Home
last modified time | relevance | path

Searched +full:conntrack +full:- +full:related (Results 1 – 24 of 24) sorted by relevance

/openbmc/linux/net/netfilter/ipvs/
H A Dip_vs_nfct.c1 // SPDX-License-Identifier: GPL-2.0-or-later
5 * Portions Copyright (C) 2001-2002
8 * Portions Copyright (C) 2003-2010
18 * - provide conntrack confirmation for new and related connections, by
19 * this way we can see their proper conntrack state in all hooks
20 * - support for all forwarding methods, not only NAT
21 * - FTP support (NAT), ability to support other NAT apps with expectations
22 * - to correctly create expectations for related NAT connections the proper
23 * NF conntrack support must be already installed, eg. ip_vs_ftp requires
26 * - alter reply for NAT when forwarding packet in original direction:
[all …]
H A Dip_vs_core.c1 // SPDX-License-Identifier: GPL-2.0-or-later
6 * high-performance and highly available server based on a
14 * with changes/fixes from Julian Anastasov, Lars Marowsky-Bree, Horms
18 * Paul `Rusty' Russell properly handle non-linear skbs
87 #define icmp_id(icmph) (((icmph)->un).echo.id)
88 #define icmpv6_id(icmph) (icmph->icmp6_dataun.u_echo.identifier)
117 while (--rows >= 0) in ip_vs_init_hash_table()
124 struct ip_vs_dest *dest = cp->dest; in ip_vs_in_stats()
125 struct netns_ipvs *ipvs = cp->ipvs; in ip_vs_in_stats()
127 if (dest && (dest->flags & IP_VS_DEST_F_AVAILABLE)) { in ip_vs_in_stats()
[all …]
H A Dip_vs_xmit.c1 // SPDX-License-Identifier: GPL-2.0-or-later
11 * - all transmitters are called from LOCAL_IN (remote clients) and
13 * - not all connections have destination server, for example,
15 * - bypass connections use daddr from packet
16 * - we can use dst without ref while sending in RCU section, we use
17 * ref when returning NF_ACCEPT for NAT-ed packet via loopback
19 * - skb->dev is NULL, skb->protocol is not set (both are set in POST_ROUTING)
20 * - skb->pkt_type is not set yet
21 * - the only place where we can see skb->sk != NULL
50 IP_VS_RT_MODE_NON_LOCAL = 2, /* Allow non-local dest */
[all …]
/openbmc/linux/include/uapi/linux/netfilter/
H A Dnf_conntrack_common.h1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
11 /* Like NEW, but related to an existing connection, or ICMP error
51 /* Conntrack should never be early-expired. */
92 /* Conntrack is a template */
96 /* Conntrack is a fake untracked entry. Obsolete and not used anymore */
101 /* Re-purposed for in-kernel use:
102 * Tags a conntrack entry that clashed with an existing entry
109 /* Conntrack got a helper explicitly attached (ruleset, ctnetlink). */
113 /* Conntrack has been offloaded to flow table. */
117 /* Conntrack has been offloaded to hardware. */
[all …]
/openbmc/linux/tools/testing/selftests/netfilter/
H A Dconntrack_tcp_unreplied.sh2 # SPDX-License-Identifier: GPL-2.0
4 # Check that UNREPLIED tcp conntrack will eventually timeout.
7 # Kselftest framework requirement - SKIP code is 4.
12 sfx=$(mktemp -u "XXXXXXXX")
13 ns1="ns1-$sfx"
14 ns2="ns2-$sfx"
16 nft --version > /dev/null 2>&1
17 if [ $? -ne 0 ];then
22 ip -Version > /dev/null 2>&1
23 if [ $? -ne 0 ];then
[all …]
H A Dconntrack_icmp_related.sh3 # check that ICMP df-needed/pkttoobig icmp are set are set as related
8 # nsclient1 -> nsrouter1 -> nsrouter2 -> nsclient2
9 # MTU 1500, except for nsrouter2 <-> nsclient2 link (1280).
10 # ping nsclient2 from nsclient1, checking that conntrack did set RELATED
15 # nat of "established" icmp-echo "connection".
17 # Kselftest framework requirement - SKIP code is 4.
21 nft --version > /dev/null 2>&1
22 if [ $? -ne 0 ];then
27 ip -Version > /dev/null 2>&1
28 if [ $? -ne 0 ];then
[all …]
/openbmc/linux/drivers/net/ethernet/sfc/
H A Dtc_conntrack.c1 // SPDX-License-Identifier: GPL-2.0-only
33 struct efx_nic *efx = zone->efx; in efx_tc_ct_zone_free()
35 netif_err(efx, drv, efx->net_dev, in efx_tc_ct_zone_free()
37 zone->zone); in efx_tc_ct_zone_free()
39 nf_flow_table_offload_del_cb(zone->nf_ft, efx_tc_flow_block, zone); in efx_tc_ct_zone_free()
48 netif_err(efx, drv, efx->net_dev, in efx_tc_ct_free()
50 conn->cookie); in efx_tc_ct_free()
55 efx_tc_flower_release_counter(efx, conn->cnt); in efx_tc_ct_free()
63 rc = rhashtable_init(&efx->tc->ct_zone_ht, &efx_tc_ct_zone_ht_params); in efx_tc_init_conntrack()
66 rc = rhashtable_init(&efx->tc->ct_ht, &efx_tc_ct_ht_params); in efx_tc_init_conntrack()
[all …]
H A Dmcdi_pcol.h1 /* SPDX-License-Identifier: GPL-2.0-only */
4 * Copyright 2009-2018 Solarflare Communications Inc.
5 * Copyright 2019-2020 Xilinx Inc.
13 /* Power-on reset state */
35 /* The 'doorbell' addresses are hard-wired to alert the MC when written */
38 /* The rest of these are firmware-defined */
46 /* Values to be written to the per-port status dword in shared
71 * | | \--- Response
72 * | \------- Error
73 * \------------------------------ Resync (always set)
[all …]
/openbmc/linux/net/netfilter/
H A Dnf_conntrack_proto_icmp.c1 // SPDX-License-Identifier: GPL-2.0-only
2 /* (C) 1999-2001 Paul `Rusty' Russell
3 * (C) 2002-2004 Netfilter Core Team <coreteam@netfilter.org>
4 * (C) 2006-2010 Patrick McHardy <kaber@trash.net>
37 tuple->dst.u.icmp.type = hp->type; in icmp_pkt_to_tuple()
38 tuple->src.u.icmp.id = hp->un.echo.id; in icmp_pkt_to_tuple()
39 tuple->dst.u.icmp.code = hp->code; in icmp_pkt_to_tuple()
59 if (orig->dst.u.icmp.type >= sizeof(invmap) || in nf_conntrack_invert_icmp_tuple()
60 !invmap[orig->dst.u.icmp.type]) in nf_conntrack_invert_icmp_tuple()
63 tuple->src.u.icmp.id = orig->src.u.icmp.id; in nf_conntrack_invert_icmp_tuple()
[all …]
H A Dxt_helper.c1 // SPDX-License-Identifier: GPL-2.0-only
2 /* iptables module to match on related connections */
18 MODULE_DESCRIPTION("Xtables: Related connection matching");
26 const struct xt_helper_info *info = par->matchinfo; in helper_mt()
31 bool ret = info->invert; in helper_mt()
34 if (!ct || !ct->master) in helper_mt()
37 master_help = nfct_help(ct->master); in helper_mt()
42 helper = rcu_dereference(master_help->helper); in helper_mt()
46 if (info->name[0] == '\0') in helper_mt()
49 ret ^= !strncmp(helper->name, info->name, in helper_mt()
[all …]
H A Dnf_conntrack_core.c1 // SPDX-License-Identifier: GPL-2.0-only
6 /* (C) 1999-2001 Paul `Rusty' Russell
7 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
8 * (C) 2003,2004 USAGI/WIDE Project <http://www.linux-ipv6.org>
9 * (C) 2005-2012 Patrick McHardy <kaber@trash.net>
91 * allowing non-idle machines to wakeup more often when needed.
100 #define MAX_CHAINLEN (80u - MIN_CHAINLEN)
261 tuple->src.u.udp.port = inet_hdr->sport; in nf_ct_get_tuple_ports()
262 tuple->dst.u.udp.port = inet_hdr->dport; in nf_ct_get_tuple_ports()
281 tuple->src.l3num = l3num; in nf_ct_get_tuple()
[all …]
H A Dnf_nat_ovs.c1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Support nat functions for openvswitch and used by OVS and TC conntrack. */
28 ip_hdr(skb)->protocol == IPPROTO_ICMP) { in nf_ct_nat_execute()
35 u8 nexthdr = ipv6_hdr(skb)->nexthdr; in nf_ct_nat_execute()
49 /* Non-ICMP, fall thru to initialize if needed. */ in nf_ct_nat_execute()
57 err = (range && range->flags & NF_NAT_RANGE_MAP_IPS) in nf_ct_nat_execute()
98 if (ctinfo != IP_CT_NEW && (ct->status & IPS_NAT_MASK) && in nf_ct_nat()
100 /* NAT an established or related connection like before. */ in nf_ct_nat()
106 maniptype = ct->status & IPS_SRC_NAT in nf_ct_nat()
109 maniptype = ct->status & IPS_SRC_NAT in nf_ct_nat()
[all …]
H A DKconfig1 # SPDX-License-Identifier: GPL-2.0-only
71 and is also scheduled to replace the old syslog-based ipt_LOG
89 through your machine, in order to figure out how they are related
107 If both are enabled the backend to use can be configured at run-time
108 by means of per-address-family sysctl tunables.
120 of packets, but this mark value is kept in the conntrack session
152 This option enables for the list of known conntrack entries
154 is considered obsolete in favor of using the conntrack(8)
182 This allows you to store the flow start-time and to obtain
183 the flow-stop time (once it has been destroyed) via Connection
[all …]
H A Dnf_conntrack_h323_main.c1 // SPDX-License-Identifier: GPL-2.0-only
6 * Copyright (c) 2006-2012 Patrick McHardy <kaber@trash.net>
84 tcpdataoff = protoff + th->doff * 4; in get_tpkt_data()
87 tcpdatalen = skb->len - tcpdataoff; in get_tpkt_data()
104 if (info->tpkt_len[dir] > 0) { in get_tpkt_data()
107 "bytes\n", info->tpkt_len[dir]); in get_tpkt_data()
108 if (info->tpkt_len[dir] <= tcpdatalen) { in get_tpkt_data()
112 *datalen = info->tpkt_len[dir]; in get_tpkt_data()
128 tcpdatalen -= tpktoff; in get_tpkt_data()
147 tpktlen - 4); in get_tpkt_data()
[all …]
/openbmc/linux/include/uapi/linux/
H A Dopenvswitch.h1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
4 * Copyright (c) 2007-2017 Nicira, Inc.
18 * 02110-1301, USA
28 * struct ovs_header - header for OVS Generic Netlink messages.
46 * - API users are expected to provide OVS_DP_ATTR_USER_FEATURES
63 * enum ovs_datapath_attr - attributes for %OVS_DP_* commands.
73 * @OVS_DP_ATTR_PER_CPU_PIDS: Per-cpu array of PIDs for upcalls when
95 * per-cpu dispatch mode
101 #define OVS_DP_ATTR_MAX (__OVS_DP_ATTR_MAX - 1)
138 /* Allow per-cpu dispatch of upcalls */
[all …]
H A Dpkt_cls.h1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
63 #define TC_ACT_UNSPEC (-1)
75 * equivalent of TC_ACT_STOLEN - drop
89 #define TC_ACT_EXT_VAL_MASK ((1 << __TC_ACT_EXT_SHIFT) - 1)
203 #define TCA_POLICE_MAX (__TCA_POLICE_MAX - 1)
239 #define TCA_U32_MAX (__TCA_U32_MAX - 1)
297 #define TCA_RSVP_MAX (__TCA_RSVP_MAX - 1 )
327 #define TCA_ROUTE4_MAX (__TCA_ROUTE4_MAX - 1)
342 #define TCA_FW_MAX (__TCA_FW_MAX - 1)
358 #define TCA_TCINDEX_MAX (__TCA_TCINDEX_MAX - 1)
[all …]
/openbmc/linux/net/openvswitch/
H A Dconntrack.c1 // SPDX-License-Identifier: GPL-2.0-only
33 #include "conntrack.h"
42 /* Metadata mark for masked write to conntrack mark */
48 /* Metadata label for masked write to conntrack label. */
60 /* Conntrack action context for execution. */
87 /* Elements in ovs_ct_limit_info->limits hash table */
111 switch (ntohs(key->eth.type)) { in key_to_nfproto()
157 return ct ? READ_ONCE(ct->mark) : 0; in ovs_ct_get_mark()
163 /* Guard against conntrack labels max size shrinking below 128 bits. */
174 if (ct->master && !nf_ct_is_confirmed(ct)) in ovs_ct_get_labels()
[all …]
/openbmc/linux/Documentation/netlink/specs/
H A Dovs_flow.yaml1 # SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)
5 protocol: genetlink-legacy
6 uapi-header: linux/openvswitch.h
12 -
13 name: ovs-header
18 -
19 name: dp-ifindex
24 -
25 name: ovs-flow-stats
28 -
[all …]
/openbmc/linux/include/net/
H A Dnet_namespace.h1 /* SPDX-License-Identifier: GPL-2.0 */
27 #include <net/netns/conntrack.h>
63 * Do not place here read-mostly fields.
218 return ERR_PTR(-EINVAL); in copy_net_ns()
233 return ERR_PTR(-EINVAL); in get_net_ns()
238 return ERR_PTR(-EINVAL); in get_net_ns_by_fd()
261 refcount_inc(&net->ns.count); in get_net()
272 if (!refcount_inc_not_zero(&net->ns.count)) in maybe_get_net()
280 if (refcount_dec_and_test(&net->ns.count)) in put_net()
292 return refcount_read(&net->ns.count) != 0; in check_net()
[all …]
/openbmc/linux/drivers/net/ethernet/netronome/nfp/flower/
H A Dconntrack.c1 // SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
7 #include "conntrack.h"
30 * get_hashentry() - Wrapper around hashtable lookup.
51 return ERR_PTR(-ENOMEM); in get_hashentry()
59 struct flow_dissector *dissector = rule->match.dissector; in is_pre_ct_flow()
64 if (dissector->used_keys & BIT_ULL(FLOW_DISSECTOR_KEY_CT)) { in is_pre_ct_flow()
66 if (ct.key->ct_state) in is_pre_ct_flow()
70 if (flow->common.chain_index) in is_pre_ct_flow()
73 flow_action_for_each(i, act, &flow->rule->action) { in is_pre_ct_flow()
74 if (act->id == FLOW_ACTION_CT) { in is_pre_ct_flow()
[all …]
/openbmc/linux/net/ipv6/
H A Dip6_output.c1 // SPDX-License-Identifier: GPL-2.0-or-later
21 * : add ip6_append_data and related functions
38 #include <linux/bpf-cgroup.h>
63 struct net_device *dev = dst->dev; in ip6_finish_output2()
72 if (unlikely(hh_len > skb_headroom(skb)) && dev->header_ops) { in ip6_finish_output2()
79 return -ENOMEM; in ip6_finish_output2()
85 daddr = &hdr->daddr; in ip6_finish_output2()
87 if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(sk) && in ip6_finish_output2()
89 !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) || in ip6_finish_output2()
90 ipv6_chk_mcast_addr(dev, daddr, &hdr->saddr))) { in ip6_finish_output2()
[all …]
/openbmc/linux/net/ipv4/
H A Dudp.c1 // SPDX-License-Identifier: GPL-2.0-or-later
33 * Fred Van Kempen : Net2e support for sk->broadcast.
63 * bound-to-device socket
77 #include <linux/bpf-cgroup.h>
138 return sk->sk_prot->h.udp_table ? : sock_net(sk)->ipv4.udp_table; in udp_get_table_prot()
149 sk_for_each(sk2, &hslot->head) { in udp_lib_lport_inuse()
152 (bitmap || udp_sk(sk2)->udp_port_hash == num) && in udp_lib_lport_inuse()
153 (!sk2->sk_reuse || !sk->sk_reuse) && in udp_lib_lport_inuse()
154 (!sk2->sk_bound_dev_if || !sk->sk_bound_dev_if || in udp_lib_lport_inuse()
155 sk2->sk_bound_dev_if == sk->sk_bound_dev_if) && in udp_lib_lport_inuse()
[all …]
/openbmc/linux/include/linux/
H A Dskbuff.h1 /* SPDX-License-Identifier: GPL-2.0-or-later */
7 * Florian La Roche, <rzsfl@rz.uni-sb.de>
28 #include <linux/dma-mapping.h>
39 #include <net/dropreason-core.h>
47 * IP checksum related features
55 * .. flat-table:: Checksum related device features
58 * * - %NETIF_F_HW_CSUM
59 * - The driver (or its device) is able to compute one
65 * * - %NETIF_F_IP_CSUM
66 * - Driver (device) is only able to checksum plain
[all …]
/openbmc/linux/
H A Dopengrok1.0.log1 2024-12-28 20:07:11.902-0600 FINER t583 IndexDatabase.createAnnotationCache: failed to create annotation: repository {dir='/opengrok/src/openbmc/linux',type=git,historyCache=on,renamed=false,merge=true,annotationCache=off} does not allow to create annotation cache for '/opengrok/src/openbmc/linux/drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c'
2 2024-12-28 20:07:11.913-0600 FINEST t583 Statistics.logIt: Added: '/openbmc/linux/drivers/net/ethernet/marvell/mvpp2/mvpp2_prs.c' (CAnalyzer) (took 116 ms)
3 2024-12-28 20:07:11.899-0600 FINER t593 IndexDatabase.createAnnotationCache: failed to create annotation: repository {dir='/opengrok/src/openbmc/linux',type=git,historyCache=on,renamed=false,merge=true,annotationCache=off} does not allow to create annotation cache for '/opengrok/src/openbmc/linux/tools/testing/selftests/powerpc/tm/tm-signa
[all...]