177ab9cffSMartin Josefsson /* 277ab9cffSMartin Josefsson * connection tracking expectations. 377ab9cffSMartin Josefsson */ 477ab9cffSMartin Josefsson 577ab9cffSMartin Josefsson #ifndef _NF_CONNTRACK_EXPECT_H 677ab9cffSMartin Josefsson #define _NF_CONNTRACK_EXPECT_H 777ab9cffSMartin Josefsson #include <net/netfilter/nf_conntrack.h> 877ab9cffSMartin Josefsson 9a71c0855SPatrick McHardy extern unsigned int nf_ct_expect_hsize; 10f264a7dfSPatrick McHardy extern unsigned int nf_ct_expect_max; 1177ab9cffSMartin Josefsson 12fd2c3ef7SEric Dumazet struct nf_conntrack_expect { 13b560580aSPatrick McHardy /* Conntrack expectation list member */ 14b560580aSPatrick McHardy struct hlist_node lnode; 1577ab9cffSMartin Josefsson 16a71c0855SPatrick McHardy /* Hash member */ 17a71c0855SPatrick McHardy struct hlist_node hnode; 18a71c0855SPatrick McHardy 1977ab9cffSMartin Josefsson /* We expect this tuple, with the following mask */ 20d4156e8cSPatrick McHardy struct nf_conntrack_tuple tuple; 21d4156e8cSPatrick McHardy struct nf_conntrack_tuple_mask mask; 2277ab9cffSMartin Josefsson 2377ab9cffSMartin Josefsson /* Function to call after setup and insertion */ 2477ab9cffSMartin Josefsson void (*expectfn)(struct nf_conn *new, 2577ab9cffSMartin Josefsson struct nf_conntrack_expect *this); 2677ab9cffSMartin Josefsson 279457d851SPatrick McHardy /* Helper to assign to new connection */ 289457d851SPatrick McHardy struct nf_conntrack_helper *helper; 299457d851SPatrick McHardy 3077ab9cffSMartin Josefsson /* The conntrack of the master connection */ 3177ab9cffSMartin Josefsson struct nf_conn *master; 3277ab9cffSMartin Josefsson 3377ab9cffSMartin Josefsson /* Timer function; deletes the expectation. */ 3477ab9cffSMartin Josefsson struct timer_list timeout; 3577ab9cffSMartin Josefsson 3677ab9cffSMartin Josefsson /* Usage count. */ 3777ab9cffSMartin Josefsson atomic_t use; 3877ab9cffSMartin Josefsson 3977ab9cffSMartin Josefsson /* Flags */ 4077ab9cffSMartin Josefsson unsigned int flags; 4177ab9cffSMartin Josefsson 426002f266SPatrick McHardy /* Expectation class */ 436002f266SPatrick McHardy unsigned int class; 446002f266SPatrick McHardy 4577ab9cffSMartin Josefsson #ifdef CONFIG_NF_NAT_NEEDED 46f587de0eSPatrick McHardy __be32 saved_ip; 4777ab9cffSMartin Josefsson /* This is the original per-proto part, used to map the 4877ab9cffSMartin Josefsson * expected connection the way the recipient expects. */ 495b1158e9SJozsef Kadlecsik union nf_conntrack_man_proto saved_proto; 5077ab9cffSMartin Josefsson /* Direction relative to the master connection. */ 5177ab9cffSMartin Josefsson enum ip_conntrack_dir dir; 5277ab9cffSMartin Josefsson #endif 537d0742daSPatrick McHardy 547d0742daSPatrick McHardy struct rcu_head rcu; 5577ab9cffSMartin Josefsson }; 5677ab9cffSMartin Josefsson 579b03f38dSAlexey Dobriyan static inline struct net *nf_ct_exp_net(struct nf_conntrack_expect *exp) 589b03f38dSAlexey Dobriyan { 59857b409aSAlexey Dobriyan return nf_ct_net(exp->master); 609b03f38dSAlexey Dobriyan } 619b03f38dSAlexey Dobriyan 62fd2c3ef7SEric Dumazet struct nf_conntrack_expect_policy { 636002f266SPatrick McHardy unsigned int max_expected; 646002f266SPatrick McHardy unsigned int timeout; 65b87921bdSPatrick McHardy const char *name; 666002f266SPatrick McHardy }; 676002f266SPatrick McHardy 686002f266SPatrick McHardy #define NF_CT_EXPECT_CLASS_DEFAULT 0 696002f266SPatrick McHardy 7077ab9cffSMartin Josefsson #define NF_CT_EXPECT_PERMANENT 0x1 71359b9ab6SPatrick McHardy #define NF_CT_EXPECT_INACTIVE 0x2 7277ab9cffSMartin Josefsson 739b03f38dSAlexey Dobriyan int nf_conntrack_expect_init(struct net *net); 749b03f38dSAlexey Dobriyan void nf_conntrack_expect_fini(struct net *net); 7577ab9cffSMartin Josefsson 7677ab9cffSMartin Josefsson struct nf_conntrack_expect * 775d0aa2ccSPatrick McHardy __nf_ct_expect_find(struct net *net, u16 zone, 785d0aa2ccSPatrick McHardy const struct nf_conntrack_tuple *tuple); 7977ab9cffSMartin Josefsson 8077ab9cffSMartin Josefsson struct nf_conntrack_expect * 815d0aa2ccSPatrick McHardy nf_ct_expect_find_get(struct net *net, u16 zone, 825d0aa2ccSPatrick McHardy const struct nf_conntrack_tuple *tuple); 8377ab9cffSMartin Josefsson 8477ab9cffSMartin Josefsson struct nf_conntrack_expect * 855d0aa2ccSPatrick McHardy nf_ct_find_expectation(struct net *net, u16 zone, 865d0aa2ccSPatrick McHardy const struct nf_conntrack_tuple *tuple); 8777ab9cffSMartin Josefsson 8877ab9cffSMartin Josefsson void nf_ct_unlink_expect(struct nf_conntrack_expect *exp); 8977ab9cffSMartin Josefsson void nf_ct_remove_expectations(struct nf_conn *ct); 906823645dSPatrick McHardy void nf_ct_unexpect_related(struct nf_conntrack_expect *exp); 9177ab9cffSMartin Josefsson 9277ab9cffSMartin Josefsson /* Allocate space for an expectation: this is mandatory before calling 936823645dSPatrick McHardy nf_ct_expect_related. You will have to call put afterwards. */ 946823645dSPatrick McHardy struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me); 9576108ceaSJan Engelhardt void nf_ct_expect_init(struct nf_conntrack_expect *, unsigned int, u_int8_t, 961d9d7522SPatrick McHardy const union nf_inet_addr *, 971d9d7522SPatrick McHardy const union nf_inet_addr *, 981d9d7522SPatrick McHardy u_int8_t, const __be16 *, const __be16 *); 996823645dSPatrick McHardy void nf_ct_expect_put(struct nf_conntrack_expect *exp); 10019abb7b0SPablo Neira Ayuso int nf_ct_expect_related_report(struct nf_conntrack_expect *expect, 10119abb7b0SPablo Neira Ayuso u32 pid, int report); 10283731671SPablo Neira Ayuso static inline int nf_ct_expect_related(struct nf_conntrack_expect *expect) 10383731671SPablo Neira Ayuso { 10483731671SPablo Neira Ayuso return nf_ct_expect_related_report(expect, 0, 0); 10583731671SPablo Neira Ayuso } 10677ab9cffSMartin Josefsson 10777ab9cffSMartin Josefsson #endif /*_NF_CONNTRACK_EXPECT_H*/ 10877ab9cffSMartin Josefsson 109