aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netfilter/nf_conntrack.h49
-rw-r--r--include/net/netfilter/nf_conntrack_core.h7
-rw-r--r--include/net/netfilter/nf_conntrack_expect.h72
-rw-r--r--include/net/netfilter/nf_conntrack_helper.h10
4 files changed, 80 insertions, 58 deletions
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 1fbd8193d5f1..9d2581fc04be 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -124,44 +124,6 @@ struct nf_conn
124 char data[0]; 124 char data[0];
125}; 125};
126 126
127struct nf_conntrack_expect
128{
129 /* Internal linked list (global expectation list) */
130 struct list_head list;
131
132 /* We expect this tuple, with the following mask */
133 struct nf_conntrack_tuple tuple, mask;
134
135 /* Function to call after setup and insertion */
136 void (*expectfn)(struct nf_conn *new,
137 struct nf_conntrack_expect *this);
138
139 /* The conntrack of the master connection */
140 struct nf_conn *master;
141
142 /* Timer function; deletes the expectation. */
143 struct timer_list timeout;
144
145 /* Usage count. */
146 atomic_t use;
147
148 /* Unique ID */
149 unsigned int id;
150
151 /* Flags */
152 unsigned int flags;
153
154#ifdef CONFIG_NF_NAT_NEEDED
155 /* This is the original per-proto part, used to map the
156 * expected connection the way the recipient expects. */
157 union nf_conntrack_manip_proto saved_proto;
158 /* Direction relative to the master connection. */
159 enum ip_conntrack_dir dir;
160#endif
161};
162
163#define NF_CT_EXPECT_PERMANENT 0x1
164
165static inline struct nf_conn * 127static inline struct nf_conn *
166nf_ct_tuplehash_to_ctrack(const struct nf_conntrack_tuple_hash *hash) 128nf_ct_tuplehash_to_ctrack(const struct nf_conntrack_tuple_hash *hash)
167{ 129{
@@ -208,16 +170,6 @@ __nf_conntrack_find(const struct nf_conntrack_tuple *tuple,
208 170
209extern void nf_conntrack_hash_insert(struct nf_conn *ct); 171extern void nf_conntrack_hash_insert(struct nf_conn *ct);
210 172
211extern struct nf_conntrack_expect *
212__nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
213
214extern struct nf_conntrack_expect *
215nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
216
217extern void nf_ct_unlink_expect(struct nf_conntrack_expect *exp);
218
219extern void nf_ct_remove_expectations(struct nf_conn *ct);
220
221extern void nf_conntrack_flush(void); 173extern void nf_conntrack_flush(void);
222 174
223extern struct nf_conntrack_helper * 175extern struct nf_conntrack_helper *
@@ -295,6 +247,7 @@ extern int nf_conntrack_checksum;
295#ifdef CONFIG_NF_CONNTRACK_EVENTS 247#ifdef CONFIG_NF_CONNTRACK_EVENTS
296#include <linux/notifier.h> 248#include <linux/notifier.h>
297#include <linux/interrupt.h> 249#include <linux/interrupt.h>
250#include <net/netfilter/nf_conntrack_expect.h>
298 251
299struct nf_conntrack_ecache { 252struct nf_conntrack_ecache {
300 struct nf_conn *ct; 253 struct nf_conn *ct;
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index da254525a4ce..84a8e01941fb 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -13,6 +13,8 @@
13#define _NF_CONNTRACK_CORE_H 13#define _NF_CONNTRACK_CORE_H
14 14
15#include <linux/netfilter.h> 15#include <linux/netfilter.h>
16#include <net/netfilter/nf_conntrack_l3proto.h>
17#include <net/netfilter/nf_conntrack_protocol.h>
16 18
17/* This header is used to share core functionality between the 19/* This header is used to share core functionality between the
18 standalone connection tracking module, and the compatibility layer's use 20 standalone connection tracking module, and the compatibility layer's use
@@ -70,6 +72,11 @@ static inline int nf_conntrack_confirm(struct sk_buff **pskb)
70 72
71extern void __nf_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb); 73extern void __nf_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb);
72 74
75int
76print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
77 struct nf_conntrack_l3proto *l3proto,
78 struct nf_conntrack_protocol *proto);
79
73extern struct list_head *nf_conntrack_hash; 80extern struct list_head *nf_conntrack_hash;
74extern struct list_head nf_conntrack_expect_list; 81extern struct list_head nf_conntrack_expect_list;
75extern rwlock_t nf_conntrack_lock ; 82extern rwlock_t nf_conntrack_lock ;
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h
new file mode 100644
index 000000000000..5aa483e03455
--- /dev/null
+++ b/include/net/netfilter/nf_conntrack_expect.h
@@ -0,0 +1,72 @@
1/*
2 * connection tracking expectations.
3 */
4
5#ifndef _NF_CONNTRACK_EXPECT_H
6#define _NF_CONNTRACK_EXPECT_H
7#include <net/netfilter/nf_conntrack.h>
8
9extern struct list_head nf_conntrack_expect_list;
10extern kmem_cache_t *nf_conntrack_expect_cachep;
11extern struct file_operations exp_file_ops;
12
13struct nf_conntrack_expect
14{
15 /* Internal linked list (global expectation list) */
16 struct list_head list;
17
18 /* We expect this tuple, with the following mask */
19 struct nf_conntrack_tuple tuple, mask;
20
21 /* Function to call after setup and insertion */
22 void (*expectfn)(struct nf_conn *new,
23 struct nf_conntrack_expect *this);
24
25 /* The conntrack of the master connection */
26 struct nf_conn *master;
27
28 /* Timer function; deletes the expectation. */
29 struct timer_list timeout;
30
31 /* Usage count. */
32 atomic_t use;
33
34 /* Unique ID */
35 unsigned int id;
36
37 /* Flags */
38 unsigned int flags;
39
40#ifdef CONFIG_NF_NAT_NEEDED
41 /* This is the original per-proto part, used to map the
42 * expected connection the way the recipient expects. */
43 union nf_conntrack_manip_proto saved_proto;
44 /* Direction relative to the master connection. */
45 enum ip_conntrack_dir dir;
46#endif
47};
48
49#define NF_CT_EXPECT_PERMANENT 0x1
50
51
52struct nf_conntrack_expect *
53__nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
54
55struct nf_conntrack_expect *
56nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple);
57
58struct nf_conntrack_expect *
59find_expectation(const struct nf_conntrack_tuple *tuple);
60
61void nf_ct_unlink_expect(struct nf_conntrack_expect *exp);
62void nf_ct_remove_expectations(struct nf_conn *ct);
63void nf_conntrack_unexpect_related(struct nf_conntrack_expect *exp);
64
65/* Allocate space for an expectation: this is mandatory before calling
66 nf_conntrack_expect_related. You will have to call put afterwards. */
67struct nf_conntrack_expect *nf_conntrack_expect_alloc(struct nf_conn *me);
68void nf_conntrack_expect_put(struct nf_conntrack_expect *exp);
69int nf_conntrack_expect_related(struct nf_conntrack_expect *expect);
70
71#endif /*_NF_CONNTRACK_EXPECT_H*/
72
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 86ec8174ad02..3cbd13e22160 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -40,14 +40,4 @@ struct nf_conntrack_helper
40extern int nf_conntrack_helper_register(struct nf_conntrack_helper *); 40extern int nf_conntrack_helper_register(struct nf_conntrack_helper *);
41extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *); 41extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *);
42 42
43/* Allocate space for an expectation: this is mandatory before calling
44 nf_conntrack_expect_related. You will have to call put afterwards. */
45extern struct nf_conntrack_expect *
46nf_conntrack_expect_alloc(struct nf_conn *master);
47extern void nf_conntrack_expect_put(struct nf_conntrack_expect *exp);
48
49/* Add an expected connection: can have more than one per connection */
50extern int nf_conntrack_expect_related(struct nf_conntrack_expect *exp);
51extern void nf_conntrack_unexpect_related(struct nf_conntrack_expect *exp);
52
53#endif /*_NF_CONNTRACK_HELPER_H*/ 43#endif /*_NF_CONNTRACK_HELPER_H*/