1 /* 2 * connection tracking expectations. 3 */ 4 5 #ifndef _NF_CONNTRACK_EXPECT_H 6 #define _NF_CONNTRACK_EXPECT_H 7 8 #include <linux/refcount.h> 9 10 #include <net/netfilter/nf_conntrack.h> 11 #include <net/netfilter/nf_conntrack_zones.h> 12 13 extern unsigned int nf_ct_expect_hsize; 14 extern unsigned int nf_ct_expect_max; 15 extern struct hlist_head *nf_ct_expect_hash; 16 17 struct nf_conntrack_expect { 18 /* Conntrack expectation list member */ 19 struct hlist_node lnode; 20 21 /* Hash member */ 22 struct hlist_node hnode; 23 24 /* We expect this tuple, with the following mask */ 25 struct nf_conntrack_tuple tuple; 26 struct nf_conntrack_tuple_mask mask; 27 28 /* Function to call after setup and insertion */ 29 void (*expectfn)(struct nf_conn *new, 30 struct nf_conntrack_expect *this); 31 32 /* Helper to assign to new connection */ 33 struct nf_conntrack_helper *helper; 34 35 /* The conntrack of the master connection */ 36 struct nf_conn *master; 37 38 /* Timer function; deletes the expectation. */ 39 struct timer_list timeout; 40 41 /* Usage count. */ 42 refcount_t use; 43 44 /* Flags */ 45 unsigned int flags; 46 47 /* Expectation class */ 48 unsigned int class; 49 50 #ifdef CONFIG_NF_NAT_NEEDED 51 union nf_inet_addr saved_addr; 52 /* This is the original per-proto part, used to map the 53 * expected connection the way the recipient expects. */ 54 union nf_conntrack_man_proto saved_proto; 55 /* Direction relative to the master connection. */ 56 enum ip_conntrack_dir dir; 57 #endif 58 59 struct rcu_head rcu; 60 }; 61 62 static inline struct net *nf_ct_exp_net(struct nf_conntrack_expect *exp) 63 { 64 return nf_ct_net(exp->master); 65 } 66 67 #define NF_CT_EXP_POLICY_NAME_LEN 16 68 69 struct nf_conntrack_expect_policy { 70 unsigned int max_expected; 71 unsigned int timeout; 72 char name[NF_CT_EXP_POLICY_NAME_LEN]; 73 }; 74 75 #define NF_CT_EXPECT_CLASS_DEFAULT 0 76 #define NF_CT_EXPECT_MAX_CNT 255 77 78 int nf_conntrack_expect_pernet_init(struct net *net); 79 void nf_conntrack_expect_pernet_fini(struct net *net); 80 81 int nf_conntrack_expect_init(void); 82 void nf_conntrack_expect_fini(void); 83 84 struct nf_conntrack_expect * 85 __nf_ct_expect_find(struct net *net, 86 const struct nf_conntrack_zone *zone, 87 const struct nf_conntrack_tuple *tuple); 88 89 struct nf_conntrack_expect * 90 nf_ct_expect_find_get(struct net *net, 91 const struct nf_conntrack_zone *zone, 92 const struct nf_conntrack_tuple *tuple); 93 94 struct nf_conntrack_expect * 95 nf_ct_find_expectation(struct net *net, 96 const struct nf_conntrack_zone *zone, 97 const struct nf_conntrack_tuple *tuple); 98 99 void nf_ct_unlink_expect_report(struct nf_conntrack_expect *exp, 100 u32 portid, int report); 101 static inline void nf_ct_unlink_expect(struct nf_conntrack_expect *exp) 102 { 103 nf_ct_unlink_expect_report(exp, 0, 0); 104 } 105 106 void nf_ct_remove_expectations(struct nf_conn *ct); 107 void nf_ct_unexpect_related(struct nf_conntrack_expect *exp); 108 bool nf_ct_remove_expect(struct nf_conntrack_expect *exp); 109 110 void nf_ct_expect_iterate_destroy(bool (*iter)(struct nf_conntrack_expect *e, void *data), void *data); 111 void nf_ct_expect_iterate_net(struct net *net, 112 bool (*iter)(struct nf_conntrack_expect *e, void *data), 113 void *data, u32 portid, int report); 114 115 /* Allocate space for an expectation: this is mandatory before calling 116 nf_ct_expect_related. You will have to call put afterwards. */ 117 struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me); 118 void nf_ct_expect_init(struct nf_conntrack_expect *, unsigned int, u_int8_t, 119 const union nf_inet_addr *, 120 const union nf_inet_addr *, 121 u_int8_t, const __be16 *, const __be16 *); 122 void nf_ct_expect_put(struct nf_conntrack_expect *exp); 123 int nf_ct_expect_related_report(struct nf_conntrack_expect *expect, 124 u32 portid, int report); 125 static inline int nf_ct_expect_related(struct nf_conntrack_expect *expect) 126 { 127 return nf_ct_expect_related_report(expect, 0, 0); 128 } 129 130 #endif /*_NF_CONNTRACK_EXPECT_H*/ 131 132