSS */
295 __u32 window_clamp; /* Maximal window to advertise */ 262 __u32 window_clamp; /* Maximal window to advertise */
296 __u32 rcv_ssthresh; /* Current window clamp */ 263 __u32 rcv_ssthresh; /* Current window clamp */
297 264
298 __u32 frto_highmark; /* snd_nxt when RTO occurred */ 265 __u32 frto_highmark; /* snd_nxt when RTO occurred */
299 __u8 reordering; /* Packet reordering metric. */ 266 __u8 reordering; /* Packet reordering metric. */
300 __u8 frto_counter; /* Number of new acks after RTO */ 267 __u8 frto_counter; /* Number of new acks after RTO */
301 268 __u8 nonagle; /* Disable Nagle algorithm? */
302 __u8 unused; 269 __u8 keepalive_probes; /* num of allowed keep alive probes */
303 __u8 defer_accept; /* User waits for some data after accept() */
304 270
305/* RTT measurement */ 271/* RTT measurement */
306 __u32 srtt; /* smoothed round trip time << 3 */ 272 __u32 srtt; /* smoothed round trip time << 3 */
@@ -308,19 +274,13 @@ struct tcp_sock {
308 __u32 mdev_max; /* maximal mdev for the last rtt period */ 274 __u32 mdev_max; /* maximal mdev for the last rtt period */
309 __u32 rttvar; /* smoothed mdev_max */ 275 __u32 rttvar; /* smoothed mdev_max */
310 __u32 rtt_seq; /* sequence number to update rttvar */ 276 __u32 rtt_seq; /* sequence number to update rttvar */
311 __u32 rto; /* retransmit timeout */
312 277
313 __u32 packets_out; /* Packets which are "in flight" */ 278 __u32 packets_out; /* Packets which are "in flight" */
314 __u32 left_out; /* Packets which leaved network */ 279 __u32 left_out; /* Packets which leaved network */
315 __u32 retrans_out; /* Retransmitted packets out */ 280 __u32 retrans_out; /* Retransmitted packets out */
316 __u8 backoff; /* backoff */
317/* 281/*
318 * Options received (usually on last packet, some only on SYN packets). 282 * Options received (usually on last packet, some only on SYN packets).
319 */ 283 */
320 __u8 nonagle; /* Disable Nagle algorithm? */
321 __u8 keepalive_probes; /* num of allowed keep alive probes */
322
323 __u8 probes_out; /* unanswered 0 window probes */
324 struct tcp_options_received rx_opt; 284 struct tcp_options_received rx_opt;
325 285
326/* 286/*
@@ -333,11 +293,6 @@ struct tcp_sock {
333 __u32 snd_cwnd_used; 293 __u32 snd_cwnd_used;
334 __u32 snd_cwnd_stamp; 294 __u32 snd_cwnd_stamp;
335 295
336 /* Two commonly used timers in both sender and receiver paths. */
337 unsigned long timeout;
338 struct timer_list retransmit_timer; /* Resend (no ack) */
339 struct timer_list delack_timer; /* Ack delay */
340
341 struct sk_buff_head out_of_order_queue; /* Out of order segments go here */ 296 struct sk_buff_head out_of_order_queue; /* Out of order segments go here */
342 297
343 struct tcp_func *af_specific; /* Operations which are AF_INET{4,6} specific */ 298 struct tcp_func *af_specific; /* Operations which are AF_INET{4,6} specific */
@@ -352,8 +307,7 @@ struct tcp_sock {
352 struct tcp_sack_block duplicate_sack[1]; /* D-SACK block */ 307 struct tcp_sack_block duplicate_sack[1]; /* D-SACK block */
353 struct tcp_sack_block selective_acks[4]; /* The SACKS themselves*/ 308 struct tcp_sack_block selective_acks[4]; /* The SACKS themselves*/
354 309
355 __u8 syn_retries; /* num of allowed syn retries */ 310 __u16 advmss; /* Advertised MSS */
356 __u8 ecn_flags; /* ECN status bits. */
357 __u16 prior_ssthresh; /* ssthresh saved at recovery start */ 311 __u16 prior_ssthresh; /* ssthresh saved at recovery start */
358 __u32 lost_out; /* Lost packets */ 312 __u32 lost_out; /* Lost packets */
359 __u32 sacked_out; /* SACK'd packets */ 313 __u32 sacked_out; /* SACK'd packets */
@@ -367,14 +321,12 @@ struct tcp_sock {
367 int undo_retrans; /* number of undoable retransmissions. */ 321 int undo_retrans; /* number of undoable retransmissions. */
368 __u32 urg_seq; /* Seq of received urgent pointer */ 322 __u32 urg_seq; /* Seq of received urgent pointer */
369 __u16 urg_data; /* Saved octet of OOB data and control flags */ 323 __u16 urg_data; /* Saved octet of OOB data and control flags */
370 __u8 pending; /* Scheduled timer event */
371 __u8 urg_mode; /* In urgent mode */ 324 __u8 urg_mode; /* In urgent mode */
325 __u8 ecn_flags; /* ECN status bits. */
372 __u32 snd_up; /* Urgent pointer */ 326 __u32 snd_up; /* Urgent pointer */
373 327
374 __u32 total_retrans; /* Total retransmits for entire connection */ 328 __u32 total_retrans; /* Total retransmits for entire connection */
375 329
376 struct request_sock_queue accept_queue; /* FIFO of established children */
377
378 unsigned int keepalive_time; /* time before keep alive takes place */ 330 unsigned int keepalive_time; /* time before keep alive takes place */
379 unsigned int keepalive_intvl; /* time interval between keep alive probes */ 331 unsigned int keepalive_intvl; /* time interval between keep alive probes */
380 int linger2; 332 int linger2;
@@ -394,11 +346,6 @@ struct tcp_sock {
394 __u32 seq; 346 __u32 seq;
395 __u32 time; 347 __u32 time;
396 } rcvq_space; 348 } rcvq_space;
397
398 /* Pluggable TCP congestion control hook */
399 struct tcp_congestion_ops *ca_ops;
400 u32 ca_priv[16];
401#define TCP_CA_PRIV_SIZE (16*sizeof(u32))
402}; 349};
403 350
404static inline struct tcp_sock *tcp_sk(const struct sock *sk) 351static inline struct tcp_sock *tcp_sk(const struct sock *sk)
@@ -406,9 +353,18 @@ static inline struct tcp_sock *tcp_sk(const struct sock *sk)
406 return (struct tcp_sock *)sk; 353 return (struct tcp_sock *)sk;
407} 354}
408 355
409static inline void *tcp_ca(const struct tcp_sock *tp) 356struct tcp_timewait_sock {
357 struct inet_timewait_sock tw_sk;
358 __u32 tw_rcv_nxt;
359 __u32 tw_snd_nxt;
360 __u32 tw_rcv_wnd;
361 __u32 tw_ts_recent;
362 long tw_ts_recent_stamp;
363};
364
365static inline struct tcp_timewait_sock *tcp_twsk(const struct sock *sk)
410{ 366{
411 return (void *) tp->ca_priv; 367 return (struct tcp_timewait_sock *)sk;
412} 368}
413 369
414#endif 370#endif
diff --git a/include/linux/tcp_diag.h b/include/linux/tcp_diag.h
deleted file mode 100644
index 7a5996743946..000000000000
--- a/include/linux/tcp_diag.h
+++ /dev/null
@@ -1,127 +0,0 @@
1#ifndef _TCP_DIAG_H_
2#define _TCP_DIAG_H_ 1
3
4/* Just some random number */
5#define TCPDIAG_GETSOCK 18
6
7/* Socket identity */
8struct tcpdiag_sockid
9{
10 __u16 tcpdiag_sport;
11 __u16 tcpdiag_dport;
12 __u32 tcpdiag_src[4];
13 __u32 tcpdiag_dst[4];
14 __u32 tcpdiag_if;
15 __u32 tcpdiag_cookie[2];
16#define TCPDIAG_NOCOOKIE (~0U)
17};
18
19/* Request structure */
20
21struct tcpdiagreq
22{
23 __u8 tcpdiag_family; /* Family of addresses. */
24 __u8 tcpdiag_src_len;
25 __u8 tcpdiag_dst_len;
26 __u8 tcpdiag_ext; /* Query extended information */
27
28 struct tcpdiag_sockid id;
29
30 __u32 tcpdiag_states; /* States to dump */
31 __u32 tcpdiag_dbs; /* Tables to dump (NI) */
32};
33
34enum
35{
36 TCPDIAG_REQ_NONE,
37 TCPDIAG_REQ_BYTECODE,
38};
39
40#define TCPDIAG_REQ_MAX TCPDIAG_REQ_BYTECODE
41
42/* Bytecode is sequence of 4 byte commands followed by variable arguments.
43 * All the commands identified by "code" are conditional jumps forward:
44 * to offset cc+"yes" or to offset cc+"no". "yes" is supposed to be
45 * length of the command and its arguments.
46 */
47
48struct tcpdiag_bc_op
49{
50 unsigned char code;
51 unsigned char yes;
52 unsigned short no;
53};
54
55enum
56{
57 TCPDIAG_BC_NOP,
58 TCPDIAG_BC_JMP,
59 TCPDIAG_BC_S_GE,
60 TCPDIAG_BC_S_LE,
61 TCPDIAG_BC_D_GE,
62 TCPDIAG_BC_D_LE,
63 TCPDIAG_BC_AUTO,
64 TCPDIAG_BC_S_COND,
65 TCPDIAG_BC_D_COND,
66};
67
68struct tcpdiag_hostcond
69{
70 __u8 family;
71 __u8 prefix_len;
72 int port;
73 __u32 addr[0];
74};
75
76/* Base info structure. It contains socket identity (addrs/ports/cookie)
77 * and, alas, the information shown by netstat. */
78struct tcpdiagmsg
79{
80 __u8 tcpdiag_family;
81 __u8 tcpdiag_state;
82 __u8 tcpdiag_timer;
83 __u8 tcpdiag_retrans;
84
85 struct tcpdiag_sockid id;
86
87 __u32 tcpdiag_expires;
88 __u32 tcpdiag_rqueue;
89 __u32 tcpdiag_wqueue;
90 __u32 tcpdiag_uid;
91 __u32 tcpdiag_inode;
92};
93
94/* Extensions */
95
96enum
97{
98 TCPDIAG_NONE,
99 TCPDIAG_MEMINFO,
100 TCPDIAG_INFO,
101 TCPDIAG_VEGASINFO,
102 TCPDIAG_CONG,
103};
104
105#define TCPDIAG_MAX TCPDIAG_CONG
106
107
108/* TCPDIAG_MEM */
109
110struct tcpdiag_meminfo
111{
112 __u32 tcpdiag_rmem;
113 __u32 tcpdiag_wmem;
114 __u32 tcpdiag_fmem;
115 __u32 tcpdiag_tmem;
116};
117
118/* TCPDIAG_VEGASINFO */
119
120struct tcpvegas_info {
121 __u32 tcpv_enabled;
122 __u32 tcpv_rttcnt;
123 __u32 tcpv_rtt;
124 __u32 tcpv_minrtt;
125};
126
127#endif /* _TCP_DIAG_H_ */
diff --git a/include/linux/types.h b/include/linux/types.h
index dcb13f865df9..2b678c22ca4a 100644
--- a/include/linux/types.h
+++ b/include/linux/types.h
@@ -123,6 +123,9 @@ typedef __u64 u_int64_t;
123typedef __s64 int64_t; 123typedef __s64 int64_t;
124#endif 124#endif
125 125
126/* this is a special 64bit data type that is 8-byte aligned */
127#define aligned_u64 unsigned long long __attribute__((aligned(8)))
128
126/* 129/*
127 * The type used for indexing onto a disc or disc partition. 130 * The type used for indexing onto a disc or disc partition.
128 * If required, asm/types.h can override it and define 131 * If required, asm/types.h can override it and define
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h
index f0d423300d84..0fb077d68441 100644
--- a/include/linux/xfrm.h
+++ b/include/linux/xfrm.h
@@ -258,9 +258,27 @@ struct xfrm_usersa_flush {
258 __u8 proto; 258 __u8 proto;
259}; 259};
260 260
261#ifndef __KERNEL__
262/* backwards compatibility for userspace */
261#define XFRMGRP_ACQUIRE 1 263#define XFRMGRP_ACQUIRE 1
262#define XFRMGRP_EXPIRE 2 264#define XFRMGRP_EXPIRE 2
263#define XFRMGRP_SA 4 265#define XFRMGRP_SA 4
264#define XFRMGRP_POLICY 8 266#define XFRMGRP_POLICY 8
267#endif
268
269enum xfrm_nlgroups {
270 XFRMNLGRP_NONE,
271#define XFRMNLGRP_NONE XFRMNLGRP_NONE
272 XFRMNLGRP_ACQUIRE,
273#define XFRMNLGRP_ACQUIRE XFRMNLGRP_ACQUIRE
274 XFRMNLGRP_EXPIRE,
275#define XFRMNLGRP_EXPIRE XFRMNLGRP_EXPIRE
276 XFRMNLGRP_SA,
277#define XFRMNLGRP_SA XFRMNLGRP_SA
278 XFRMNLGRP_POLICY,
279#define XFRMNLGRP_POLICY XFRMNLGRP_POLICY
280 __XFRMNLGRP_MAX
281};
282#define XFRMNLGRP_MAX (__XFRMNLGRP_MAX - 1)
265 283
266#endif /* _LINUX_XFRM_H */ 284#endif /* _LINUX_XFRM_H */
generated by cgit v1.2.2 (git 2.25.0) at 2026-04-26 16:05:28 -0400