1 #ifndef _BR_NETFILTER_H_ 2 #define _BR_NETFILTER_H_ 3 4 #include "../../../net/bridge/br_private.h" 5 6 static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb) 7 { 8 skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC); 9 10 if (likely(skb->nf_bridge)) 11 atomic_set(&(skb->nf_bridge->use), 1); 12 13 return skb->nf_bridge; 14 } 15 16 void nf_bridge_update_protocol(struct sk_buff *skb); 17 18 static inline struct nf_bridge_info * 19 nf_bridge_info_get(const struct sk_buff *skb) 20 { 21 return skb->nf_bridge; 22 } 23 24 unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb); 25 26 static inline void nf_bridge_push_encap_header(struct sk_buff *skb) 27 { 28 unsigned int len = nf_bridge_encap_header_len(skb); 29 30 skb_push(skb, len); 31 skb->network_header -= len; 32 } 33 34 int br_nf_pre_routing_finish_bridge(struct net *net, struct sock *sk, struct sk_buff *skb); 35 36 static inline struct rtable *bridge_parent_rtable(const struct net_device *dev) 37 { 38 struct net_bridge_port *port; 39 40 port = br_port_get_rcu(dev); 41 return port ? &port->br->fake_rtable : NULL; 42 } 43 44 struct net_device *setup_pre_routing(struct sk_buff *skb); 45 void br_netfilter_enable(void); 46 47 #if IS_ENABLED(CONFIG_IPV6) 48 int br_validate_ipv6(struct net *net, struct sk_buff *skb); 49 unsigned int br_nf_pre_routing_ipv6(void *priv, 50 struct sk_buff *skb, 51 const struct nf_hook_state *state); 52 #else 53 static inline int br_validate_ipv6(struct net *net, struct sk_buff *skb) 54 { 55 return -1; 56 } 57 58 static inline unsigned int 59 br_nf_pre_routing_ipv6(const struct nf_hook_ops *ops, struct sk_buff *skb, 60 const struct nf_hook_state *state) 61 { 62 return NF_ACCEPT; 63 } 64 #endif 65 66 #endif /* _BR_NETFILTER_H_ */ 67